last executing test programs:

6m8.343677787s ago: executing program 0 (id=207):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r4, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[], 0x14}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r2)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

6m7.409138448s ago: executing program 0 (id=213):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x42)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
listen(r2, 0x80000003)

6m7.3749486s ago: executing program 0 (id=216):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
close(0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x8000000004)
socket$kcm(0x2, 0x3, 0x2)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_fw={{0x7}, {0x18, 0x2, [@TCA_FW_INDEV={0x14}]}}]}, 0x44}}, 0x24004000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)

6m7.292092345s ago: executing program 0 (id=218):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x10e, &(0x7f0000000280)={[{@init_itable_val={'init_itable', 0x3d, 0x957}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@stripe={'stripe', 0x3d, 0x8}}, {@orlov}, {@lazytime}]}, 0x4, 0x46b, &(0x7f00000009c0)="$eJzs289vFFUcAPDvTFt+IxXxBz/UKhobf2yhgHLwotHEgyYmXvBY20KQhRpaEyFE0Rg8GhITj8ajiX+BJ70Y9WTiVe+GhBguoqcxsztDd9fttsC2A93PJ9nueztv9r3vvHm7b+Z1AxhYY/mfJGJbRPweETua2fYCY82n69cuTP9z7cJ0Eln21l9Jo9zf1y5Ml0XL/bYWmfE0Iv00ib1d6p0/d/7UVL0+e7bITyycfm9i/tz5506enjoxe2L2zOTRo4cPHXzh+ckjfYnz3rytez6c27f7tbcvvzF97PI7P3+blPF3xNEnY702Ppllfa6uWttb0snwCnYYWsXGsGJ5N+TdNdIY/ztiKBY7b0e8+kmljQNWVVZYYvPFDFjHkqi6BUA1yi/6/Pq3fKzd7KN6V19qXgDlcV8vHs0tw5EWZUY6rm/7aSwijl3896v8EatzHwIAoM33+fzn2W7zvzQeaCl3T2xsrA2NFmspOyPivojYFRH3RzTKPhgRD3WrpMeCQOciyf/nP+mVW49uefn878Vibat9/lfO/mJ0qMhtb8R/JI2ozx5oHJOI8RjZePxkffZgjzp+eOW3z5fa1jr/yx95/eVcsGjHleGN7fvMTC1M3U7Mra5+HLFnuFv8yY2VgCQidkfEnlus4+TT3+xbatvy8fewknWmZWRfRzzV7P+L0RF/Kem9PjmxKT8fJvKz4EDXOn759dKbS9V/W/H3Qd7/W7qe/zfiH01a12vnb+bdm6P70h+fLXlNU7ul83/xhQ3F8wdTCwtnD0ZsSF5vNrr19cnFfct8WT6Pf3x/9/G/MxaPxN6IyE/ihyPikYh4tIjusYh4PCL29zgKP738xLu9jlD3+Df1eMf+yeOf6ej/0fYiHf2/mNgQna90Twyd+vG79ndcSfylvP8PN1LjxSuNz78ve8e1knbd7NkMAAAAd6s0IrZFktZupNO0Vmv+D/+u2JLW5+YXnjk+9/6ZmeZvBEZjJC3vdDXvB48k5f3P0Zb8ZEf+UHHf+IuhzY18bXquPlN18DDgtraO//KWb6359KffaMD614d1NOAuZfzD4DL+YXAZ/zC4uoz/zVW0A1h73b7/P6qgHcDa6xj/lv1ggLj+h8E1HFlSdRuAarR+//sggIExvzmW/5H8ekhkWZbdAc1YP4lI74hm9CeRrPIo2FZ1gDefqPqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD/+CwAA//9lEuuH")
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0xd)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

6m7.22577801s ago: executing program 0 (id=219):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x1f00, 0x39, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)

6m6.957962957s ago: executing program 0 (id=222):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000000), 0x651, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0x3)

6m6.90940202s ago: executing program 32 (id=222):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000000), 0x651, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0x3)

5m32.695013453s ago: executing program 2 (id=436):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
mount$overlay(0x0, 0x0, 0x0, 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

5m31.36451661s ago: executing program 2 (id=443):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000040)={0x0, 0x6}, 0x8)

5m30.941094927s ago: executing program 2 (id=445):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4090}, 0x0)
read$alg(r1, &(0x7f0000003780)=""/4096, 0x1000)

5m30.910035739s ago: executing program 2 (id=447):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
r1 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
setpgid(0x0, r1)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x842cc0, 0x0)
syz_mount_image$erofs(&(0x7f0000000800), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000c80)=ANY=[@ANYRESDEC=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES64=r0, @ANYRES16, @ANYRES32, @ANYBLOB="990e1a46ae9b6f5c83306261092c15c2c7b03d9b3de6cd27a9e04b47fb7a38ff2371ad7dd6797149fc52fcf995d52621065ba3fbb47c7c2f60a18d7e126bac76f7f0887238fff7c67b0ca04f09efb5c6a97c83c21fcf422f4c1dac36c047fb60481b430d1e4939a46852f3ec6eac3369", @ANYRESDEC=0x0, @ANYRESHEX=0x0, @ANYRES64, @ANYRES8, @ANYBLOB="4d5f3380f08fef1b361b21c8b5a4d1d3e4aa2d62b28b4440555db49f086b5f4d8a903e4247f986926378f7e658c9902aec21d1360076fec4ea3904d5fbb07149a8f323b9f3d2c1363be4872b5415350eb8e7b5cd3ddcc24ff6ce9deab26a089736a24d5b60d3fe948cc0615f1673fdd07fc86d995456082139122148dd05e8b6b4dc1ad04eba6d0964338b4afb616a273ba37bcd2b478c177adb491dd80721147f941d56acbdb4c3e4a4a23ec523ca33647d99b7f610cf9230f2d6d29158acdd981651e15d5fe4", @ANYRES64, @ANYBLOB="b8c2befa5b0c9e63e075df3e5bc3c51e29786fa5d445328eadfbe58d12bad4be3e0fb9fd3c11b7bbd7b3ec38d3ffa8503c5877cc4444806c77a511975596df", @ANYRES32, @ANYRESHEX], 0x0, 0x1d3, &(0x7f00000008c0)="$eJzsmb2vEkEUxc/M7oPnizGxsbDRxJeIEZbdRQ0NBSb2JuBXJ5GVoAsYWBMgsSA2NpYWJrb+AxYWVBZ2drZaqImJhZTWa2YYdsflQ4ghkrz7S5g9M3Nn5s4FTgEgCOLI8u3rry/PrxarWQDHcYi0Gv9hxDFci//88vHFF6Vrr958ev2+feLJOLkfAxCG659vAnhXNhCofhj+ufpQPavgkb4BjgtK3wKDpfRdcNxU2gPDHaUfaLpzTAnfs+51/Pr9pu/ZonFE44qmkMxvMmKoA9hX+TFtvjcYPqz5vtdNir1wds7c1KbiL/UzJ2WOklY/8X7dfvZ0JPqz2tha/RxwOEoXwFBRuog0LMuKS6Ld/7QZ72+sc/9dECdzq2KyO5Ahif8gWHJEfKGjkVOT8Yf5Vd+3mdjZ7V5ZGheAuamPB/+2c0qZwMKY2D+F5Z7X/MmEGflHPmg9yvcGw1yzVWt4Da/tuoUr9iXbvuzmpRFN2xX+ty/96UDbf29JbIql0K8FQdfpA0HXifrutNUct/K281Ou4dL/ODLnpnuIj4q8dnrxGUy9uHwKlTGWJk8QBEEQBEEQBEEQBEEQBLERZ8Dkr6Dqj6pwCe51Gf07AAD//8+DaM4=")

5m30.380433814s ago: executing program 2 (id=450):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x400000000000000})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @flat=@weak_binder={0x77622a85, 0x1, 0x2}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000380)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r3, 0xc018620c, &(0x7f0000000400)={0x2})

5m30.035527536s ago: executing program 2 (id=453):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000040)={[{@compress_algo={'compress', 0x3d, 'zstd'}}]}, 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0xeaff)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz0\x00', {0x7, 0x5, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0x6, 0x9, 0x7f, 0x3ff, 0x1, 0x7, 0x2, 0xfffffff9, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d37, 0x1dd0, 0x5, 0x7, 0x0, 0x80000000, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x224, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x2, 0xe661, 0x5, 0x9, 0x3, 0x4007fff, 0x4c74, 0x23, 0x642, 0x7, 0xa, 0x5, 0x71, 0x7, 0x207, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffff9, 0xd, 0x5, 0x4, 0x8, 0x0, 0x80f91, 0x0, 0x9, 0x6, 0x8, 0xfffffff9, 0xed, 0x40], [0x10000007, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0x10, 0xf9, 0x3, 0x2bf, 0x6c9, 0x9, 0x4, 0x3, 0x7695, 0xe4, 0x5, 0x80, 0xe, 0x312, 0x8000, 0xea4, 0xa, 0x2000004, 0x4000, 0x8000, 0xd3, 0x401, 0x1, 0x6, 0xfdfffffd, 0xff, 0x3, 0x2, 0x5f31, 0x4, 0x0, 0xfffff801, 0x8, 0x9, 0x4, 0x6, 0x9, 0x1, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x2, 0x3, 0xb, 0x6, 0x2, 0x7, 0x8, 0x9, 0x48c92690, 0x3, 0xff], [0x7, 0x4, 0xfffffffa, 0x64e, 0xfffffdfe, 0x80000002, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x5, 0xb, 0x0, 0x5, 0x34, 0x0, 0x1ef, 0x5, 0x8, 0xed, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x6, 0x200, 0x80, 0xb, 0x0, 0x14, 0x0, 0x60000000, 0x9, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x7, 0x4, 0x800], [0x2, 0xbb2f, 0x0, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x5, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x87fff, 0xa620, 0x2, 0x5, 0x101, 0x2, 0x10014c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x3, 0xffff, 0x0, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x800007f, 0x9, 0x1, 0x6c1b, 0x0, 0x6, 0x2a, 0xb1c, 0x4c400000, 0x200, 0xffff3441, 0x721d6bb4]}, 0x45c)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$binfmt_elf32(r0, &(0x7f0000000900)={{0x7f, 0x45, 0x4c, 0x46, 0xbd, 0x3, 0x5d, 0x4, 0x17bf, 0x2, 0x3, 0x5, 0x76, 0x38, 0x316, 0xffffff96, 0x8, 0x20, 0x1, 0x0, 0x200, 0x9}, [{0x3, 0x60000000, 0x53a, 0x6, 0xa3, 0x9, 0x6b0, 0x1}], "00b265f10c730d7d7d62a21edffd93a56b56cd28c4e5238a1d0538a05142d395cf", ['\x00']}, 0x179)
r2 = openat$cgroup_procs(r1, 0x0, 0x2, 0x0)
write$cgroup_pid(r2, 0x0, 0x0)
unshare(0x6020400)
r3 = syz_open_procfs(0x0, &(0x7f0000000680)='cgroup\x00')
preadv(r3, 0x0, 0x0, 0x0, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})

5m29.121858375s ago: executing program 33 (id=453):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000040)={[{@compress_algo={'compress', 0x3d, 'zstd'}}]}, 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0xeaff)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz0\x00', {0x7, 0x5, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0x6, 0x9, 0x7f, 0x3ff, 0x1, 0x7, 0x2, 0xfffffff9, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d37, 0x1dd0, 0x5, 0x7, 0x0, 0x80000000, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x224, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x2, 0xe661, 0x5, 0x9, 0x3, 0x4007fff, 0x4c74, 0x23, 0x642, 0x7, 0xa, 0x5, 0x71, 0x7, 0x207, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffff9, 0xd, 0x5, 0x4, 0x8, 0x0, 0x80f91, 0x0, 0x9, 0x6, 0x8, 0xfffffff9, 0xed, 0x40], [0x10000007, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0x10, 0xf9, 0x3, 0x2bf, 0x6c9, 0x9, 0x4, 0x3, 0x7695, 0xe4, 0x5, 0x80, 0xe, 0x312, 0x8000, 0xea4, 0xa, 0x2000004, 0x4000, 0x8000, 0xd3, 0x401, 0x1, 0x6, 0xfdfffffd, 0xff, 0x3, 0x2, 0x5f31, 0x4, 0x0, 0xfffff801, 0x8, 0x9, 0x4, 0x6, 0x9, 0x1, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x2, 0x3, 0xb, 0x6, 0x2, 0x7, 0x8, 0x9, 0x48c92690, 0x3, 0xff], [0x7, 0x4, 0xfffffffa, 0x64e, 0xfffffdfe, 0x80000002, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x5, 0xb, 0x0, 0x5, 0x34, 0x0, 0x1ef, 0x5, 0x8, 0xed, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x6, 0x200, 0x80, 0xb, 0x0, 0x14, 0x0, 0x60000000, 0x9, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x7, 0x4, 0x800], [0x2, 0xbb2f, 0x0, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x5, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x87fff, 0xa620, 0x2, 0x5, 0x101, 0x2, 0x10014c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x3, 0xffff, 0x0, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x800007f, 0x9, 0x1, 0x6c1b, 0x0, 0x6, 0x2a, 0xb1c, 0x4c400000, 0x200, 0xffff3441, 0x721d6bb4]}, 0x45c)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$binfmt_elf32(r0, &(0x7f0000000900)={{0x7f, 0x45, 0x4c, 0x46, 0xbd, 0x3, 0x5d, 0x4, 0x17bf, 0x2, 0x3, 0x5, 0x76, 0x38, 0x316, 0xffffff96, 0x8, 0x20, 0x1, 0x0, 0x200, 0x9}, [{0x3, 0x60000000, 0x53a, 0x6, 0xa3, 0x9, 0x6b0, 0x1}], "00b265f10c730d7d7d62a21edffd93a56b56cd28c4e5238a1d0538a05142d395cf", ['\x00']}, 0x179)
r2 = openat$cgroup_procs(r1, 0x0, 0x2, 0x0)
write$cgroup_pid(r2, 0x0, 0x0)
unshare(0x6020400)
r3 = syz_open_procfs(0x0, &(0x7f0000000680)='cgroup\x00')
preadv(r3, 0x0, 0x0, 0x0, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})

6.29740533s ago: executing program 1 (id=2034):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e20}, 0x6c)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$instantiate(0xc, 0x0, 0x0, 0x0, 0x0)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000440)={{0xfffe, 0x5, 0x2, 0x5}, 'syz1\x00', 0x53})
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0)
munlockall()

5.52973547s ago: executing program 3 (id=2044):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket(0x1e, 0x805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$bt_hci(r0, 0x0, 0x0)

5.119669387s ago: executing program 1 (id=2045):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0x3}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_ACK_FILTER={0x8, 0x10, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.056559601s ago: executing program 1 (id=2047):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r3, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000045, 0x8)
bind$vsock_stream(r3, &(0x7f0000000940), 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r4, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)

4.282176451s ago: executing program 5 (id=2049):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd27, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0x1, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0xc010)

4.281895941s ago: executing program 3 (id=2050):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000340)={[{@init_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vVEUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aAAleTIwXY0w8eRD/CyVy5aQnD148GRKihqOJa952H3Tbty0tbV/lfT7JdufN7MvMY/l2ZqczbwOorMHsRy1id0RMp4j+dGXpCwbnn+7+/cnJ7JGiXn/jzxSpmZe/NDWf+7IfnRE9EfHzTyl2dSytd2bu0tnxqanJi83j4dlz08Mzc5f2nzk3fnry9OT50ZdGjxw+dPjIyIE1Xdflgrzj197/sP+zsbe/++afNPL9b2MpjsarzRcuvI71MhiDjX+TtLSo78h6V1aSjvm3Oha+xamzxAaxKvn71xURT0V/dMT9N68/Pn2t1MYBG6qeIupARSXxDxWVjwPyz/aLPwfXShmVAJvhzrH5CYCl8d85PzcYPY25ge13Uyyc1kkRsbaZuVY7IuLWzbFrp26OXYsNmocDil25GhFPF8V/asT/QPTEQCP+ay3xn40LTjSfs/zX11j/4qli8Q+bZz7+e5aN/2gT/+8siP9311j/4P3ke70t8d+71ksCAAAAAACAyrpxLCJeLPr7f+3e+p8oWP/TFxFH16H+wUXHS//+X7u9DtUABe4ci3ilcP1vLV/9O9DRTD3WWA/QlU6dmZo8EBGPR8S+6NqWHY8sU8f+z3d93a5ssLn+L39k9d9qrgVstuN257bWcybGZ8cf9rqBiDtXI54pXP+b7vX/qaD/z34fTD9gHbuev36iXdnK8Q9slPq3EXsL+//7d61Iy9+fY7gxHhjORwVLPfvxFz+0q3+t8e8WE/Dwsv5/+/LxP5AW3q9nZvV1HJzrrLcrW+v4vzu92bjlTHcz76Px2dmLIxHd6XhHltuSP7r6NsOjKI+HPF6y+N/33PLzf0Xj/96IWHSnsEh/te4pzj35b9/v7dpj/A/lyeJ/YlX9/+oTo9cHfmxX/4P1/4caff2+Zo75P5j3VR6m3a35BeHYWVS02e0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdBLSJ2RKoN3UvXakNDEX0R8URsr01dmJl94dSFD85PZGWN7/+v5d/02z9/nPLv/x9YcDy66PhgROyMiC87ehvHQycvTE2UffEAAAAAAAAAAAAAAAAAAACwRfS12f+f+aOj7NYBG66z7AYApSmI/1/KaAew+fT/UF3iH6pL/EN1iX+oLvEP1SX+obrEP1SX+AcAAAAAgEfKzj03fk0RceXl3sYj090s6yq1ZcBGq5XdAKA0bvED1WXpD1SXz/hAWqG8p+1JK525nOmTD3EyAAAAAAAAAAAAAFTO3t32/0NV2f8P1WX/P1RXvv9/T8ntADafz/hArLCTv3D//4pnAQAAAAAAAAAAAADraWbu0tnxqanJixJvbY1mbGaiXq9fzv4XbJX2/M8T+VL4rdKeRYl8r9+DnVXe7yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDVfwEAAP//tsck3w==")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
timer_create(0xfffffffffffffffc, 0x0, 0x0)
timer_create(0xfffffffffffffffc, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000160700000fff07003506000002000000170600000ee50000bf250000000000003d350000000000006507000002000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff3d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa130c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6aae6a2213f4bb7b72ee19baaa6496c921b500fab987b62bbfd769664875469f58151b5ba0e4b84ea6500aeae078084123b254aeed0055787c01db742ed418ff76ee08d6fe0cc780a1005da7b778501e12cd7a0bb3780196d1fb84e6c12dddc60addc75a1f880bd58e7d1056a4d177e0067aa7c5ec09e1b762390a4f38d15794e698611b97a1bc9bc62513ad5ba767998919ccb61028200000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, &(0x7f0000000000), 0x19f}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

4.104256902s ago: executing program 5 (id=2053):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4048080)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, 0x0, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

4.104038163s ago: executing program 1 (id=2054):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

3.390766849s ago: executing program 3 (id=2055):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000040)={0x0, 0x8, 0x0, {0x9, @pix_mp={0x0, 0x0, 0x0, 0x0, 0x0, [{0xfffffffe, 0x1000}, {}, {0x8}, {}, {0x0, 0x1}], 0x4}}})
syz_emit_ethernet(0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000d86dd6000000400282c00fe8000000000000084000000000000bbfee6"], 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, 0x0, 0x6e)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, 0x0, 0x0, 0x1001000, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x100)
quotactl$Q_QUOTAOFF(0xffffffff80000300, &(0x7f0000000180)=@sr0, r4, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x28, 0x0, 0x0, 0xffeff024}, {0x6, 0x0, 0x83}]}, 0x10)
sendmmsg(r2, &(0x7f0000001c00), 0x400000000000159, 0x40840)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$VIDIOC_CROPCAP(r1, 0xc02c563a, &(0x7f0000000140)={0x8, {0x0, 0x10001, 0x3, 0x6}, {0x0, 0x533, 0x9, 0xfffffffd}, {0x4, 0x7ff}})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e21, 0x80, @remote, 0x7fff}}, 0xa, 0x288}, 0x90)
socket$inet_dccp(0x2, 0x6, 0x0)

3.339704072s ago: executing program 6 (id=2056):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$setperm(0x5, r6, 0x1100100)
keyctl$chown(0x6, r6, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0xfffffffffffffffd, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

3.339456492s ago: executing program 3 (id=2057):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
close(0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_ACK_FILTER={0x8, 0x10, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.268861247s ago: executing program 5 (id=2058):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_open_dev$dmmidi(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$GETPID(0x0, 0x3, 0xb, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)

3.268198467s ago: executing program 4 (id=2059):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$admmidi(0x0, 0x20, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000", 0x6, 0xfffffffffffffffd)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0xd, 0x8, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000200)})

3.238123749s ago: executing program 1 (id=2060):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3000000}]}]}]}, 0x3c}}, 0x20000810)
io_setup(0xea, &(0x7f00000000c0))
syz_open_procfs(0x0, &(0x7f0000000480)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000180)={0x6c, 0xff, 0x4, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0xff, 0x1, 0x0, 0x93}, 0xe)
sendto$inet6(r5, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r5, 0x1)

3.237228339s ago: executing program 3 (id=2061):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x200}], 0x18}, 0x28000054)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r4, &(0x7f0000001200)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000004c0)=""/232, 0xe8}, {&(0x7f0000000340)=""/121, 0x79}, {&(0x7f00000006c0)=""/145, 0x91}, {&(0x7f0000000480)=""/21, 0x15}], 0x4}, 0x1}], 0x2, 0x2023, 0x0)

2.45588615s ago: executing program 6 (id=2062):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
close_range(r1, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f00000005c0)={0x0, 0xb4b7, 0x800, 0x0, 0xfffffffc}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r2, 0x3f70, 0x0, 0x0, 0x0, 0x0)

2.45499524s ago: executing program 6 (id=2063):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd27, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0x1, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0xc010)

2.433719052s ago: executing program 6 (id=2064):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
write(r4, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r4, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

2.355696596s ago: executing program 4 (id=2065):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001a00)=ANY=[], 0x48)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/59, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680))
r1 = eventfd2(0x1, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
socket$packet(0x11, 0x2, 0x300)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
syz_io_uring_setup(0xde2, &(0x7f0000000080)={0x0, 0x0, 0x400}, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0})

2.310640009s ago: executing program 4 (id=2066):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_ACK_FILTER={0x8, 0x10, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.882767127s ago: executing program 3 (id=2067):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1.83566327s ago: executing program 5 (id=2068):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

1.83535835s ago: executing program 4 (id=2069):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.83459285s ago: executing program 5 (id=2070):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, 0x0}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000180)=0x19ca, 0x4)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.019686663s ago: executing program 1 (id=2071):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x0)

1.019354743s ago: executing program 6 (id=2072):
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1ff, 0x20000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x1, 0x3, 0x6, 0x448, '\x00', 0x9}, 0x1, [0x7, 0xd5, 0x5, 0x9, 0x6, 0xa, 0x2, 0x5, 0xfffffffffffffffb, 0xbd, 0x80000000, 0x102d, 0x8, 0x1, 0x3, 0xffffffffffffffff, 0x1, 0x1ed40, 0x6, 0x1ff, 0x80, 0x7, 0x7, 0x7, 0xc, 0x2, 0x9, 0x7, 0xffffffffffffffff, 0x3, 0x8fffffffe, 0x403, 0x1, 0x4, 0x1, 0x3, 0x3, 0x1, 0x0, 0x6, 0x9, 0x4, 0x8a, 0x50f, 0x9ac2, 0x6fe5, 0xffffffffba36ba58, 0x6, 0xa, 0x9, 0x6, 0xe000000000000000, 0xfffffffffffffffd, 0x403, 0x3, 0xfffffffffffff8f6, 0x4, 0xfffffffffffffff9, 0x0, 0xf9800000, 0x8, 0x9, 0x1800000, 0x5, 0x82b, 0x8, 0x5, 0x0, 0x4, 0xfffffffffffffffa, 0x5, 0x100000000000006, 0xca4f, 0x2f, 0x1, 0x7, 0x40, 0x2, 0x42843379, 0x1, 0x6, 0x201, 0x77d, 0xb3, 0x5, 0x539, 0x623b, 0x6, 0x0, 0x7, 0x4, 0x7fffffffffffffff, 0x7, 0x8, 0x0, 0x9, 0x93, 0x5, 0x401, 0x2, 0x2775e12f, 0x680000000000, 0x5, 0x40007, 0xe88, 0x80000004, 0x0, 0xfffffffffffffffa, 0x10001, 0x5, 0x8, 0x1000, 0x1d68a423, 0x5, 0x7, 0xfffffffffffff000, 0x8, 0x7ffd, 0xfffffffffffffff7, 0x6, 0x100000001, 0x8, 0x80000000005, 0x6, 0x20000000004, 0xc3, 0x7f, 0x3]})

967.300346ms ago: executing program 4 (id=2073):
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

138.83721ms ago: executing program 5 (id=2074):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
close_range(r1, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f00000005c0)={0x0, 0xb4b7, 0x800, 0x0, 0xfffffffc}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r2, 0x3f70, 0x0, 0x0, 0x0, 0x0)

35.744407ms ago: executing program 4 (id=2075):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50)
unshare(0x22020600)
close(0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40002102, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})

0s ago: executing program 6 (id=2076):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setfsuid(0xee01)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newtaction={0x7c, 0x30, 0x9, 0x0, 0x0, {}, [{0x68, 0x1, [@m_vlan={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x6c05}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)

kernel console output (not intermixed with test programs):

024
[   50.470800][   T51] block nbd0: Send control failed (result -89)
[   50.472063][   T51] block nbd0: Request send failed, requeueing
[   50.473740][ T4328] block nbd0: Receive control failed (result -32)
[   50.473961][   T51] block nbd0: Dead connection, failed to find a fallback
[   50.476108][   T51] block nbd0: shutting down sockets
[   50.477253][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.478402][ T4849] block nbd0: NBD_DISCONNECT
[   50.479667][ T4849] block nbd0: Send disconnect failed -89
[   50.484340][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.486122][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.487622][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.489158][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.490754][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.492403][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.494133][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.496099][ T4311] ldm_validate_partition_table(): Disk read failed.
[   50.497475][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.499427][   T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.504750][ T4311] Dev nbd0: unable to read RDB block 0
[   50.508345][ T4311]  nbd0: unable to read partition table
[   50.510504][ T4311] ldm_validate_partition_table(): Disk read failed.
[   50.511990][ T4311] Dev nbd0: unable to read RDB block 0
[   50.513134][ T4311]  nbd0: unable to read partition table
[   50.525102][ T4849] ldm_validate_partition_table(): Disk read failed.
[   50.527593][ T4849] Dev nbd0: unable to read RDB block 0
[   50.529958][ T4849]  nbd0: unable to read partition table
[   50.535827][ T4851] binder: 4850:4851 tried to acquire reference to desc 0, got 1 instead
[   50.540414][ T4381] binder: undelivered TRANSACTION_COMPLETE
[   50.548154][ T4381] binder: undelivered transaction 31, process died.
[   50.719428][ T4865] loop1: detected capacity change from 0 to 2048
[   50.722939][ T4867] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   50.753797][ T4868] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   50.782261][ T4870] binder: 4869:4870 tried to acquire reference to desc 0, got 1 instead
[   50.784958][ T4870] binder: 4869:4870 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   50.793922][ T4870] binder: 4870 RLIMIT_NICE not set
[   50.799270][ T4381] binder: undelivered TRANSACTION_COMPLETE
[   50.810987][ T4328] Bluetooth: hci3: command 0x0406 tx timeout
[   51.265609][ T4336] Bluetooth: hci2: hardware error 0x09
[   53.005526][ T4919] netlink: 'syz.0.159': attribute type 1 has an invalid length.
[   53.012865][ T4918] netlink: 4 bytes leftover after parsing attributes in process `syz.3.160'.
[   53.364376][ T4919] 8021q: adding VLAN 0 to HW filter on device bond2
[   53.366079][ T4919] bond1: (slave bond2): making interface the new active one
[   53.368403][ T4919] bond1: (slave bond2): Enslaving as an active interface with an up link
[   53.374226][ T4923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.159'.
[   53.375856][ T4923] device bond1 entered promiscuous mode
[   53.376696][ T4923] device bond2 entered promiscuous mode
[   53.377692][ T4923] 8021q: adding VLAN 0 to HW filter on device bond1
[   53.476959][ T4935] loop1: detected capacity change from 0 to 256
[   53.481591][ T4935] exfat: Deprecated parameter 'namecase'
[   53.482605][ T4935] exfat: Deprecated parameter 'codepage'
[   53.483657][ T4935] exfat: Bad value for 'codepage'
[   53.554104][ T4938] loop1: detected capacity change from 0 to 1024
[   53.557035][ T4938] EXT4-fs: Ignoring removed nobh option
[   53.559723][ T4938] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   53.576604][ T4938] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[   53.624564][ T4356] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[   53.625871][ T4356] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[   53.627487][ T4356] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[   53.638665][ T4356] hid-generic 0003:0004:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1
[   53.644156][ T4943] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   53.684419][ T4930] loop2: detected capacity change from 0 to 8192
[   53.757081][ T4948] loop0: detected capacity change from 0 to 512
[   53.759141][ T4948] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   53.830319][ T4948] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   53.976651][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   54.108228][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[   54.489595][ T4967] loop3: detected capacity change from 0 to 1024
[   54.640861][ T4336] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   54.817886][ T4967] EXT4-fs: Ignoring removed nobh option
[   54.821026][ T4967] EXT4-fs: Ignoring removed bh option
[   54.829381][ T4967] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   54.854176][ T4973] netlink: 'syz.2.176': attribute type 5 has an invalid length.
[   54.888200][ T4967] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   54.894926][ T4967] netlink: 'syz.3.174': attribute type 4 has an invalid length.
[   54.896232][ T4967] netlink: 17 bytes leftover after parsing attributes in process `syz.3.174'.
[   54.913834][ T4978] netlink: 24 bytes leftover after parsing attributes in process `syz.0.178'.
[   54.971328][ T4978] qfq: no options
[   55.135159][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   55.845582][ T5001] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   55.935353][ T4993] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   56.907660][ T5019] binder: 5018:5019 tried to acquire reference to desc 0, got 1 instead
[   57.253795][ T5019] binder: 5018:5019 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   57.261993][ T5019] binder: 5019 RLIMIT_NICE not set
[   57.263082][ T5019] binder: 5019 RLIMIT_NICE not set
[   57.266525][ T4381] binder: release 5018:5021 transaction 45 out, still active
[   57.267956][ T4381] binder: undelivered TRANSACTION_COMPLETE
[   57.286621][ T4381] binder: release 5018:5019 transaction 45 in, still active
[   57.287939][ T4381] binder: send failed reply for transaction 45, target dead
[   57.378944][ T5015] loop4: detected capacity change from 0 to 40427
[   57.389408][ T5015] F2FS-fs (loop4): build fault injection attr: rate: 694, type: 0x3ffff
[   57.398829][ T5016] loop0: detected capacity change from 0 to 131072
[   57.400141][ T5015] F2FS-fs (loop4): invalid crc value
[   57.408333][ T5015] F2FS-fs (loop4): Found nat_bits in checkpoint
[   57.425008][ T5016] F2FS-fs (loop0): Found nat_bits in checkpoint
[   57.436225][ T5015] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   57.444410][ T5016] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   57.648076][ T5036] netlink: 'syz.4.196': attribute type 1 has an invalid length.
[   57.755834][ T5036] bond1: (slave gretap1): making interface the new active one
[   57.767016][ T5036] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   57.827527][ T5036] bond1: (slave gretap2): Enslaving as an active interface with an up link
[   58.321954][ T5042] loop2: detected capacity change from 0 to 40427
[   58.330737][ T5042] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[   58.723879][ T5042] F2FS-fs (loop2): invalid crc value
[   58.736983][ T5042] F2FS-fs (loop2): Found nat_bits in checkpoint
[   58.777332][ T5056] netlink: 12 bytes leftover after parsing attributes in process `syz.1.201'.
[   58.787464][ T5042] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   58.855335][ T5042] F2FS-fs (loop2) : inject checkpoint error in f2fs_balance_fs of __write_node_page+0xc34/0x18fc
[   58.863957][ T5060] capability: warning: `syz.3.202' uses deprecated v2 capabilities in a way that may be insecure
[   58.875701][ T4558] bond0: (slave bond_slave_0): interface is now down
[   58.877594][ T4558] bond0: (slave bond_slave_1): interface is now down
[   58.880174][ T5063] netlink: 'syz.0.203': attribute type 10 has an invalid length.
[   58.883781][ T5063] device syz_tun entered promiscuous mode
[   58.901306][   T39] bond0: (slave bond_slave_0): interface is now down
[   58.902553][   T39] bond0: (slave bond_slave_1): interface is now down
[   58.911435][ T5063] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   58.920852][   T39] bond0: (slave bond_slave_0): interface is now down
[   58.922017][   T39] bond0: (slave bond_slave_1): interface is now down
[   58.923041][   T39] bond0: (slave syz_tun): interface is now down
[   58.925318][   T39] bond0: now running without any active interface!
[   59.117239][ T5078] loop1: detected capacity change from 0 to 256
[   59.125447][ T5078] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   59.130475][ T5078] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   59.139772][ T5078] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[   59.487405][ T5078] netlink: 20 bytes leftover after parsing attributes in process `syz.1.209'.
[   59.957655][ T5096] netlink: 'syz.2.215': attribute type 10 has an invalid length.
[   59.973092][ T5096] 8021q: adding VLAN 0 to HW filter on device team0
[   59.975490][ T5096] bond0: (slave team0): Enslaving as an active interface with an up link
[   60.040479][ T5104] loop0: detected capacity change from 0 to 512
[   60.044809][ T5104] EXT4-fs: Ignoring removed orlov option
[   60.046293][ T5104] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   60.048558][ T5104] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   60.060410][ T5104] EXT4-fs (loop0): 1 orphan inode deleted
[   60.062028][ T5104] EXT4-fs (loop0): 1 truncate cleaned up
[   60.063128][ T5104] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   60.095271][ T4327] EXT4-fs error (device loop0): __ext4_iget:5077: inode #11: block 458766: comm syz-executor: invalid block
[   60.098159][ T4327] EXT4-fs error (device loop0): __ext4_iget:5077: inode #11: block 458766: comm syz-executor: invalid block
[   60.171128][ T5110] xt_hashlimit: max too large, truncated to 1048576
[   60.226903][ T4327] bond0: (slave syz_tun): Releasing backup interface
[   60.307324][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   60.469058][ T4328] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   60.471268][ T4328] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   60.473119][ T4328] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   60.474947][ T4328] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   60.476361][ T4328] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   60.477962][ T4328] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   60.554617][ T5127] loop3: detected capacity change from 0 to 256
[   60.582774][ T4558] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.722644][ T4558] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.574003][ T4558] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.587015][ T5143] lo speed is unknown, defaulting to 1000
[   61.588069][ T5143] lo speed is unknown, defaulting to 1000
[   61.589867][ T5143] lo speed is unknown, defaulting to 1000
[   61.601207][   T27] audit: type=1326 audit(61.580:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5144 comm="syz.4.231" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d15b3a8 code=0x0
[   61.607846][ T5148] netlink: 6 bytes leftover after parsing attributes in process `syz.3.233'.
[   61.609282][ T5148] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   61.614290][ T5143] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   61.620174][ T5143] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   62.535939][ T4328] Bluetooth: hci3: command 0x0409 tx timeout
[   62.563302][ T4558] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.567187][ T5143] lo speed is unknown, defaulting to 1000
[   62.568748][ T5143] lo speed is unknown, defaulting to 1000
[   62.905918][ T5143] lo speed is unknown, defaulting to 1000
[   62.909488][ T5143] lo speed is unknown, defaulting to 1000
[   62.911815][ T5143] lo speed is unknown, defaulting to 1000
[   62.914102][ T5143] lo speed is unknown, defaulting to 1000
[   62.934016][ T5120] chnl_net:caif_netlink_parms(): no params data found
[   62.960997][ T5120] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.962313][ T5120] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.963834][ T5120] device bridge_slave_0 entered promiscuous mode
[   62.966175][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.967501][ T5120] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.969164][ T5120] device bridge_slave_1 entered promiscuous mode
[   62.977764][ T5120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.980494][ T5120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.990034][ T5120] team0: Port device team_slave_0 added
[   62.993008][ T5120] team0: Port device team_slave_1 added
[   63.001694][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.002854][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.006653][ T5120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.009252][ T5120] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.010564][ T5120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.015287][ T5120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.055664][ T5175] loop1: detected capacity change from 0 to 128
[   63.058506][ T5175] EXT4-fs (loop1): Test dummy encryption mode enabled
[   63.062036][ T5175] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0082]
[   63.063478][ T5175] System zones: 1-3, 19-19, 35-36
[   63.064807][ T5175] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   63.076849][ T5120] device hsr_slave_0 entered promiscuous mode
[   63.394432][ T5120] device hsr_slave_1 entered promiscuous mode
[   63.430972][ T5120] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.432272][ T5120] Cannot create hsr debugfs directory
[   63.781592][ T5175] fscrypt: AES-256-XTS using implementation "xts-aes-ce"
[   63.874378][ T5175] EXT4-fs (loop1): unmounting filesystem.
[   64.319588][ T5200] loop2: detected capacity change from 0 to 2048
[   64.344123][ T5120] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   64.362042][ T5200]  loop2: p1 < > p4
[   64.364676][ T5200] loop2: p4 size 8388608 extends beyond EOD, truncated
[   64.373957][ T5120] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   64.496166][   T22] cfg80211: failed to load regulatory.db
[   64.498175][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[   64.499236][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[   64.504602][ T5120] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   64.546849][ T5120] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   64.570770][ T4336] Bluetooth: hci3: command 0x041b tx timeout
[   65.028965][ T5224] loop2: detected capacity change from 0 to 32768
[   65.082794][ T5224] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   65.160524][ T5120] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.196753][ T5120] 8021q: adding VLAN 0 to HW filter on device team0
[   65.207688][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.209222][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.214346][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.215944][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.218949][ T4970] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.220064][ T4970] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.226401][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.230975][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.234698][ T4970] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.235920][ T4970] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.248629][ T5120] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.250348][ T5120] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.327359][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.329165][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.333016][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.336118][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.342467][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.344259][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.349618][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.356814][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.359485][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.365612][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.367259][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.418457][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.420278][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   66.142984][ T4324] ocfs2: Unmounting device (7,2) on (node local)
[   66.218567][ T5266] binder: 5265:5266 tried to acquire reference to desc 0, got 1 instead
[   66.220558][ T5266] binder: 5265:5266 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   66.221370][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   66.224021][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   66.229196][ T5120] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.231090][ T5266] binder: 5266 RLIMIT_NICE not set
[   66.232128][ T5266] binder: 5266 RLIMIT_NICE not set
[   66.240531][ T5269] netlink: 52 bytes leftover after parsing attributes in process `syz.3.257'.
[   66.247243][ T4381] binder: release 5265:5266 transaction 50 out, still active
[   66.248364][ T4381] binder: undelivered TRANSACTION_COMPLETE
[   66.277824][ T4381] binder: release 5265:5266 transaction 50 in, still active
[   66.279116][ T4381] binder: send failed reply for transaction 50, target dead
[   66.376128][ T5282] Driver unsupported XDP return value 0 on prog  (id 32) dev N/A, expect packet loss!
[   66.662244][ T4328] Bluetooth: hci3: command 0x040f tx timeout
[   66.680592][ T5280] Bluetooth: (null): Invalid header checksum
[   66.840494][ T5306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   66.846492][ T5306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.855350][ T5306] loop4: detected capacity change from 0 to 512
[   66.895088][ T4311] blk_print_req_error: 43 callbacks suppressed
[   66.895103][ T4311] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   66.908007][ T4328] Bluetooth: hci4: unknown advertising packet type: 0x64
[   66.908056][ T4328] Bluetooth: hci4: Dropping invalid advertising data
[   66.917527][ T4328] Bluetooth: hci4: unknown advertising packet type: 0x7c
[   66.917550][ T4328] Bluetooth: hci4: unknown advertising packet type: 0x09
[   66.918753][ T4328] Bluetooth: hci4: Malformed LE Event: 0x02
[   67.387619][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   67.389379][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   67.409758][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   67.411989][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.413896][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.417959][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.429277][ T5120] device veth0_vlan entered promiscuous mode
[   67.485586][ T4558] device hsr_slave_0 left promiscuous mode
[   67.531343][ T4558] device hsr_slave_1 left promiscuous mode
[   67.728893][ T4558] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.381988][ T4558] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.542670][ T4558] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.543984][ T4558] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.550326][ T4558] device bridge_slave_1 left promiscuous mode
[   68.558150][ T4558] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.683177][ T4558] device bridge_slave_0 left promiscuous mode
[   68.684328][ T4558] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.904741][ T4328] Bluetooth: hci3: command 0x0419 tx timeout
[   69.011089][ T4558] device veth1_macvtap left promiscuous mode
[   69.012533][ T4558] device veth0_macvtap left promiscuous mode
[   69.013619][ T4558] device veth1_vlan left promiscuous mode
[   69.014699][ T4558] device veth0_vlan left promiscuous mode
[   71.082296][ T4558] bond1 (unregistering): (slave bond2): Releasing backup interface
[   71.083689][ T4558] device bond2 left promiscuous mode
[   71.112287][ T4558] bond2 (unregistering): Released all slaves
[   71.410204][ T5392] loop2: detected capacity change from 0 to 16
[   71.411920][ T5392] MTD: Attempt to mount non-MTD device "/dev/loop2"
[   71.426503][ T4311] udevd[4311]: incorrect cramfs checksum on /dev/loop2
[   71.437335][ T4311] udevd[4311]: incorrect cramfs checksum on /dev/loop2
[   71.460446][ T5394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.465192][ T5394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.471573][ T5394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.473080][ T5394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.762277][ T4558] bond1 (unregistering): Released all slaves
[   73.623523][ T4558] team0 (unregistering): Port device team_slave_1 removed
[   73.782179][ T4558] team0 (unregistering): Port device team_slave_0 removed
[   73.961670][ T4558] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   74.171224][ T4558] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   76.683466][ T4558] bond0 (unregistering): Released all slaves
[   76.847651][ T5120] device veth1_vlan entered promiscuous mode
[   76.853678][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   76.855223][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   76.861913][ T5369] lo speed is unknown, defaulting to 1000
[   76.869692][ T5394] netlink: 4 bytes leftover after parsing attributes in process `syz.2.288'.
[   76.871152][ T5394] netlink: 5 bytes leftover after parsing attributes in process `syz.2.288'.
[   76.873609][ T5342] lo speed is unknown, defaulting to 1000
[   76.910223][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   76.915186][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   76.918185][ T5120] device veth0_macvtap entered promiscuous mode
[   76.921493][ T5120] device veth1_macvtap entered promiscuous mode
[   76.926930][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.928524][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.930148][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.935003][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.936411][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.938125][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.939701][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.942148][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.944497][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.945869][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   76.947384][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   76.948838][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   76.950362][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.961115][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.962992][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.964562][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.966470][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.968016][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.970423][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.987755][ T5120] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.989329][ T5120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.999552][ T5120] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.012247][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   77.013870][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.017527][ T5120] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.019016][ T5120] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.020296][ T5120] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.025263][ T5120] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.492830][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.498527][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.508065][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.516279][ T4407] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.518064][ T4407] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.522256][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.119878][ T5447] team0: Port device vlan2 added
[   78.182281][ T5454] netlink: 24 bytes leftover after parsing attributes in process `syz.3.295'.
[   79.050000][ T5482] device syzkaller0 entered promiscuous mode
[   80.641521][ T5551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.643168][ T5551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.725226][ T5558] netlink: 8 bytes leftover after parsing attributes in process `syz.4.310'.
[   80.731719][ T5558] 8021q: adding VLAN 0 to HW filter on device bond2
[   80.754774][ T5558] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[   80.769323][ T5558] netlink: 4 bytes leftover after parsing attributes in process `syz.4.310'.
[   80.842601][ T4970] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[   80.847066][ T4407] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[   80.961066][   T11] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[   81.837535][ T5580] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   81.839622][ T5580] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   81.873150][ T5580] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   81.875465][ T5580] device bridge_slave_0 left promiscuous mode
[   81.877663][ T5580] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.928503][ T4336] Bluetooth: hci0: link tx timeout
[   81.929588][ T4336] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[   81.953602][ T5580] device bridge_slave_1 left promiscuous mode
[   81.954837][ T5580] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.250159][   T27] audit: type=1326 audit(82.230:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5591 comm="syz.1.321" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf15b3a8 code=0x0
[   82.257165][ T5580] bond0: (slave bond_slave_0): Releasing backup interface
[   82.295111][ T5580] bond0: (slave bond_slave_1): Releasing backup interface
[   82.350492][ T5580] team0: Port device team_slave_0 removed
[   82.361817][ T5580] team0: Port device team_slave_1 removed
[   82.363658][ T5580] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.364985][ T5580] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.367176][ T5580] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.368252][ T5580] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.380927][ T5580] bond1: (slave gretap1): Releasing active interface
[   82.382010][ T5580] bond1: (slave gretap1): the permanent HWaddr of slave - a6:0c:dc:40:be:0d - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[   82.384741][ T5580] bond1: (slave gretap2): making interface the new active one
[   82.434729][ T5580] bond1: (slave gretap2): Releasing active interface
[   82.476060][ T5580] bond2: (slave ip6gretap1): Removing an active aggregator
[   82.477852][ T5580] bond2: (slave ip6gretap1): Releasing backup interface
[   82.572820][ T5584] team0: Mode changed to "loadbalance"
[   82.574334][ T5595] tipc: Started in network mode
[   82.575217][ T5595] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   82.576720][ T5595] tipc: Enabled bearer <eth:team0>, priority 0
[   82.580248][ T5590] device vlan0 entered promiscuous mode
[   82.611349][ T5590] team0: Port device vlan0 added
[   82.778041][   T27] audit: type=1326 audit(82.760:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5615 comm="syz.2.328" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffbcb5b3a8 code=0x0
[   83.157908][ T5627] netlink: 'syz.1.332': attribute type 1 has an invalid length.
[   83.168340][ T5627] 8021q: adding VLAN 0 to HW filter on device bond1
[   83.191437][ T5627] bond1: (slave veth3): Enslaving as an active interface with a down link
[   83.219378][ T5627] bond1: (slave veth0_to_bond): making interface the new active one
[   83.222509][ T5627] device veth0_to_bond entered promiscuous mode
[   83.223764][ T5627] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[   83.225469][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[   83.241710][ T5627] bond1: (slave veth5): Enslaving as an active interface with a down link
[   83.879148][ T1515] tipc: Node number set to 11578026
[   83.965938][   T27] audit: type=1326 audit(83.950:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5620 comm="syz.5.329" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7fc00000
[   84.010799][ T4328] Bluetooth: hci0: command 0x0406 tx timeout
[   84.015327][ T5659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.340'.
[   84.811722][ T4336] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[   84.813406][ T4336] Bluetooth: hci0: Injecting HCI hardware error event
[   84.816204][ T4328] Bluetooth: hci0: hardware error 0x00
[   85.702513][ T5694] overlayfs: failed to clone upperpath
[   85.783365][ T5697] overlayfs: failed to clone upperpath
[   86.213276][ T5706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.356'.
[   86.216438][ T5706] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[   86.295480][ T5713] netlink: 'syz.3.360': attribute type 1 has an invalid length.
[   87.350792][ T4328] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   87.387861][ T5713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.360'.
[   87.418734][ T5713] 8021q: adding VLAN 0 to HW filter on device batadv1
[   87.431514][ T5713] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[   87.436627][ T5734] netlink: 24 bytes leftover after parsing attributes in process `syz.2.366'.
[   87.457415][ T5713] bond1 (unregistering): (slave batadv1): Releasing backup interface
[   87.492995][ T5713] bond1 (unregistering): Released all slaves
[   90.870633][    C1] sched: RT throttling activated
[   91.098432][ T5839] VFS: Mount too revealing
[   91.099586][ T5839] VFS: Mount too revealing
[   91.158973][ T5856] netlink: 'syz.4.396': attribute type 1 has an invalid length.
[   91.192471][ T5856] bond3: (slave gretap3): making interface the new active one
[   91.194453][ T5856] bond3: (slave gretap3): Enslaving as an active interface with an up link
[   91.366741][ T5856] bond3: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[   91.451378][ T4328] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[   91.453529][ T4328] Bluetooth: hci3: Injecting HCI hardware error event
[   91.456754][ T4334] Bluetooth: hci3: hardware error 0x00
[   91.726367][ T5867] tipc: Started in network mode
[   91.727337][ T5867] tipc: Node identity 4, cluster identity 4711
[   91.728245][ T5867] tipc: Node number set to 4
[   92.578123][ T5924] netlink: 'syz.1.408': attribute type 10 has an invalid length.
[   92.608479][ T5924] 8021q: adding VLAN 0 to HW filter on device team0
[   92.697463][ T5932] netlink: 12 bytes leftover after parsing attributes in process `syz.2.410'.
[   92.725166][ T5934] device bond1 entered promiscuous mode
[   92.796892][ T5932] device macvlan2 entered promiscuous mode
[   92.875401][ T5932] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   92.948917][ T5928] infiniband syz!: set active
[   92.949819][ T5928] infiniband syz!: added team_slave_0
[   92.997119][ T5928] RDS/IB: syz!: added
[   92.998217][ T5928] smc: adding ib device syz! with port count 1
[   92.999841][ T5928] smc:    ib device syz! port 1 has pnetid 
[   93.069885][ T5929] device bond1 left promiscuous mode
[   93.517571][ T5973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.419'.
[   93.850796][ T4334] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[   94.149771][ T6007] device bridge0 entered promiscuous mode
[   94.152656][ T6007] batman_adv: batadv0: Adding interface: macsec1
[   94.153960][ T6007] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.158665][ T6007] batman_adv: batadv0: Interface activated: macsec1
[   94.200603][ T6013] overlayfs: failed to clone upperpath
[   94.312409][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   94.315633][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   94.317027][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   94.332761][ T6019] team0: Port device vlan0 removed
[   94.336293][ T6019] bond3: (slave gretap3): Releasing active interface
[   94.368572][ T6019] batman_adv: batadv0: Interface deactivated: macsec1
[   94.369876][ T6019] batman_adv: batadv0: Removing interface: macsec1
[   94.376326][ T4516] tipc: Resetting bearer <eth:team0>
[   94.378604][ T6024] netlink: 'syz.4.427': attribute type 10 has an invalid length.
[   94.387497][ T6024] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   94.675163][ T6044] loop2: detected capacity change from 0 to 512
[   94.676617][ T6044] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.677678][ T6044] EXT4-fs: inline encryption not supported
[   94.678655][ T6044] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.734771][ T6044] EXT4-fs (loop2): Test dummy encryption mode enabled
[   94.739304][ T6050] lo speed is unknown, defaulting to 1000
[   94.741273][ T6044] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   95.693665][ T6044] EXT4-fs (loop2): 1 truncate cleaned up
[   95.694813][ T6044] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   95.829712][ T6073] overlayfs: failed to clone upperpath
[   95.859082][ T6044] EXT4-fs (loop2): shut down requested (1)
[   96.011106][ T4324] EXT4-fs (loop2): unmounting filesystem.
[   96.819284][ T6100] Invalid option length (1032005) for dns_resolver key
[   96.899623][ T6094] loop2: detected capacity change from 0 to 16
[   96.911476][ T6094] erofs: Unknown parameter '000000000000000000000177777777777777777777701777777777777777777777'
[   98.658330][ T4334] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   98.661942][ T4334] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   98.669759][ T4334] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   98.673105][ T4334] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   98.675345][ T4334] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   98.676970][ T4334] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   99.004569][ T4558] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.045914][ T6124] lo speed is unknown, defaulting to 1000
[   99.094000][ T4558] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.203570][ T4558] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.219844][ T6124] chnl_net:caif_netlink_parms(): no params data found
[   99.237291][ T6124] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.238591][ T6124] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.537441][ T6124] device bridge_slave_0 entered promiscuous mode
[   99.593657][ T4558] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.597855][ T6124] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.599138][ T6124] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.601105][ T6124] device bridge_slave_1 entered promiscuous mode
[   99.610985][ T6153] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   99.614455][ T6153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   99.616091][ T6153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   99.618216][ T6153] device bridge_slave_0 left promiscuous mode
[   99.619352][ T6153] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.661940][ T6153] device bridge_slave_1 left promiscuous mode
[   99.663091][ T6153] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.045064][ T6153] bond0: (slave bond_slave_0): Releasing backup interface
[  100.146102][ T6153] bond0: (slave bond_slave_1): Releasing backup interface
[  100.460478][ T6153] team0: Port device team_slave_0 removed
[  100.476786][ T6153] team0: Port device team_slave_1 removed
[  100.477995][ T6153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.497670][ T6153] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.501973][ T6153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.503192][ T6153] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.517495][ T6153] team0: Port device vlan2 removed
[  100.519625][ T6153] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  100.529187][ T6124] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.536653][ T6124] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.552343][ T6124] team0: Port device team_slave_0 added
[  100.556316][ T6124] team0: Port device team_slave_1 added
[  100.570246][ T6156] team0: Mode changed to "loadbalance"
[  100.592506][ T6124] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.593853][ T6124] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.597820][ T6124] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.613765][ T6124] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.616155][ T6124] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.622513][ T6124] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.711738][ T4443] device veth0_to_bond left promiscuous mode
[  100.811711][ T4334] Bluetooth: hci1: command 0x0409 tx timeout
[  100.973134][ T6124] device hsr_slave_0 entered promiscuous mode
[  101.032074][ T6124] device hsr_slave_1 entered promiscuous mode
[  101.070769][ T6124] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  101.073161][ T6124] Cannot create hsr debugfs directory
[  101.091391][ T6182] netlink: 12 bytes leftover after parsing attributes in process `syz.5.471'.
[  101.094483][ T6182] device vlan2 entered promiscuous mode
[  101.095412][ T6182] device bridge0 entered promiscuous mode
[  101.276662][ T4558] tipc: Disabling bearer <udp:syz2>
[  101.279633][ T4558] tipc: Disabling bearer <udp:syz0>
[  101.281072][ T4558] tipc: Left network mode
[  101.448865][ T6124] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  101.541375][ T6124] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  101.562048][ T6124] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  101.983457][ T6124] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  102.234443][ T6246] Invalid option length (1032005) for dns_resolver key
[  102.460032][ T6124] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.464893][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.467461][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.470940][ T6124] 8021q: adding VLAN 0 to HW filter on device team0
[  102.473711][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  102.475502][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  102.477034][ T4970] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.478273][ T4970] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.481623][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  102.536138][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  102.537923][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  102.539357][ T4970] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.540510][ T4970] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.551288][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  102.555157][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  102.563811][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  102.570553][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  102.575673][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  102.579545][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  102.607594][ T6257] VFS: Mount too revealing
[  102.646160][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  102.647927][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  102.649649][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  102.653541][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  102.655848][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.659611][ T6124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  102.870549][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  102.872065][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  102.873438][ T6272] netlink: 12 bytes leftover after parsing attributes in process `syz.4.490'.
[  102.880539][ T6272] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  102.882108][ T6272] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  102.883495][ T6272] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  102.884956][ T6272] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  102.891076][ T4336] Bluetooth: hci1: command 0x041b tx timeout
[  102.930342][ T6124] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.012276][ T6272] netlink: 12 bytes leftover after parsing attributes in process `syz.4.490'.
[  103.790951][ T6124] device veth0_vlan entered promiscuous mode
[  103.801001][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  103.802853][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  103.812861][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  103.831276][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  103.833304][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  103.835415][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  103.917515][ T6124] device veth1_vlan entered promiscuous mode
[  103.939795][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  103.941518][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  103.943017][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  103.944603][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  103.949197][ T6124] device veth0_macvtap entered promiscuous mode
[  103.955625][ T6124] device veth1_macvtap entered promiscuous mode
[  103.962296][ T6124] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.964022][ T6124] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.965533][ T6124] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.967308][ T6124] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.968831][ T6124] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.970558][ T6124] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.974203][ T6124] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.750214][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  104.753698][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  104.755278][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  104.756918][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  104.763604][ T6124] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.765172][ T6124] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.766864][ T6124] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.768441][ T6124] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.769887][ T6124] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.771597][ T6124] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.774179][ T6124] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.784757][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  104.786342][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  104.890593][ T4558] device hsr_slave_0 left promiscuous mode
[  104.971007][ T4334] Bluetooth: hci1: command 0x040f tx timeout
[  105.149077][ T4558] device hsr_slave_1 left promiscuous mode
[  105.176193][ T6370] Invalid option length (1032005) for dns_resolver key
[  105.330830][ T4558] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.332243][ T4558] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.333931][ T4558] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.335156][ T4558] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.336616][ T4558] device bridge_slave_1 left promiscuous mode
[  105.337676][ T4558] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.376090][ T4558] device bridge_slave_0 left promiscuous mode
[  105.377800][ T4558] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.501020][ T4558] device veth1_macvtap left promiscuous mode
[  105.502222][ T4558] device veth0_macvtap left promiscuous mode
[  105.503326][ T4558] device veth1_vlan left promiscuous mode
[  105.504363][ T4558] device veth0_vlan left promiscuous mode
[  105.576163][ T4558] bond1 (unregistering): Released all slaves
[  107.050706][ T4334] Bluetooth: hci1: command 0x0419 tx timeout
[  107.490272][ T6395] overlayfs: failed to clone upperpath
[  108.483610][ T4558] team0 (unregistering): Port device team_slave_1 removed
[  108.641915][ T4558] team0 (unregistering): Port device team_slave_0 removed
[  108.811135][ T4558] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  109.021125][ T4558] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.682232][ T4558] bond0 (unregistering): (slave team0): Releasing backup interface
[  111.505339][ T4558] bond0 (unregistering): Released all slaves
[  111.707186][ T6124] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.708686][ T6124] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.709939][ T6124] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.711666][ T6124] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.768500][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.4.510'.
[  111.772482][ T6385] device hsr0 entered promiscuous mode
[  112.397680][ T4445] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.399078][ T4445] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.420113][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  112.425409][ T4445] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.426796][ T4445] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.429943][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  113.542544][ T6437] netlink: 4 bytes leftover after parsing attributes in process `syz.6.455'.
[  118.283779][ T6584] netlink: 'syz.3.558': attribute type 3 has an invalid length.
[  118.285578][ T6584] netlink: 'syz.3.558': attribute type 3 has an invalid length.
[  118.787993][ T6609] netlink: 'syz.4.553': attribute type 3 has an invalid length.
[  118.790493][ T6609] netlink: 'syz.4.553': attribute type 3 has an invalid length.
[  119.264937][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.3.556'.
[  119.369394][ T6623] lo speed is unknown, defaulting to 1000
[  120.077541][ T6623] loop6: detected capacity change from 0 to 32768
[  120.618967][ T6650] netlink: 'syz.5.564': attribute type 3 has an invalid length.
[  121.154891][ T6660] netlink: 'syz.1.569': attribute type 5 has an invalid length.
[  121.611580][ T6667] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  121.613271][ T6667] tipc: Resetting bearer <eth:team0>
[  121.615690][ T6667] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  121.621770][ T6667] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  121.634658][ T6667] bond0: (slave netdevsim0): Releasing backup interface
[  121.747669][ T6667] team0: Unable to change to the same mode the team is in
[  123.650020][ T6718] fuse: Bad value for 'fd'
[  126.166751][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  126.168012][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  128.638345][ T6854] tipc: Failed to remove unknown binding: 66,1,1/0:1961019455/1961019457
[  128.667299][ T6854] tipc: Failed to remove unknown binding: 66,1,1/0:1961019455/1961019457
[  128.688545][ T6854] tipc: Failed to remove unknown binding: 66,1,1/0:1961019455/1961019457
[  129.387286][   T27] audit: type=1326 audit(129.370:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6869 comm="syz.5.618" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x0
[  130.964409][ T6918] bridge0: the hash_elasticity option has been deprecated and is always 16
[  131.001350][ T6923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.629'.
[  131.479531][ T6923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.629'.
[  132.442203][ T6928] netlink: 12 bytes leftover after parsing attributes in process `syz.5.631'.
[  132.619232][ T6944] lo speed is unknown, defaulting to 1000
[  132.620140][ T6944] lo speed is unknown, defaulting to 1000
[  132.621270][ T6944] lo speed is unknown, defaulting to 1000
[  132.624610][ T6944] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  132.634163][ T6944] lo speed is unknown, defaulting to 1000
[  132.635303][ T6944] lo speed is unknown, defaulting to 1000
[  132.636492][ T6944] lo speed is unknown, defaulting to 1000
[  132.637740][ T6944] lo speed is unknown, defaulting to 1000
[  132.638831][ T6944] lo speed is unknown, defaulting to 1000
[  133.266572][ T6979] overlayfs: failed to clone upperpath
[  133.412500][ T6987] tipc: Started in network mode
[  133.415628][ T6987] tipc: Node identity 4, cluster identity 4711
[  133.416824][ T6987] tipc: Node number set to 4
[  135.289683][ T7053] overlayfs: failed to clone upperpath
[  135.296790][ T7053] overlayfs: failed to clone upperpath
[  136.704388][ T7076] tmpfs: Bad value for 'mpol'
[  140.465209][ T7147] netlink: 24 bytes leftover after parsing attributes in process `syz.4.674'.
[  142.456708][ T7180] netlink: 'syz.6.682': attribute type 1 has an invalid length.
[  142.468728][ T7180] 8021q: adding VLAN 0 to HW filter on device bond1
[  143.294302][ T7180] bond1: (slave erspan0): making interface the new active one
[  143.296906][ T7180] bond1: (slave erspan0): Enslaving as an active interface with an up link
[  143.298317][ T4598] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  144.437863][ T7229] netlink: 4 bytes leftover after parsing attributes in process `syz.6.695'.
[  145.362627][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.698'.
[  145.364214][ T7239] netlink: 'syz.3.698': attribute type 30 has an invalid length.
[  145.367725][ T7239] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  145.369255][ T7239] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  145.370586][ T7239] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  145.372404][ T7239] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  145.378707][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.698'.
[  145.380210][ T7239] netlink: 'syz.3.698': attribute type 30 has an invalid length.
[  149.812948][ T7306] overlayfs: failed to clone upperpath
[  151.769577][ T4336] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  151.771171][ T4336] CPU: 0 PID: 4336 Comm: kworker/u5:8 Not tainted syzkaller #0
[  151.772243][ T4336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[  151.773983][ T4336] Workqueue: hci4 hci_rx_work
[  151.774759][ T4336] Call trace:
[  151.775303][ T4336]  dump_backtrace+0x1c8/0x1f4
[  151.776013][ T4336]  show_stack+0x2c/0x3c
[  151.776809][ T4336]  __dump_stack+0x30/0x40
[  151.777553][ T4336]  dump_stack_lvl+0xf8/0x160
[  151.778383][ T4336]  dump_stack+0x1c/0x5c
[  151.779082][ T4336]  sysfs_create_dir_ns+0x22c/0x24c
[  151.779926][ T4336]  kobject_add_internal+0x5a8/0xb30
[  151.780811][ T4336]  kobject_add+0x134/0x1f8
[  151.781583][ T4336]  device_add+0x3f0/0xf94
[  151.782309][ T4336]  hci_conn_add_sysfs+0xbc/0x1cc
[  151.783072][ T4336]  le_conn_complete_evt+0xcb0/0x1220
[  151.783999][ T4336]  hci_le_conn_complete_evt+0x114/0x3f8
[  151.784874][ T4336]  hci_le_meta_evt+0x2c0/0x4a4
[  151.785644][ T4336]  hci_event_packet+0x6ac/0xf08
[  151.786440][ T4336]  hci_rx_work+0x324/0xaa0
[  151.787172][ T4336]  process_one_work+0x7f4/0x13a8
[  151.787942][ T4336]  worker_thread+0x8c8/0xfbc
[  151.788672][ T4336]  kthread+0x250/0x2d8
[  151.789321][ T4336]  ret_from_fork+0x10/0x20
[  151.790256][ T4336] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  151.792484][ T4336] Bluetooth: hci4: failed to register connection device
[  151.831882][ T7347] fuse: Bad value for 'fd'
[  151.850443][ T7347] netlink: 20 bytes leftover after parsing attributes in process `syz.5.730'.
[  152.252597][ T7370] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  152.254215][ T7370] FAT-fs (loop11): unable to read boot sector
[  152.261032][   T27] audit: type=1326 audit(152.240:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  152.271125][   T27] audit: type=1326 audit(152.250:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=448 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  152.276892][   T27] audit: type=1326 audit(152.260:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  152.287085][   T27] audit: type=1326 audit(152.260:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa5159794 code=0x7ffc0000
[  152.293699][   T27] audit: type=1326 audit(152.260:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  152.299100][   T27] audit: type=1326 audit(152.260:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  152.309475][   T27] audit: type=1326 audit(152.260:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.5.734" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  154.545824][ T7368] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  154.558292][ T7433] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  154.562719][ T7433] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  154.565121][ T7433] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  154.582596][ T7433] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  154.653197][ T7461] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  155.638907][ T7482] netlink: 12 bytes leftover after parsing attributes in process `syz.4.754'.
[  156.107836][ T7482] device gre1 entered promiscuous mode
[  156.110477][ T7482] bond4: (slave gre1): The slave device specified does not support setting the MAC address
[  156.118899][ T7482] bond4: (slave gre1): Error -95 calling set_mac_address
[  156.758138][ T7489] device macvlan2 entered promiscuous mode
[  156.759316][ T7489] bond4: (slave macvlan2): Error -99 calling set_mac_address
[  156.787697][ T7501] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  157.948481][ T7526] tipc: Enabled bearer <udp:syz2>, priority 10
[  157.951147][ T7526] tipc: Enabled bearer <eth:team0>, priority 0
[  157.973688][   T27] audit: type=1326 audit(157.960:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7527 comm="syz.6.767" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af5b3a8 code=0x0
[  158.810733][ T4334] Bluetooth: hci4: command 0x0406 tx timeout
[  159.496160][ T7558] overlayfs: failed to clone upperpath
[  159.497841][ T7558] overlayfs: failed to clone upperpath
[  159.522814][ T7560] device vlan2 entered promiscuous mode
[  159.596494][ T7564] tipc: Resetting bearer <eth:team0>
[  159.597838][ T7564] tipc: Resetting bearer <eth:team0>
[  159.604471][ T7564] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.606481][ T7564] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.649938][   T39] tipc: Resetting bearer <eth:team0>
[  159.669312][ T7564] netlink: 'syz.6.780': attribute type 16 has an invalid length.
[  159.671452][ T7564] netlink: 'syz.6.780': attribute type 17 has an invalid length.
[  159.676607][ T7564] tipc: Resetting bearer <eth:team0>
[  159.678266][ T7564] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  159.679550][ T7564] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  159.681183][ T7564] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  159.682462][ T7564] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  159.684936][ T7564] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.686138][ T7564] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.689088][ T7564] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.690426][ T7564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.260896][ T7581] MPTCP: kernel_bind error, err=-98
[  162.317916][ T7625] netlink: 'syz.6.799': attribute type 8 has an invalid length.
[  163.297017][ T7648] fuse: Bad value for 'fd'
[  163.298434][ T7648] UBIFS error (pid: 7648): cannot open "./file0", error -22
[  164.210583][ T7666] netlink: 8 bytes leftover after parsing attributes in process `syz.4.814'.
[  164.217071][ T7666] netlink: 48 bytes leftover after parsing attributes in process `syz.4.814'.
[  166.700061][ T7729] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  167.040061][ T7735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.836'.
[  168.316895][    C0] vcan0: j1939_tp_rxtimer: 0x00000000e6b57bbe: rx timeout, send abort
[  168.320034][    C0] vcan0: j1939_xtp_rx_abort_one: 0x00000000e6b57bbe: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  169.272787][ T7780] sctp: [Deprecated]: syz.4.851 (pid 7780) Use of struct sctp_assoc_value in delayed_ack socket option.
[  169.272787][ T7780] Use struct sctp_sack_info instead
[  170.139896][ T7800] sch_tbf: burst 1821 is lower than device lo mtu (65550) !
[  170.520995][ T7802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.857'.
[  171.212475][ T7830] netlink: 'syz.3.867': attribute type 1 has an invalid length.
[  171.219888][ T7830] 8021q: adding VLAN 0 to HW filter on device bond1
[  171.292045][ T7833] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  171.576708][ T7839] netlink: 24 bytes leftover after parsing attributes in process `syz.5.868'.
[  171.603469][ T7830] bond1: (slave vlan3): making interface the new active one
[  171.606000][ T7830] bond1: (slave vlan3): Enslaving as an active interface with an up link
[  171.634088][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  172.336034][ T7854] netlink: 'syz.1.872': attribute type 4 has an invalid length.
[  172.368190][   T27] audit: type=1326 audit(172.350:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.373230][   T27] audit: type=1326 audit(172.360:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.374891][ T7854] netlink: 'syz.1.872': attribute type 4 has an invalid length.
[  172.378805][   T27] audit: type=1326 audit(172.360:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.386867][   T27] audit: type=1326 audit(172.360:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa5159794 code=0x7ffc0000
[  172.393414][   T27] audit: type=1326 audit(172.360:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.400520][   T27] audit: type=1326 audit(172.360:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.404306][   T27] audit: type=1326 audit(172.360:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.412345][   T27] audit: type=1326 audit(172.360:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  172.416249][   T27] audit: type=1326 audit(172.380:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  173.060247][   T27] audit: type=1326 audit(172.380:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7861 comm="syz.5.875" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffffa5185ac8 code=0x7ffc0000
[  175.341887][ T7902] sch_tbf: burst 3936 is lower than device lo mtu (11337746) !
[  175.588550][ T7919] netlink: 'syz.1.897': attribute type 4 has an invalid length.
[  176.870233][  T296] infiniband syz!: set active
[  176.872134][  T296] infiniband syz!: set active
[  177.497879][ T7949] netlink: 32 bytes leftover after parsing attributes in process `syz.4.908'.
[  178.939384][ T7975] device veth0_vlan left promiscuous mode
[  178.942193][ T7975] device veth0_vlan entered promiscuous mode
[  178.944325][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  178.946594][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  178.948273][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  178.965361][ T7986] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  178.966783][ T7985] netlink: 16 bytes leftover after parsing attributes in process `syz.1.918'.
[  179.234859][ T7985] netlink: 16 bytes leftover after parsing attributes in process `syz.1.918'.
[  179.269563][ T7995] syz.1.921 uses obsolete (PF_INET,SOCK_PACKET)
[  179.392441][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  179.392451][   T27] audit: type=1326 audit(179.380:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.5.920" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  179.397265][   T27] audit: type=1326 audit(179.380:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.5.920" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  179.400906][   T27] audit: type=1326 audit(179.380:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.5.920" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=190 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  179.404760][   T27] audit: type=1326 audit(179.380:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.5.920" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  179.408367][   T27] audit: type=1326 audit(179.380:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.5.920" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x7ffc0000
[  179.794056][ T8011] netlink: 'syz.3.926': attribute type 1 has an invalid length.
[  179.798502][ T8002] could not allocate digest TFM handle sha1-ssse3
[  179.801363][ T8011] 8021q: adding VLAN 0 to HW filter on device bond2
[  180.298621][ T8011] bond2: (slave gretap1): making interface the new active one
[  180.303939][ T8011] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  180.305526][ T4599] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  180.346259][ T8025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.929'.
[  180.348310][ T8025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.929'.
[  180.642830][ T8040] netlink: 12 bytes leftover after parsing attributes in process `syz.5.936'.
[  183.072870][ T8093] netlink: 4 bytes leftover after parsing attributes in process `syz.4.952'.
[  184.042487][ T8109] netlink: 12 bytes leftover after parsing attributes in process `syz.4.956'.
[  184.051535][ T8111] xt_CT: You must specify a L4 protocol and not use inversions on it
[  184.371028][ T8109] netlink: 4 bytes leftover after parsing attributes in process `syz.4.956'.
[  185.287488][ T8142] netlink: 'syz.5.966': attribute type 10 has an invalid length.
[  185.289069][ T8142] netlink: 40 bytes leftover after parsing attributes in process `syz.5.966'.
[  185.367124][ T8142] team0: Port device geneve0 added
[  185.374822][ T8146] netlink: 'syz.3.967': attribute type 11 has an invalid length.
[  187.381407][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  187.382477][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  188.967148][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.977084][ T4598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.360944][ T8227] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.366103][ T8227] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.382972][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.521766][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.169282][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.180791][ T7438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.299302][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.411097][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.106490][ T8252] ptrace attach of "./syz-executor exec"[4320] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  191.214328][ T8258] netlink: 8 bytes leftover after parsing attributes in process `syz.1.994'.
[  191.234419][ T8258] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  194.247382][ T8310] netlink: 'syz.6.1007': attribute type 10 has an invalid length.
[  194.254622][ T8310] tipc: Resetting bearer <eth:team0>
[  194.268423][ T8310] tipc: Resetting bearer <eth:team0>
[  194.269919][ T8310] 8021q: adding VLAN 0 to HW filter on device team0
[  194.277686][ T8310] bond0: (slave team0): Enslaving as an active interface with an up link
[  194.476691][ T4407] net_ratelimit: 9 callbacks suppressed
[  194.476703][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.613877][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.620333][ T8310] 8021q: adding VLAN 0 to HW filter on device bond2
[  194.630761][ T8310] device bond_slave_0 entered promiscuous mode
[  194.631842][ T8310] device bond_slave_1 entered promiscuous mode
[  194.632930][ T8310] device team_slave_0 entered promiscuous mode
[  194.634004][ T8310] device team_slave_1 entered promiscuous mode
[  194.651328][ T8310] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  194.653729][ T8310] bond2: (slave macvlan2): Enslaving as a backup interface with an up link
[  194.656323][ T8317] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  194.732959][ T4799] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  195.241737][ T8337] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1013'.
[  195.245058][ T8337] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  195.250471][ T8337] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1013'.
[  195.253244][ T8337] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  195.356231][ T8342] xt_CT: You must specify a L4 protocol and not use inversions on it
[  195.681787][ T8348] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1016'.
[  195.685086][ T8348] device vlan2 entered promiscuous mode
[  195.686106][ T8348] device bond0 entered promiscuous mode
[  195.703031][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.705042][ T4445] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.709528][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.769793][ T8357] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1019'.
[  196.379620][ T8370] lo speed is unknown, defaulting to 1000
[  196.413410][ T8370] lo speed is unknown, defaulting to 1000
[  196.516404][ T4516] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.972132][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.468777][ T4598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.471330][ T8391] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1029'.
[  197.508370][ T8393] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1031'.
[  198.260401][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.380191][ T8409] netlink: 'syz.6.1035': attribute type 1 has an invalid length.
[  198.478983][ T8415] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  198.480567][ T8415] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  198.483723][ T8415] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  198.485314][ T8415] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  198.489104][ T8415] bond3: (slave geneve2): making interface the new active one
[  198.496486][ T8415] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  198.545402][ T8409] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1035'.
[  198.580333][ T8409] 8021q: adding VLAN 0 to HW filter on device bond3
[  198.793850][ T4388] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.904834][ T8425] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1040'.
[  198.994374][ T8425] 8021q: adding VLAN 0 to HW filter on device bond3
[  198.997211][ T8425] bond2: (slave bond3): Enslaving as an active interface with an up link
[  199.000529][ T8431] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1040'.
[  199.003389][ T8431] 8021q: adding VLAN 0 to HW filter on device bond2
[  199.334731][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.561299][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.658539][ T4443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.731235][ T7418] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.771482][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.842302][  T296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.153665][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.516464][ T8511] bridge0: port 1(syz_tun) entered blocking state
[  203.538712][ T8511] bridge0: port 1(syz_tun) entered disabled state
[  203.542387][ T8511] device syz_tun entered promiscuous mode
[  203.546223][ T8511] bridge0: port 1(syz_tun) entered blocking state
[  203.547476][ T8511] bridge0: port 1(syz_tun) entered forwarding state
[  203.556088][ T7438] IPv6: ADDRCONF(NETDEV_CHANGE): macsec1: link becomes ready
[  204.053675][ T4356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.375763][ T4381] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.650822][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.766613][ T8535] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1071'.
[  204.768171][ T8535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1071'.
[  204.781573][ T8535] netlink: 'syz.4.1071': attribute type 10 has an invalid length.
[  204.782934][ T8535] bridge0: port 2(team0) entered blocking state
[  204.784103][ T8535] bridge0: port 2(team0) entered disabled state
[  204.785783][ T8535] device team0 entered promiscuous mode
[  204.845261][ T8540] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1072'.
[  205.647822][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.706582][ T8564] netlink: 'syz.5.1079': attribute type 3 has an invalid length.
[  205.709119][ T8564] netlink: 'syz.5.1079': attribute type 3 has an invalid length.
[  206.206393][ T7429] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.280213][ T8574] netlink: 'syz.1.1083': attribute type 4 has an invalid length.
[  206.582839][ T7429] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.660953][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.734799][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.455410][ T4445] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.494590][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.509866][ T8638] netlink: 'syz.6.1102': attribute type 3 has an invalid length.
[  209.511426][ T8638] netlink: 'syz.6.1102': attribute type 3 has an invalid length.
[  209.633338][ T4388] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.588612][ T8655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1105'.
[  210.615601][ T8655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1105'.
[  210.644317][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.804317][ T8644] infiniband syz1: set active
[  210.810678][ T8644] infiniband syz1: added syz_tun
[  211.134408][ T8644] RDS/IB: syz1: added
[  211.135217][ T8644] smc: adding ib device syz1 with port count 1
[  211.136146][ T8644] smc:    ib device syz1 port 1 has pnetid 
[  211.277852][ T8674] netlink: 'syz.5.1110': attribute type 4 has an invalid length.
[  211.351378][ T8644] netlink: 'syz.6.1104': attribute type 10 has an invalid length.
[  211.353236][ T8644] device syz_tun entered promiscuous mode
[  211.375046][ T8644] infiniband syz1: set down
[  211.388168][ T8644] infiniband syz1: set active
[  211.393483][ T8644] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  211.491371][ T8685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  211.495140][ T8685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  211.497420][ T8685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  211.499893][ T8685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  211.502074][ T8685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  211.743809][ T4599] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.745540][ T4558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.749097][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.781759][ T8690] set match dimension is over the limit!
[  212.831929][   T22] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.999993][ T5376] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.239625][ T8729] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1125'.
[  214.286912][   T27] audit: type=1326 audit(214.270:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8731 comm="syz.6.1127" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af5b3a8 code=0x0
[  214.293888][ T8735] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1125'.
[  214.317928][ T8737] set match dimension is over the limit!
[  214.784719][ T8748] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1130'.
[  214.810987][ T4449] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.891640][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.443757][ T5376] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.432941][ T8787] lo speed is unknown, defaulting to 1000
[  216.436545][ T8784] tipc: Failed to remove unknown binding: 66,1,1/4:2002729480/2002729482
[  216.438949][ T8784] tipc: Failed to remove unknown binding: 66,1,1/4:2002729480/2002729482
[  216.440289][ T8784] tipc: Failed to remove unknown binding: 66,1,1/4:2002729480/2002729482
[  216.647868][ T8795] __nla_validate_parse: 5 callbacks suppressed
[  216.647900][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1145'.
[  216.654696][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1145'.
[  216.658734][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1145'.
[  216.662623][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1145'.
[  216.665266][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1145'.
[  216.973575][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.975379][ T4598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  217.243630][ T8787] lo speed is unknown, defaulting to 1000
[  217.461135][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.215703][ T8817] set match dimension is over the limit!
[  219.649148][ T8846] MPTCP: kernel_bind error, err=-98
[  220.963175][ T8834] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.086175][   T27] audit: type=1326 audit(221.070:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8865 comm="syz.6.1166" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9af5b3a8 code=0x0
[  221.930837][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.111493][ T4540] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.117311][ T4540] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.819947][ T8909] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  223.211920][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  223.226933][ T8921] netlink: 'syz.1.1180': attribute type 3 has an invalid length.
[  224.895213][ T8948] tmpfs: Bad value for 'mpol'
[  225.297748][ T8960] netlink: 'syz.4.1194': attribute type 1 has an invalid length.
[  225.302557][ T4336] Bluetooth: hci1: command 0x0406 tx timeout
[  225.317516][ T8960] 8021q: adding VLAN 0 to HW filter on device bond5
[  226.378154][ T8960] bond5: (slave erspan0): making interface the new active one
[  226.389132][ T8960] bond5: (slave erspan0): Enslaving as an active interface with an up link
[  226.463716][ T4598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.473330][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready
[  227.234735][ T8979] x_tables: duplicate underflow at hook 2
[  227.559430][ T8984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1202'.
[  227.691058][ T8981] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  227.692781][ T4598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  228.457538][ T9004] tipc: Failed to remove unknown binding: 66,1,1/0:1355187715/1355187717
[  228.466490][ T9004] tipc: Failed to remove unknown binding: 66,1,1/0:1355187715/1355187717
[  228.467982][ T9004] tipc: Failed to remove unknown binding: 66,1,1/0:1355187715/1355187717
[  228.971715][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.587293][ T9022] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1215'.
[  229.702812][ T9042] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1219'.
[  230.801348][ T9065] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1227'.
[  230.869249][ T9073] lo speed is unknown, defaulting to 1000
[  231.662845][ T7438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.915033][ T9073] lo speed is unknown, defaulting to 1000
[  231.935576][ T9078] siw: device registration error -23
[  231.995253][ T9086] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  232.183435][ T9101] tmpfs: Bad value for 'mpol'
[  232.733567][ T9129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1235'.
[  232.811337][ T7438] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.142412][ T9143] netlink: 'syz.1.1240': attribute type 10 has an invalid length.
[  233.145229][ T9143] 8021q: adding VLAN 0 to HW filter on device team0
[  233.191886][ T9143] 8021q: adding VLAN 0 to HW filter on device bond4
[  234.153720][  T296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.163263][ T4445] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.268774][ T9174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1252'.
[  235.281434][ T9177] device gre2 entered promiscuous mode
[  235.282597][ T9177] bond3: (slave gre2): The slave device specified does not support setting the MAC address
[  235.284819][ T9177] bond3: (slave gre2): Error -95 calling set_mac_address
[  235.315886][ T9179] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1254'.
[  236.226281][ T9174] device macvlan2 entered promiscuous mode
[  236.227521][ T9174] bond3: (slave macvlan2): Error -99 calling set_mac_address
[  237.275276][   T27] audit: type=1326 audit(237.260:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9203 comm="syz.5.1260" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa515b3a8 code=0x0
[  237.313930][ T4598] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.378414][ T9209] bridge0: port 1(syz_tun) entered disabled state
[  237.383296][ T9209] tipc: Resetting bearer <eth:team0>
[  237.412483][ T9209] netlink: 'syz.4.1262': attribute type 16 has an invalid length.
[  237.413771][ T9209] netlink: 'syz.4.1262': attribute type 17 has an invalid length.
[  237.418429][ T9209] bridge0: port 1(syz_tun) entered blocking state
[  237.419401][ T9209] bridge0: port 1(syz_tun) entered forwarding state
[  237.422952][ T9209] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  237.424160][ T9209] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  237.425876][ T9209] tipc: Resetting bearer <eth:team0>
[  237.427965][ T9209] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  237.429203][ T9209] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  237.430540][ T9209] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  237.432478][ T9209] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  237.726671][ T9219] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1267'.
[  237.931226][ T7422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  239.069605][ T9247] netlink: 'syz.1.1276': attribute type 1 has an invalid length.
[  239.077075][ T9247] 8021q: adding VLAN 0 to HW filter on device bond5
[  239.092546][ T9247] bond5: (slave veth9): Enslaving as an active interface with a down link
[  239.520382][ T9247] device veth0_to_bond entered promiscuous mode
[  239.527910][ T9247] device veth0_to_bond left promiscuous mode
[  239.530286][ T9247] bond5: (slave vlan2): making interface the new active one
[  239.532571][ T9247] device veth0_to_bond entered promiscuous mode
[  239.534169][ T9247] device vlan2 entered promiscuous mode
[  239.535430][ T9247] bond5: (slave vlan2): Enslaving as an active interface with an up link
[  239.536879][  T296] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready
[  240.103881][ T4609] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.435644][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1280'.
[  240.438827][ T9267] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1280'.
[  240.494102][ T7422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.864059][ T9298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1292'.
[  242.350505][ T4445] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  243.185435][ T9314] devtmpfs: Unknown parameter 'dirsync���k��9ě��k9X��[G���cN���13���H����s���~�v�Ѹ���L�����D쮔 eOp���t�C�{7-`'�*�+���k�2�WQҗN�EZ'��r�{�ҬZ��z�6���e�Ub��:Ԑ���$#C�6�[Y�H�^�B���@ɜ�l !�/�J���U�����8q�~�쭶H7�؇#�e�QR�ՆNWXa�'
[  243.761602][ T7422] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.388068][ T7270] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.453534][ T9363] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1312'.
[  245.603653][    C1] vcan0: j1939_tp_rxtimer: 0x00000000def9d4c0: rx timeout, send abort
[  245.605068][    C1] vcan0: j1939_xtp_rx_abort_one: 0x00000000def9d4c0: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  245.798026][ T4609] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.874233][ T9371] netlink: 'syz.6.1314': attribute type 4 has an invalid length.
[  245.903349][ T9374] netlink: 'syz.5.1326': attribute type 4 has an invalid length.
[  245.926153][ T9371] netlink: 'syz.6.1314': attribute type 4 has an invalid length.
[  245.938326][ T9377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1317'.
[  245.939780][ T9377] netlink: 'syz.4.1317': attribute type 30 has an invalid length.
[  246.506432][ T9377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1317'.
[  246.535263][ T9377] netlink: 'syz.4.1317': attribute type 30 has an invalid length.
[  247.878342][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.864385][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  250.865512][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  250.867811][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  250.893359][ T4558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.325008][ T9438] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1344'.
[  251.370970][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.395210][ T9438] HTB: quantum of class 801D0008 is small. Consider r2q change.
[  251.429840][ T9440] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1335'.
[  251.557372][ T9440] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1335'.
[  252.270903][ T9450] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1337'.
[  252.274673][ T9450] netlink: 'syz.5.1337': attribute type 30 has an invalid length.
[  252.278109][ T9450] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  252.279557][ T9450] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  252.281064][ T9450] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  252.282428][ T9450] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  252.325066][ T9450] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1337'.
[  252.326634][ T9450] netlink: 'syz.5.1337': attribute type 30 has an invalid length.
[  253.012771][ T9480] dns_resolver: Unsupported server list version (0)
[  253.499991][ T4599] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.570883][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.710250][ T9510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1356'.
[  254.720440][ T9510] netlink: 'syz.1.1356': attribute type 30 has an invalid length.
[  254.729115][ T9510] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  254.730534][ T9510] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  254.731996][ T9510] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  254.733413][ T9510] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  254.748911][ T9510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1356'.
[  254.752795][ T9510] netlink: 'syz.1.1356': attribute type 30 has an invalid length.
[  255.723179][ T9527] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1369'.
[  255.726076][ T9527] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  256.601609][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.625645][  T296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.363431][ T4516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.774055][ T9564] ptrace attach of "./syz-executor exec"[4330] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  258.652622][ T4445] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.021987][ T9580] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1384'.
[  260.534733][ T9611] xt_CT: You must specify a L4 protocol and not use inversions on it
[  263.803936][ T7418] device vlan2 left promiscuous mode
[  264.778773][ T9672] netlink: 'syz.4.1399': attribute type 1 has an invalid length.
[  264.788756][ T9672] 8021q: adding VLAN 0 to HW filter on device bond6
[  264.813544][ T9672] 8021q: adding VLAN 0 to HW filter on device bond6
[  264.814963][ T9672] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[  264.819412][ T9672] bond6: (slave vxcan3): Error -95 calling set_mac_address
[  264.909031][ T9672] device veth5 entered promiscuous mode
[  264.913068][ T9672] bond6: (slave veth5): Enslaving as an active interface with a down link
[  264.925216][ T9672] bond6: (slave veth1_to_batadv): making interface the new active one
[  264.926852][ T9672] bond6: (slave veth1_to_batadv): Enslaving as an active interface with an up link
[  266.743897][ T9715] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1410'.
[  267.864693][ T9738] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1416'.
[  269.927780][ T9778] ptrace attach of "./syz-executor exec"[4319] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  270.820326][ T9797] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1427'.
[  270.845416][ T9799] netlink: 'syz.1.1428': attribute type 1 has an invalid length.
[  270.856857][ T9799] 8021q: adding VLAN 0 to HW filter on device bond6
[  270.861634][ T9797] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1427'.
[  270.969564][ T9799] device ipvlan2 entered promiscuous mode
[  270.971008][ T9799] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  270.979604][ T9802] bond6: (slave gretap1): making interface the new active one
[  270.993469][ T9802] bond6: (slave gretap1): Enslaving as an active interface with an up link
[  270.995256][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): bond6: link becomes ready
[  270.997226][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): ipvlan2: link becomes ready
[  273.941731][ T9839] netlink: 'syz.3.1437': attribute type 4 has an invalid length.
[  273.970340][ T1515] lo speed is unknown, defaulting to 1000
[  274.268988][ T9854] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1443'.
[  274.312918][ T9854] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1443'.
[  274.574445][ T9860] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  275.377506][ T9870] MPTCP: kernel_bind error, err=-99
[  275.482985][ T9875] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1449'.
[  279.828763][ T9913] tipc: Started in network mode
[  279.829667][ T9913] tipc: Node identity 4, cluster identity 4711
[  279.842380][ T9913] tipc: Node number set to 4
[  280.884197][ T9928] netlink: 'syz.3.1465': attribute type 1 has an invalid length.
[  280.988988][ T9928] 8021q: adding VLAN 0 to HW filter on device bond4
[  282.734231][ T9930] bond4: (slave erspan0): making interface the new active one
[  282.736171][ T9930] bond4: (slave erspan0): Enslaving as an active interface with an up link
[  282.761134][ T7418] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  282.787470][ T9941] bridge0: the hash_elasticity option has been deprecated and is always 16
[  283.609499][ T9941] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.610867][ T9941] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.167367][ T9966] netlink: 'syz.4.1477': attribute type 4 has an invalid length.
[  284.191851][ T4449] lo speed is unknown, defaulting to 1000
[  284.380740][ T9974] ptrace attach of "./syz-executor exec"[6124] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  285.058313][ T9980] netlink: 'syz.5.1480': attribute type 10 has an invalid length.
[  285.452129][ T9980] 8021q: adding VLAN 0 to HW filter on device team0
[  285.457795][ T9980] bond0: (slave team0): Enslaving as an active interface with an up link
[  285.471305][ T9985] 8021q: adding VLAN 0 to HW filter on device bond1
[  285.506351][ T9980] device bond_slave_0 entered promiscuous mode
[  285.508529][ T9980] device bond_slave_1 entered promiscuous mode
[  285.509401][ T9980] device team_slave_0 entered promiscuous mode
[  285.510321][ T9980] device team_slave_1 entered promiscuous mode
[  285.511476][ T9980] device geneve0 entered promiscuous mode
[  285.514309][ T9980] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  285.516195][ T9980] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  285.517590][ T9980] bond1: (slave macvlan2): speed changed to 0 on port 1
[  285.520269][ T9980] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  285.574311][ T4799] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  285.640436][ T9995] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1494'.
[  285.678572][ T9995] 8021q: adding VLAN 0 to HW filter on device bond3
[  285.750689][ T9999] xt_CT: You must specify a L4 protocol and not use inversions on it
[  286.227200][ T9995] bond2: (slave bond3): Enslaving as an active interface with an up link
[  286.228891][T10005] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1494'.
[  286.232032][T10005] 8021q: adding VLAN 0 to HW filter on device bond2
[  292.546571][T10090] ptrace attach of "./syz-executor exec"[5120] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  298.803624][T10179] ptrace attach of "./syz-executor exec"[4320] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  300.684641][T10200] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  300.699030][T10200] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  300.700391][T10200] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  300.701883][T10200] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  300.705031][T10200] device geneve3 entered promiscuous mode
[  304.703009][T10239] ptrace attach of "./syz-executor exec"[6124] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  307.088341][T10261] netlink: 'syz.5.1546': attribute type 1 has an invalid length.
[  307.108915][T10261] 8021q: adding VLAN 0 to HW filter on device bond4
[  307.482908][T10261] 8021q: adding VLAN 0 to HW filter on device bond4
[  307.484243][T10261] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  307.487017][T10261] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  307.494879][T10270] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  307.497750][T10270] device batadv_slave_1 entered promiscuous mode
[  307.507969][T10270] batman_adv: batadv0: Removing interface: batadv_slave_1
[  307.511543][T10270] bond4: (slave batadv_slave_1): making interface the new active one
[  307.513343][T10270] bond4: (slave batadv_slave_1): Enslaving as an active interface with an up link
[  307.846393][T10274] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1546'.
[  307.853668][T10274] 8021q: adding VLAN 0 to HW filter on device bond4
[  308.251131][ T4558] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  308.517721][T10294] ptrace attach of "./syz-executor exec"[4330] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  310.264363][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  310.316461][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  310.980989][T10320] ptrace attach of "./syz-executor exec"[6124] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  311.866452][   T27] audit: type=1326 audit(311.850:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10315 comm="syz.4.1561" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d15b3a8 code=0x0
[  312.872835][T10352] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1567'.
[  312.889253][T10352] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1567'.
[  313.836735][T10363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1578'.
[  316.733093][T10414] lo speed is unknown, defaulting to 1000
[  316.733784][T10415] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1580'.
[  317.440262][T10414] lo speed is unknown, defaulting to 1000
[  321.655903][T10471] syz.4.1601 sent an empty control message without MSG_MORE.
[  322.448637][T10476] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  326.199062][T10522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1615'.
[  326.202390][T10522] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1615'.
[  329.103366][T10552] bond1: option mode: unable to set because the bond device has slaves
[  329.108451][T10552] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  329.120424][T10552] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  333.242844][T10605] netlink: 'syz.4.1636': attribute type 1 has an invalid length.
[  333.372804][T10609] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  333.375206][T10609] bond7: (slave vxcan3): Error -95 calling set_mac_address
[  334.430816][T10605] device macvlan2 entered promiscuous mode
[  334.432424][T10605] device bond7 entered promiscuous mode
[  334.448622][T10605] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  334.472045][T10605] device bond7 left promiscuous mode
[  335.655561][T10623] netlink: 'syz.6.1640': attribute type 1 has an invalid length.
[  335.683646][T10624] bond4: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  335.685674][T10624] bond4: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  335.687428][T10624] bond4: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  336.999282][T10635] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1640'.
[  337.519077][T10672] netlink: 'syz.6.1651': attribute type 1 has an invalid length.
[  337.591064][T10672] 8021q: adding VLAN 0 to HW filter on device bond5
[  337.607202][T10676] 8021q: adding VLAN 0 to HW filter on device bond5
[  337.608695][T10676] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  337.615578][T10676] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  338.002519][T10672] device gretap1 entered promiscuous mode
[  338.005356][T10672] bond5: (slave gretap1): making interface the new active one
[  338.007204][T10672] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  338.019792][T10672] device macvlan3 entered promiscuous mode
[  338.021469][T10672] device bond5 entered promiscuous mode
[  338.024179][T10672] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  338.062646][T10672] bond5: (slave macvlan3): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  338.103118][T10672] device bond5 left promiscuous mode
[  341.162514][T10713] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1660'.
[  344.185117][T10749] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  344.244448][T10748] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1670'.
[  349.326330][T10819] netlink: 'syz.5.1689': attribute type 1 has an invalid length.
[  349.335399][T10819] 8021q: adding VLAN 0 to HW filter on device bond5
[  349.357828][T10819] 8021q: adding VLAN 0 to HW filter on device bond5
[  349.363707][T10819] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  349.366176][T10819] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  349.406803][T10825] device gretap1 entered promiscuous mode
[  349.411017][T10825] bond5: (slave gretap1): making interface the new active one
[  349.413083][T10825] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  349.547536][T10819] device macvlan3 entered promiscuous mode
[  349.549949][T10819] device bond5 entered promiscuous mode
[  349.851467][T10819] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  349.922793][T10819] bond5: (slave macvlan3): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  350.294303][T10819] device bond5 left promiscuous mode
[  351.125117][T10849] netlink: 'syz.3.1696': attribute type 10 has an invalid length.
[  351.135819][T10849] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  351.154395][T10845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1696'.
[  351.254192][T10845] bond0: (slave bridge0): Releasing backup interface
[  357.475339][T10929] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  361.266842][T10967] netlink: 'syz.1.1729': attribute type 1 has an invalid length.
[  361.290017][T10967] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  361.669172][T10967] bond7: (slave vxcan3): Error -95 calling set_mac_address
[  362.295310][T10967] device gretap2 entered promiscuous mode
[  362.298019][T10967] bond7: (slave gretap2): making interface the new active one
[  362.299762][T10967] bond7: (slave gretap2): Enslaving as an active interface with an up link
[  363.178992][T10967] device macvlan2 entered promiscuous mode
[  363.180584][T10967] device bond7 entered promiscuous mode
[  363.184069][T10967] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  364.218505][T10967] bond7: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2
[  364.391433][T10967] device bond7 left promiscuous mode
[  364.713265][T10992] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  367.109241][T11047] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  368.592288][T11080] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  369.512557][T11088] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  369.626172][T11107] netlink: 'syz.4.1769': attribute type 10 has an invalid length.
[  369.636036][T11107] bridge0: port 1(syz_tun) entered disabled state
[  369.638077][T11107] bridge0: port 1(syz_tun) entered disabled state
[  369.658984][T11107] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  372.277712][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  372.279117][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  377.206720][T11210] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.208533][T11210] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.211808][T11210] infiniband syz!: set active
[  377.212746][T11210] infiniband syz!: set active
[  377.956367][T11230] lo speed is unknown, defaulting to 1000
[  377.976103][T11230] lo speed is unknown, defaulting to 1000
[  378.383106][T11240] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  382.022755][T11304] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  384.996334][T11360] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  386.696933][T11382] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  387.678339][T11401] netlink: 'syz.4.1844': attribute type 1 has an invalid length.
[  387.713212][T11401] 8021q: adding VLAN 0 to HW filter on device bond8
[  387.797228][T11401] bond8: (slave veth7): Enslaving as an active interface with a down link
[  387.813058][T11401] device macvlan2 entered promiscuous mode
[  387.814594][T11401] device bond8 entered promiscuous mode
[  387.815931][T11401] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  387.817499][T11401] bond8: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  387.821050][T11401] device bond8 left promiscuous mode
[  388.205943][T11413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1847'.
[  388.207554][T11413] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  388.742407][T11413] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.780906][T11452] lo speed is unknown, defaulting to 1000
[  390.800442][T11452] lo speed is unknown, defaulting to 1000
[  392.186615][T11484] vcan0: tx drop: invalid da for name 0x0000000000000002
[  392.365350][T11485] overlayfs: failed to resolve './file0': -2
[  393.905203][ T4336] Bluetooth: hci4: command 0x0409 tx timeout
[  395.488358][T11533] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  395.724688][T11551] tipc: Resetting bearer <eth:team0>
[  397.863319][T11554] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  397.868535][T11554] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  397.947569][T11554] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  397.993751][T11563] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  398.092863][T11575] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  398.152966][T11579] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  398.625895][T11590] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1892'.
[  398.629521][T11590] device ip6gretap0 entered promiscuous mode
[  398.631823][T11590] device macvtap1 entered promiscuous mode
[  399.256180][T11590] device ip6gretap0 left promiscuous mode
[  400.198625][T11614] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  400.201061][T11600] device batadv_slave_0 entered promiscuous mode
[  400.267640][T11621] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  402.328603][T11660] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  402.372622][T11661] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  402.503352][T11674] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  403.716777][T11693] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1922'.
[  404.779974][T11712] netlink: 'syz.3.1929': attribute type 1 has an invalid length.
[  404.834909][T11712] 8021q: adding VLAN 0 to HW filter on device bond5
[  404.895166][T11712] 8021q: adding VLAN 0 to HW filter on device bond5
[  404.899124][T11712] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  404.903156][T11712] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  405.227595][T11732] device gretap2 entered promiscuous mode
[  405.239003][T11732] bond5: (slave gretap2): making interface the new active one
[  405.245245][T11732] bond5: (slave gretap2): Enslaving as an active interface with an up link
[  405.309189][T11732] device macvlan2 entered promiscuous mode
[  405.310983][T11732] device bond5 entered promiscuous mode
[  405.314562][T11732] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  405.335935][T11732] bond5: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2
[  405.631943][T11732] device bond5 left promiscuous mode
[  405.763968][T11746] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  407.955069][T11796] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  407.967655][T11799] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  408.060028][T11807] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  408.087556][T11809] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  408.559267][T11825] netlink: 'syz.4.1957': attribute type 11 has an invalid length.
[  409.186262][T11842] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  410.527136][T11874] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  411.231280][T11887] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  412.257229][T11901] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  412.784970][T11921] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  414.433421][T11946] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1994'.
[  414.912177][T11947] overlayfs: failed to resolve './file0': -2
[  414.993449][T11952] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  415.485870][T11969] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  416.800708][T12003] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  417.739053][T12028] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  418.905956][T12054] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  419.312001][ T4334] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  419.313670][ T4334] CPU: 1 PID: 4334 Comm: kworker/u5:6 Not tainted syzkaller #0
[  419.314887][ T4334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[  419.316554][ T4334] Workqueue: hci4 hci_rx_work
[  419.317383][ T4334] Call trace:
[  419.317978][ T4334]  dump_backtrace+0x1c8/0x1f4
[  419.318713][ T4334]  show_stack+0x2c/0x3c
[  419.319393][ T4334]  __dump_stack+0x30/0x40
[  419.320025][ T4334]  dump_stack_lvl+0xf8/0x160
[  419.320713][ T4334]  dump_stack+0x1c/0x5c
[  419.321327][ T4334]  sysfs_create_dir_ns+0x22c/0x24c
[  419.322042][ T4334]  kobject_add_internal+0x5a8/0xb30
[  419.322879][ T4334]  kobject_add+0x134/0x1f8
[  419.323616][ T4334]  device_add+0x3f0/0xf94
[  419.324384][ T4334]  hci_conn_add_sysfs+0xbc/0x1cc
[  419.325204][ T4334]  le_conn_complete_evt+0xcb0/0x1220
[  419.326135][ T4334]  hci_le_conn_complete_evt+0x114/0x3f8
[  419.326974][ T4334]  hci_le_meta_evt+0x2c0/0x4a4
[  419.327790][ T4334]  hci_event_packet+0x6ac/0xf08
[  419.328623][ T4334]  hci_rx_work+0x324/0xaa0
[  419.329318][ T4334]  process_one_work+0x7f4/0x13a8
[  419.330046][ T4334]  worker_thread+0x8c8/0xfbc
[  419.330792][ T4334]  kthread+0x250/0x2d8
[  419.331469][ T4334]  ret_from_fork+0x10/0x20
[  419.361943][ T4334] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  419.364117][ T4334] Bluetooth: hci4: failed to register connection device
[  419.387744][T12063] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  420.425627][T12103] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  421.625660][T12133] netlink: 'syz.6.2040': attribute type 1 has an invalid length.
[  421.637027][T12130] netlink: 'syz.5.2039': attribute type 10 has an invalid length.
[  421.647866][T12130] device wlan1 entered promiscuous mode
[  421.649379][T12130] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  421.657278][T12133] bond6: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  421.693366][ T8858] bond6: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  421.698873][T12133] 8021q: adding VLAN 0 to HW filter on device bond6
[  421.701529][ T4609] IPv6: ADDRCONF(NETDEV_CHANGE): bond6: link becomes ready
[  421.709247][T12133] device veth3 entered promiscuous mode
[  421.712494][T12133] bond6: (slave veth3): Enslaving as a backup interface with a down link
[  421.801320][ T4609] bond6: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  422.173240][T12156] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  422.343661][T12164] overlayfs: failed to clone upperpath
[  423.995584][T12201] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  424.782188][T12223] Dead loop on virtual device ipvlan1, fix it urgently!
[  425.466802][T12242] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  452.120630][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [kworker/u4:19:7422]
[  452.121883][    C0] Modules linked in:
[  452.122481][    C0] irq event stamp: 1160670
[  452.123127][    C0] hardirqs last  enabled at (1160669): [<ffff80001195c5b4>] exit_to_kernel_mode+0xcc/0xfc
[  452.124533][    C0] hardirqs last disabled at (1160670): [<ffff80001195a5c8>] el1_interrupt+0x24/0x54
[  452.125883][    C0] softirqs last  enabled at (1155970): [<ffff8000081a967c>] handle_softirqs+0xaf8/0xc6c
[  452.127224][    C0] softirqs last disabled at (1155929): [<ffff800008020164>] __do_softirq+0x14/0x20
[  452.128433][    C0] CPU: 0 PID: 7422 Comm: kworker/u4:19 Not tainted syzkaller #0
[  452.129482][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[  452.130941][    C0] Workqueue: events_unbound toggle_allocation_gate
[  452.131857][    C0] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  452.132923][    C0] pc : smp_call_function_many_cond+0x1384/0x1460
[  452.133839][    C0] lr : smp_call_function_many_cond+0x139c/0x1460
[  452.134755][    C0] sp : ffff800021ce7830
[  452.135340][    C0] x29: ffff800021ce7890 x28: 0000000000000001 x27: ffff8000150bd000
[  452.136516][    C0] x26: 0000000000000011 x25: ffff8000150c1140 x24: ffff00019f6d11c0
[  452.137624][    C0] x23: 1fffe00033eda238 x22: dfff800000000000 x21: ffff00019f6f6a08
[  452.138838][    C0] x20: 0000000000000001 x19: ffff8000152b9f60 x18: ffff800011abbcc0
[  452.140000][    C0] x17: 1fffe00033ed797e x16: ffff8000082d22e0 x15: 0000000040000000
[  452.141184][    C0] x14: 0000000000000002 x13: 1ffff00002a180b1 x12: 0000000000ff0100
[  452.142365][    C0] x11: ff008000083ffbd8 x10: 0000000000000000 x9 : 0000000000000000
[  452.143631][    C0] x8 : 0000000000000011 x7 : 0000000000000000 x6 : 0000000000000000
[  452.144830][    C0] x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff8000083ffbcc
[  452.145991][    C0] x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000001
[  452.147169][    C0] Call trace:
[  452.147635][    C0]  smp_call_function_many_cond+0x1384/0x1460
[  452.148523][    C0]  kick_all_cpus_sync+0x40/0xa0
[  452.149243][    C0]  arch_jump_label_transform_apply+0x14/0x20
[  452.150103][    C0]  __jump_label_update+0x30c/0x334
[  452.150819][    C0]  jump_label_update+0x304/0x3b4
[  452.151586][    C0]  static_key_disable_cpuslocked+0xe0/0x1f0
[  452.152393][    C0]  static_key_disable+0x24/0x38
[  452.153123][    C0]  toggle_allocation_gate+0x354/0x3f8
[  452.153854][    C0]  process_one_work+0x7f4/0x13a8
[  452.154665][    C0]  worker_thread+0x8c8/0xfbc
[  452.155324][    C0]  kthread+0x250/0x2d8
[  452.155945][    C0]  ret_from_fork+0x10/0x20
[  452.156616][    C0] Kernel panic - not syncing: softlockup: hung tasks
[  452.157631][    C0] CPU: 0 PID: 7422 Comm: kworker/u4:19 Tainted: G             L     syzkaller #0
[  452.158954][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[  452.160460][    C0] Workqueue: events_unbound toggle_allocation_gate
[  452.161584][    C0] Call trace:
[  452.162101][    C0]  dump_backtrace+0x1c8/0x1f4
[  452.162855][    C0]  show_stack+0x2c/0x3c
[  452.163505][    C0]  __dump_stack+0x30/0x40
[  452.164167][    C0]  dump_stack_lvl+0xf8/0x160
[  452.164858][    C0]  dump_stack+0x1c/0x5c
[  452.165432][    C0]  panic+0x2e0/0x79c
[  452.165998][    C0]  softlockup_fn+0x0/0x120
[  452.166666][    C0]  __hrtimer_run_queues+0x420/0xc64
[  452.167371][    C0]  hrtimer_interrupt+0x2bc/0xb5c
[  452.168092][    C0]  arch_timer_handler_virt+0x74/0x88
[  452.168830][    C0]  handle_percpu_devid_irq+0x174/0x34c
[  452.169651][    C0]  generic_handle_domain_irq+0xe0/0x140
[  452.170438][    C0]  gic_handle_irq+0x70/0x1e4
[  452.171089][    C0]  call_on_irq_stack+0x30/0x48
[  452.171777][    C0]  do_interrupt_handler+0xd4/0x138
[  452.172514][    C0]  el1_interrupt+0x34/0x54
[  452.173138][    C0]  el1h_64_irq_handler+0x18/0x24
[  452.173949][    C0]  el1h_64_irq+0x64/0x68
[  452.174652][    C0]  smp_call_function_many_cond+0x1384/0x1460
[  452.175633][    C0]  kick_all_cpus_sync+0x40/0xa0
[  452.176456][    C0]  arch_jump_label_transform_apply+0x14/0x20
[  452.177425][    C0]  __jump_label_update+0x30c/0x334
[  452.178302][    C0]  jump_label_update+0x304/0x3b4
[  452.179141][    C0]  static_key_disable_cpuslocked+0xe0/0x1f0
[  452.180098][    C0]  static_key_disable+0x24/0x38
[  452.180866][    C0]  toggle_allocation_gate+0x354/0x3f8
[  452.181727][    C0]  process_one_work+0x7f4/0x13a8
[  452.182506][    C0]  worker_thread+0x8c8/0xfbc
[  452.183239][    C0]  kthread+0x250/0x2d8
[  452.183906][    C0]  ret_from_fork+0x10/0x20
[  452.184593][    C0] SMP: stopping secondary CPUs
[  453.254708][    C0] SMP: failed to stop secondary CPUs 0-1
[  453.255580][    C0] Kernel Offset: disabled
[  453.256277][    C0] CPU features: 0x080000,000f0097,a65bfea7
[  453.257295][    C0] Memory Limit: none
[  453.269046][    C0] 
[  453.269391][    C0] ================================
[  453.270086][    C0] WARNING: inconsistent lock state
[  453.270926][    C0] syzkaller #0 Tainted: G             L    
[  453.271859][    C0] --------------------------------
[  453.272612][    C0] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
[  453.273610][    C0] kworker/u4:19/7422 [HC1[1]:SC0[0]:HE0:SE1] takes:
[  453.274655][    C0] ffff8000151013d8 (efi_rt_lock){?...}-{2:2}, at: virt_efi_set_variable_nonblocking+0x74/0x16c
[  453.276239][    C0] {HARDIRQ-ON-W} state was registered at:
[  453.277091][    C0]   lock_acquire+0x20c/0x644
[  453.277755][    C0]   _raw_spin_lock+0x54/0x6c
[  453.278501][    C0]   efi_call_rts+0x260/0x9f4
[  453.279227][    C0]   process_one_work+0x7f4/0x13a8
[  453.280059][    C0]   worker_thread+0x8c8/0xfbc
[  453.280791][    C0]   kthread+0x250/0x2d8
[  453.281428][    C0]   ret_from_fork+0x10/0x20
[  453.282127][    C0] irq event stamp: 1160670
[  453.282742][    C0] hardirqs last  enabled at (1160669): [<ffff80001195c5b4>] exit_to_kernel_mode+0xcc/0xfc
[  453.284209][    C0] hardirqs last disabled at (1160670): [<ffff80001195a5c8>] el1_interrupt+0x24/0x54
[  453.285585][    C0] softirqs last  enabled at (1155970): [<ffff8000081a967c>] handle_softirqs+0xaf8/0xc6c
[  453.287101][    C0] softirqs last disabled at (1155929): [<ffff800008020164>] __do_softirq+0x14/0x20
[  453.288583][    C0] 
[  453.288583][    C0] other info that might help us debug this:
[  453.289859][    C0]  Possible unsafe locking scenario:
[  453.289859][    C0] 
[  453.291078][    C0]        CPU0
[  453.291613][    C0]        ----
[  453.292146][    C0]   lock(efi_rt_lock);
[  453.292849][    C0]   <Interrupt>
[  453.293408][    C0]     lock(efi_rt_lock);
[  453.294171][    C0] 
[  453.294171][    C0]  *** DEADLOCK ***
[  453.294171][    C0] 
[  453.295545][    C0] 6 locks held by kworker/u4:19/7422:
[  453.296434][    C0]  #0: ffff0000c0029138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x6b4/0x13a8
[  453.298293][    C0]  #1: ffff800021ce7c20 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x6f8/0x13a8
[  453.300358][    C0]  #2: ffff800015136f10 (cpu_hotplug_lock){++++}-{0:0}, at: static_key_disable+0x1c/0x38
[  453.301882][    C0]  #3: ffff800015324408 (jump_label_mutex){+.+.}-{3:3}, at: static_key_disable_cpuslocked+0x90/0x1f0
[  453.303493][    C0]  #4: ffff800015296e00 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  453.304862][    C0]  #5: ffff8000171632e8 (&psinfo->buf_lock){....}-{2:2}, at: pstore_dump+0x180/0x728
[  453.306263][    C0] 
[  453.306263][    C0] stack backtrace:
[  453.307217][    C0] CPU: 0 PID: 7422 Comm: kworker/u4:19 Tainted: G             L     syzkaller #0
[  453.308486][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[  453.309932][    C0] Workqueue: events_unbound toggle_allocation_gate
[  453.310987][    C0] Call trace:
[  453.311500][    C0]  dump_backtrace+0x1c8/0x1f4
[  453.312235][    C0]  show_stack+0x2c/0x3c
[  453.312840][    C0]  __dump_stack+0x30/0x40
[  453.313566][    C0]  dump_stack_lvl+0xf8/0x160
[  453.314291][    C0]  dump_stack+0x1c/0x5c
[  453.314874][    C0]  print_usage_bug+0x4c0/0x6d8
[  453.315530][    C0]  mark_lock_irq+0x788/0x9e4
[  453.316203][    C0]  mark_lock+0x224/0x320
[  453.316891][    C0]  __lock_acquire+0xd2c/0x6544
[  453.317657][    C0]  lock_acquire+0x20c/0x644
[  453.318373][    C0]  _raw_spin_lock+0x54/0x6c
[  453.319062][    C0]  virt_efi_set_variable_nonblocking+0x74/0x16c
[  453.320021][    C0]  efivar_set_variable_locked+0x1d0/0x204
[  453.320853][    C0]  efi_pstore_write+0x26c/0x358
[  453.321605][    C0]  pstore_dump+0x504/0x728
[  453.322319][    C0]  kmsg_dump+0x170/0x260
[  453.322951][    C0]  panic+0x36c/0x79c
[  453.323583][    C0]  softlockup_fn+0x0/0x120
[  453.324267][    C0]  __hrtimer_run_queues+0x420/0xc64
[  453.325066][    C0]  hrtimer_interrupt+0x2bc/0xb5c
[  453.325793][    C0]  arch_timer_handler_virt+0x74/0x88
[  453.326555][    C0]  handle_percpu_devid_irq+0x174/0x34c
[  453.327351][    C0]  generic_handle_domain_irq+0xe0/0x140
[  453.328144][    C0]  gic_handle_irq+0x70/0x1e4
[  453.328893][    C0]  call_on_irq_stack+0x30/0x48
[  453.329681][    C0]  do_interrupt_handler+0xd4/0x138
[  453.330511][    C0]  el1_interrupt+0x34/0x54
[  453.331354][    C0]  el1h_64_irq_handler+0x18/0x24
[  453.332083][    C0]  el1h_64_irq+0x64/0x68
[  453.332680][    C0]  smp_call_function_many_cond+0x1384/0x1460
[  453.333670][    C0]  kick_all_cpus_sync+0x40/0xa0
[  453.334464][    C0]  arch_jump_label_transform_apply+0x14/0x20
[  453.335425][    C0]  __jump_label_update+0x30c/0x334
[  453.336283][    C0]  jump_label_update+0x304/0x3b4
[  453.337067][    C0]  static_key_disable_cpuslocked+0xe0/0x1f0
[  453.337952][    C0]  static_key_disable+0x24/0x38
[  453.338664][    C0]  toggle_allocation_gate+0x354/0x3f8
[  453.339433][    C0]  process_one_work+0x7f4/0x13a8
[  453.340191][    C0]  worker_thread+0x8c8/0xfbc
[  453.340944][    C0]  kthread+0x250/0x2d8
[  453.341619][    C0]  ret_from_fork+0x10/0x20
[  453.592718][    C0] Rebooting in 86400 seconds..