last executing test programs:

12m8.733617303s ago: executing program 0 (id=1051):
iopl(0x3)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioperm(0x6, 0x2, 0x8)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r2 = mq_open(0x0, 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0xff7f000000000000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet(r1, 0x0, 0x60)
r3 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100}, &(0x7f0000000000), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

12m2.143632883s ago: executing program 0 (id=1059):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fstat(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
r3 = socket(0x10, 0x803, 0x0)
write(r3, &(0x7f0000000100)="1c0000005e001f3814584707f9f4ffffff0000000d000000f3f80000", 0x1c)
setregid(0xee00, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'sit0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

11m57.868853594s ago: executing program 0 (id=1068):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208010, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setgroups(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xab4, &(0x7f0000000340)="$eJzs3U2MW0cBAOCxd73JNilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOJRAYhR7xvs8sfNsZ9dex98nzY7nzTzPPO/z8/ubNwGYWtXm3+XlhUoIF9545cg/Hvr7/I0pB9sl6s2/s4VULYRQienZ7P3em2nF195/8US3uBKWmn9TOjx5pT3vphDC2bArXAz1sOPCpZffWnri2Lmj53e//eqBy2uz9AAAMF2+fvHA8va//vm+rVdfu/9Q2NCenvbP6zG9Oe73H4o7/mn/vxo605VCKJrLys3GUJ3vLDfTpVyxnlpWbrZH/XNZ/bUe5TaEW9c/U5jWbblhkqX1uB4q1cWOdLW6uNg6Jg/N4/q5yuKZU6effX5MDQVW3b8fCCHsKoTD5zvT6y0cXAdtGDI01kEbJjIcGl1dVxstY1/mEYXGlnFvgQBa8uuFNzmbn1m4Pe13m+2v/iuPV7vPD6tg1Ov/QPXPjbn+oP7fnLPFYfXcqWtTWq70Pdoc0/l1hPz+pd7fv/xKR+fU/HpErc929rqOMCnXF3q1c2bE7RhWr/bn68Wd6ssxTp/DVzpyH+j4/uT/00n5HwPdfZCf/xcEYX2H0JGu3c57Nca8/QHWr/y+uUa6Phrl9/Xl+RtK8jeW5M+X5N9Vkr+pJB+m2e++/9PwUmXlfFd+TD/o+fB0nu3uGH9owPbk5yMHrT+/73dQt1t/fj8xrGd/OP7UyS888/Sl1v3/lfb6fz2u7+lwox6/WxdjgXS+MD+v3r73v95ZT7VHuXuy9tzdpXzz9bbOcpVtK+8TCtuZm9qx0Dnfll7ldnaWq2fl5mPYmLU33z+5K5sv7X+k7Wr6vGaz5a1lyzGXtSNtV7bGOG8HDCOtj73u/0/r50KoVZ49dfrkYzGd1tM/zdQ23Ji+d8TtBm5fv/1/FkJn/5/N7em1anG7sGVleqW1XXg9vl/n9KV2PYXphR+19Dv3rZn5ZvnFE989/cwqLztMu+d/9MK3j58+ffJ7Xgz94qvroxmDvEiHLeulPV4M+mLXWlcx5g0TsOb2/Li1E/Doqe8cf+7kcyfP7Nu/f9/S0v4v7lve09yv31Pcuy86O4bWAqtp5Ud/3C0BAAAAAAAAAAAA+vWDo0cuvfPm599t9f9f6f+X+v+nO39T//+fZP3/837yqR986ge4tUt+s0z2gNW5rFwthg9n7d2W1bM9m+8jMW6P4xf7/6fq8ue6pvbcm02v9UhmjxO46Xkpc9kzSPLxAj8e4/Mx/nWAMarMd58c41s837ryQWFdT8+nKHThbXg+8ORI/7fm2lB4pFHq/931uU5d+mszWUbRY3Hcywh098+pev73v1YWfOxtEXqH2dHW9/PpXScaPffS+x3BBmB1jHv8z3TeM8Vn/vi1jTdCKnbl8c7tZf78UhjEX97pTK/38SfXuv583L5R1z/u5R/1+J/t8e/63v5lI+bVh6v3P7+4/G6h2rCj3/rz5U/Pgd42WP1XY/1paR4O/dXf+FVWf35BqE//zeq/q8/6b1r+ncPV/79Yf/rYHnmw3/pbLa5UO9sxny1Huv6XnzdOrmXLn57teYv6v/FCt+UfcqDG67F+mGaTMs7soLL9iPZO+/Dj/0ZnV3f833Zjs81afh/G52I6bYjTfQ75eCeDtj/dX5F+B7Zn718p+X0z/u9k+1KMy74PafzftD7W409+Id38LFO61uWzvVO3NTCp3puq63+jCpdbh0HDzb9x/O0XBgiNmSHma48TN+b2NxqNtT2hVWKslTP2z3/cxwnjrn/cn3+ZfPzffB8+H/83z8/H/83z8/F/8/z5+B/qlZ+P/5t/nvn4v3n+vdn75uMDL5Tkf7Qkf0f3/PZh+30l8+8syf9YSf7udv7BjhIp//5bzr9Srtf731OS/2BJ/idK8j9Zkv9QSf4jhfziGNAp/1Ml89/pUn+UaV1+mGZ5/zzff5ge6fpPr+//tpJ8YHL97LW9h5/+7Tfrrf7/c+3zIek63qGYrsXjpx/GdH7dOxTSN/LejOm/Zfnr/XwHTJP8+Rn57/vDJfnA5Er3efl+wxSqbOw+OcZlz63qtZ/PZPl0jD8T48/G+NEYL8Z4T4z3xnhpRO1jbRx+/fcHXqqsHO9vyfL7vZ887w/U8ZyoEMK+PtuTnx8Y9H72/Dl+g7rd+ofsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA21ebf5eWFSggX3njlyFPHTu25MeVgu0S9+Xe2kKq15wvhsRjPxPiX8cW19188UYyvx7gSlkIlVNrTw5NX2jVtCiGcDbvCxVAPOy5cevmtpSeOnTt6fvfbrx64vHafAAAAANz5/h8AAP//JI4RIA==")
truncate(0x0, 0x1c9e)

11m56.210239328s ago: executing program 0 (id=1072):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208010, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setgroups(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x40}}, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xab4, &(0x7f0000000340)="$eJzs3U2MW0cBAOCxd73JNilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOJRAYhR7xvs8sfNsZ9dex98nzY7nzTzPPO/z8/ubNwGYWtXm3+XlhUoIF9545cg/Hvr7/I0pB9sl6s2/s4VULYRQienZ7P3em2nF195/8US3uBKWmn9TOjx5pT3vphDC2bArXAz1sOPCpZffWnri2Lmj53e//eqBy2uz9AAAMF2+fvHA8va//vm+rVdfu/9Q2NCenvbP6zG9Oe73H4o7/mn/vxo605VCKJrLys3GUJ3vLDfTpVyxnlpWbrZH/XNZ/bUe5TaEW9c/U5jWbblhkqX1uB4q1cWOdLW6uNg6Jg/N4/q5yuKZU6effX5MDQVW3b8fCCHsKoTD5zvT6y0cXAdtGDI01kEbJjIcGl1dVxstY1/mEYXGlnFvgQBa8uuFNzmbn1m4Pe13m+2v/iuPV7vPD6tg1Ov/QPXPjbn+oP7fnLPFYfXcqWtTWq70Pdoc0/l1hPz+pd7fv/xKR+fU/HpErc929rqOMCnXF3q1c2bE7RhWr/bn68Wd6ssxTp/DVzpyH+j4/uT/00n5HwPdfZCf/xcEYX2H0JGu3c57Nca8/QHWr/y+uUa6Phrl9/Xl+RtK8jeW5M+X5N9Vkr+pJB+m2e++/9PwUmXlfFd+TD/o+fB0nu3uGH9owPbk5yMHrT+/73dQt1t/fj8xrGd/OP7UyS888/Sl1v3/lfb6fz2u7+lwox6/WxdjgXS+MD+v3r73v95ZT7VHuXuy9tzdpXzz9bbOcpVtK+8TCtuZm9qx0Dnfll7ldnaWq2fl5mPYmLU33z+5K5sv7X+k7Wr6vGaz5a1lyzGXtSNtV7bGOG8HDCOtj73u/0/r50KoVZ49dfrkYzGd1tM/zdQ23Ji+d8TtBm5fv/1/FkJn/5/N7em1anG7sGVleqW1XXg9vl/n9KV2PYXphR+19Dv3rZn5ZvnFE989/cwqLztMu+d/9MK3j58+ffJ7Xgz94qvroxmDvEiHLeulPV4M+mLXWlcx5g0TsOb2/Li1E/Doqe8cf+7kcyfP7Nu/f9/S0v4v7lve09yv31Pcuy86O4bWAqtp5Ud/3C0BAAAAAAAAAAAA+vWDo0cuvfPm599t9f9f6f+X+v+nO39T//+fZP3/837yqR986ge4tUt+s0z2gNW5rFwthg9n7d2W1bM9m+8jMW6P4xf7/6fq8ue6pvbcm02v9UhmjxO46Xkpc9kzSPLxAj8e4/Mx/nWAMarMd58c41s837ryQWFdT8+nKHThbXg+8ORI/7fm2lB4pFHq/931uU5d+mszWUbRY3Hcywh098+pev73v1YWfOxtEXqH2dHW9/PpXScaPffS+x3BBmB1jHv8z3TeM8Vn/vi1jTdCKnbl8c7tZf78UhjEX97pTK/38SfXuv583L5R1z/u5R/1+J/t8e/63v5lI+bVh6v3P7+4/G6h2rCj3/rz5U/Pgd42WP1XY/1paR4O/dXf+FVWf35BqE//zeq/q8/6b1r+ncPV/79Yf/rYHnmw3/pbLa5UO9sxny1Huv6XnzdOrmXLn57teYv6v/FCt+UfcqDG67F+mGaTMs7soLL9iPZO+/Dj/0ZnV3f833Zjs81afh/G52I6bYjTfQ75eCeDtj/dX5F+B7Zn718p+X0z/u9k+1KMy74PafzftD7W409+Id38LFO61uWzvVO3NTCp3puq63+jCpdbh0HDzb9x/O0XBgiNmSHma48TN+b2NxqNtT2hVWKslTP2z3/cxwnjrn/cn3+ZfPzffB8+H/83z8/H/83z8/F/8/z5+B/qlZ+P/5t/nvn4v3n+vdn75uMDL5Tkf7Qkf0f3/PZh+30l8+8syf9YSf7udv7BjhIp//5bzr9Srtf731OS/2BJ/idK8j9Zkv9QSf4jhfziGNAp/1Ml89/pUn+UaV1+mGZ5/zzff5ge6fpPr+//tpJ8YHL97LW9h5/+7Tfrrf7/c+3zIek63qGYrsXjpx/GdH7dOxTSN/LejOm/Zfnr/XwHTJP8+Rn57/vDJfnA5Er3efl+wxSqbOw+OcZlz63qtZ/PZPl0jD8T48/G+NEYL8Z4T4z3xnhpRO1jbRx+/fcHXqqsHO9vyfL7vZ887w/U8ZyoEMK+PtuTnx8Y9H72/Dl+g7rd+ofsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA21ebf5eWFSggX3njlyFPHTu25MeVgu0S9+Xe2kKq15wvhsRjPxPiX8cW19188UYyvx7gSlkIlVNrTw5NX2jVtCiGcDbvCxVAPOy5cevmtpSeOnTt6fvfbrx64vHafAAAAANz5/h8AAP//JI4RIA==")
truncate(&(0x7f0000000040)='./file2\x00', 0x1c9e)

11m52.054014618s ago: executing program 0 (id=1077):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000500)='ramfs\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r3, {0x1}}, './file0\x00'})
sendto$netrom(r5, &(0x7f0000000100)="4ad2", 0x2, 0x0, &(0x7f00000002c0)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x6}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)

11m48.580203691s ago: executing program 0 (id=1080):
socket$packet(0x11, 0x3, 0x300)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x2, 0x1}}, 0x20)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r4, &(0x7f0000000040)={0x23, 0x1, 0x9, 0xfe}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r5, 0x5408, &(0x7f00000000c0)={0x0, 0x4ce, 0x0, 0x9dff, 0x1, "0007edeb00cbe600"})
syz_open_pts(r5, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x49, 0xfffffffffffffffd, &(0x7f0000000000)=0x72)

11m33.267005011s ago: executing program 32 (id=1080):
socket$packet(0x11, 0x3, 0x300)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x2, 0x1}}, 0x20)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r4, &(0x7f0000000040)={0x23, 0x1, 0x9, 0xfe}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r5, 0x5408, &(0x7f00000000c0)={0x0, 0x4ce, 0x0, 0x9dff, 0x1, "0007edeb00cbe600"})
syz_open_pts(r5, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x49, 0xfffffffffffffffd, &(0x7f0000000000)=0x72)

6m14.759102413s ago: executing program 4 (id=1517):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_io_uring_setup(0x2523, &(0x7f0000000000)={0x0, 0x5, 0x4, 0x0, 0x1b2}, &(0x7f00000000c0), &(0x7f0000000180))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r3, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000180)="c2", 0x1}], 0x1)
write$UHID_SET_REPORT_REPLY(r3, &(0x7f00000007c0)=ANY=[], 0xffe0)

6m2.024224839s ago: executing program 4 (id=1540):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x402, &(0x7f0000000d80)=ANY=[@ANYBLOB='iocharset=koi8-ru,errors=continue,umask=00000000000000000000005,errors=remount-ro,namecase=1,discard,allow_utime=00000000000000000000010,discard,allow_utime=00000000000000000000004,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0088230105bebe8c85e00c2e167be757fb01027330de7183ef41aabc93143ec42068c89c3a0ae994933b462c6c1ce97c728d607f3851a78fafc9b41facf6e917eee0e0fdb8a9860cd90e3df1dfeafe85d8ce650f84d64cb2191be6187e4e5d1c482f367a2eac07b3c27e24a362633592a9857a4389873788f9159dae8cbe8086f883408ea9c8c4686265bc9e30b25f185896253c02740042b01e16e6c8d3313dd4f395a71d9fa353b50f966dab71bd409bf1ef6c751520fc06726069bf9b3d9b46d7de743905d536a200591febfcb603947fb8cf239b9b76bcc89d1fb737d939109c9856f671f6fdce25b1c176255b4d73270203a13b37ae264f129ec7c87e6d3fccdd953d90deeab0e111a6bb9f5a7458495e88d06bddb421faa3b93f998008586867f2bd0e3787641a9caae0eb41c4b662e8c0965a1e3bc6bade7020a6d1ed2e94e2e9c32d657f26b175e23d074e1d8f8a2021dafc5aeed7c1da9f0d6dc07428afffd5e8e15e8d46aad3742d6c188ca785097788aaa6a43e57a8887c6e50c6e3cc21f52212fa966a689d45af765d49b5c1e06d0b7bc8d1633150a20a1c6ba5019954260674a9a2b1"], 0x1, 0x1519, &(0x7f0000007640)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJIkmSJMktIWmSIwmJIbekIQnJZUguQ0guE5PG/X6XhCRpkiQkt2T9PxP+TqfOe855T+/xft55vp/P/ljP7P2s/ezfM3v2BfNdl6E1G9eq3pCI4N+CF/5IBoBYABgIANcAQAAA5ePLx2evzy0x+d/bCftzPZx2pStgVxL3P2fj/uds3P+cjfufs3H/czbuf87G/c/ZuP+M5WSbpxe6lpecu/D7/5yMr///N1w8+eCrtWWu7woQ88/mcf9zNu7//1nBP7MR9z9n4/7nVLFXugD2vwCf/zlBrr+7hvufs3H/GcvJrvT75yu9QCRnfwZX+vuPMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljOcNpfpgDg0vhK18UYY4wxxhhjjLE/j891pStgjDHGGGOMMcbY/zwEARIUBBADuSAWckMcCAC4GvLCNRCBayEeroN8cD3khwJQEApBAhSGIqDBQAwQhFAUikEUboDicCOUgJJQCkqDgzKQCDdBWbgZysEtUB5uhQpwG1SESlAZqsDtUBXugGpwJ1SHu6AG3A01oRbcA7XhXqgD90FduB/qwQNQHx6EBvAQNISHoRE8Ao3hUWgCj0FTaAbNoQW0/G/lvwg94CXoCb0gGXpDH3gZ+kI/6A8DYCC8AoPgVRgMr0EKDIGh8DoMgzdgOLwJI2AkjIK3YDS8DWNgLIyD8ZAKE2AivAOT4F2YDFNgKkyDNJgOM+A9mAmzYDa8D3PgA5gL82A+LIB0+BAWwiLIgI9gMXwMmbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wjbYDp/ADvgUdsJnsAt2wx74HPbCF/9i/qm/ye+KgIACBSpUGIMxGIuxGIdxmAfzYF7MixGMYDzGYz7Mh/kxPxbEgpiACVgEi6BBg4SERbEoRjGKxbE4lsASWApLoUOHiZiIZfFmLIflsDyWxwpYAStiJayEVbAKVsWqWA2rYXWsjjWwBtbEmngP3oO9sQ7WwbpYF+thvUuvp7AhNsRG2AgbY2Nsgk2wKTbF5tgcW2JLbIWtsDW2xrbYFtthO2yP7TEJk7ADdsCO2BE7YSfsjJ2xC3bBrtgNu2W9mAvwJXwJe2EN0Rv7YB/siym5+uMAHICv4CB8FV/F1zAFh+BQfB1fxzdwOJ7EETgSR+EorCrexjE4FkmMx1RMxYk4ESfhJJyMU3AKTsM0nI4zcAbOxFk4C9/HOfgBfoDzcB4uwHRMx4W4CDMwAxfjKczEJbgUl+FyXIHLcRWuxlW4FtfhWtyAG3ATbsItuAW34Tb8BD/BT1EB4Ge4G3djCu7FvbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fD7hm0afllyTAiKbEkrEiBgRK2JFnIgTeUQekVfkFREREfEiXuQT+UR+kV8UFAVFgkgQRUQRYYQRJMIYABBRERXFRXFRQpQQpUQp4YQTiSJRlBVlRTlRTpQXt4oK4jZRUVQSbVwVUUVUFW1dNXGnqC6qixriblFT1BK1RG1RW9QRdURdUVfUE/VEffGgaCB6Y398WGR3prEYgk3EUGwqmgl58SdYKzEcW4s2oq14UozEEdhetHJJ4hnRQYzBjuIvYiw+JzqL8dhFvCC6im6iu3hR9BCtXU/RS0zG3qKPmIZ9RT/RXwwQM/Fu8T7OyV1TvCZSxBAxVLwuFuAbYrh4U4wQI8Uo8ZYYLd4WY8RYMU6MF6ligpgo3hGTxLtispgipoppIk1MFzPEe2KmmCVmi/fFHPGBmCvmifligUgXH4qFYpHIEB+JxeJjkSmWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLj4RO8SnYqf4TOwSu8Ue8bnYK74Q+8SXYr/4ShwQX4ss8Y04KL4Vh8R34rD4XhwRP4ij4pg4Ln4UJ8RP4qQ4JU6LM+Ks+FmcE7+I88ILkCiFlFLJQMbIXDJW5pZx8iqZRwYXP91rZby8TuaT18v8soAsKAvJBFlYFpFaGmklyVAWlcVkVN4gi8sbZQlZUpaSpaWTZWSivEmWlTfLcvIWWV7eKivI22RFWUlWllXk7bKqvENC5MI+asi7ZU1ZS94jk+FeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRD4mm8pmsrlsIVvKx2Ur+YRsLdvItvJJ2U4+JdvLp2WSfEZ2kP7it8hzsrN8XnaRL8iuspvsLn+R56WXPWUvCb1B9pEvy76yn+wvB8iB8hU5SL4qB8vXZIocIofK1+Uw+YYcLt+UI+RIOUq+JUfLt+UYOVaOk+NlqpwgJ8p35CT5rpwsp8ipcppMk9Nl/4szzZbyH+a/8wf5g3/d+ya5WW6RW/FiK+SncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8ILNkljwoD8pD8pA8LA/LI/KIPCqPyTPyR3lC/iRPylPylDwjz8qz8tzFzwAUKqGkUipQMSqXilW5VZy6SuVRV6u86hoVUdeqeHWdyqeuV/lVAVVQFVIJqrAqorQyyipSoSqqiqmouuFSlaqUKq2cKqMS1U3/Sr4qrm5UJVTJ3+Rfqi/579TXUrVUrVQr1Vq1Vm1VW9VOtVPtVXuVpJJUB9VBdVQdVSfVSXVWnVUX1UV1VV1Vd9Vd9VA9VE/VUyWrZNVHvaz6qn6qvxqgBqpX1CA1SA1Wg1WKSlFD1VA1TA1Tw9VwNUKNUKPUKDVajVZj1Bg1To1TqSpVTVQT1SQ1SU1Wk9VUNVWlqTQ1Q81QM9VMNVvNVnPUHDVXzVXz1XyVrtLVQrVQZagMtVgtVplqiVqilqllaoVaoVapVWqNWqPWqXVqg9qgMtVmtVltVVvVdrVd7VA71E61U+1Su9QetUftVXvVPrVP7Vf71QF1QGWpLHVQHVSH1CF1WB1WR9QRdVQdVcfVcXVCnVAn1Ul1Wp1WZ9VZdU6dU+fV+ezbvkAEIlBB9pU2JogNYoO4IC7IE+QJ8gZ5g0gQCeKD+CBfcH2QPygQFAwKBQlB4aBIoAMT2EBcbHo0uCEoHtwYlAhKBqWC0oELygSJwU1B2eDmoFxwS1A+uDWoENwWVAwqBZWDKsHtQdXgjqBacGdQPbgrqBHcHdQMagX3BLWDe4M6wX1B3eD+oF7wQFA/eDBoEDwUNAweDhoFjwSNg0eDJsFjQdOgWdA8aBG0/FPn9/5kgSfcJt1LJ+veuo9+WffV/XR/PUAP1K/oQfpVPVi/plP0ED1Uv66H6Tf0cP2mHqFH6lH6LT1av63H6LF6nB6vU/UEPVG/oyfpd/VkPUVP1dN0mp6uZ+j39Ew9S8/W7+s5+gM9V8/T8/UCna4/1Av1Ip2hP9KL9cc6Uy/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1Nr1df6J36E/1Tv2Z3qV36z36c71Xf6H36S/1fv2VPqC/1ln6G31Qf6sP6e/0Yf29PqJ/0Ef1MX1c/6hP6J/0SX1Kn9Zn9Fn9sz6nf9Hntc++uc++vBtllIkxMSbWxJo4E2fymDwmr8lrIiZi4k28yWfymfwmvyloCpoEk2CKmCImGxkyRU1REzVRU9wUNyVMCVPKlDLOOJNoEk1ZU9aUM+VMeVPeVDAVTEVT0VQ2lc3t5nZzh7nD3GnuNHeZu8zd5m5Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDFNTVPT3DQ3LU1L08q0Mq1Na9PWtDXtTDvT3rQ3SSbJdDAdTEfT0XQynUxn09l0MV1MV9PVdDfdTQ/Tw/Q0PU2ySTZ9TB/T1/Q1/U1/M9AMNIPMIDPYDDYpJsUMNUPNMDPMDDfDzQgz0ozKPn3M22aMGWvGmfEm1aSaiWaimWQmmclmsplqppo0k2ZmmBlmpplpZpvZZo6ZY+aauWa+mW/STbpZaBaaDJNhFpvFJtNkmqVmqVlulpuVZqVZbVabtWatWQ/rzUaz0Ww2m81Ws9VsN9vNDrPD7DQ7zS6zy+wxe8xes9fsM/vMfrPfHDAHTJbJMgfNQXPIHDKHzWFzxBwxR81Rc9wcNyfMCXPSnDSnzWlz1hS4eL30JtbmtnH2KpvHXm3z2mvs38YFbSGbYAvbIlbb/LbAb2JjrS1hS9pStrR1toxNtDf9Lq5oK9nKtoq93Va1d9hqv4tr23ttHXufrWvvt7XsPb+J69kHbH37qG2ACGCb2Ua2hW1sH7VN7GO2qW1mm9sWtp19yra3T9sk+4ztYJ/9XbzQLrKr7Rq71q6zu+xue9qesYfsd/as/dn2tL3sQPuKHWRftYPtazbFDvldPMq+ZUfbt+0YO9aOs+N/F0+102yanW5n2PfsTDvrd3G6/dDOsRl2rp1n59sFv8bZNWXYj+xi+7HNtAEstcvscrvCrrSr/n+ty+wGu9FusjvtZ3ar3Wa320/sjks3wna33WM/t3vtF/ag/dbut1/ZA/awzbLf/BpnH99h+709Yn+wR+0xe9z+aE/Yn9Sl7Oxj/9H+Ys9bb4GQgCQpCiiGclEs5aY4uory0NWUl66hCF1L8XQd5aPrKT8VoIJUiBKoMBUhTYYsEYVUlIpRlG6gS+WVotLkqAwl0k1Ulm6mcnQLladbqQLdRhWpElWmKnQ7VaU7qBrdSdXpLqpx6fJCteleqkP3UV24n+rRA1SfHqQG9BA1pIepET1CjelRakKPUVNqRs2pBbWkx6kVPUGtqQ21pSepHT1F7elpSqJnqAM9Sx3pL9SJnqPO9Dx1oReoK3Wj7vQi9aCXqCf1omTqTX3oZepL/ag/DaCB9AoNoldpML1GKTSEhtLrNIzeoOH0Jo2gkTSK3qLR9DaNobE0jsZTKk2gifQOTaJ3aTJNoak0jdJoOs2g92gmzaLZ9D7NoQ9oLs2j+bSA0ulDWkiLKIM+osX0MWXSElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9QjvoU9pJn9Eu2k176HPaS1/QPvqS9tNXdIC+piz6hg7St3SIvqPD9L3vRT/QUTpGx+lHOkE/0Uk6RafpDJ2ln+kc/ULnyROEGIpQhioMwpgwVxgb5g7jwqvCPOHVYd7wmjASXhvGh9eF+cLrw/xhgbBgWChMCAuHRUIdmtCGFIZh0bBYGA1vCIuHN4YlwpJhqbB06MIyYWJ4U1g2vDksF94Slg9vDSuEt4UVw0rho/dXCW8Pq4Z3hNXCO8Pq4V1hjfDusGZYK7wnrB3eG9YJ7wvrhveH5cIHwvrhg2GD8KGwYfhw2Ch8JGwcPho2CR8Lm4bNwuZhi7Bl+HjYKnwibB22CduGT4btwqfC9uHTYVL4TNghfPbX9Q8s+vvrk8PeYZ/w5fDl0Pv75Pzogmh69MPowuiiaEb0o+ji6MfRzOiS6NLosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopqj3tXKBQyecdMoFLsblcrEut4tzV7k87mqX113jIu5aF++uc/nc9S6/K+AKukIuwRV2RZx2xllHLnRFXTEXdTe44u5GV8KVdKVcaedcGZfoWriWrqVr5Z5wrV0b19Y96Z50T7mn3NPuafeM6+CedR3dX1wn95zr7J53z7sXXFfXzXV3L7oebkLeCydWsuvj+ri+rq/r7/q7gW6gG+QGucFusEtxKW6oG+qGuWFuuBvuRrgRbpQb5Ua70W6MG+PGuXEu1aW6iW6im+Qmucluspvqpro0l+ZmuBluppvpqs66sJe5bq6b7+a7dJfuFrrskzrDLXaLXabLdEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9PtdLv8NRcmdXvdPrfP7Xf73QH3tcty37iD7lt3yH3nDrvv3RH3gzvqjrnj7kd3wv3kTrpT7rQ74866n90594s777xLjUyITIy8E5kUeTcyOTIlMjUyLZIWmR6ZEXkvMjMyKzI78n5kTuSDyNzIvMj8yIJIeuTDyMLIokhG5KPI4sjHkczIksjSyLLI8siKiPeFt4a+qC/mo/4GX9zf6Ev4kr6UL+2dL+MT/U2+rL/Zl/O3+PL+Vl/B3+Yr+kq+sn/MN/XNfHPfwrf0j/tW/gnf2rfxbf2Tvp1/yrf3T/sk/4zv4J/1Hf1ffCf/nO/sn/dd/Au+q+/mu/sXfQ//ku/pe/lk39v38S/7vr6f7+8H+IH+FT/Iv+oH+9d8ih/ih/rX/TD/hh/u3/Qj/Eg/KuYtP/rSIzKM96l+gp/o3/GT/Ltwp5/ip/ppPs1P9zP8e36mn+Vn+/f9HP+Bn+vn+fl+gU/3H/qFfpHP8B/5xf5jn+mXXHqp7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX67/8Tv8J/6nf4zv8vv9nv8536v/8Lv81/6/f4rf8B/7bP8N/6g/9Yf8t/5w/57f8T/4I/6Y/64/9Gf8D/5k/6UP+3P+LP+Z3/O/+LP8/9ZY4wxxhj7p0y4PBS/XXPhdX7vP8gRf7VxHwC4eluhrL9en31HuT7/hXE/kdAuAgDP9Ory8KWlRo3k5OSL22ZKCIrNA7j0N0HZYuByvATawlOQBG2g7B/W3090O0v/YP7orQBxf5UTC5fjy/N/CYDJfzD/40+OWlghPB3/X8w/D6BEscs5ueFyvATa/vp+pQ2U+zv1F2j1D+rP/VUqQOu/yskDl+PL9SfCE/AsJP1mS8YYY4wxxhhj7IJ+onKnS8+fl/7F5x89nyeoyzm54HL8j57PGWOMMcYYY4wxduU91637048nJbXp9K8Pqv23sv7pQRP4n5qZB3848B7g0lcUAPybEwJkD+R/8ii2/Ef2lXLx1PnbVcvP+AD+d7Tyzxhc4R9MjDHGGGOMsT/d5Zv+335dXamCGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxHOg/8evErvQxMsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1fa/wsAAP//5xD7MA==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r5 = dup(0xffffffffffffffff)
sendmsg$netlink(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x8, 0x0, 0x0)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000005c0), 0x10)
recvmmsg(r4, &(0x7f0000000900), 0xb, 0x10002, 0x0)

6m0.285048201s ago: executing program 4 (id=1533):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r1 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
futex(&(0x7f0000000000)=0x2, 0xb, 0x2, 0x0, &(0x7f00000000c0)=0x2, 0x2)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd)
futex(&(0x7f000000cffc)=0x3, 0x5, 0x1, 0x0, &(0x7f0000000000), 0x5000000)
r3 = fsmount(r1, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f00000002c0)=0x2, 0x4)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000080)='blkio.bfq.io_serviced\x00', 0x0, 0x0)
preadv2(r5, &(0x7f0000000280)=[{&(0x7f0000000600)=""/211, 0xd3}], 0x1, 0x0, 0x8, 0x15)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000280)='./file0\x00', 0x0, 0x4010, r3}, 0x18)
write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[], 0xff2e)
syz_io_uring_setup(0x17ac, &(0x7f0000000100)={0x0, 0x54b0, 0x400, 0x1, 0x84}, &(0x7f0000000180), &(0x7f0000000200))
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0))
r6 = syz_open_pts(r0, 0x101000)
r7 = dup3(r6, r0, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r7, 0x541b, &(0x7f0000000240))

5m58.26352506s ago: executing program 4 (id=1536):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_sctp_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r5, 0x0, 0x155, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x4, r5, 0x0, &(0x7f0000ff8000/0x1000)=nil, 0x1000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r5})

5m57.129940482s ago: executing program 4 (id=1538):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300005500000085000000070000"], &(0x7f0000000200)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x27, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r3}, 0x18)
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x6c4aa10f8d5688f3, 0x0, &(0x7f0000000100)='GPL\x00', 0x80000001, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
splice(r4, 0x0, r5, 0x0, 0x800, 0x6)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x1004000, &(0x7f0000000400)={[{@lastblock={'lastblock', 0x3d, 0xffffffffffffff7f}}, {@fileset={'fileset', 0x3d, 0x1}}, {@noadinicb}, {@longad}, {@unhide}, {@uid_forget}, {@undelete}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@uid_forget}, {@longad}, {@dmode={'dmode', 0x3d, 0xffffffff80000001}}, {@nostrict}, {@session}, {@partition={'partition', 0x3d, 0x6}}]}, 0x1, 0xc34, &(0x7f0000001bc0)="$eJzs3U9sXNd5N+D3XHHEofx9FRM7ipPGxaQtUlmxXP2LqViFO6pptgFkWQjF7AJwJFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjkhJpP49N/WbunHPnnHvH98qC3jkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAET83iuXz5xNj3sUAMCjdHX0q2fOuf8DwMfKdf//DwAAAAAAAAAAAAAAB12KIp6MFLNXV9N49byjfqVdu3tvbHhk624Dqep5pGpf/tTPnjt/4UsvDF3s5pX29Af032ufjddGr19uvDxzZ3Zucn5+cqIxNt2+OTMxueM97Lb/ZqeqA9C48/rdiVu35hvnnj+/4eV7g+/3P3Fi8NLQs6ef6bYdGx4ZGV1vUt/y4UParsLjaBRxOlI8972fplZEFLH7Y1F/tOd+s4FqEqeqSYwNj1QTmWq3phfKF691D0QR0ejp1Oweo63PRfTVHukctteMWCyHXw74VDm90dnWXOvG1GTjWmtuob3Qnpm+ljqjLefTiCIupoiliFjpf3B3tSiiL1J85/hquhERR7rH4YtVYfD24yj2cY47UI6zUYtYKg7BOTvA+qOIVyPFz945GTfLY5Z/4gsRr5b5g4i3ynwpIpUfjAsR723xOeJw6osi/rw8/5dW00R1PeheV658rfGV6VszPW2715Vf8v7wwJXiMd0fBjblo3HAr031KKJVXfFX08P/ZgcAAAAAAAAAAAAAAACAvTYQRXwmUrzyb39U1RVHVZd+/NLQ7w/+/96a8ac/ZD9l2+cjYrHYWU3u0VwYeC1dS2mntcTqTvdcPYr441z/963HPRgAAAAAAAAAAAAAAAAAAICPtSJ+EilefPdkWoreNcXb07cb11s3pjqrwnbX/u2umb62trbWSJ1s5hzPuZhzKedyzpWcUeT+OZs5xwc6O17Mz5dyLudcyRlHcv+czZzjORdzLuVczrmSM/py/5zNnOM5F3Mu5VzOuZIzDsjavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyVFFPGLSPHtb6ymSBHRjBiPTi73P+7RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl/lTE9yNF4w+a97f1RUSq/u04Wf5yIZpHy/xkNIfKfCmal3O2quxrfusxjJ/dqaUifhwp+utv3z/h+fzXOs/ufwzirW+uP/tsXyePdF8cfL//iRPHLw2N/NrT2z1OWw3g1JX29N17jbHhkZHRns19+d0/2bNtML9vsTdTJyLm33jz9dbU1OTcwz8oPwK76H6IHqS+gz/T2oEf4SF6EH0HYhiPZ+58DJT3//cixW+/++/dG37n/l+P/9d5dv8OHz//k/X7/4ubd7TD+3/f5n75/l/e07e6/z/Zs+3F/LuRWl9EfeHObO1ERH3+jTdPt++0bk/enpy+cObMl4eGvnz+TO1oRP1We2qy59GeHC4AAAAAAAAAAAAAAACARycV8buRovXj1dSIiHtVvdbgpaFnTz9zJI5U9VYb6rZfG71+ufHyzJ3Zucn5+cmJxth0++bMxORO365elXuNDY/sy2Q+1MA+j3+g/vLM7Btz7dt/uLDl68fql2/ML8y1bm79cgxEEdHs3XKqGvDY8Eg16Kl2a7rqem3LYvpfXi0V8R+R4uaFRvp83pbr/zdX+G+o/1/cvKN9qv//RM+28j1TKuLnkeK3/uLp+Hw1zmPxwDHL7f4mUpy6+LncLo6W7bpj6HyvQKcysGz7P5HiH36xsW23HvLJ9bZnd3xgD4ny/B+PFN//s+/Gr+dtG7//Yevzf2zzjvbp/D/Vs+3Yhu8r2PXUyef/dKR46cm34zfytg/6/o/ud2+czI3vfz/HPp3/T/VsG8zv+5t7M3UAAAAAAAAAAIBDrZaK+NtI8cORvvRC3raTv/83sXlH+/T3vz7ds21ib9Yr+tAHuz6oAAAAAHBA1FIRP4kUtxfevl9DvbH+u6f+83fW6z+H06ZXqz/n+5XqewP28s//eg3m9x3f/bQBAAAAAAAAAAAAAAAAAADgQEmpiBfyeurjVT3/xLbrqS9Hilf+67ncLp0o23XXgR+sfq1fnZk+fXlqauZma6F1Y2qyMTrbujlZ9n0qUqz+9edy36JaX7273nxnjff1tdjnIsXI33XbdtZi765N/tR627Nl209Eiv/8+41tu+tYf2q97bmy7V9Fiq//09ZtT6y3PV+2/W6k+NHXG922x8q23e9H/fR62+dvzhT7cFYAAAAAAAAAAAAAAAAAAAD4uKmlIv40Uvz3naX7tfx5/f9az9PKW9/sWe9/k3vVOv+D1fr/2z1+mPX/q+8VWNzuXQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KMpRRFvRorZq6tpub983lG/0p6+e29seGTrbgOp6nmkal/+1M+eO3/hSy8MXezmB/ffa5+J10avX268PHNndm5yfn5yojE23b45MzG54z3stv9mp6oD0Ljz+t2JW7fmG+eeP7/h5XuD7/c/cWLw0tCzp5/pth0bHhkZ7WnTV3vod39A2mb70SjiLyPFc9/7afphf0QRuz8WH/LZ2W8D1SROVZMYGx6pJjLVbk0vlC9e6x6IIqLR06nZPUaP4FzsSjNisRx+OeBT5fRGZ1tzrRtTk41rrbmF9kJ7Zvpa6oy2nE8jiriYIpYiYqX/wd3VoojXI8V3jq+mf+6PONI9Dl+8OvrVM+e2H0exj3PcgXKcjVrEUnEIztkB1h9F/GOk+Nk7J+Nf+iP6ovMTX4h4tcwfRLwVnfOdyg/GhYj3tvgccTj1RRH/W57/S6vpnf7yetC9rlz5WuMr07dmetp2ryuH/v7wKB3wa1M9ivhRdcVfTf/qv2sAAAAAAAAAAAAAAACAA6SIX40UL757MlX1wfdritvTtxvXWzemOmV93dq/bs302traWiN1splzPOdizqWcyzlXckaR++dslllfWxvPzxdzLuVczrmSM47k/jmbOcdzLuZcyrmccyVn9OX+OZs5x3Mu5lzKuZxzJWcckNo9AAAAAAAAAAAAAAAAAADgo6Wo/knx7W+sprX+zvrS49HJZeuBfuT9XwAAAP//M3/28g==")
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x0, 0x6}, 0x76e0})
write$sndseq(r0, &(0x7f0000000000), 0x0)
close(0x3)

5m55.841972629s ago: executing program 4 (id=1543):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r3, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
r4 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r5 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580), 0x0, 0xfffffffffffffffe)
r6 = add_key$user(&(0x7f0000000200), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r5, r6, r4}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={'sha1-generic\x00'}})

5m40.22104284s ago: executing program 33 (id=1543):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r3, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
r4 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r5 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580), 0x0, 0xfffffffffffffffe)
r6 = add_key$user(&(0x7f0000000200), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r5, r6, r4}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={'sha1-generic\x00'}})

20.526823345s ago: executing program 5 (id=2012):
r0 = timerfd_create(0x0, 0x80000)
poll(&(0x7f0000000200)=[{r0, 0x400}], 0x1, 0x5ac2)
memfd_create(0x0, 0x0)
close(0x3)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1da38000)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
symlink(&(0x7f00000002c0)='./file0\x00', &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
timerfd_settime(r0, 0x3, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x8003ff, 0x0, 0x23e650d3, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x100, 0x0, 0xfffffffffffffffd, 0x9, 0x6, 0x0, 0xfffffffffffffffd, 0x3, 0x0, 0x1000, 0x8, 0x2, 0x3, 0x0, 0x1})

17.494953664s ago: executing program 5 (id=2014):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff001a0000bfa100000000000007010000f8ffffffb702000008000000b70300010000000081000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setresuid(0xee00, 0xee00, 0xee00)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
dup2(r1, 0xffffffffffffffff)
ptrace$ARCH_GET_UNTAG_MASK(0x1e, 0x0, &(0x7f0000000040), 0x4001)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x4716, 0x3)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000, 0x1})

17.005344902s ago: executing program 1 (id=2016):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$igmp(0x2, 0x3, 0x2)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r4 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x143240, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r4, 0xc0045103, &(0x7f0000000040))
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x80040, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, 0x0, 0x2)
ioctl$RFKILL_IOCTL_NOINPUT(r5, 0x5218)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r7, 0x89f9, &(0x7f0000000400)={'sit0\x00', &(0x7f0000000380)={@private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x3, 0xf}})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x12, 0x4}, 0x9c)
bind$inet6(r0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000640)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x3, 0x0, 0x0, 0x54}, 0x9c)

14.89241225s ago: executing program 3 (id=2018):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r4 = msgget$private(0x0, 0x20)
msgsnd(r4, &(0x7f00000000c0)=ANY=[], 0x8, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x0, 0x0)
socket(0x10, 0x4, 0x6)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000006300)={0x6, 0x5, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
syz_emit_ethernet(0x119a, 0x0, 0x0)

13.495801378s ago: executing program 5 (id=2019):
r0 = socket$inet6(0xa, 0x3, 0x6)
unshare(0x28040680)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000300)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet(0x2, 0x1, 0x100)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x41, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c1)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
write$FUSE_BMAP(r5, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x204800, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@aname={'aname', 0x3d, 'Op\x00'}}], [], 0x6b}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

13.494784168s ago: executing program 3 (id=2027):
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x400c844)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x708, 0x41e3, 0x0, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x18, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r8)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

12.359565161s ago: executing program 1 (id=2020):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r5 = creat(0x0, 0x10)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x3, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [], 'ip6tnl0\x00', 'nicvf0\x00', {}, {}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [], 'veth1\x00', 'veth0_to_hsr\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x386)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)='=\n\x9b\xa1Q\a\x00\n@\xf6\"2a\xd7\x1fch\x1a}#\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nR\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|\xd8ZE\x92\xb4\x18|\x14\xc8\x14\xab\xe3\xd2\xb8\xf9J\x13\xbc\xea\xccp;\xa5\xe8\r=\n\x9e\xfb\x17\"\xc4QJ\xdf\xa9\x02BQ\x11\b\xab\x14\xf7\x16\xde\xc3\x89\xc6d\xdd\x18\x01\xdd\xf3\xe2\xa5\xef\x02\x17T\x94\xb9\xd4v\xb1\xe3\xb7L\xe6>*\x11e\x18\xe7-\b\xe9\x87\x81,N\x1f\x94\xa4\xe5\xd6\xd4m\x92\xccg3jNvd\xd2O|c\xb3\xa0\xf2\xc6\\\x8a\'\xb3\x81S\x9b6\xf5\xb7\x93\v\xb0\aD\xb9\xf7>\xcf?\xea\xfb\xfc\xb9\x9d\xa5\xb5\xbc\xe2\xddUJN\xb2\xb7\x9c\xc3qk\x06\xdb\xd69\x8b\x00'/288)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xa8f, 0x86c, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3, 0x19ef, 0xfffffff7, 0x5, 0x2800, 0x6, 0x9, 0x4, 0xc, 0x11, {0x4, 0xffffffff}, 0xd0, 0x1}})
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r1, 0x18000000000002a0, 0x4b, 0x0, &(0x7f00000005c0)="d2ff03cb4608008cb89e08d986dd8af46937a3f6552f286b9a0a3f7e6ac17a834abbf023538509a259c8051dfc57daeb5a44a922615b95764e0c3e2f90fb105a96cf000000000000000000", 0x0, 0x95b4, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x39)

12.35913917s ago: executing program 2 (id=2021):
r0 = syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ef, &(0x7f00000001c0)="$eJzsmb+LE0EUx78zu9mLhz+wsbCx8MATvc3uRuWaK06wFIQ7UcvgrcfpJpFkhSQg6B9gaSHY2lhaWFhZ+BfYaqGCYGFKO2FkfuyPbDYhGskVeR/I7Hdn3rw370Hewi4Iglhavn399eXZ1c3diwCOYg0rZv6Hpa/ixKj95xePLjzfuvbyzadXH1rHH78r+mNyj5g9vgPg/baFGMw2EUd2r2VuE42b4Dhv9C0wuFr+Fgp9E4JVEx/3wXDH6PYRI6LQvduO9u4dRKEnB18OgRzq+fjyUMOnDHsAqup0QrDcerc/eNCIorBTFBWRxBlb+lsxrX7qfNscW0iqJwQHcLtg54Gn9fPB4RtdB8OO0ZtYgeu6WUly+Z+2M//WLPmn4hiA+fL/B/FaiZMbiwoKrsuxsASXU1T+ix9WnJF/aCeZOTVMemDe5vuh514udmewgemEY0sfV6Po+hzRnZJCpSLrT7Kzn8v1Jxt22j9qcfNhrdsfbBw0G/vhftgKgvoV75LnXQ5qqhHpcUr/q6r+tJrzX5lg6zAHvUYcd/weEHf89D7QY67j7rxt/1R7uOp/HOtntQ9mnlnpg7IAMz+urlKtW+WWTybmRBAEQRAEQRAEQRAEQRAEUc4ZMOgvYYKZF6JlBDfUG8o/AQAA//8eamKw")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = epoll_create(0x207ffd)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000280)={0x70002012})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x8, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x1, 0x5510, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnLTBuI4gP5tcKFfKqq671W6g2P0CF12iThAL8EBuqBX6AU4A9nlCBFEeBwCEYtEHttK9J5khrGGn2cQLGZGGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEs31Wbxb/n9T9uc/aGdPKMBAAAArtlVm0X9ZpbqH5v7n5tbX5t6ERFlRFybu4/i3UXmqMmpHtv/PW9fPenD/4g64fiMSXN9iIgfzXX3petvAQAAAN6u7Wo9T7P19DIbukO0s3xR67RoU376menpRURUs9tMaeUx71umsPr3PY7fmdLqBaxpprC05DbOlfYs9d/9tGo3PSuKVJRXP3bqZLaxAwAAPRpdFP3OQgAAAOjTr6E7wDCKeNjKPG0FTlLRbO+9v6gBAAAAr1AxdAcAAACAztXz/57O/zs4/w8AAACGkc7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEu7arPYrtbztjn7Qzt5RgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDP/ryjQAiEQRjsXd+ZzP0PKw2amppUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5nd/+T8xNc4kc6+NpeeRZO3U2Do19s6Noz+Mr18DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf785ICIRAEUTBn/O+k739YSdAziBABDY8qatEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzR7375PzE1ziRzp42l45Fk7aqxddXYe9A4ejDe/g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc79+8bNxUHAPxr+3xtCogQUIYgBBIDLDS9lpZuiAEUMfAnIEXptYRe+dFmoFWFyMKGMndBMCKEBApb/4fOrdSlbB1uKBIzyD47cdtIHL/sI/f5SM/ve5bl930vUZSvnxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgdrQRZ8VhcRKn1bnbD65vFP2dR/rCzZ27K0Ur4qTFnP8nXmh+SJa7SwQAAID5kdX1fUTcy3fXij5djBi/FXl9TVHzf/PUJK7r+Ufr/rqva/+i/fzT/ef2BlqcjFPc9PzmaHji8VR6/90sZ9vTf3pFr1z58tlLVn5B0ne3nx3n5XomX9269Xa/DI+0kS0A8Hccr/sqqH8fKvpBl4kBMDd6jcK7rv+zxW5zAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjDeDueqOMkIlZ6+3HhzoPrGwf1N3furtTtzI0bO/HF/j2LW+QRcX5zNDzR6mxm25Wr1y6uj0bDy+0HL0ZEV6O/WU3/4vtTXBzx76dRf2t2svJzFqTVWk9x8cKs5Nx90NEPJAAADq28akVdfy/fXSvOJUsRv3/7cP3/SiOOKev/+x+cud0cq1n/D1qb4exb3br0yeqVq9de27y0fmF4YfjR6ycHbwxOnT19+uxq+axk1RMTAAAA/pl+1Zr1f7r0+P7/sUYcU9b/n349+Lw5Vqb+P9D+pl/XmQAAAMy3Z1767dfkgPNJvx+frW9tXR5MjnufT06OHaT6lx2pWrP+z5a6zgoAAABow3g7eWj//1wjjin3/5/87vkfmvfMImKh2v8/vvHx6Fx705lpbfw5cddzBAAAoFsLVWvu/+fl+//p3isPaUS8+vIkrv4N4FT1f/bOl983x2q+/3+qvSnOpHR5sh5lvxzRW+46IwAAAA6zo1Uriv1f8t21D3889l7f+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbfsjAAD//08VOo0=")

12.358735441s ago: executing program 3 (id=2022):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x7, &(0x7f0000000600))
sendmsg(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
syz_usb_connect(0x6, 0x1fc, &(0x7f0000000780)=ANY=[@ANYBLOB="12015002b8005108101407a0683e010203010902ea01030e00300309040309027f54cc00090502040004040403800109661bede31b6d40ffd5a6457d3483a7c64a2cf09c6b30e3afe9caf13ed9a2924ed053d2b4b24aedb4035d4212c8a5f7df3b67916187c245f81035efe9b53a8d79988d4b00a8aa5926f8b9103fd0e543cebd14ca5d0825146c7ff12ef0b8fe612538542d6f5c9fdc7894374795b8ccb6bdb303b42aa86746d3370ad7a31c090504104000050209072501830200040725018101070009045b060c317135060905051008000600d30725018002000009050610200080ff0407250101060200090500100004090401090504104000ab0005090505022000060d0d48007672bf7524ef90e0a086de3562bf356642bc0201de8fa807c3b757b1c182c0f4c59af7c59293e1bc41956912be0eafd96bdf03aa6117bc3e50fbee59a6e5dfc7206516e091fce94c0c778a134b5368d1af31d240535b0725018002010009050b08000401a9050725010332f60b0725010206ac15090502140000c7070e0905010400020805800905051000020802ae07250103fbff0009050010400008000309050c040002030d07410f8c1ea652c620acd24cbf2bfeb921dfc3f2c147f7c05a53e4f7db6742a64c76fe8d2f319387c80165b1ad6b9054e93ae7385d785e1c040f2c4e5c2388ef8791090509002000010802"], 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r3, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a510800020010"], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@bridge_getlink={0x28, 0x12, 0xdbf44c00c5896d57, 0x10, 0x0, {0x7, 0x0, 0x0, 0x0, 0x20000}, [@IFLA_EXT_MASK={0x8, 0x1d, 0xeca}]}, 0x28}}, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
sendfile(r7, r6, &(0x7f0000002700)=0x23, 0x1c)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x10200, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x16, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000005c0)="450f11440f0966b88d00c44101c41d0e0000000841c0d62c360f01c80fc729b805000000b9000000800f01d966ba6100ecf20f2291", 0x35}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

12.350306251s ago: executing program 5 (id=2029):
socket$igmp6(0xa, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r4, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r6 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580), 0x0, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000200), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r6, r7, r5}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={'sha1-generic\x00'}})

9.241764488s ago: executing program 1 (id=2023):
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1ec)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x18, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f00000000c0), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000c00)=ANY=[], 0x1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
lseek(r3, 0x0, 0x1)

9.01939904s ago: executing program 2 (id=2024):
socket$unix(0x1, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
fanotify_init(0xf00, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100), 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r3, 0xc0a85352, &(0x7f0000000200)={{0x80, 0x4}, 'port1\x00', 0x89, 0x0, 0x0, 0xfffffeff, 0x0, 0x0, 0x200000, 0x0, 0x4875c99660ff2b28})
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)

5.860537091s ago: executing program 2 (id=2025):
r0 = socket(0x2, 0x2, 0x1)
listen(0xffffffffffffffff, 0x0)
gettid()
timer_create(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c13, &(0x7f0000000240)=ANY=[@ANYBLOB='nocompress,showassoc,uid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=iso8859-2,showassoc,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c636865636b3d7374726963742c636865636b3d7374726963742c73657373696f6e3d3078303030303030303030303030303036122c63727566742c626c6f636b3d3078303030303030303030303030303430302c636865636b3d72656c617865642c00"], 0x1, 0xa00, &(0x7f00000003c0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)={0x0, <r2=>0x0})
sched_setscheduler(r2, 0x3, &(0x7f0000000000)=0x40)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000004679100000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7f", 0x76}, {&(0x7f0000000300)='l3', 0x2}], 0x2}], 0x1, 0x0)
mmap(&(0x7f00005b0000/0x1000)=nil, 0x1000, 0x6, 0x13, 0xffffffffffffffff, 0xffffd000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r6, 0xc0984124, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)

5.839394614s ago: executing program 1 (id=2026):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000240)=ANY=[@ANYRES16=0x0, @ANYBLOB="2d0000000100000000000000ae07e21a62f9b44d66d229eae846e6060041717d768bb016a2645aba4ca2c11b64a70b48f910e44439c38ab5c80dce07322e7889d0dc7a8ed1d54ec3c3f28e5720d6fa49eb7fde226ab09c2ad687f1a23f06000000d45ba5f33fa4f232175145f8b224391c"], 0x14}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f00000002c0)={[{@acl}, {@nodatacow}, {@compress_force}, {@noacl}, {@nodatasum}, {@autodefrag}, {@rescue={'rescue', 0x3d, 'usebackuproot'}}, {}], [{@uid_eq}, {@subj_user={'subj_user', 0x3d, '+-'}}]}, 0x3, 0x510e, &(0x7f000000a240)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlVRGht7TRYv2LFNiVGIjE1EIwSlDVLyoQijKKr5ALUCEUkB4SLFESqPiKoogEChNURBpJQkIk2Q4mr23jN759ydhx9rvPT3k7xzZv7ncc+Zh+fce+dcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/+HQV67622bxh397wdPPXTxx2d51F798zQVnPh7C5OzjHVm4o//6Wyd+fuf5d+29b81t9xy58P29ebk8HgaqfzrzO9fFWo8sDeHejhC608DKwSzQk98fjPW9YzCEM8JcoFZiqj8rkTYcvt8Xwv4wF6hV9b2+EAYLgYueeOjBG6uJW/pCWBZCqKRtPFvJ2uhLA+f0ZoH+NLCtOwv86mimFvhuZxaAExbfDLUX/cHJ+gwj85dr8PrrOWkb9sZKu9cVEyON8/1s3QJvVEFv+sDkCT1tpepYEKW3xyHvtkXwbiuN882etuIXqfwbytG5UCV0bp7asvHKmV3xkc4wNtbVqKYFep6fevVLm44lvWheh3EDRk7K6/Cmx5bd2bXiE4/es3LZiwc+sO+lE93MHxWGtJheaJWQv+YWzfMYTfg8WQRvv9K3pFFfukIIWz7/e59sFi/N/0eaz//jyznedtbljrW+PpTNzeMjgzHxylA2NwcAAIBFYzHsNd029sBHCsWHK0l9pfn/aHvH/+Mh/3wyn/X2UAgTs4l9wyGcNft4FrgjNnfJcAjvnk1N1gfWJYFDIbx9NrGiVlVSYkksMZoEfjKUByaSwOEYmEwC34qBm5PAdTFwMAlsioFDSeD8GAjT9f34/aG8H20H+mJgQzaIB+NZCL8Yiq0lY/VMrSoAAICTJJ8d9tTfLZzrcKIZ4vTyYF+rDPEM7IYZKkkN6Qy2Nq1qWEN3qxo6W9VQ6/ee5t0v1dzRqubSaRgd9Rlu/eXffCo0UZr/jzef/1fm2ZCO0vH/ENbP/o25O/PITC2+YbIuAwAAAHACBv73+W82i5fm/xPtnf8f94l0FTKHR+JuiK3DIYzXB7Jq/7AcyI56D+QBAAAAWAxqx+Nrx8Kn89vsFO10Pl3OP3mM+eOB/4l58/ceun9Ds+0tzf8n2zv/v7/+NtuIw3ErvjYcwpJC4AdxK6uBWaMx8OOP1gfy/h+OA3BDrCo/MaFW1Q2xxIYYGE8C+xuV+GGtxFn1gfzJqjW+r9aP6bxEIQAAAACnXNwdEI/Lx/P/3/ObNVc1K1ea/284tvP/Z+fBpdP7ZwZCWNUdQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwjnVTuWVvV8vv5/d7rG4BN9WVUxcNZ7Drx6TjXxzb4QVhUDT37m9g9WE7uSQK3xv+wL4V3V3qaNf2dJ1nhP2vjXl4TwzkKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEshUKvqQ5UQdgcAFqn4X+nm4oM7d1+9dePMzNSOBUzEffh9Ycv0zNTYpm0zmysNtmlzss11yxhdW+5Tu1e+eSZfoujTd68fbCdd+53geLGtfD9+6cTB/H78LtQz2881PXV316Zdft97y02EwjepRl3uXOAu9xcrmXsSS/XH/L1hICy5cufUjrEvbty1a8fq7G+72ddkf+NhpmysVqdj1T/ftrXx8mi4WlbieMdqebGSVbsu375q5+6rV05fvvHSqUunrlj9oTXj546vHf/wuauqvRrP/rbo6vL5qk66evT2Nvt1Ert6dnehklPxqSEhIbHYEtsGljf9P7k0/9/efP4fP3XiJ3++PkOj4/8j8TB/9vjcYf4NMbC/3eP/I42O5tdODBhNAntiYI/D/AAAALw5xEl+3JsZ90r/dMV3XmxWrjT/39Pe7/9P0vr/taXrL2y0zP+KWGK80fr/6TL/tfX/9zRa/z9d5r+2/v/+N2D9/ytrgWRIfmH9fwAA4M3g1K3/33J5//QCAaUMLZf3Ty8QUMrQchn/di8QcMzr/z/7n3/136GJ0vz/5vbm/xbuBwAAgNPHl//sqt9pFi/N//e3N/8/9ev/hUbn/482Ckw2WhjQ+n8AAAAsUo3W/xu5vv9zzcqV5v8H25v/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYG+tpM2/dyqjrjr/Np/KlQJuli57/kyPHdv7/ofbm/3W/y7jpsWV3dq34xKOv37Ny2YsHPrDvpbnj/wAAAMDCaXe/BAAAAAAAAAAAAAAA8MZ7/j/2rm0WL/3+P6yffbzR7//jdf/i7wveWpc71tp6/b/8/kUfv2v37JKFjwyF8N5iYOverWeE/Nr8y4uBBz+74m3VxN60xP3Pnf9CNfG5NPCxlWe+Vk2clwQ2xEUS354G4lUVX1uaBOLyiv+eBuJ4HEwDvXngq0uzfnSkY/XTwWysOtKxenowhOFCoDZW9w5mbXSkHbwlCdQ6+IU0EDv453mgM92quwayrYqBwVj0toFsqwAAOG3Fb4E9Ycv0zNR4/Aofb8/urr+N6pYsu7ZcbUebzT+TL0326bvXD7aT7kq/i85da7wnVKpdWF36ulrM0jHby5NTS4uhe2uDLrda7a2zQbnUsQ5db+Me9WU9Gtu0bWZzT8uOr22dZU13yyyrS5OdYpbO2SFto5Y2tqWNHrU5Nm1scrzfGcbGupJcfxCDI6FOq1dEu7/XL67z1+hVUMxzxZF9v2pWX2n+P9Le/L9S7Ndr+cUA9sQr6/3dsGX+AQAAYGF9dd2vvxH/fer6h59slrc0/x9tb/4f92Dlh4KzvR2H4vX/9w2HMHtp/ZEscEds7pLhEN49m5qMJbIL6l8YS4xngTviDpMVscSGyfqqlsTAwSTwk6E8cCgJHI6BfC/FgZDvyvn7oRA+OJtaX19ieywxkgQ+GQOjSWAsBsaTwNIYmEgCLy/NA5NJ4N9iIEzXj9XdS/OxAgAAOBb5PKun/m5I53kHu1tl6GiVob9Vhs5WGSpNM/SEg416Ee9/O2bo6SiPQnyoJ222L6mllCFeDL/hhrcc3drh/x/W50wLlpqO5x/UzjfoqM9w30e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qdy8r8VTx0dj4McfrQ/kOwYOx8nuDbWqJvMS+aT9hlhiIgZGk8D2GJhIAhvW54H9b6sP5DPtWuP7ao1P5yUKAQAAADjl4g6CuJsmzv9v2/mVgWblSvP/ifbm/7G9gWJj18VajywN4d6Oua2pBVYOZoG4H2Mw/jz+HYMhnFHYwVErMdWflehNGg7f78t+od6bVvW9vuzHB/H+RU889OCN1cQtfSEsK+x9qbXxbCVroy8NnNObBfrTwLbuLBD3/NQC3+3MAnDCansF4wsqP9WlZmT+cg1ef2+Wa4Km3SvtA50n33y/uVoopR2u+T7VmmN72pruv+WkKb09Dnm3LcZ324h3W/GLVP4N5ehcqBI6N09t2XjlzK74SPGXrCUL9DwXf6XaTvokvA73HP/WtlZJN2A8+fgYn7/c/K/DjljdTY8tu7NrxScevWflshcPfGDfS21vRgPxh8IPXfOvgz8qDO9Cq4T8NbfoPk8mfZ4siv8Gknf3qKcthLD+5a/f0Cxemv9Ptjf/705uZ/06DubO4RDeVxjcR+Lw//Fw9jlYCGSfkm8pB7JD7v811PCTEwAAAE622u6O2v6C6fw2OyE8nSeX80+GcHT4GPLH/RUT8+Zvd7v7//qzy5rFS/P/Dc3n/0uSzXT83/F/Fojj//M63XdFL0kf2HNCu6JL1bEgHP+f1+n+bnP8f16O/zv+Px/H/1tw/H9ep/vTVvqWtN2XrhDCi3/0wNPN4qX5//b25v/W/5t/0b7a+n8bGq3/t73R+n97rP8HAAAsqAYLzaXzvNLqfaUM6ep9pQwtFwhsucRg8/X/mqyz96ZZ/680qK3W/3vh7Gd/E5oozf/3tDf/jy+HgWLri2X9v9H1Daq6OQa2WxgQAACA01GjfRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8se77h//Z3Cz+8G8vePq5iycu27vu4pevueDMx0OYnn28Iwt39F9/68TP7zz/rr33rbntniMXvr+Sl+vJb3+3Lnes9fWhEPYXHhmMiVeGqnfmAhd9/K7d3dXEI0MhvLcY2Lp36xnVxLeGQlheDDz42RVvqyb2piXuf+78F6qJz6WBj60887Vq4rw80JFu7j8uzTa3I93cG5eGMFwI1Db3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4bwQQnda1XO9WVXdac8f782qioGz3nPg1XOqif29IawqBp78zO0frCa+kARqjf9Fbwjvqr5k0sa/3ZM13pM2fktPCO8MIfSmJX7ZnZXoTUs83x3CWwqBWuOf7w5hd+BNIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kmxTIx2F9NFrj7/vz7z6pU3V20/fvX6wnXR3Xq5ndpPX9NTdXXu6b33crv5iJXPPR6n+mL83DIQlV+6c2jH2xY27du1Ynf1tN/ua7G9XHs3GavViGavlxUpW7bp8+6qdu69eOX35xkunLp26YvWH1oyfO752/MPnrqr2ajz7ezK6evup7+rZ3YVKTsUHgISExGJLdNZ9uo2f7h/kpS/6cxvaEyqzH9ClaUUxS8dsL09Gp9cdZ4+P53tKyx6tLk0cSlnWzJPl2vosa0uTibla+rIss9/rSpPDYmOds0Ma73eGsbGuRuMwUn+3OLw/O4HhfSofunbTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6zB6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//56HJTY=")
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000380)='.\x00', 0x60, &(0x7f00000002c0)=ANY=[], 0x20, 0x0, &(0x7f0000000000))
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c0d0000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f000059e000/0x5000)=nil, 0x5000, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x22)
lseek(r4, 0x1a86, 0x1)
getdents64(0xffffffffffffffff, 0x0, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000000)=')-{#\x1e\xf4#^\x00', &(0x7f0000000040))

5.764398661s ago: executing program 3 (id=2028):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, 0x0, &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff01800000"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000027c0)=ANY=[@ANYBLOB="38010000fe00002b094b5626245e5f82390ebe6263639c49f0a5c6a850a4"], 0x138)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000580), &(0x7f0000000180)=0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4.021804573s ago: executing program 1 (id=2030):
r0 = socket$inet6(0xa, 0x3, 0x6)
unshare(0x28040680)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000300)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet(0x2, 0x1, 0x100)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x41, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c1)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
write$FUSE_BMAP(r5, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x204800, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@aname={'aname', 0x3d, 'Op\x00'}}], [], 0x6b}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

4.020187833s ago: executing program 3 (id=2038):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r4, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r6 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580), 0x0, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000200), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r6, r7, r5}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={'sha1-generic\x00'}})

3.202249624s ago: executing program 5 (id=2031):
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x400c844)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x708, 0x41e3, 0x0, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x18, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r8)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00')

2.960557338s ago: executing program 1 (id=2032):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000300)={0x1000a4, 0x7a}, 0x20)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000140)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a0b040000000000000000020000005c000480580001800a0001006d617463680000004800028008000240000000001c0003004cb43801b2486e8f58c2052fade1bc2c62cdeb7521cf85f60e0001007374617469737469630000000eeb0000636f6e6e62797465730000000900010073797a30000000000900020073797a32"], 0xb0}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x20, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r6, &(0x7f00000000c0)={0x14, &(0x7f0000000000)=ANY=[@ANYRESDEC=r6], 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r6, 0x0, 0x0)

2.045994928s ago: executing program 5 (id=2033):
socket$nl_generic(0x10, 0x3, 0x10)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x400003, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), &(0x7f0000000380)=@v2={0x3, 0x2, 0xfe, 0xe79f}, 0x9, 0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
add_key(0x0, 0x0, &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000080)}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
tgkill(r3, 0x0, 0x30)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)

2.045466198s ago: executing program 2 (id=2034):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_io_uring_setup(0x2523, &(0x7f0000000000)={0x0, 0x5, 0x4, 0x0, 0x1b2}, &(0x7f00000000c0), &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000180)="c2", 0x1}], 0x1)
write$UHID_SET_REPORT_REPLY(r3, &(0x7f00000007c0)=ANY=[], 0xffe0)

636.480687ms ago: executing program 2 (id=2035):
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0)
pwrite64(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1800004, 0x20010, r0, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x3, 0x0, 0x0)
timerfd_settime(r2, 0x2, &(0x7f00000002c0)={{}, {0x77359400}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
execveat(0xffffffffffffffff, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000400000000000000020000130200000002000000000000000000000002000000000000000000000000002e0072eab894be645fd78dc37e574a"], &(0x7f0000000240)=""/220, 0x40, 0xdc, 0xa}, 0x28)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=""/16, 0x2e, 0x10, 0x1, 0x10}, 0x28)

252.950725ms ago: executing program 2 (id=2036):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
readlinkat(0xffffffffffffffff, 0x0, &(0x7f0000000600)=""/243, 0xf3)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB="0000000000000000b7020000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x84030, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0), 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xfec0ffffffffffff}, 0x800, 0x0, 0x2, 0x1, 0x6, 0xbe}, 0x20)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)

0s ago: executing program 3 (id=2037):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000001080)=ANY=[@ANYBLOB="58000000020601080000000000000000000000040900020073797a3100000000050004000100000011000300686173683a6e65742c6e6574000000000c0007800800124000000002050005000a00000005000100060000008a7df18ee897e5f9647defadfc0774e16f8fd1fe46bbef34ac65d50913ae730e6fadb47420b4da11db5478cbcc47ae43280a4a66c522855b6778449d187cb2d55e2404e0f569972e3c00feb6fb4b84c1ee199af772bbe9db57fc0958bfa3bb6ceab93969c82577004ea57dde21ae26acf2e6d1e122d31a757f85b5962d51719a2ebaedae90"], 0x58}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000240)={'\x00', 0x52d35ce30131f272})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)

kernel console output (not intermixed with test programs):

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  410.998073][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  415.005885][   T27] kauditd_printk_skb: 23 callbacks suppressed
[  415.005939][   T27] audit: type=1400 audit(1760911229.916:38): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=8062 comm="syz.0.532"
[  421.721494][ T8111] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  423.229839][ T8122] tipc: Enabled bearer <udp:syz0>, priority 10
[  424.348146][    T9] tipc: Node number set to 2975682952
[  429.741177][   T27] audit: type=1400 audit(1760911244.376:39): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=8159 comm="syz.2.555"
[  429.830570][ T8167] loop3: detected capacity change from 0 to 512
[  429.902346][ T8167] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  429.930401][ T8167] EXT4-fs (loop3): Test dummy encryption mode enabled
[  429.968571][ T8167] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.556: casefold flag without casefold feature
[  429.991979][ T8167] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.556: couldn't read orphan inode 15 (err -117)
[  430.019479][ T8167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.649134][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.267588][ T8213] 9pnet_virtio: no channels available for device syz
[  436.599806][ T8218] netlink: 64 bytes leftover after parsing attributes in process `syz.2.569'.
[  439.515629][ T8233] loop2: detected capacity change from 0 to 16
[  439.531031][ T8233] erofs: (device loop2): mounted with root inode @ nid 36.
[  439.971065][ T8239] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  439.982847][ T8239] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  439.994227][ T8239] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 123 of nid 36
[  440.903903][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  440.929807][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  442.015667][ T5801] Bluetooth: hci3: command 0x0406 tx timeout
[  451.826303][ T8304] netlink: 8 bytes leftover after parsing attributes in process `syz.2.588'.
[  453.793607][ T8320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.593'.
[  467.982502][ T8413] loop0: detected capacity change from 0 to 512
[  468.015881][ T8413] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  468.110691][ T8413] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  468.156305][ T8413] EXT4-fs (loop0): 1 truncate cleaned up
[  468.173738][ T8413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  469.184904][ T8421] loop2: detected capacity change from 0 to 16
[  469.217099][ T8421] erofs: (device loop2): mounted with root inode @ nid 36.
[  469.247715][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.271408][ T8421] syz.2.626: attempt to access beyond end of device
[  469.271408][ T8421] loop2: rw=0, sector=8, nr_sectors = 16 limit=16
[  471.025972][ T8436] comedi comedi0: dac02: I/O port conflict (0x4,8)
[  472.093254][ T8434] syz.2.626 (8434): drop_caches: 2
[  473.735532][    C0] vkms_vblank_simulate: vblank timer overrun
[  474.095545][    C0] vkms_vblank_simulate: vblank timer overrun
[  476.187749][ T8465] loop2: detected capacity change from 0 to 512
[  476.200908][ T8465] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  476.712631][ T8465] EXT4-fs (loop2): Test dummy encryption mode enabled
[  476.846652][ T8465] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.629: casefold flag without casefold feature
[  476.883666][ T8465] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.629: couldn't read orphan inode 15 (err -117)
[  476.909008][ T8465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  478.987821][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.506842][ T8528] sch_tbf: burst 512 is lower than device syzkaller0 mtu (1500) !
[  486.132561][ T8533] loop3: detected capacity change from 0 to 8
[  486.797422][ T8533] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  486.930261][ T5788] udevd[5788]: incorrect cramfs checksum on /dev/loop3
[  487.460283][ T8536] cramfs: Error -5 while decompressing!
[  487.466330][ T8536] cramfs: ffffffff96fdc348(26)->ffff888057a62000(4096)
[  487.473516][ T8536] cramfs: Error -3 while decompressing!
[  487.479222][ T8536] cramfs: ffffffff96fdc362(26)->ffff888057966000(4096)
[  487.486344][ T8536] cramfs: Error -3 while decompressing!
[  487.491962][ T8536] cramfs: ffffffff96fdc37c(16)->ffff888057967000(4096)
[  487.499312][ T8536] cramfs: Error -5 while decompressing!
[  487.504921][ T8536] cramfs: ffffffff96fdc348(26)->ffff888057a62000(4096)
[  489.393090][ T5788] udevd[5788]: incorrect cramfs checksum on /dev/loop3
[  490.401144][ T8554] loop0: detected capacity change from 0 to 128
[  497.236371][ T5801] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  497.916679][ T8577] loop3: detected capacity change from 0 to 2048
[  498.031327][ T8577] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  498.050354][ T8577] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  499.362100][ T8587] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  499.938598][ T8599] trusted_key: syz.0.656 sent an empty control message without MSG_MORE.
[  499.960868][ T8592] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  501.700683][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  501.707241][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  503.037425][ T8610] loop0: detected capacity change from 0 to 2048
[  503.087528][ T8610] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  505.536043][ T8610] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  517.592690][ T8678] netlink: 'syz.3.677': attribute type 1 has an invalid length.
[  517.605975][ T8680] loop2: detected capacity change from 0 to 64
[  520.590254][ T8693] overlayfs: bad index found (index=index/00fb210001737a0f5e9e1b4794a16ed925f8d587ebba9db2e53803000000000000, ftype=2000, origin ftype=a000).
[  523.480565][ T5801] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  524.017301][ T8711] loop3: detected capacity change from 0 to 2048
[  524.041797][ T8711] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  524.080724][ T8711] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  524.492556][ T8715] loop2: detected capacity change from 0 to 40427
[  524.546308][ T8715] F2FS-fs (loop2): invalid crc value
[  524.590430][ T8715] F2FS-fs (loop2): Found nat_bits in checkpoint
[  524.784233][ T8715] F2FS-fs (loop2): Start checkpoint disabled!
[  524.809737][ T8721] loop3: detected capacity change from 0 to 64
[  525.171565][ T8715] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  528.394511][   T12] kworker/u4:1: attempt to access beyond end of device
[  528.394511][   T12] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  528.413615][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  528.434116][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  531.163750][ T8749] loop3: detected capacity change from 0 to 512
[  531.172476][ T8749] EXT4-fs (loop3): Test dummy encryption mode enabled
[  531.179514][ T8749] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  531.192389][ T8749] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.694: bad orphan inode 131083
[  531.207286][ T8749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.163791][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.570886][ T8760] loop0: detected capacity change from 0 to 512
[  532.712082][ T8758] loop1: detected capacity change from 0 to 2048
[  532.741157][ T8758] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  532.769982][ T8758] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  532.898389][ T8760] EXT4-fs (loop0): Test dummy encryption mode enabled
[  532.988873][ T8760] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  533.061313][ T8760] EXT4-fs (loop0): 1 truncate cleaned up
[  533.095919][ T8760] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.201659][ T8766] loop2: detected capacity change from 0 to 8
[  533.237541][ T8766] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  534.162809][ T5802] udevd[5802]: incorrect cramfs checksum on /dev/loop2
[  535.077521][ T8769] cramfs: Error -5 while decompressing!
[  535.083231][ T8769] cramfs: ffffffff96fe0348(26)->ffff888053bae000(4096)
[  535.090372][ T8769] cramfs: Error -3 while decompressing!
[  535.096379][ T8769] cramfs: ffffffff96fe0362(26)->ffff888053baf000(4096)
[  535.103595][ T8769] cramfs: Error -3 while decompressing!
[  535.109404][ T8769] cramfs: ffffffff96fe037c(16)->ffff888053bb0000(4096)
[  535.116691][ T8769] cramfs: Error -5 while decompressing!
[  535.122312][ T8769] cramfs: ffffffff96fe0348(26)->ffff888053bae000(4096)
[  535.545132][ T5802] udevd[5802]: incorrect cramfs checksum on /dev/loop2
[  535.761542][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.011134][ T8784] loop0: detected capacity change from 0 to 128
[  536.087402][ T8784] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  536.119158][ T8784] ext4 filesystem being mounted at /156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  536.172426][ T8788] loop2: detected capacity change from 0 to 512
[  536.181193][ T8788] EXT4-fs (loop2): Test dummy encryption mode enabled
[  536.192505][ T8788] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  536.330244][ T8788] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.705: bad orphan inode 131083
[  536.386375][ T8788] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  537.117146][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  537.630972][   T27] audit: type=1400 audit(1760911352.596:40): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=8795 comm="syz.1.706"
[  539.598641][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.553821][ T8835] loop0: detected capacity change from 0 to 64
[  544.305907][ T8838] loop2: detected capacity change from 0 to 512
[  544.383426][ T8838] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  544.602992][ T8838] EXT4-fs (loop2): 1 truncate cleaned up
[  544.617205][ T8838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  550.055055][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.725915][ T8903] loop1: detected capacity change from 0 to 512
[  554.401299][ T8903] EXT4-fs (loop1): Test dummy encryption mode enabled
[  554.443498][ T8903] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  554.456502][ T8903] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.733: bad orphan inode 131083
[  554.468568][ T8903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  555.447876][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  559.251439][ T8946] loop0: detected capacity change from 0 to 128
[  563.350755][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  563.357279][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  579.073845][ T9075] loop1: detected capacity change from 0 to 512
[  579.285948][ T9075] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  579.439321][ T9075] EXT4-fs (loop1): 1 truncate cleaned up
[  579.506380][ T9075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  581.223144][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.611500][ T5855] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  583.965906][ T5855] usb 4-1: Using ep0 maxpacket: 16
[  584.628066][ T5855] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  584.644739][ T5855] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  584.661870][ T5855] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  584.711863][ T5855] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  584.750642][ T5855] usb 4-1: config 0 descriptor??
[  585.565009][ T9098] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  585.740651][ T6297] usb 4-1: USB disconnect, device number 3
[  587.271624][ T9121] wireguard0: entered promiscuous mode
[  587.285879][ T9121] wireguard0: entered allmulticast mode
[  589.565000][ T9140] loop3: detected capacity change from 0 to 40427
[  590.515507][ T9140] F2FS-fs (loop3): invalid crc value
[  590.596673][ T9140] F2FS-fs (loop3): Found nat_bits in checkpoint
[  590.637461][ T9140] F2FS-fs (loop3): Start checkpoint disabled!
[  590.680530][ T9134] pim6reg: entered allmulticast mode
[  590.714060][ T9140] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  591.042673][ T9133] pim6reg: left allmulticast mode
[  593.368309][  T125] kworker/u4:5: attempt to access beyond end of device
[  593.368309][  T125] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  593.382501][  T125] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  593.390831][  T125] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  595.224658][ T9174] sd 0:0:1:0: device reset
[  597.057098][ T9181] tty tty2: ldisc open failed (-12), clearing slot 1
[  599.154709][ T9198] loop3: detected capacity change from 0 to 512
[  599.180838][ T9198] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  599.281651][ T9198] EXT4-fs (loop3): 1 truncate cleaned up
[  599.300567][ T9198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  606.078056][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.360806][ T9284] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  616.428627][ T9284] syz_tun: left allmulticast mode
[  616.433867][ T9284] syz_tun: left promiscuous mode
[  616.444031][ T9284] bridge0: port 3(syz_tun) entered disabled state
[  616.465339][ T9284] bridge_slave_0: left allmulticast mode
[  616.471847][ T9284] bridge_slave_0: left promiscuous mode
[  616.477900][ T9284] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.493196][ T9284] bridge_slave_1: left allmulticast mode
[  616.499921][ T9284] bridge_slave_1: left promiscuous mode
[  616.510638][ T9284] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.525074][ T9284] bond0: (slave bond_slave_0): Releasing backup interface
[  616.663394][ T9284] bond0: (slave bond_slave_1): Releasing backup interface
[  616.743815][ T9284] team0: Port device team_slave_0 removed
[  616.821256][ T9284] team0: Port device team_slave_1 removed
[  616.846682][ T9284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  616.854978][ T9284] batman_adv: batadv0: Removing interface: batadv_slave_0
[  616.872286][ T9284] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  616.889294][ T9300] loop1: detected capacity change from 0 to 128
[  616.895766][ T9284] batman_adv: batadv0: Removing interface: batadv_slave_1
[  616.937703][ T9290] netlink: 'syz.0.822': attribute type 10 has an invalid length.
[  616.954246][ T9290] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  616.962755][ T9300] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  616.993257][ T9300] ext4 filesystem being mounted at /219/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  617.025128][    C1] vkms_vblank_simulate: vblank timer overrun
[  617.054098][ T9290] 8021q: adding VLAN 0 to HW filter on device bond0
[  617.110430][ T9290] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  618.457340][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  619.855770][ T9324] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  620.203536][ T9332] loop1: detected capacity change from 0 to 512
[  620.465703][ T9332] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  621.189378][ T9332] EXT4-fs (loop1): 1 truncate cleaned up
[  621.206830][ T9332] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  622.046232][ T9349] (null): rxe_set_mtu: Set mtu to 1024
[  622.054655][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.064877][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.074087][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.246939][ T9349] infiniband syz2: set active
[  622.252081][ T9349] infiniband syz2: added ip6gretap0
[  622.270277][ T5854] ip6gretap0 speed is unknown, defaulting to 1000
[  622.333437][ T9349] RDS/IB: syz2: added
[  622.338355][ T9349] smc: adding ib device syz2 with port count 1
[  622.344712][ T9349] smc:    ib device syz2 port 1 has pnetid 
[  622.355751][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.480380][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.605211][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.727785][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  622.849477][ T9349] ip6gretap0 speed is unknown, defaulting to 1000
[  623.002622][ T5854] ip6gretap0 speed is unknown, defaulting to 1000
[  624.583807][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  624.590796][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  624.943990][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.355297][ T5801] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  631.181220][ T9404] loop2: detected capacity change from 0 to 512
[  631.209897][ T9404] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  631.308992][ T9404] EXT4-fs (loop2): 1 truncate cleaned up
[  631.323030][ T9404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  634.044039][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.889487][ T9430] loop3: detected capacity change from 0 to 128
[  635.014234][ T9430] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  635.086334][ T9430] ext4 filesystem being mounted at /233/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  636.391827][ T9420] ip6gretap0 speed is unknown, defaulting to 1000
[  636.454687][ T9438] loop1: detected capacity change from 0 to 2048
[  636.636851][ T9438] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  636.672640][ T9438] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  636.684759][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  639.936092][ T5855] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  640.115672][ T5855] usb 3-1: Using ep0 maxpacket: 16
[  640.125302][ T5855] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  640.135545][ T5855] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  640.144542][ T5855] usb 3-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  640.153710][ T5855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.163738][ T5855] usb 3-1: config 0 descriptor??
[  640.462093][ T9461] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  640.466742][ T5855] IPVS: starting estimator thread 0...
[  640.507442][    T8] usb 3-1: USB disconnect, device number 2
[  640.585674][ T9463] IPVS: using max 18 ests per chain, 43200 per kthread
[  641.189647][ T9472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.868'.
[  643.411090][ T9470] loop3: detected capacity change from 0 to 512
[  643.455820][ T9470] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  643.880616][ T9470] EXT4-fs (loop3): 1 truncate cleaned up
[  643.902212][ T9470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  645.432965][ T9489] ip6gretap0 speed is unknown, defaulting to 1000
[  647.812455][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.062096][ T9501] loop1: detected capacity change from 0 to 8
[  648.076507][ T9501] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  648.091336][ T5788] udevd[5788]: incorrect cramfs checksum on /dev/loop1
[  649.512507][ T9507] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  649.547633][ T5788] udevd[5788]: incorrect cramfs checksum on /dev/loop1
[  649.765857][ T9502] cramfs: Error -5 while decompressing!
[  649.771554][ T9502] cramfs: ffffffff96fdc348(26)->ffff888055e69000(4096)
[  649.778767][ T9502] cramfs: Error -3 while decompressing!
[  649.784448][ T9502] cramfs: ffffffff96fdc362(26)->ffff88805c449000(4096)
[  649.791542][ T9502] cramfs: Error -3 while decompressing!
[  649.797238][ T9502] cramfs: ffffffff96fdc37c(16)->ffff888055652000(4096)
[  649.804535][ T9502] cramfs: Error -5 while decompressing!
[  649.810646][ T9502] cramfs: ffffffff96fdc348(26)->ffff888055e69000(4096)
[  651.325758][ T5855] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  651.604868][ T9522] wireguard0: entered promiscuous mode
[  651.610904][ T9522] wireguard0: entered allmulticast mode
[  652.376050][ T5855] usb 1-1: Using ep0 maxpacket: 16
[  652.405695][ T5855] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  652.417061][ T5855] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  652.426163][ T5855] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  652.435237][ T5855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.456793][ T5855] usb 1-1: config 0 descriptor??
[  653.806846][ T9513] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  653.932138][ T5855] usb 1-1: USB disconnect, device number 3
[  654.167419][ T9538] loop2: detected capacity change from 0 to 128
[  654.972686][ T9538] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  655.063381][ T9538] ext4 filesystem being mounted at /219/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  656.160769][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  658.392398][ T9567] ip6gretap0 speed is unknown, defaulting to 1000
[  663.659815][ T9600] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  665.016586][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  665.716042][    T8] usb 2-1: Using ep0 maxpacket: 16
[  665.789627][    T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  665.810883][    T8] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  665.821537][    T8] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  665.831661][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.945427][    T8] usb 2-1: config 0 descriptor??
[  666.010518][    T8] usb 2-1: can't set config #0, error -71
[  666.047672][    T8] usb 2-1: USB disconnect, device number 2
[  668.101235][ T9627] loop3: detected capacity change from 0 to 764
[  669.671764][ T9611] pim6reg: entered allmulticast mode
[  669.768221][ T9610] pim6reg: left allmulticast mode
[  672.045846][ T9649] ip6gretap0 speed is unknown, defaulting to 1000
[  673.376889][ T9655] tty tty23: ldisc open failed (-12), clearing slot 22
[  677.380182][ T9682] tmpfs: Unknown parameter ''
[  679.336223][ T9692] loop1: detected capacity change from 0 to 1024
[  679.344190][ T9693] netlink: 8 bytes leftover after parsing attributes in process `syz.0.921'.
[  679.360497][ T9692] EXT4-fs: Ignoring removed orlov option
[  679.994250][ T9692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.283012][   T27] audit: type=1800 audit(1760911495.076:41): pid=9692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.922" name="file1" dev="loop1" ino=15 res=0 errno=0
[  680.699548][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  686.221658][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  686.228395][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  686.326468][ T9726] loop0: detected capacity change from 0 to 1024
[  686.360506][ T9722] can: request_module (can-proto-0) failed.
[  686.392216][ T9726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  686.430718][ T9718] netlink: 28 bytes leftover after parsing attributes in process `syz.3.929'.
[  686.483380][ T9726] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  686.490369][ T9718] netlink: 28 bytes leftover after parsing attributes in process `syz.3.929'.
[  686.551468][ T9718] dummy0: entered promiscuous mode
[  686.568526][ T9718] team0: entered promiscuous mode
[  686.573612][ T9718] team_slave_0: entered promiscuous mode
[  686.580384][ T9718] team_slave_1: entered promiscuous mode
[  687.063157][ T9738] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 3: comm syz.0.930: lblock 3 mapped to illegal pblock 3 (length 3)
[  687.452823][ T9729] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  688.241213][ T9738] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  688.254372][ T9738] EXT4-fs (loop0): This should not happen!! Data will be lost
[  688.254372][ T9738] 
[  688.500504][ T1294] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:6: lblock 8 mapped to illegal pblock 8 (length 8)
[  688.567470][ T1294] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  688.609415][ T1294] EXT4-fs (loop0): This should not happen!! Data will be lost
[  688.609415][ T1294] 
[  689.238331][ T9755] netlink: 8 bytes leftover after parsing attributes in process `syz.3.934'.
[  689.915763][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  702.668889][ T9851] loop1: detected capacity change from 0 to 8
[  706.593331][ T9877] input: syz1 as /devices/virtual/input/input12
[  709.419097][ T9886] tty tty25: ldisc open failed (-12), clearing slot 24
[  716.825844][ T9998] loop1: detected capacity change from 0 to 128
[  716.897590][ T9998] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  717.071690][ T9998] ext4 filesystem being mounted at /256/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  717.875989][ T5801] Bluetooth: Wrong link type (-71)
[  718.228551][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  719.188398][T10021] netlink: 8 bytes leftover after parsing attributes in process `syz.2.979'.
[  722.061076][T10046] loop2: detected capacity change from 0 to 2048
[  722.078371][T10046] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  722.150592][T10046] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  722.213544][T10048] loop3: detected capacity change from 0 to 512
[  722.258739][T10048] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.986: casefold flag without casefold feature
[  722.301935][T10048] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.986: couldn't read orphan inode 15 (err -117)
[  722.337020][T10048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  722.683031][   T27] audit: type=1804 audit(1760911537.696:42): pid=10056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.986" name="/newroot/260/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  722.708303][   T27] audit: type=1800 audit(1760911537.696:43): pid=10056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.986" name="bus" dev="loop3" ino=18 res=0 errno=0
[  722.864137][T10057] loop2: detected capacity change from 0 to 1024
[  723.292719][T10054] loop0: detected capacity change from 0 to 2048
[  723.307600][T10054] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  723.326100][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.373002][T10054] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  724.574037][ T9927] hfsplus: b-tree write err: -5, ino 4
[  731.838925][T10128] loop1: detected capacity change from 0 to 512
[  731.890408][T10128] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1003: casefold flag without casefold feature
[  731.964186][T10128] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1003: couldn't read orphan inode 15 (err -117)
[  732.019598][T10128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  733.246413][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.510469][ T5801] Bluetooth: hci3: unexpected Set CIG Parameters response data
[  733.542497][ T5801] Bluetooth: hci3: unexpected event for opcode 0x2062
[  735.615617][ T5801] Bluetooth: hci3: command 0x0406 tx timeout
[  736.809381][T10176] loop3: detected capacity change from 0 to 2048
[  736.906675][T10181] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  736.954504][T10176] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  737.068076][T10176] Remounting filesystem read-only
[  737.734341][ T5801] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  737.784340][ T5801] Bluetooth: hci3: Injecting HCI hardware error event
[  738.096328][T10187] raw_sendmsg: syz.2.1017 forgot to set AF_INET. Fix it!
[  738.106097][ T5801] Bluetooth: hci3: hardware error 0x00
[  738.259220][ T5799] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  738.275459][ T5799] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  738.284107][ T5799] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  738.293736][ T5799] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  738.413666][ T5799] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  738.461944][ T5799] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  738.588763][ T5799] NILFS (loop3): discard dirty page: offset=0, ino=3
[  738.695617][ T5799] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  738.793093][ T5799] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  738.880351][ T5799] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  738.984706][ T5799] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  740.635744][ T5801] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  740.955843][T10212] loop2: detected capacity change from 0 to 8
[  741.233005][ T5788] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  741.869426][T10222] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0
[  743.626693][ T5801] Bluetooth: Wrong link type (-71)
[  744.976026][T10235] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1030'.
[  747.459779][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  747.466206][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  749.236436][T10254] loop0: detected capacity change from 0 to 8
[  751.031977][T10258] loop1: detected capacity change from 0 to 2048
[  751.048943][T10258] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  751.241497][T10258] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  753.704011][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1039'.
[  754.331733][T10271] hsr_slave_1 (unregistering): left promiscuous mode
[  754.681980][ T5801] Bluetooth: hci1: unexpected event for opcode 0x0000
[  756.376529][T10303] loop3: detected capacity change from 0 to 8
[  756.481654][ T5788] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  759.596167][ T5801] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  759.606402][ T5801] Bluetooth: hci1: Injecting HCI hardware error event
[  759.617322][ T5801] Bluetooth: hci1: hardware error 0x00
[  761.150723][T10327] loop1: detected capacity change from 0 to 1024
[  762.302575][ T5801] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  762.516200][ T9927] hfsplus: b-tree write err: -5, ino 4
[  762.873135][T10343] binder: 10340:10343 ioctl 4018620d 0 returned -22
[  767.909707][T10377] loop1: detected capacity change from 0 to 128
[  768.587450][T10377] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  768.641233][T10377] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  769.831407][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  770.451470][T10393] loop2: detected capacity change from 0 to 512
[  770.493275][T10393] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  770.501973][T10393] EXT4-fs (loop2): orphan cleanup on readonly fs
[  770.511155][T10393] Quota error (device loop2): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[  770.523592][T10393] EXT4-fs warning (device loop2): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  770.548856][T10393] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  770.581479][T10393] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1067: bg 0: block 40: padding at end of block bitmap is not set
[  770.607701][T10393] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  770.626758][T10393] EXT4-fs (loop2): 1 truncate cleaned up
[  770.633840][T10393] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  770.852037][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  770.862831][T10399] loop1: detected capacity change from 0 to 2048
[  770.910331][T10399] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  770.955051][T10399] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  771.687742][T10405] loop0: detected capacity change from 0 to 2048
[  771.826641][T10409] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  775.454639][T10425] loop0: detected capacity change from 0 to 2048
[  775.939182][T10426] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  776.011498][T10424] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  776.045865][T10424] Remounting filesystem read-only
[  776.343185][ T5789] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  776.761379][ T5789] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  777.082128][ T5789] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  777.215177][ T5789] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  777.332392][ T5789] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  777.417187][ T5789] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  777.465332][ T5789] NILFS (loop0): discard dirty page: offset=0, ino=3
[  777.472153][ T5789] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  777.479805][ T5789] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  777.487662][ T5789] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  777.494984][ T5789] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  778.416702][T10439] loop2: detected capacity change from 0 to 128
[  778.427493][T10439] EXT4-fs: Ignoring removed nobh option
[  779.115729][T10439] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  779.547796][T10439] ext4 filesystem being mounted at /265/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  779.818858][T10446] loop1: detected capacity change from 0 to 2048
[  779.898357][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  779.951676][T10446] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  779.978590][T10446] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  795.861637][T10473] loop1: detected capacity change from 0 to 2048
[  796.172882][T10475] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  796.325779][T10470] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  796.339914][T10470] Remounting filesystem read-only
[  796.848279][ T5787] NILFS (loop1): discard dirty page: offset=4096, ino=6
[  796.855290][ T5787] NILFS (loop1): discard dirty block: blocknr=39, size=1024
[  796.916531][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  796.948959][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  796.985520][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  797.057539][ T5787] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  797.203202][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=3
[  797.232232][ T5787] NILFS (loop1): discard dirty block: blocknr=42, size=1024
[  797.241176][ T5787] NILFS (loop1): discard dirty block: blocknr=43, size=1024
[  797.250355][ T5787] NILFS (loop1): discard dirty block: blocknr=44, size=1024
[  797.257842][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  797.694377][T10193] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  797.706721][T10193] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  797.726876][T10193] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  797.754676][T10193] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  797.778281][T10193] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  797.865802][T10193] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  799.335920][T10479] ip6gretap0 speed is unknown, defaulting to 1000
[  799.583644][  T125] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.768064][  T125] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.921607][  T125] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  800.015728][T10193] Bluetooth: hci4: command tx timeout
[  800.084034][T10504] netlink: 'syz.3.1093': attribute type 3 has an invalid length.
[  800.721156][T10510] loop1: detected capacity change from 0 to 24
[  800.728382][T10510] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  801.015535][T10510] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  801.284770][  T125] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  801.513930][T10491] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  802.215590][T10193] Bluetooth: hci4: command tx timeout
[  802.515507][T10491] hsr_slave_1 (unregistering): left promiscuous mode
[  803.014302][T10479] chnl_net:caif_netlink_parms(): no params data found
[  803.155212][  T125] infiniband syz2: set down
[  803.275281][ T9927] smc: removing ib device syz2
[  803.369390][ T5877] ip6gretap0 speed is unknown, defaulting to 1000
[  803.905840][T10479] bridge0: port 1(bridge_slave_0) entered blocking state
[  803.913035][T10479] bridge0: port 1(bridge_slave_0) entered disabled state
[  803.949051][T10479] bridge_slave_0: entered allmulticast mode
[  804.081023][T10479] bridge_slave_0: entered promiscuous mode
[  804.102769][T10479] bridge0: port 2(bridge_slave_1) entered blocking state
[  804.155791][T10479] bridge0: port 2(bridge_slave_1) entered disabled state
[  804.163141][T10479] bridge_slave_1: entered allmulticast mode
[  804.255871][T10193] Bluetooth: hci4: command tx timeout
[  804.362644][T10545] befs: (nullb0): invalid magic header
[  804.435308][T10479] bridge_slave_1: entered promiscuous mode
[  805.959531][T10554] loop1: detected capacity change from 0 to 512
[  805.975799][T10479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  805.988854][T10554] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  805.998412][T10554] EXT4-fs (loop1): orphan cleanup on readonly fs
[  806.010254][T10554] Quota error (device loop1): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[  806.021908][T10554] EXT4-fs warning (device loop1): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  806.037430][T10554] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  806.054636][T10554] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.1100: bg 0: block 40: padding at end of block bitmap is not set
[  806.072394][T10554] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  806.083391][T10554] EXT4-fs (loop1): 1 truncate cleaned up
[  806.090980][T10554] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  806.095794][T10479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  806.345710][T10193] Bluetooth: hci4: command tx timeout
[  806.425167][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.701717][T10479] team0: Port device team_slave_0 added
[  807.008949][T10479] team0: Port device team_slave_1 added
[  807.117246][T10570] netlink: 'syz.1.1103': attribute type 3 has an invalid length.
[  809.214010][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  809.220574][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  809.376017][T10591] loop3: detected capacity change from 0 to 512
[  809.691098][T10479] batman_adv: batadv0: Adding interface: batadv_slave_0
[  811.270597][T10479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.305449][T10479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  811.327485][T10591] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1115: casefold flag without casefold feature
[  811.397892][T10479] batman_adv: batadv0: Adding interface: batadv_slave_1
[  811.404897][T10479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.462914][T10591] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1115: couldn't read orphan inode 15 (err -117)
[  811.529866][T10479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  811.667673][T10591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  812.254136][T10612] loop2: detected capacity change from 0 to 2048
[  812.352497][T10613] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  812.415516][T10608] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  812.450091][T10608] Remounting filesystem read-only
[  813.005019][ T5792] NILFS (loop2): discard dirty page: offset=4096, ino=6
[  813.054138][ T5792] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[  813.105197][ T5792] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  813.144557][ T5792] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  813.157521][ T5792] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  813.170887][ T5792] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  813.184353][T10479] hsr_slave_0: entered promiscuous mode
[  813.185925][ T5792] NILFS (loop2): discard dirty page: offset=0, ino=3
[  813.212603][T10479] hsr_slave_1: entered promiscuous mode
[  813.215625][ T5792] NILFS (loop2): discard dirty block: blocknr=42, size=1024
[  813.226076][T10479] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  813.229750][ T5792] NILFS (loop2): discard dirty block: blocknr=43, size=1024
[  813.243866][T10479] Cannot create hsr debugfs directory
[  813.255334][ T5792] NILFS (loop2): discard dirty block: blocknr=44, size=1024
[  813.272201][ T5792] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  813.294510][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  815.643580][  T125] bond0: (slave wlan1): Releasing backup interface
[  815.698930][  T125] bond0: Destroying bond
[  815.970390][  T125] bond0 (unregistering): Released all slaves
[  816.012487][T10479] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  816.041682][T10479] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  816.071005][T10479] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  816.094724][T10479] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  816.343525][  T125] hsr_slave_0: left promiscuous mode
[  816.391279][  T125] veth1_macvtap: left promiscuous mode
[  816.397947][  T125] veth0_macvtap: left promiscuous mode
[  816.403630][  T125] veth1_vlan: left promiscuous mode
[  816.410435][  T125] veth0_vlan: left promiscuous mode
[  817.915245][T10479] 8021q: adding VLAN 0 to HW filter on device bond0
[  817.970209][T10479] 8021q: adding VLAN 0 to HW filter on device team0
[  817.997648][ T3483] bridge0: port 1(bridge_slave_0) entered blocking state
[  818.004786][ T3483] bridge0: port 1(bridge_slave_0) entered forwarding state
[  818.028860][ T3483] bridge0: port 2(bridge_slave_1) entered blocking state
[  818.036146][ T3483] bridge0: port 2(bridge_slave_1) entered forwarding state
[  818.259863][  T125] IPVS: stop unused estimator thread 0...
[  818.468175][T10479] 8021q: adding VLAN 0 to HW filter on device batadv0
[  818.871975][T10479] veth0_vlan: entered promiscuous mode
[  818.893997][T10479] veth1_vlan: entered promiscuous mode
[  818.958893][T10479] veth0_macvtap: entered promiscuous mode
[  818.980029][T10479] veth1_macvtap: entered promiscuous mode
[  819.012678][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.024034][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.041187][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.057197][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.070569][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.082812][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.099207][T10479] batman_adv: batadv0: Interface activated: batadv_slave_0
[  819.122501][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  819.140044][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.154197][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  819.176579][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.191207][T10479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  819.204229][T10479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.222985][T10479] batman_adv: batadv0: Interface activated: batadv_slave_1
[  819.247027][T10479] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  819.263004][T10479] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  819.273532][T10479] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  819.290921][T10479] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  819.466171][ T3483] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  819.492989][ T3483] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  819.546055][  T125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  819.553946][  T125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  823.457647][T10747] loop4: detected capacity change from 0 to 8
[  826.602445][T10773] loop3: detected capacity change from 0 to 512
[  826.826448][T10773] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  826.835053][T10773] EXT4-fs (loop3): orphan cleanup on readonly fs
[  826.850421][T10773] Quota error (device loop3): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[  826.861971][T10773] EXT4-fs warning (device loop3): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  826.886143][T10773] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  826.894496][T10773] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1119: bg 0: block 40: padding at end of block bitmap is not set
[  826.911363][T10773] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  826.923040][T10773] EXT4-fs (loop3): 1 truncate cleaned up
[  826.930522][T10773] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  827.545663][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.222369][T10789] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  832.162446][T10832] loop1: detected capacity change from 0 to 32768
[  832.206470][T10832] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1130 (10832)
[  832.508903][T10814] loop2: detected capacity change from 0 to 32768
[  832.710096][T10483] udevd[10483]: incorrect btrfs checksum on /dev/loop1
[  832.780587][T10832] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  832.791031][T10832] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  832.800237][T10832] BTRFS error (device loop1): superblock checksum mismatch
[  832.810449][T10832] BTRFS error (device loop1): open_ctree failed: -22
[  832.879027][T10814] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  833.302586][T10814] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop2": -EINTR
[  833.347558][T10814] XFS (loop2): log mount failed
[  834.330952][T10492] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  834.373602][T10856] ptrace attach of "./syz-executor exec"[5787] was attempted by "./syz-executor exec"[10856]
[  836.294248][T10867] loop2: detected capacity change from 0 to 512
[  836.831887][T10867] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1135: casefold flag without casefold feature
[  836.877758][T10867] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1135: couldn't read orphan inode 15 (err -117)
[  836.936121][T10867] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  838.713457][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  841.467865][T10922] loop4: detected capacity change from 0 to 1024
[  841.941794][    T9] IPVS: starting estimator thread 0...
[  842.045832][T10933] IPVS: using max 15 ests per chain, 36000 per kthread
[  842.448233][ T9933] hfsplus: b-tree write err: -5, ino 4
[  842.954038][T10941] pimreg: entered allmulticast mode
[  846.089090][T10963] loop2: detected capacity change from 0 to 2048
[  846.132341][T10963] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  846.178725][T10963] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  846.772881][T10973] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1150'.
[  850.212149][T11002] loop3: detected capacity change from 0 to 1024
[  850.247400][T11002] EXT4-fs: Ignoring removed i_version option
[  850.294089][T11002] EXT4-fs: inline encryption not supported
[  850.376171][T11002] EXT4-fs (loop3): Test dummy encryption mode enabled
[  850.458039][T11002] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  851.367049][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  853.634988][T11049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1159'.
[  853.790823][T11060] Bluetooth: MGMT ver 1.22
[  853.926407][T11049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1159'.
[  854.078334][T11062] 9pnet_fd: Insufficient options for proto=fd
[  854.165732][ T5872] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  854.523568][ T5872] usb 2-1: config 6 has an invalid interface number: 14 but max is 0
[  854.544936][ T5872] usb 2-1: config 6 has no interface number 0
[  854.545950][T11049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1159'.
[  854.561975][ T5872] usb 2-1: config 6 interface 14 has no altsetting 0
[  855.216962][ T5872] usb 2-1: New USB device found, idVendor=0979, idProduct=0227, bcdDevice=6f.50
[  855.232516][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  855.322537][ T5872] usb 2-1: Product: syz
[  855.329447][ T5872] usb 2-1: Manufacturer: syz
[  855.334486][ T5872] usb 2-1: SerialNumber: syz
[  855.966074][ T5872] gspca_main: jl2005bcd-2.14.0 probing 0979:0227
[  856.200724][ T5872] command write [95] error -22
[  856.288510][ T5872] usb 2-1: USB disconnect, device number 3
[  859.519780][T11127] loop2: detected capacity change from 0 to 4096
[  859.621123][T11127] ntfs3: loop2: Failed to initialize $Extend/$ObjId.
[  860.543613][T11145] loop3: detected capacity change from 0 to 512
[  860.559993][T11145] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  860.587983][T11145] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a01ec018, mo2=0002]
[  860.596393][T11145] System zones: 1-12
[  860.602079][T11145] EXT4-fs (loop3): 1 truncate cleaned up
[  860.608723][T11145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  862.438824][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  870.847651][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  870.854347][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  872.535592][T11220] loop4: detected capacity change from 0 to 40427
[  872.988736][T11220] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  872.996754][T11220] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  873.009682][T11220] F2FS-fs (loop4): invalid crc value
[  873.028687][T11220] F2FS-fs (loop4): Found nat_bits in checkpoint
[  873.080986][T11220] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  873.091660][T11220] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  877.695023][T11255] loop2: detected capacity change from 0 to 4096
[  878.007643][T11262] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  880.300588][T11276] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1198'.
[  880.311147][T11276] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1198'.
[  882.008065][T11282] loop2: detected capacity change from 0 to 32768
[  882.030308][T11282] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1201 (11282)
[  882.083060][T11282] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  882.094558][T11282] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  882.103808][T11282] BTRFS info (device loop2): using free space tree
[  882.435773][T11282] BTRFS info (device loop2): enabling ssd optimizations
[  882.443186][T11282] BTRFS info (device loop2): auto enabling async discard
[  883.528416][   T27] audit: type=1800 audit(1760911697.936:44): pid=11305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1201" name="file2" dev="loop2" ino=261 res=0 errno=0
[  883.988361][ T5792] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  884.071759][    C0] vkms_vblank_simulate: vblank timer overrun
[  884.301068][T10483] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop2 scanned by udevd (10483)
[  886.817976][   T27] audit: type=1326 audit(1760911701.836:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11318 comm="syz.4.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a098efc9 code=0x7fc00000
[  889.212487][T11345] loop2: detected capacity change from 0 to 64
[  889.268808][T10483] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  890.622039][T11355] loop3: detected capacity change from 0 to 2048
[  890.657977][T11355] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  890.711103][T11355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  894.392026][T11389] loop2: detected capacity change from 0 to 1024
[  894.407418][T11389] EXT4-fs: Ignoring removed orlov option
[  894.413434][T11389] EXT4-fs: Ignoring removed nomblk_io_submit option
[  894.452914][T11389] EXT4-fs: Mount option(s) incompatible with ext2
[  895.568256][T11393] loop2: detected capacity change from 0 to 256
[  895.787072][T11391] xt_CT: No such helper "snmp"
[  895.926451][T11395] loop1: detected capacity change from 0 to 2048
[  896.130979][T11395] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  896.269250][T11395] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  898.649907][T11397] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1223'.
[  898.787575][T11407] loop3: detected capacity change from 0 to 4096
[  898.814266][T11410] loop1: detected capacity change from 0 to 512
[  898.837065][T11410] EXT4-fs: Ignoring removed oldalloc option
[  898.851788][T11397] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1223'.
[  898.866683][T11411] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  898.881620][T11410] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  898.991572][T11410] EXT4-fs (loop1): 1 truncate cleaned up
[  898.995718][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  899.041502][T11410] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  899.301071][    T8] usb 5-1: config 6 has an invalid interface number: 14 but max is 0
[  899.515465][    T8] usb 5-1: config 6 has no interface number 0
[  899.946177][    T8] usb 5-1: config 6 interface 14 has no altsetting 0
[  900.015768][    T8] usb 5-1: string descriptor 0 read error: -71
[  900.034102][    T8] usb 5-1: New USB device found, idVendor=0979, idProduct=0227, bcdDevice=6f.50
[  900.075617][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.110194][    T8] usb 5-1: can't set config #6, error -71
[  900.325140][    T8] usb 5-1: USB disconnect, device number 2
[  901.431382][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  906.366978][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  906.886965][    T9] usb 5-1: config 0 has no interfaces?
[  907.017046][    T9] usb 5-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  907.081080][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  907.094442][    T9] usb 5-1: Product: syz
[  907.285789][    T9] usb 5-1: Manufacturer: syz
[  907.290626][    T9] usb 5-1: SerialNumber: syz
[  907.350916][    T9] usb 5-1: config 0 descriptor??
[  907.614492][T11442] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  907.629213][T11442] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  907.657394][T11442] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  907.675190][T11442] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  907.696491][T11442] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1234'.
[  907.727721][T11442] batadv0: entered promiscuous mode
[  907.734890][T11442] macvtap1: entered promiscuous mode
[  907.745941][T11442] macvtap1: entered allmulticast mode
[  907.753028][T11442] batadv0: entered allmulticast mode
[  907.765034][T11442] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  907.784803][T11456] batadv0: left allmulticast mode
[  907.798077][T11456] batadv0: left promiscuous mode
[  907.928673][ T5877] usb 5-1: USB disconnect, device number 3
[  914.530137][T11494] loop1: detected capacity change from 0 to 512
[  914.548480][T11494] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  914.565915][T11494] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a01ec018, mo2=0002]
[  914.576009][T11494] System zones: 1-12
[  914.586567][T11494] EXT4-fs (loop1): 1 truncate cleaned up
[  914.593909][T11494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  916.677557][T11499] loop2: detected capacity change from 0 to 16
[  916.816596][T11499] erofs: (device loop2): mounted with root inode @ nid 36.
[  917.109125][T11499] syz.2.1248: attempt to access beyond end of device
[  917.109125][T11499] loop2: rw=0, sector=8, nr_sectors = 32 limit=16
[  917.149857][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  917.569624][T11508] bond_slave_0: entered promiscuous mode
[  917.577633][T11508] bond_slave_1: entered promiscuous mode
[  917.584709][T11508] macsec1: entered promiscuous mode
[  917.590821][T11508] bond0: entered promiscuous mode
[  917.603467][T11508] macsec1: entered allmulticast mode
[  917.610093][T11508] bond0: entered allmulticast mode
[  917.615734][T11508] bond_slave_0: entered allmulticast mode
[  917.622985][T11508] bond_slave_1: entered allmulticast mode
[  924.003007][ T5801] Bluetooth: hci4: command 0x0406 tx timeout
[  924.498609][T11544] loop4: detected capacity change from 0 to 4096
[  924.983663][T11544] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  927.573177][T11564] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1263'.
[  927.871974][T11564] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1263'.
[  930.528357][T11564] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1263'.
[  931.606450][T11589] netlink: 'syz.2.1268': attribute type 5 has an invalid length.
[  931.788352][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  931.796153][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  932.470005][T11592] loop4: detected capacity change from 0 to 512
[  932.598988][T11590] netlink: 'syz.3.1270': attribute type 1 has an invalid length.
[  932.608180][T11590] netlink: 'syz.3.1270': attribute type 2 has an invalid length.
[  932.961563][T11592] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  932.978781][T11592] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a01ec018, mo2=0002]
[  932.987345][T11592] System zones: 1-12
[  933.056949][T11592] EXT4-fs (loop4): 1 truncate cleaned up
[  933.064756][T11592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  935.398046][T10479] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  937.866902][T11615] macsec1: entered promiscuous mode
[  937.874410][T11615] macsec1: entered allmulticast mode
[  947.751446][T11669] loop3: detected capacity change from 0 to 64
[  948.238164][   T27] audit: type=1800 audit(1760911763.246:46): pid=11671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1290" name="file1" dev="loop3" ino=22 res=0 errno=0
[  950.709999][T11681] loop4: detected capacity change from 0 to 512
[  950.827511][T11681] EXT4-fs: Ignoring removed oldalloc option
[  951.167019][T11681] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  951.295068][T11681] EXT4-fs (loop4): 1 truncate cleaned up
[  951.392115][T11681] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  951.945649][ T5841] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  953.444123][ T5841] usb 4-1: config 0 has no interfaces?
[  953.458697][T10479] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  953.460408][ T5841] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  953.481452][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.493527][ T5841] usb 4-1: Product: syz
[  953.502050][ T5841] usb 4-1: Manufacturer: syz
[  953.510396][ T5841] usb 4-1: SerialNumber: syz
[  953.581640][ T5841] usb 4-1: config 0 descriptor??
[  953.880143][T11692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  953.921726][T11692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  954.049099][T11692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  954.086017][T11692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  954.117542][T11692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1295'.
[  954.537522][ T5841] usb 4-1: USB disconnect, device number 4
[  954.726325][T11707] netlink: 'syz.1.1298': attribute type 6 has an invalid length.
[  955.752323][T11716] netlink: 'syz.1.1301': attribute type 1 has an invalid length.
[  955.760887][T11716] netlink: 'syz.1.1301': attribute type 2 has an invalid length.
[  966.130580][T11765] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1309'.
[  966.154840][T11765] ip6gretap0: entered promiscuous mode
[  966.165579][T11765] macvtap1: entered promiscuous mode
[  966.172689][T11765] macvtap1: entered allmulticast mode
[  966.179082][T11765] ip6gretap0: entered allmulticast mode
[  966.848378][T11771] ip6gretap0: left allmulticast mode
[  966.863112][T11771] ip6gretap0: left promiscuous mode
[  966.915443][T11769] syz.4.1318 (11769): drop_caches: 2
[  979.802234][T11843] loop3: detected capacity change from 0 to 256
[  980.117841][T11843] FAT-fs (loop3): Unrecognized mount option "shor†name=mixed" or missing value
[  985.610437][T11873] syz.1.1334 (11873): drop_caches: 2
[  987.915829][T11891] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  987.925536][T11891] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  987.934456][T11891] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  987.943520][T11891] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  988.589467][T11891] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  988.598491][T11891] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  988.607805][T11891] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  988.616845][T11891] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  989.402455][T11898] loop1: detected capacity change from 0 to 136
[  990.071498][T10483] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  993.976002][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  993.982663][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  999.576501][T11922] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1346'.
[ 1000.383680][T11923] netlink: 'syz.1.1346': attribute type 6 has an invalid length.
[ 1000.527045][T11934] loop3: detected capacity change from 0 to 512
[ 1000.542587][T11934] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1000.790483][T11934] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a01ec018, mo2=0002]
[ 1000.798920][T11934] System zones: 1-12
[ 1000.818780][T11934] EXT4-fs (loop3): 1 truncate cleaned up
[ 1000.826194][T11934] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1003.757013][T11941] loop1: detected capacity change from 0 to 2048
[ 1003.872037][T11941] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[ 1003.951105][T11941] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1004.448966][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1004.508110][T11952] loop4: detected capacity change from 0 to 4096
[ 1004.565639][T11952] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[ 1007.216610][T11965] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[ 1007.406642][T11952] ntfs3: loop4: Failed to read $UpCase (-4).
[ 1008.604931][T10193] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[ 1009.041845][T11983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1009.056839][T11983] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1009.613837][T11983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1009.622215][T11983] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1014.086611][   T55] kworker/dying (55) used greatest stack depth: 18424 bytes left
[ 1017.240296][T12014] loop1: detected capacity change from 0 to 8192
[ 1017.317693][T12014] FAT-fs (loop1): Unrecognized mount option "ÿÿÿÿ" or missing value
[ 1018.726673][T12039] loop1: detected capacity change from 0 to 512
[ 1018.795975][T12039] EXT4-fs: Ignoring removed bh option
[ 1018.866056][T12039] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1018.981345][T12039] EXT4-fs (loop1): 1 truncate cleaned up
[ 1018.999688][T12039] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1022.449393][T12061] syz.4.1377 (12061) used greatest stack depth: 14992 bytes left
[ 1027.161802][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1031.333040][T12117] loop3: detected capacity change from 0 to 8
[ 1031.715179][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.728703][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.767597][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.780471][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.787794][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.795156][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.806603][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.814146][T12117] SQUASHFS error: Failed to read block 0x4de: -5
[ 1031.825832][   T27] audit: type=1800 audit(1760911846.756:47): pid=12117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1389" name="file1" dev="loop3" ino=5 res=0 errno=0
[ 1034.454219][T12139] virtio-fs: tag </dev/md0> not found
[ 1046.379777][T12195] sctp: [Deprecated]: syz.1.1406 (pid 12195) Use of int in max_burst socket option.
[ 1046.379777][T12195] Use struct sctp_assoc_value instead
[ 1047.002797][T12207] overlayfs: failed to clone lowerpath
[ 1047.124281][T12209] overlayfs: failed to clone upperpath
[ 1052.280495][T12245] loop2: detected capacity change from 0 to 7
[ 1052.347673][T12246] Invalid ELF header magic: != ELF
[ 1052.660244][T12245] Dev loop2: unable to read RDB block 7
[ 1053.279877][T12245]  loop2: AHDI p1 p2 p3
[ 1053.284144][T12245] loop2: partition table partially beyond EOD, truncated
[ 1053.292847][T12248] loop3: detected capacity change from 0 to 1024
[ 1053.331750][T12248] ext3: Unknown parameter 'measure'
[ 1053.350201][T12245] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1053.548128][T12245] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1054.659313][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.667782][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1063.274997][T12306] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1064.436054][T12314] (null): rxe_set_mtu: Set mtu to 1024
[ 1064.840657][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1064.856298][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1064.867729][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1065.069145][T12314] infiniband syz2: set active
[ 1065.076402][T12314] infiniband syz2: added ip6gretap0
[ 1065.242356][T12314] RDS/IB: syz2: added
[ 1065.246615][T12314] smc: adding ib device syz2 with port count 1
[ 1065.248364][   T28] ip6gretap0 speed is unknown, defaulting to 1000
[ 1065.252959][T12314] smc:    ib device syz2 port 1 has pnetid 
[ 1065.268999][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1065.279269][ T5779] ip6gretap0 speed is unknown, defaulting to 1000
[ 1065.466753][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1065.625738][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1065.760804][T12314] ip6gretap0 speed is unknown, defaulting to 1000
[ 1072.831488][T12374] netlink: 'syz.2.1450': attribute type 6 has an invalid length.
[ 1072.850184][T12374] Invalid option length (65058) for dns_resolver key
[ 1075.097467][T12392] loop4: detected capacity change from 0 to 2048
[ 1076.765649][T12392] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[ 1077.570115][T12392] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1080.538019][T12407] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1084.279711][T12450] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[ 1087.190491][T12468] loop3: detected capacity change from 0 to 32768
[ 1087.232986][T12468] (syz.3.1475,12468,1):ocfs2_slot_map_physical_size:223 ERROR: Slot map file is too small!  (size 0, needed 8)
[ 1087.594665][T12478] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1476'.
[ 1088.331302][T12371] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1089.449002][T12483] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1089.460936][T12483] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1090.051374][T12488] loop2: detected capacity change from 0 to 7
[ 1090.081752][T12488] Dev loop2: unable to read RDB block 7
[ 1090.096696][T12488]  loop2: AHDI p1 p2 p3
[ 1090.108790][T12488] loop2: partition table partially beyond EOD, truncated
[ 1090.151247][T10193] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 1090.170167][T12488] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1090.281991][T12488] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1090.765471][T12489] loop4: detected capacity change from 0 to 1024
[ 1090.788999][T12489] ext3: Unknown parameter 'measure'
[ 1091.148170][T12497] loop3: detected capacity change from 0 to 2048
[ 1091.326670][T12497] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1092.515792][T12503] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1092.770072][T12497] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1098.779257][T12532] loop3: detected capacity change from 0 to 2048
[ 1098.864898][T12532] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1099.021729][T12532] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry where CRC length (32) does not match entry length (24)
[ 1099.130078][T12537] loop4: detected capacity change from 0 to 512
[ 1099.161462][T12537] EXT4-fs (loop4): too many log groups per flexible block group
[ 1099.243941][T12537] EXT4-fs (loop4): failed to initialize mballoc (-12)
[ 1099.273814][T12537] EXT4-fs (loop4): mount failed
[ 1100.157810][T12537] netlink: 'syz.4.1493': attribute type 1 has an invalid length.
[ 1100.371859][T12537] bond1: entered promiscuous mode
[ 1100.377346][T12537] bond1: entered allmulticast mode
[ 1100.409589][T12550] geneve2: entered allmulticast mode
[ 1101.211134][T12550] bond1: (slave geneve2): making interface the new active one
[ 1101.239691][T12550] geneve2: entered promiscuous mode
[ 1101.272319][T12550] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1105.136507][T12589] ubi31: attaching mtd0
[ 1105.157984][T12589] ubi31: scanning is finished
[ 1105.162776][T12589] ubi31: empty MTD device detected
[ 1106.918039][T12589] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[ 1107.513212][T12597] (null): rxe_set_mtu: Set mtu to 1024
[ 1107.527611][T12597] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 1109.003850][T12606] loop3: detected capacity change from 0 to 128
[ 1109.055856][T12606] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1109.151443][T12606] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1109.731123][T12606] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[ 1109.753796][T12614] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[ 1110.028023][T12616] loop1: detected capacity change from 0 to 1024
[ 1111.186443][  T125] hfsplus: b-tree write err: -5, ino 4
[ 1111.615055][T12625] loop3: detected capacity change from 0 to 2048
[ 1112.121724][T12625] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1112.282868][T12625] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1116.129870][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.136257][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1118.561942][T12651] loop1: detected capacity change from 0 to 32768
[ 1119.428420][T12651] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/loop1": -EINTR
[ 1120.694440][T12665] loop1: detected capacity change from 0 to 128
[ 1121.048745][T12668] loop3: detected capacity change from 0 to 1024
[ 1121.415648][T12665] hpfs: Bad magic ... probably not HPFS
[ 1122.084885][ T9933] hfsplus: b-tree write err: -5, ino 4
[ 1125.089779][T12681] ªªªªªª: renamed from wg2 (while UP)
[ 1126.369855][T12693] loop4: detected capacity change from 0 to 256
[ 1126.422962][T12693] exfat: Deprecated parameter 'namecase'
[ 1126.633661][T12693] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d)
[ 1126.701574][T12698] (null): rxe_set_mtu: Set mtu to 1024
[ 1126.712345][T12698] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 1129.156401][T12708] loop1: detected capacity change from 0 to 16
[ 1129.181633][T12708] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1130.894471][T12713] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1131.574976][T12723] ªªªªªª: renamed from wg2 (while UP)
[ 1131.838570][T12720] loop4: detected capacity change from 0 to 2048
[ 1131.993644][T12720] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[ 1132.071616][T12720] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1134.055942][T12745] (null): rxe_set_mtu: Set mtu to 1024
[ 1134.063425][T12745] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 1134.386573][T12746] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[ 1136.687399][T12762] loop3: detected capacity change from 0 to 2048
[ 1136.706097][T12762] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1136.947280][T12767] loop1: detected capacity change from 0 to 256
[ 1136.954698][T12767] exfat: Unknown parameter 'fsmagic'
[ 1137.169724][T12769] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[ 1137.180137][T12769] team0: Device ipvlan0 is already an upper device of the team interface
[ 1141.803120][T12762] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1148.853079][   T27] audit: type=1326 audit(1760911964.847:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12791 comm="syz.2.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c6f8efc9 code=0x7fc00000
[ 1149.237064][   T27] audit: type=1326 audit(1760911965.207:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12791 comm="syz.2.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9c6f8efc9 code=0x7fc00000
[ 1149.570155][T12802] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1149.589126][T12802] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1149.599187][T12802] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1149.655568][T12802] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1149.677331][T12802] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1149.684753][T12802] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1149.869668][T12806] loop1: detected capacity change from 0 to 2048
[ 1149.902380][ T9915] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1149.923821][T12806] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[ 1149.981185][T12806] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1150.004883][T12800] ip6gretap0 speed is unknown, defaulting to 1000
[ 1151.196860][ T9915] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1151.881688][T10193] Bluetooth: hci2: command tx timeout
[ 1152.149017][ T9915] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1152.344974][ T9915] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1153.937037][T10193] Bluetooth: hci2: command tx timeout
[ 1156.065446][T10193] Bluetooth: hci2: command tx timeout
[ 1156.097704][T12849] veth0_to_bridge: entered promiscuous mode
[ 1156.115298][T12850] veth0_to_bridge: left promiscuous mode
[ 1156.292585][T12800] chnl_net:caif_netlink_parms(): no params data found
[ 1158.097063][T10193] Bluetooth: hci2: command tx timeout
[ 1159.572267][T12881] ªªªªªª: renamed from wg2 (while UP)
[ 1161.569225][T12800] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1161.597000][T12800] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1161.826277][T12800] bridge_slave_0: entered allmulticast mode
[ 1161.857271][T12800] bridge_slave_0: entered promiscuous mode
[ 1163.758135][T12896] loop3: detected capacity change from 0 to 32768
[ 1164.806807][T12896] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop3": -EINTR
[ 1165.080729][T12800] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1165.126001][T12800] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1165.133304][T12800] bridge_slave_1: entered allmulticast mode
[ 1165.149103][T12800] bridge_slave_1: entered promiscuous mode
[ 1166.752575][T12800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1166.869966][T12800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1168.965186][T12800] team0: Port device team_slave_0 added
[ 1168.988471][T12933] netlink: 'syz.3.1585': attribute type 12 has an invalid length.
[ 1168.996965][T12933] netlink: 'syz.3.1585': attribute type 29 has an invalid length.
[ 1169.007247][T12933] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1585'.
[ 1169.040728][T12800] team0: Port device team_slave_1 added
[ 1169.188427][T12800] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1169.188442][T12800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1169.188461][T12800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1169.308798][T12800] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1169.308812][T12800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1169.308832][T12800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1169.811518][T12800] hsr_slave_0: entered promiscuous mode
[ 1169.873161][T12800] hsr_slave_1: entered promiscuous mode
[ 1169.963247][T12800] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1169.995785][T12800] Cannot create hsr debugfs directory
[ 1170.430351][ T9915] hsr_slave_0: left promiscuous mode
[ 1170.452860][ T9915] hsr_slave_1: left promiscuous mode
[ 1170.490037][ T9915] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1170.520912][ T9915] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1170.556655][ T9915] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1170.564621][ T9915] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1170.643004][ T9915] bridge_slave_1: left allmulticast mode
[ 1170.650790][ T9915] bridge_slave_1: left promiscuous mode
[ 1170.670123][ T9915] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1170.937298][ T9915] bridge_slave_0: left allmulticast mode
[ 1170.964469][ T9915] bridge_slave_0: left promiscuous mode
[ 1170.985668][ T9915] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1172.099708][ T9915] veth1_macvtap: left promiscuous mode
[ 1172.133112][ T9915] veth0_macvtap: left promiscuous mode
[ 1172.141600][ T9915] veth1_vlan: left promiscuous mode
[ 1172.150305][ T9915] veth0_vlan: left promiscuous mode
[ 1174.308319][ T9915] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1174.747349][ T9915] geneve2 (unregistering): left promiscuous mode
[ 1174.865018][ T9915] bond1 (unregistering): Released all slaves
[ 1174.939050][ T9915] pimreg (unregistering): left allmulticast mode
[ 1176.527397][T12987] loop3: detected capacity change from 0 to 1024
[ 1176.596366][T12987] EXT4-fs: Ignoring removed bh option
[ 1176.601922][T12987] EXT4-fs: Ignoring removed nobh option
[ 1176.706061][T12987] EXT4-fs: Ignoring removed bh option
[ 1176.742621][T12987] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1176.914966][T12987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1177.349153][T12992] loop1: detected capacity change from 0 to 4096
[ 1177.545104][T12995] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.1595: Allocating blocks 497-513 which overlap fs metadata
[ 1177.629961][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.636944][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.977700][T12995] EXT4-fs (loop3): pa ffff888077e53570: logic 256, phys. 385, len 8
[ 1177.986536][T12995] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1
[ 1178.300970][T12992] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[ 1178.524388][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1179.381289][ T9915] team0 (unregistering): Port device team_slave_1 removed
[ 1179.506008][ T9915] team0 (unregistering): Port device team_slave_0 removed
[ 1180.532462][ T9915] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1180.772400][ T9915] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1182.501653][ T9915] bond0 (unregistering): Released all slaves
[ 1183.966958][T12800] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1184.070125][T12800] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1184.102106][T12800] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1184.138737][ T9915] IPVS: stop unused estimator thread 0...
[ 1184.172893][T12800] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1185.283387][T12800] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1185.960876][T13043] netlink: 'syz.2.1603': attribute type 10 has an invalid length.
[ 1186.305437][ T5855] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1186.515839][ T5855] usb 2-1: Using ep0 maxpacket: 8
[ 1186.530989][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1186.557195][ T5855] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 1186.655696][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.903651][ T5855] usb 2-1: config 0 descriptor??
[ 1186.946179][ T5855] hso 2-1:0.0: Can't find BULK IN endpoint
[ 1187.067418][T12800] 8021q: adding VLAN 0 to HW filter on device team0
[ 1187.117853][ T9933] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1187.125130][ T9933] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1187.135175][ T9933] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1187.142440][ T9933] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1187.186338][T13041] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[ 1187.193959][T13041] team0: Device ipvlan0 is already an upper device of the team interface
[ 1187.431009][T13058] loop3: detected capacity change from 0 to 128
[ 1187.510333][T13058] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1187.534119][T13058] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1188.549176][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1188.685937][ T5779] usb 2-1: USB disconnect, device number 4
[ 1189.173304][T12800] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1190.045783][   T27] audit: type=1326 audit(1760912006.067:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13072 comm="syz.3.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8f838efc9 code=0x7fc00000
[ 1190.473046][   T27] audit: type=1326 audit(1760912006.487:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13072 comm="syz.3.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8f838efc9 code=0x7fc00000
[ 1190.692155][T12800] veth0_vlan: entered promiscuous mode
[ 1190.785085][T12800] veth1_vlan: entered promiscuous mode
[ 1191.160716][T12800] veth0_macvtap: entered promiscuous mode
[ 1191.538148][T12800] veth1_macvtap: entered promiscuous mode
[ 1191.853117][T12800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1192.074195][T12800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1192.145715][T12800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1192.195433][T12800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1192.252344][T12800] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1192.292641][T12800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1192.354367][T12800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1192.395086][T12800] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1192.436618][T12800] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1192.502455][T12800] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1192.632541][T12800] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1192.685386][T12800] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1192.694160][T12800] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1192.753984][T12800] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1193.144363][ T9931] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1193.167117][ T9931] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1193.400649][ T9927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1193.442732][ T9927] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1194.535406][T11991] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1194.740915][T11991] usb 6-1: config 0 has an invalid interface number: 91 but max is 0
[ 1194.886674][T11991] usb 6-1: config 0 has no interface number 0
[ 1194.951370][T11991] usb 6-1: New USB device found, idVendor=05ac, idProduct=a9d2, bcdDevice=95.16
[ 1194.981857][T11991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1195.157446][T11991] usb 6-1: Product: syz
[ 1195.211246][T11991] usb 6-1: Manufacturer: syz
[ 1195.217951][T11991] usb 6-1: SerialNumber: syz
[ 1195.233357][T11991] usb 6-1: config 0 descriptor??
[ 1197.246220][    T9] usb 6-1: USB disconnect, device number 2
[ 1197.735625][T13163] loop5: detected capacity change from 0 to 1024
[ 1198.172746][T13163] EXT4-fs: Ignoring removed bh option
[ 1198.287351][T13163] EXT4-fs: Ignoring removed nobh option
[ 1198.293213][T13163] EXT4-fs: Ignoring removed bh option
[ 1198.395520][T13163] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1198.611895][T13163] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1201.406504][   T27] audit: type=1800 audit(1760912017.177:52): pid=13180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1619" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1201.651477][T12800] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1204.172106][T13207] loop5: detected capacity change from 0 to 512
[ 1204.366007][T13207] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1204.374833][T13207] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1204.387445][T13207] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.1627: casefold flag without casefold feature
[ 1204.401299][T13207] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.1627: couldn't read orphan inode 15 (err -117)
[ 1204.415053][T13207] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1208.793000][T12800] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1209.087830][T13259] loop5: detected capacity change from 0 to 64
[ 1209.128141][T13259] hfs: unable to locate alternate MDB
[ 1209.156523][T13259] hfs: continuing without an alternate MDB
[ 1209.272276][T13261] netlink: 'syz.1.1632': attribute type 12 has an invalid length.
[ 1209.284123][T13261] netlink: 'syz.1.1632': attribute type 29 has an invalid length.
[ 1210.126475][   T28] IPVS: starting estimator thread 0...
[ 1210.152008][T13261] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1632'.
[ 1210.237085][T13266] IPVS: using max 20 ests per chain, 48000 per kthread
[ 1211.668776][T13274] loop5: detected capacity change from 0 to 2048
[ 1211.728078][T13274] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[ 1211.758435][T13274] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1215.429243][T13309] netlink: 'syz.5.1639': attribute type 10 has an invalid length.
[ 1219.155481][T12802] Bluetooth: hci2: command tx timeout
[ 1219.609981][T13330] loop3: detected capacity change from 0 to 2048
[ 1219.747992][T13330] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1219.867650][T13330] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1226.294312][T13394] loop1: detected capacity change from 0 to 764
[ 1229.396693][T13416] loop5: detected capacity change from 0 to 2048
[ 1229.468119][T13416] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[ 1229.501073][T13416] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1233.833316][T13451] loop1: detected capacity change from 0 to 2048
[ 1236.156660][T13451] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[ 1236.710048][T13451] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1238.603281][T13474] loop1: detected capacity change from 0 to 1024
[ 1238.616508][T13474] ext4: Unknown parameter 'euid'
[ 1239.078454][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.084982][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.590978][T13481] vlan3: entered allmulticast mode
[ 1239.596583][T13481] vlan1: entered allmulticast mode
[ 1239.601779][T13481] veth0_vlan: entered allmulticast mode
[ 1239.608556][T13481] bridge0: port 4(vlan3) entered blocking state
[ 1239.614892][T13481] bridge0: port 4(vlan3) entered disabled state
[ 1239.622548][T13481] vlan3: entered promiscuous mode
[ 1239.627678][T13481] vlan1: entered promiscuous mode
[ 1239.633702][T13481] bridge0: port 4(vlan3) entered blocking state
[ 1239.640096][T13481] bridge0: port 4(vlan3) entered forwarding state
[ 1239.686641][T12843] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1241.880762][T13504] loop3: detected capacity change from 0 to 128
[ 1242.487163][T12843] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1245.899640][T13538] "syz.1.1685" (13538) uses obsolete ecb(arc4) skcipher
[ 1248.049523][T13545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1688'.
[ 1250.380392][T13557] loop5: detected capacity change from 0 to 2048
[ 1250.436633][T13557] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[ 1250.488297][T13557] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1251.137570][T13571] overlayfs: missing 'lowerdir'
[ 1258.281147][T13594] program syz.5.1703 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1261.595986][T13620] loop5: detected capacity change from 0 to 512
[ 1262.112243][T13620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1262.125373][T13620] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1262.411051][T12800] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1262.566803][T13629] loop3: detected capacity change from 0 to 2048
[ 1262.635162][T13629] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1262.886721][T13646] overlayfs: failed to clone upperpath
[ 1265.145413][T13629] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1265.516587][T13646] overlayfs: failed to clone upperpath
[ 1266.110739][T13637] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1266.123175][ T5779] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[ 1266.179500][ T5779] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1272.666001][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1273.721713][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1273.730432][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1273.836634][    T9] usb 4-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 1273.846120][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1273.858352][    T9] usb 4-1: config 0 descriptor??
[ 1273.869551][    T9] usb 4-1: can't set config #0, error -71
[ 1273.879019][    T9] usb 4-1: USB disconnect, device number 5
[ 1277.181324][T12802] Bluetooth: hci2: command 0x0406 tx timeout
[ 1278.002210][T13757] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1729'.
[ 1282.505818][T13800] loop3: detected capacity change from 0 to 2048
[ 1282.529937][T13800] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1282.699992][T13800] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1282.942817][T13802] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[ 1282.962286][T13802] batman_adv: batadv0: Adding interface: ip6gretap1
[ 1282.969219][T13802] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1282.995392][T13802] batman_adv: batadv0: Interface activated: ip6gretap1
[ 1285.832702][T13813] loop5: detected capacity change from 0 to 2048
[ 1285.917658][T13821] netlink: get zone limit has 8 unknown bytes
[ 1288.220949][T13813] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[ 1288.381747][T13813] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1290.158997][T13844] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1293.403929][T13856] capability: warning: `syz.3.1754' uses 32-bit capabilities (legacy support in use)
[ 1295.175818][T13872] loop1: detected capacity change from 0 to 2048
[ 1295.223421][T13872] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[ 1296.489639][T13872] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1299.022945][T13904] loop5: detected capacity change from 0 to 512
[ 1299.544688][T13906] (null): rxe_set_mtu: Set mtu to 256
[ 1299.551880][T13906] rdma_rxe: rxe_newlink: failed to add syz_tun
[ 1303.330142][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1303.336538][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1303.662956][T13918] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1768'.
[ 1304.110013][T13913] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1305.492575][T13926] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1305.499265][T13926] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1305.506557][T13926] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1305.514453][T13926] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[ 1305.522256][T13926] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1305.529249][T13926] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1305.536958][T13926] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1305.561597][T13926] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1305.569014][T13926] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1305.577778][T13926] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1305.584874][T13926] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1305.591866][T13926] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1305.598924][T13926] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1305.607396][T13926] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1306.880498][T13934] loop1: detected capacity change from 0 to 128
[ 1306.889512][T13934] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1309.640477][T13956] netlink: get zone limit has 8 unknown bytes
[ 1311.947621][T13974] loop3: detected capacity change from 0 to 2048
[ 1311.972576][T13974] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1313.558793][T13974] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1315.808385][T13996] loop1: detected capacity change from 0 to 1024
[ 1315.923585][T13996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1315.998421][   T27] audit: type=1800 audit(1760912132.005:53): pid=13996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1791" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1316.224402][T14003] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1316.241944][T14003] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28
[ 1316.254576][T14003] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1316.254576][T14003] 
[ 1316.685936][T14003] EXT4-fs (loop1): Total free blocks count 0
[ 1316.791652][T14003] EXT4-fs (loop1): Free/Dirty block details
[ 1316.797700][T14003] EXT4-fs (loop1): free_blocks=68451041280
[ 1316.803921][T14003] EXT4-fs (loop1): dirty_blocks=16
[ 1316.809133][T14003] EXT4-fs (loop1): Block reservation details
[ 1316.815845][T14003] EXT4-fs (loop1): i_reserved_data_blocks=1
[ 1318.018446][T14015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1794'.
[ 1318.535728][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1318.543971][T14014] loop3: detected capacity change from 0 to 2048
[ 1318.654629][T14014] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1318.705402][T14014] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1319.480764][T14027] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[ 1322.393427][T14050] sg_read: process 1771 (syz.3.1804) changed security contexts after opening file descriptor, this is not allowed.
[ 1322.432464][T14050] UHID_CREATE from different security context by process 1771 (syz.3.1804), this is not allowed.
[ 1322.489486][T14050] virtio-fs: tag </dev/md0> not found
[ 1323.082277][T12386] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[ 1323.903728][T12386] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1323.951497][T12386] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1324.177781][T12386] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1324.221228][T12386] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1324.234389][T12386] usb 4-1: SerialNumber: syz
[ 1324.258371][T12386] usb 4-1: 0:2 : does not exist
[ 1325.566423][T14074] xt_l2tp: unknown flags: 17
[ 1327.786106][   T28] usb 4-1: USB disconnect, device number 6
[ 1334.682798][T14136] (null): rxe_set_mtu: Set mtu to 1024
[ 1334.691782][T14136] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 1335.802030][T14137] loop1: detected capacity change from 0 to 32768
[ 1335.840498][T14137] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1335.983739][T14137] XFS (loop1): Ending clean mount
[ 1337.956571][ T5787] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1339.375554][T14164] Bluetooth: hci0: invalid length 0, exp 2 for type 21
[ 1342.178573][T14191] loop1: detected capacity change from 0 to 2048
[ 1342.198040][T14191] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[ 1342.606782][T14191] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1344.143436][T14204] loop1: detected capacity change from 0 to 256
[ 1344.150887][T14204] exfat: Unknown parameter 'fsmagic'
[ 1344.374669][T14205] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[ 1344.394636][T14205] batman_adv: batadv0: Adding interface: ip6gretap1
[ 1344.401431][T14205] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[ 1344.421609][T14205] batman_adv: batadv0: Interface activated: ip6gretap1
[ 1345.176647][T13913] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1348.981644][T14225] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1849'.
[ 1349.129638][T14227] loop1: detected capacity change from 0 to 16
[ 1349.225532][T14227] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1349.556040][T14231] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1349.562649][T14231] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1349.569486][T14231] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1349.576658][T14231] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[ 1349.583995][T14231] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1349.590590][T14231] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1349.597606][T14231] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1349.604254][T14231] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1349.610943][T14231] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1349.617925][T14231] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1349.624459][T14231] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1349.631306][T14231] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1349.638210][T14231] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1349.646223][T14231] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1350.658429][T14245] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[ 1350.678980][T14245] batman_adv: batadv0: Adding interface: ip6gretap1
[ 1350.685846][T14245] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[ 1350.705783][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1350.712056][T14245] batman_adv: batadv0: Interface activated: ip6gretap1
[ 1351.168314][T14246] loop1: detected capacity change from 0 to 256
[ 1351.175732][T14246] exfat: Unknown parameter 'fsmagic'
[ 1360.877080][T14305] RDS: rds_bind could not find a transport for ::ffff:172.30.1.6, load rds_tcp or rds_rdma?
[ 1360.889629][T14305] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1868'.
[ 1361.937317][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.943750][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1365.367792][T14305] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1365.406272][T14305] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1365.491444][T14305] bond0 (unregistering): Released all slaves
[ 1367.805688][T14346] loop1: detected capacity change from 0 to 512
[ 1367.865040][T14346] EXT4-fs: Ignoring removed bh option
[ 1367.911921][T14346] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1367.966686][T14346] EXT4-fs (loop1): 1 truncate cleaned up
[ 1367.978649][T14346] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1369.123794][T14346] EXT4-fs warning (device loop1): verify_group_input:151: Cannot add at group 1073741831 (only 1 groups)
[ 1370.910232][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1373.772652][T14385] loop3: detected capacity change from 0 to 64
[ 1373.992726][T14385] hfs: unable to locate alternate MDB
[ 1374.008559][T14385] hfs: continuing without an alternate MDB
[ 1377.462896][T14410] IPVS: wrr: FWM 3 0x00000003 - no destination available
[ 1378.419307][T14414] loop3: detected capacity change from 0 to 256
[ 1378.426845][T14414] exfat: Unknown parameter 'fsmagic'
[ 1380.513208][T14352] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1382.777445][T14431] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1898'.
[ 1384.526105][ T5801] Bluetooth: hci2: command 0x0406 tx timeout
[ 1386.741377][T14457] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1905'.
[ 1387.780626][T14462] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1387.787347][T14462] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1387.794128][T14462] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1387.800996][T14462] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[ 1387.808295][T14462] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1387.815012][T14462] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1387.822148][T14462] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1387.828717][T14462] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1387.836456][T14462] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1387.844337][T14462] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1387.851651][T14462] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1387.858451][T14462] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1387.865440][T14462] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1387.874003][T14462] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1390.818210][T14481] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1391.852379][T14496] cgroup: Invalid name
[ 1392.691726][   T27] audit: type=1800 audit(1760912207.736:54): pid=14495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1915" name="bus" dev="overlay" ino=2637 res=0 errno=0
[ 1394.052279][T14504] loop3: detected capacity change from 0 to 512
[ 1394.145925][T14504] EXT4-fs: Ignoring removed bh option
[ 1394.166953][T14506] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1394.193493][T14506] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1394.244329][T14504] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[ 1394.292184][T14504] EXT4-fs (loop3): 1 truncate cleaned up
[ 1394.319336][T14504] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1394.371955][T14504] EXT4-fs warning (device loop3): verify_group_input:151: Cannot add at group 1073741831 (only 1 groups)
[ 1395.141796][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1406.101573][T14540] loop1: detected capacity change from 0 to 64
[ 1406.123101][T14540] hfs: unable to locate alternate MDB
[ 1406.128608][T14540] hfs: continuing without an alternate MDB
[ 1411.747042][T14584] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1413.292709][T14596] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1414.428694][T14601] loop1: detected capacity change from 0 to 512
[ 1414.475304][T14601] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1414.482155][T14601] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1414.716445][T14601] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1938: bad orphan inode 131083
[ 1415.014938][T14601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1419.051098][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1422.648347][T14656] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[ 1423.321308][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.335634][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1424.292400][T14674] loop5: detected capacity change from 0 to 64
[ 1424.333269][T14674] hfs: unable to locate alternate MDB
[ 1424.362138][T14674] hfs: continuing without an alternate MDB
[ 1430.326058][T14700] ceph: No source
[ 1430.336770][T14700] kAFS: unable to lookup cell '\/'
[ 1431.097133][T14704] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1960'.
[ 1431.247325][T14707] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1431.253954][T14707] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1431.260832][T14707] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1431.267813][T14707] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[ 1431.275067][T14707] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1431.281725][T14707] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1431.288879][T14707] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1431.295740][T14707] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1431.302383][T14707] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1431.309360][T14707] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1431.316017][T14707] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1431.322658][T14707] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1431.329577][T14707] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1431.337622][T14707] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1440.035464][T14766] loop3: detected capacity change from 0 to 2048
[ 1440.246345][T14766] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1441.115413][T14772] netlink: 'syz.2.1977': attribute type 39 has an invalid length.
[ 1442.409764][T14782] ip6gretap0 speed is unknown, defaulting to 1000
[ 1443.342971][T14786] loop3: detected capacity change from 0 to 512
[ 1443.383979][T14786] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1980: iget: bad i_size value: 38620345925642
[ 1443.411908][T14786] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1980: couldn't read orphan inode 15 (err -117)
[ 1443.433264][T14786] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1444.307966][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1445.192762][T14803] loop1: detected capacity change from 0 to 164
[ 1446.057701][T14803] Unable to read rock-ridge attributes
[ 1446.091441][T14802] Unable to read rock-ridge attributes
[ 1446.227914][T14807] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1446.960699][T14818] ipvlan2: entered promiscuous mode
[ 1452.676245][T14836] ptrace attach of ""[14839] was attempted by "./syz-executor exec"[14836]
[ 1461.994833][T14905] loop1: detected capacity change from 0 to 1024
[ 1462.636388][T14905] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[ 1462.646888][T14905] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1462.661821][T14905] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1463.264760][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1465.548836][   T27] audit: type=1800 audit(1760912280.727:55): pid=14913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2006" name="bus" dev="overlay" ino=2762 res=0 errno=0
[ 1470.349326][T14945] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[ 1470.356798][T14945] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1470.678172][T14949] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1470.729740][T14950] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(15)
[ 1470.736415][T14950] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1470.784637][T14949] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(18)
[ 1470.791316][T14949] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1470.864300][T14945] vhci_hcd vhci_hcd.0: Device attached
[ 1470.877851][T14950] vhci_hcd vhci_hcd.0: Device attached
[ 1470.884308][T14949] vhci_hcd vhci_hcd.0: Device attached
[ 1470.992537][T14945] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[ 1470.999237][T14945] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1471.176998][T14945] vhci_hcd vhci_hcd.0: Device attached
[ 1471.187224][T14945] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1471.211750][T14945] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1471.232614][T14945] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(24)
[ 1471.239284][T14945] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1471.263930][T14945] vhci_hcd vhci_hcd.0: Device attached
[ 1471.268853][T11991] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[ 1471.408377][T14953] vhci_hcd: connection closed
[ 1471.410822][T14946] vhci_hcd: connection reset by peer
[ 1471.412720][T14960] vhci_hcd: connection closed
[ 1471.418095][T14951] vhci_hcd: connection closed
[ 1471.426700][   T42] vhci_hcd: stop threads
[ 1471.437391][T14957] vhci_hcd: connection closed
[ 1471.459045][   T42] vhci_hcd: release socket
[ 1471.485728][   T42] vhci_hcd: disconnect device
[ 1471.516693][   T42] vhci_hcd: stop threads
[ 1471.536614][   T42] vhci_hcd: release socket
[ 1471.548279][   T42] vhci_hcd: disconnect device
[ 1471.604712][   T42] vhci_hcd: stop threads
[ 1471.635059][   T42] vhci_hcd: release socket
[ 1471.652809][   T42] vhci_hcd: disconnect device
[ 1471.814081][   T42] vhci_hcd: stop threads
[ 1471.824063][   T42] vhci_hcd: release socket
[ 1471.834761][   T42] vhci_hcd: disconnect device
[ 1471.854458][   T42] vhci_hcd: stop threads
[ 1471.859734][   T42] vhci_hcd: release socket
[ 1471.869094][   T42] vhci_hcd: disconnect device
[ 1473.770115][T14978] Can't find a SQUASHFS superblock on nullb0
[ 1478.673231][T11991] vhci_hcd: vhci_device speed not set
[ 1482.947149][T15030] loop1: detected capacity change from 0 to 32768
[ 1482.984889][T15030] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2026 (15030)
[ 1483.199604][T15030] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1483.210809][T15030] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[ 1483.219763][T15030] BTRFS info (device loop1): setting nodatacow, compression disabled
[ 1483.227948][T15030] BTRFS info (device loop1): force zlib compression, level 3
[ 1483.235532][T15030] BTRFS info (device loop1): setting nodatasum
[ 1483.241753][T15030] BTRFS info (device loop1): enabling auto defrag
[ 1483.248370][T15030] BTRFS info (device loop1): trying to use backup root at mount time
[ 1483.256592][T15030] BTRFS info (device loop1): allowing degraded mounts
[ 1483.263451][T15030] BTRFS error (device loop1): unrecognized mount option 'uid=00000000000000000000'
[ 1483.278192][T15030] BTRFS error (device loop1): open_ctree failed: -22
[ 1483.660139][T15014] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by udevd (15014)
[ 1483.729584][T15035] trusted_key: encrypted_key: insufficient parameters specified
[ 1483.810075][ T5855] usb usb40-port1: attempt power cycle
[ 1484.561812][ T5855] usb usb40-port1: unable to enumerate USB device
[ 1484.942290][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.962004][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.663504][T15053] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2032'.
[ 1485.981435][    T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1486.161386][    T8] usb 2-1: Using ep0 maxpacket: 8
[ 1486.174618][    T8] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1486.183822][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1486.199205][    T8] usb 2-1: Product: syz
[ 1486.205321][    T8] usb 2-1: Manufacturer: syz
[ 1486.211378][    T8] usb 2-1: SerialNumber: syz
[ 1486.237742][    T8] usb 2-1: config 0 descriptor??
[ 1486.259524][    T8] gspca_main: se401-2.14.0 probing 047d:5003
[ 1486.662614][    T8] gspca_se401: Wrong descriptor type
[ 1487.531602][T15068] netlink: 'syz.5.2033': attribute type 39 has an invalid length.
[ 1488.587829][T12386] usb 2-1: USB disconnect, device number 5
[ 1593.597510][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1593.597534][    C1] rcu: 	(detected by 1, t=10504 jiffies, g=76485, q=118 ncpus=2)
[ 1593.597556][    C1] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4295096458-4295085956), jiffies_till_next_fqs=1, root ->qsmask 0x0
[ 1593.597585][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g76485 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1593.597609][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1593.597626][    C1] rcu: RCU grace-period kthread stack dump:
[ 1593.597635][    C1] task:rcu_preempt     state:R  running task     stack:26568 pid:17    ppid:2      flags:0x00004000
[ 1593.597681][    C1] Call Trace:
[ 1593.597689][    C1]  <TASK>
[ 1593.597706][    C1]  __schedule+0x14d2/0x44d0
[ 1593.597764][    C1]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[ 1593.597789][    C1]  ? asan.module_dtor+0x20/0x20
[ 1593.597821][    C1]  ? enqueue_timer+0x225/0x530
[ 1593.597848][    C1]  ? __mod_timer+0x984/0xdb0
[ 1593.597889][    C1]  schedule+0xbd/0x170
[ 1593.597918][    C1]  schedule_timeout+0x160/0x280
[ 1593.597939][    C1]  ? console_conditional_schedule+0x40/0x40
[ 1593.597960][    C1]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1593.597984][    C1]  ? update_process_times+0x1b0/0x1b0
[ 1593.598025][    C1]  ? prepare_to_swait_event+0x339/0x360
[ 1593.598056][    C1]  rcu_gp_fqs_loop+0x302/0x1560
[ 1593.598103][    C1]  ? dump_blkd_tasks+0x810/0x810
[ 1593.598139][    C1]  ? rcu_gp_init+0x1510/0x1510
[ 1593.598174][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[ 1593.598214][    C1]  rcu_gp_kthread+0x99/0x380
[ 1593.598249][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1593.598284][    C1]  ? __kthread_parkme+0x7a/0x1c0
[ 1593.598317][    C1]  ? __kthread_parkme+0x162/0x1c0
[ 1593.598356][    C1]  kthread+0x2fa/0x390
[ 1593.598375][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1593.598409][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1593.598430][    C1]  ret_from_fork+0x48/0x80
[ 1593.598454][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1593.598475][    C1]  ret_from_fork_asm+0x11/0x20
[ 1593.598520][    C1]  </TASK>
[ 1593.598528][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1593.598538][    C1] CPU: 1 PID: 42 Comm: kworker/u4:2 Not tainted syzkaller #0
[ 1593.598569][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1593.598583][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1593.598622][    C1] RIP: 0010:smp_call_function_many_cond+0xddf/0x1130
[ 1593.598648][    C1] Code: 45 8b 2c 24 44 89 ee 83 e6 01 31 ff e8 da d6 0a 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 15 d3 0a 00 eb 38 f3 90 <42> 0f b6 04 2b 84 c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 f9 d2
[ 1593.598666][    C1] RSP: 0018:ffffc90000b37780 EFLAGS: 00000293
[ 1593.598685][    C1] RAX: ffffffff817abc67 RBX: 1ffff110171c8791 RCX: ffff888019291e00
[ 1593.598701][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1593.598714][    C1] RBP: ffffc90000b37900 R08: ffffffff90da7507 R09: 1ffffffff21b4ea0
[ 1593.598747][    C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: ffff8880b8e43c88
[ 1593.598764][    C1] R13: dffffc0000000000 R14: ffff8880b8f3d348 R15: 0000000000000000
[ 1593.598779][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1593.598798][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1593.598813][    C1] CR2: 000000110c3650c9 CR3: 000000000cb30000 CR4: 00000000003506e0
[ 1593.598832][    C1] Call Trace:
[ 1593.598839][    C1]  <TASK>
[ 1593.598856][    C1]  ? text_poke_sync+0x30/0x30
[ 1593.598887][    C1]  ? smp_call_function_many+0x40/0x40
[ 1593.598911][    C1]  ? text_poke+0xc0/0xc0
[ 1593.598930][    C1]  ? __mutex_trylock_common+0x153/0x250
[ 1593.598967][    C1]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1593.599005][    C1]  ? text_poke_sync+0x30/0x30
[ 1593.599026][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1593.599052][    C1]  ? kmem_cache_alloc_bulk+0x12a/0x5b0
[ 1593.599081][    C1]  text_poke_bp_batch+0x318/0x930
[ 1593.599114][    C1]  ? text_poke_loc_init+0x820/0x820
[ 1593.599138][    C1]  ? mutex_lock_nested+0x20/0x20
[ 1593.599166][    C1]  ? text_poke_queue+0x140/0x190
[ 1593.599194][    C1]  ? arch_jump_label_transform_queue+0x93/0x100
[ 1593.599236][    C1]  text_poke_finish+0x30/0x50
[ 1593.599258][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1593.599289][    C1]  static_key_enable_cpuslocked+0x123/0x240
[ 1593.599316][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1593.599343][    C1]  static_key_enable+0x1a/0x20
[ 1593.599368][    C1]  toggle_allocation_gate+0xaa/0x250
[ 1593.599399][    C1]  ? show_object+0x70/0x70
[ 1593.599429][    C1]  ? read_lock_is_recursive+0x20/0x20
[ 1593.599462][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1593.599489][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1593.599515][    C1]  process_scheduled_works+0xa45/0x15b0
[ 1593.599571][    C1]  ? assign_work+0x400/0x400
[ 1593.599603][    C1]  ? assign_work+0x39e/0x400
[ 1593.599641][    C1]  worker_thread+0xa55/0xfc0
[ 1593.599667][    C1]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1593.599690][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 1593.599709][    C1]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1593.599753][    C1]  kthread+0x2fa/0x390
[ 1593.599771][    C1]  ? pr_cont_work+0x560/0x560
[ 1593.599798][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1593.599818][    C1]  ret_from_fork+0x48/0x80
[ 1593.599841][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1593.599862][    C1]  ret_from_fork_asm+0x11/0x20
[ 1593.599907][    C1]  </TASK>
[ 1740.331374][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 245s! [kworker/u4:2:42]
[ 1740.331423][    C1] Modules linked in:
[ 1740.331441][    C1] irq event stamp: 8231484
[ 1740.331449][    C1] hardirqs last  enabled at (8231483): [<ffffffff8a80144a>] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1740.331488][    C1] hardirqs last disabled at (8231484): [<ffffffff8a6ea02e>] sysvec_apic_timer_interrupt+0xe/0xc0
[ 1740.331525][    C1] softirqs last  enabled at (8231482): [<ffffffff81519f87>] __irq_exit_rcu+0xc7/0x190
[ 1740.331551][    C1] softirqs last disabled at (8231467): [<ffffffff81519f87>] __irq_exit_rcu+0xc7/0x190
[ 1740.331579][    C1] CPU: 1 PID: 42 Comm: kworker/u4:2 Not tainted syzkaller #0
[ 1740.331601][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1740.331617][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1740.331650][    C1] RIP: 0010:smp_call_function_many_cond+0xde8/0x1130
[ 1740.331678][    C1] Code: 01 31 ff e8 da d6 0a 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 15 d3 0a 00 eb 38 f3 90 42 0f b6 04 2b 84 c0 75 11 <41> f7 04 24 01 00 00 00 74 1e e8 f9 d2 0a 00 eb e4 44 89 e1 80 e1
[ 1740.331698][    C1] RSP: 0018:ffffc90000b37780 EFLAGS: 00000246
[ 1740.331717][    C1] RAX: 0000000000000000 RBX: 1ffff110171c8791 RCX: ffff888019291e00
[ 1740.331734][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1740.331749][    C1] RBP: ffffc90000b37900 R08: ffffffff90da7507 R09: 1ffffffff21b4ea0
[ 1740.331766][    C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: ffff8880b8e43c88
[ 1740.331784][    C1] R13: dffffc0000000000 R14: ffff8880b8f3d348 R15: 0000000000000000
[ 1740.331800][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1740.331819][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1740.331835][    C1] CR2: 000000110c3650c9 CR3: 000000000cb30000 CR4: 00000000003506e0
[ 1740.331855][    C1] Call Trace:
[ 1740.331864][    C1]  <TASK>
[ 1740.331887][    C1]  ? text_poke_sync+0x30/0x30
[ 1740.331921][    C1]  ? smp_call_function_many+0x40/0x40
[ 1740.331946][    C1]  ? text_poke+0xc0/0xc0
[ 1740.331966][    C1]  ? __mutex_trylock_common+0x153/0x250
[ 1740.332004][    C1]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1740.332044][    C1]  ? text_poke_sync+0x30/0x30
[ 1740.332064][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1740.332090][    C1]  ? kmem_cache_alloc_bulk+0x12a/0x5b0
[ 1740.332120][    C1]  text_poke_bp_batch+0x318/0x930
[ 1740.332153][    C1]  ? text_poke_loc_init+0x820/0x820
[ 1740.332177][    C1]  ? mutex_lock_nested+0x20/0x20
[ 1740.332206][    C1]  ? text_poke_queue+0x140/0x190
[ 1740.332233][    C1]  ? arch_jump_label_transform_queue+0x93/0x100
[ 1740.332275][    C1]  text_poke_finish+0x30/0x50
[ 1740.332297][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1740.332328][    C1]  static_key_enable_cpuslocked+0x123/0x240
[ 1740.332356][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1740.332383][    C1]  static_key_enable+0x1a/0x20
[ 1740.332407][    C1]  toggle_allocation_gate+0xaa/0x250
[ 1740.332445][    C1]  ? show_object+0x70/0x70
[ 1740.332475][    C1]  ? read_lock_is_recursive+0x20/0x20
[ 1740.332508][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1740.332535][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1740.332561][    C1]  process_scheduled_works+0xa45/0x15b0
[ 1740.332616][    C1]  ? assign_work+0x400/0x400
[ 1740.332649][    C1]  ? assign_work+0x39e/0x400
[ 1740.332680][    C1]  worker_thread+0xa55/0xfc0
[ 1740.332707][    C1]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1740.332731][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 1740.332750][    C1]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1740.332794][    C1]  kthread+0x2fa/0x390
[ 1740.332812][    C1]  ? pr_cont_work+0x560/0x560
[ 1740.332838][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1740.332859][    C1]  ret_from_fork+0x48/0x80
[ 1740.332882][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1740.332902][    C1]  ret_from_fork_asm+0x11/0x20
[ 1740.332945][    C1]  </TASK>
[ 1740.332953][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1740.332991][    C0] NMI backtrace for cpu 0
[ 1740.333001][    C0] CPU: 0 PID: 15083 Comm: syz.3.2037 Not tainted syzkaller #0
[ 1740.333017][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1740.333026][    C0] RIP: 0010:__lock_acquire+0x120c/0x7c80
[ 1740.333047][    C0] Code: b6 04 00 84 c0 0f 85 28 5e 00 00 83 3d dc d4 83 15 00 0f 84 3e 08 00 00 31 db 48 83 c3 40 48 89 d8 48 c1 e8 03 42 80 3c 00 00 <74> 12 48 89 df e8 1a d9 75 00 49 b8 00 00 00 00 00 fc ff df 48 83
[ 1740.333061][    C0] RSP: 0018:ffffc900000078c0 EFLAGS: 00000046
[ 1740.333074][    C0] RAX: 1ffffffff20e1f02 RBX: ffffffff9070f810 RCX: ffffffff81670e2d
[ 1740.333086][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90da7500
[ 1740.333097][    C0] RBP: ffffc90000007b08 R08: dffffc0000000000 R09: 1ffffffff21b4ea0
[ 1740.333110][    C0] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: 00000000ad9a37fd
[ 1740.333122][    C0] R13: ffff88802d5e9e00 R14: 00000000b991d307 R15: ffff88802d5ea978
[ 1740.333134][    C0] FS:  00007fd8f92696c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1740.333148][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1740.333159][    C0] CR2: 000000110c34a203 CR3: 0000000059758000 CR4: 00000000003506f0
[ 1740.333173][    C0] Call Trace:
[ 1740.333178][    C0]  <IRQ>
[ 1740.333193][    C0]  ? verify_lock_unused+0x140/0x140
[ 1740.333225][    C0]  ? verify_lock_unused+0x140/0x140
[ 1740.333258][    C0]  ? debug_objects_fill_pool+0x73/0x6b0
[ 1740.333300][    C0]  lock_acquire+0x197/0x410
[ 1740.333326][    C0]  ? advance_sched+0xc5/0xc80
[ 1740.333360][    C0]  ? read_lock_is_recursive+0x20/0x20
[ 1740.333387][    C0]  ? __hrtimer_run_queues+0x426/0xc40
[ 1740.333414][    C0]  ? __lock_acquire+0x7c80/0x7c80
[ 1740.333436][    C0]  _raw_spin_lock+0x2e/0x40
[ 1740.333452][    C0]  ? advance_sched+0xc5/0xc80
[ 1740.333468][    C0]  advance_sched+0xc5/0xc80
[ 1740.333486][    C0]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1740.333503][    C0]  ? _raw_spin_unlock+0x40/0x40
[ 1740.333518][    C0]  ? debug_object_deactivate+0x67/0x350
[ 1740.333544][    C0]  __hrtimer_run_queues+0x51e/0xc40
[ 1740.333565][    C0]  ? taprio_dequeue_from_txq+0x8f0/0x8f0
[ 1740.333588][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[ 1740.333605][    C0]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[ 1740.333630][    C0]  hrtimer_interrupt+0x3c9/0x9c0
[ 1740.333661][    C0]  __sysvec_apic_timer_interrupt+0xfb/0x3b0
[ 1740.333689][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1740.333715][    C0]  </IRQ>
[ 1740.333720][    C0]  <TASK>
[ 1740.333725][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1740.333744][    C0] RIP: 0010:visual_init+0x14e/0x640
[ 1740.333764][    C0] Code: 2d 00 00 74 08 4c 89 f7 e8 6f 5c 45 fd 4d 8b 26 4c 89 e0 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 e7 e8 56 5c 45 fd 49 8b 3c 24 <e8> 2d 39 db fc 48 8d bb c0 03 00 00 48 89 f8 48 c1 e8 03 42 0f b6
[ 1740.333777][    C0] RSP: 0018:ffffc9000452f508 EFLAGS: 00000246
[ 1740.333790][    C0] RAX: 1ffffffff1603a48 RBX: ffff88807dd39000 RCX: 0000000000080000
[ 1740.333802][    C0] RDX: ffffc90011476000 RSI: 0000000000001687 RDI: 0000000000000000
[ 1740.333813][    C0] RBP: 1ffff1100fba727f R08: ffffffff971d557f R09: 0000000000000000
[ 1740.333824][    C0] R10: ffffffff971d5570 R11: fffffbfff2e3aab0 R12: ffffffff8b01d240
[ 1740.333836][    C0] R13: dffffc0000000000 R14: ffff88807dd393f8 R15: 000000000000001a
[ 1740.333857][    C0]  ? visual_init+0xe5/0x640
[ 1740.333878][    C0]  vc_allocate+0x2e9/0x6f0
[ 1740.333897][    C0]  ? trace_contention_end+0x39/0xe0
[ 1740.333923][    C0]  ? vc_cons_allocated+0x70/0x70
[ 1740.333947][    C0]  con_install+0xa4/0x700
[ 1740.333968][    C0]  ? mutex_lock_nested+0x20/0x20
[ 1740.333994][    C0]  ? show_tty_active+0x30/0x30
[ 1740.334020][    C0]  tty_init_dev+0xd3/0x4c0
[ 1740.334042][    C0]  tty_open+0x5ad/0xd10
[ 1740.334067][    C0]  ? do_raw_spin_lock+0x121/0x2c0
[ 1740.334089][    C0]  ? tty_compat_ioctl+0x8b0/0x8b0
[ 1740.334113][    C0]  ? do_raw_spin_unlock+0x121/0x230
[ 1740.334136][    C0]  chrdev_open+0x59e/0x670
[ 1740.334155][    C0]  ? cd_forget+0x160/0x160
[ 1740.334172][    C0]  ? fsnotify_perm+0x3ed/0x5e0
[ 1740.334195][    C0]  ? cd_forget+0x160/0x160
[ 1740.334211][    C0]  do_dentry_open+0x8c6/0x1500
[ 1740.334237][    C0]  path_openat+0x274b/0x3190
[ 1740.334270][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[ 1740.334289][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1740.334307][    C0]  ? verify_lock_unused+0x140/0x140
[ 1740.334327][    C0]  ? do_filp_open+0x3d0/0x3d0
[ 1740.334353][    C0]  ? __virt_addr_valid+0x18c/0x540
[ 1740.334380][    C0]  do_filp_open+0x1c5/0x3d0
[ 1740.334407][    C0]  ? vfs_tmpfile+0x490/0x490
[ 1740.334444][    C0]  ? _raw_spin_unlock+0x28/0x40
[ 1740.334459][    C0]  ? alloc_fd+0x58f/0x630
[ 1740.334483][    C0]  do_sys_openat2+0x12c/0x1c0
[ 1740.334504][    C0]  ? do_sys_open+0xe0/0xe0
[ 1740.334522][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1740.334542][    C0]  ? lock_chain_count+0x20/0x20
[ 1740.334561][    C0]  __x64_sys_openat+0x139/0x160
[ 1740.334583][    C0]  do_syscall_64+0x55/0xb0
[ 1740.334604][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1740.334621][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1740.334639][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1740.334656][    C0] RIP: 0033:0x7fd8f838d810
[ 1740.334681][    C0] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[ 1740.334694][    C0] RSP: 002b:00007fd8f9268b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1740.334710][    C0] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd8f838d810
[ 1740.334721][    C0] RDX: 0000000000000002 RSI: 00007fd8f9268c10 RDI: 00000000ffffff9c
[ 1740.334731][    C0] RBP: 00007fd8f9268c10 R08: 0000000000000000 R09: 00007fd8f9268986
[ 1740.334743][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1740.334752][    C0] R13: 00007fd8f85e6308 R14: 00007fd8f85e6270 R15: 00007ffd03c947b8
[ 1740.334772][    C0]  </TASK>
[ 1740.334990][    C1] Kernel panic - not syncing: softlockup: hung tasks
[ 1740.335002][    C1] CPU: 1 PID: 42 Comm: kworker/u4:2 Tainted: G             L     syzkaller #0
[ 1740.335022][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1740.335034][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1740.335064][    C1] Call Trace:
[ 1740.335072][    C1]  <IRQ>
[ 1740.335079][    C1]  dump_stack_lvl+0x16c/0x230
[ 1740.335109][    C1]  ? show_regs_print_info+0x20/0x20
[ 1740.335136][    C1]  ? load_image+0x3b0/0x3b0
[ 1740.335171][    C1]  panic+0x2c0/0x710
[ 1740.335197][    C1]  ? bpf_jit_dump+0xd0/0xd0
[ 1740.335216][    C1]  ? __irq_work_queue_local+0x13a/0x3b0
[ 1740.335242][    C1]  ? irq_work_queue+0xbc/0x140
[ 1740.335272][    C1]  watchdog_timer_fn+0x5f0/0x5f0
[ 1740.335304][    C1]  __hrtimer_run_queues+0x4df/0xc40
[ 1740.335333][    C1]  ? proc_watchdog_cpumask+0xd0/0xd0
[ 1740.335370][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[ 1740.335391][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[ 1740.335433][    C1]  hrtimer_interrupt+0x3c9/0x9c0
[ 1740.335486][    C1]  __sysvec_apic_timer_interrupt+0xfb/0x3b0
[ 1740.335514][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1740.335545][    C1]  </IRQ>
[ 1740.335552][    C1]  <TASK>
[ 1740.335560][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1740.335582][    C1] RIP: 0010:smp_call_function_many_cond+0xde8/0x1130
[ 1740.335607][    C1] Code: 01 31 ff e8 da d6 0a 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 15 d3 0a 00 eb 38 f3 90 42 0f b6 04 2b 84 c0 75 11 <41> f7 04 24 01 00 00 00 74 1e e8 f9 d2 0a 00 eb e4 44 89 e1 80 e1
[ 1740.335624][    C1] RSP: 0018:ffffc90000b37780 EFLAGS: 00000246
[ 1740.335640][    C1] RAX: 0000000000000000 RBX: 1ffff110171c8791 RCX: ffff888019291e00
[ 1740.335655][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1740.335668][    C1] RBP: ffffc90000b37900 R08: ffffffff90da7507 R09: 1ffffffff21b4ea0
[ 1740.335680][    C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: ffff8880b8e43c88
[ 1740.335695][    C1] R13: dffffc0000000000 R14: ffff8880b8f3d348 R15: 0000000000000000
[ 1740.335736][    C1]  ? text_poke_sync+0x30/0x30
[ 1740.335765][    C1]  ? smp_call_function_many+0x40/0x40
[ 1740.335789][    C1]  ? text_poke+0xc0/0xc0
[ 1740.335807][    C1]  ? __mutex_trylock_common+0x153/0x250
[ 1740.335843][    C1]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1740.335880][    C1]  ? text_poke_sync+0x30/0x30
[ 1740.335900][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1740.335925][    C1]  ? kmem_cache_alloc_bulk+0x12a/0x5b0
[ 1740.335953][    C1]  text_poke_bp_batch+0x318/0x930
[ 1740.335985][    C1]  ? text_poke_loc_init+0x820/0x820
[ 1740.336008][    C1]  ? mutex_lock_nested+0x20/0x20
[ 1740.336036][    C1]  ? text_poke_queue+0x140/0x190
[ 1740.336061][    C1]  ? arch_jump_label_transform_queue+0x93/0x100
[ 1740.336102][    C1]  text_poke_finish+0x30/0x50
[ 1740.336123][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1740.336153][    C1]  static_key_enable_cpuslocked+0x123/0x240
[ 1740.336180][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1740.336205][    C1]  static_key_enable+0x1a/0x20
[ 1740.336230][    C1]  toggle_allocation_gate+0xaa/0x250
[ 1740.336260][    C1]  ? show_object+0x70/0x70
[ 1740.336289][    C1]  ? read_lock_is_recursive+0x20/0x20
[ 1740.336321][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1740.336347][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1740.336373][    C1]  process_scheduled_works+0xa45/0x15b0
[ 1740.336433][    C1]  ? assign_work+0x400/0x400
[ 1740.336464][    C1]  ? assign_work+0x39e/0x400
[ 1740.336494][    C1]  worker_thread+0xa55/0xfc0
[ 1740.336520][    C1]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1740.336542][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 1740.336561][    C1]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1740.336603][    C1]  kthread+0x2fa/0x390
[ 1740.336620][    C1]  ? pr_cont_work+0x560/0x560
[ 1740.336646][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1740.336665][    C1]  ret_from_fork+0x48/0x80
[ 1740.336689][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1740.336709][    C1]  ret_from_fork_asm+0x11/0x20
[ 1740.336751][    C1]  </TASK>
[ 1741.470315][    C1] Shutting down cpus with NMI
[ 1741.498657][    C1] Kernel Offset: disabled