last executing test programs:

30.649004777s ago: executing program 4 (id=645):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f0000000040)={0x0, [0x0, 0x4, 0x6], [{0x0, 0x400}, {0xfffffffe, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x7ff}], 0x20})
sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x4)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
landlock_create_ruleset(0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000001440))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x18, 0x20000000, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r3})
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

9.521082425s ago: executing program 4 (id=646):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = eventfd(0x0)
r1 = eventfd(0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000280)={r0, 0x0, 0x2, r1})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000080)={r1, 0x1, 0x2, r0})
r2 = eventfd(0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000100)={r2, 0x0, 0x2, r1})

8.336521209s ago: executing program 0 (id=692):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$isdn(0x22, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, 0x0, 0x0)
r4 = creat(&(0x7f0000001840)='./file2\x00', 0x0)
mlock2(&(0x7f00001ed000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
write$binfmt_elf64(r4, &(0x7f0000000000)=ANY=[], 0xfd14)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
fsync(r5)

8.062984374s ago: executing program 4 (id=694):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000640)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@umask={'umask', 0x3d, 0x5}}, {@gid}, {@errors_continue}, {@utf8}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@errors_remount}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
r1 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0x100800001)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7ece1e40ad8871461ab0800", @ANYRES64=r2, @ANYRES64=0x0, @ANYRES64, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r6, 0x0)
sendmsg$can_bcm(r5, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r4, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x20000600}}, 0x0)

7.26919374s ago: executing program 0 (id=695):
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeec, 0x10, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x181201900, &(0x7f0000000480)="846b59f97221af3363c1f8523246bfa85737a4c4f27a67cb2984f7fd14b3f0bd09e7145c1a1cd3", 0x27, &(0x7f0000000100), &(0x7f0000000500), &(0x7f0000000540)="9e89f61f465385c360746c0cd4284883e89a308f7634d261220293058aa307edbc4c0f11430283d9ba0a0ffcc684e8f631bf52e3ffea0a2678dcb72b2f82b75edb0ee1f793ce1fa5186d64e12daad14810dc57537d658dc7f2c6dbdb8fb11a1aa1a8cf0bab3cb239fa43c166a99aca0bc3c0fb9eb0b27f57d984e47c")
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0xc00e, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001500010300000000000000000c"], 0x14}}, 0x0)

7.212274129s ago: executing program 2 (id=696):
socket$kcm(0x10, 0x2, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000500)=ANY=[@ANYRES8, @ANYBLOB="5fca347ececb408e05fe2f0dabbdff15fe956980fb723d331f8384096046c2b08ad0d1fd620630d1e71b468df1df69a6daa1e4094a064abb9d32ce6ec87cb9db7cd295804aa89b84cbff18224185cd3690e9c7b56f2cb1556a719b2859c3f222be23f4258ef17b50d6453a2254b56e90ac2afd51f13e1d91373549f649943e1c29b48362779b50ef36", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000008000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7e8000008000000b704000001000054850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000280)={0x78b9}, 0x8)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0xfffff000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

7.144109457s ago: executing program 3 (id=697):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20}, {}]})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x0, 0x0, 0x2, r4, 0xb})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x0, 0x0, 0x2, r4, 0xb})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
sendmsg$OSF_MSG_ADD(r0, 0x0, 0x4cc04)
dup2(r0, r3)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r8, 0x1, 0x2a, &(0x7f0000000100), 0x4)
ioctl$VIDIOC_S_FMT(r7, 0xc0d05604, &(0x7f00000014c0)={0x7, @sliced={0xffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1]}})
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x541b, 0x1000000000000)

6.670906591s ago: executing program 2 (id=698):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1f, 0x4, 0x0, 0x0, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp_prespec={0x44, 0x34, 0xc0, 0x3, 0x0, [{@multicast1}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@rand_addr, 0x800}, {@broadcast, 0x52b1}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
r4 = dup(r2)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000a40)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000200)={r7})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f00000003c0)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000240)={r8, 0x1, r6, 0x400000})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000280)={r8})
sendto$inet(0xffffffffffffffff, &(0x7f0000000e40)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67669c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa497ee129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794d7bc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb6", 0x216, 0x0, 0x0, 0x0)

6.182385177s ago: executing program 1 (id=699):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336", 0x1c}, {&(0x7f0000000380)="b7e4c84c12f2ec398a7c6a1f6be9de130578cdbffd74752b2f6133071864bac0717147af20e6e13af7b7100d1a6736a8e03334b7cdd90757248589134b71c162fc7e17fbcffa8487caa0469ea6ad8ab919c383554859e254c4046f5a0a494810a015491393eff01813fc6069", 0x6c}, {&(0x7f0000000400)="034415e3adefcb7057afc8876bfae181ebcfabad4aed31158fafa269802ea23350b4ccb57825bfa551317292bfde0afbd422fb950790671dacccd6e01d31ec52594c4dacd14ded6fee80769eebee46e58d09407b5a87af1859e393d4790600c24b4b76517d4ff50f9643b57d9cd0fc44f39fa2798258f61316d4b305ac3c", 0x7e}, {&(0x7f0000000940)="4804ea2edea9044529d8c3e1088695d6fc4299c5bd9ae8f5388bd9", 0x1b}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000001c0)="cba3c7a43c4cf7989ec2aa6316626e6feabc77d9cedecc05d15b6848559c1a87078de3d109f37a0d6d140144ac91f746a3d2f75c1e4ebf256dff9e046e8241cf1b97db207205", 0x46}, {&(0x7f00000002c0)="c102da7afd62449368d7", 0xa}, {&(0x7f0000000a00)="958b36983dae056fb25c1316c22dd1ceaa3382ef726a0071574b3eb11999941ebe4b806e82a56b3404ba817823010d4bb59d7941e6bbc719c216acf15127da3f567157c9842eb70f7f588659e1c88701cde5fefe18fedb90d5f8b107bb90962b7da2", 0x62}, {&(0x7f0000000300)="b43505202d1710c48dc8fe9095f1c609dc9a1f092dafef7a0efee61c17e4cec0bef25e44d138b80ee99ba041ad6d8d2991e0d220a17bc021be33585512684b20ddfe6e90c7f4323c3472c9b61b340d55be6e4bba8b2c495021f888a969c7201050", 0x61}, {&(0x7f0000000cc0)="91fc324a883d40dd8ea39ed9172f3dde360ce7e8a1bf6f72e7b7fd77a56eab188121df7dc411b41377dd66d158ac7f988ee80c1edb18931fff7a2c87b5f2a0bfc9e905757a7dc8b633677f9bc0f626ebcced33e3b0bceda3adbfd365afe7269a23058ca6764ae3f3bb6db0161de96044278ae16290e5dbd415bb97d91cccf19072730f30ad6948126a33409f30aee9b66e19e2024566fc2b3436b61f357c592e1b5450828eadf69e815a1327a8d9ae248ada151b5f6db583a4def5274e17af3ec90167deb075a980f2c4606f0b8b3123b3b0f5259157b8d749b102903644269ec46820fc6eb5cbf718bdcc62834b6d594d3ecd001b00", 0xf6}, {&(0x7f0000000480)}, {&(0x7f0000000740)="c4", 0x1}], 0x7}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendmsg$inet(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000000)="14fafa37bf25f04bda99eefbbdd8d76b8136ee6cfdee25bdb2d1873ce347c7b623dd3140cfb2326fa1bf9f1dc2375eeba25df45aefdb3c49a4e7ffab4ed7181180bde98af644d11f", 0x48}, {&(0x7f0000000240)="16a6fca1943502d7ac24a672dbecde54535371af01e67576ef51", 0x1a}, {&(0x7f0000000580)="c3e361cabaa484b0c035139c64932a377f926342f6b052b6a3b273c187a5e0c26fe049092a54eb9b6be2ac2df69e6a36fad43d88851aa162b6aa0d4734e36aad318ea99586ca9f642920068473af2e996703149f0c13bcfae9beeb8d", 0x5c}, {&(0x7f0000000800)="8434335f698d", 0x6}], 0x4}, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

6.104306015s ago: executing program 0 (id=700):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r3, 0xae9a)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000071000/0x18000)=nil, &(0x7f0000000380)=[@text16={0x10, &(0x7f0000000080)="f30fbd4e6166f2670f9efd0f38ca6400bad104ec2e0f01c30f01c33e660f3a224941df9a16007a000fc7f1660f38824c09", 0x31}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.387216463s ago: executing program 0 (id=701):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
sched_setscheduler(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
setresuid(0xee00, 0x0, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])

4.645780375s ago: executing program 1 (id=702):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x13, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r3, 0xfca804a0, 0x2, 0x8, &(0x7f0000000840)="d001448a017331696ef38a14c9a7c1559bef876ed5211b21ad5130086f0344e372d9ae3b677621ba2686046782d9c41d769492870072933952573881e77a93a100000000", &(0x7f0000000300)=""/1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xfffffec7)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f00000000c0)=0x81)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0x5421, &(0x7f0000000340)={{0xffffffff, 0x1, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
read$FUSE(0xffffffffffffffff, &(0x7f00000044c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00', @ANYRES8=r5, @ANYRESHEX=r4, @ANYRES32=r6, @ANYBLOB="0863d3f30af9f36580000a00050008d70000000009000700fc01000000000000"], 0x3c}}, 0x480d4)
get_robust_list(r5, &(0x7f0000000280)=&(0x7f0000000240)={&(0x7f0000000140), 0x0, &(0x7f00000001c0)={&(0x7f0000000180)}}, &(0x7f00000002c0)=0x18)
gettid()
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r1, 0x0, 0x0, 0x100800)
r8 = socket(0x840000000002, 0x3, 0xff)
sendmsg$rds(r8, &(0x7f0000000a40)={&(0x7f0000000000)={0x2, 0x0, @private}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}], 0x2}, 0x0)
close(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.05496026s ago: executing program 0 (id=703):
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0)={'#! ', './file0', [{0x20, ',*^.\\'}, {0x20, '/dev/input/event#\x00'}], 0xa, "816c30c8aa2d90b0d1f2267316dadc0314aeb978ff32f425a8f4dcabbadf023008ef2265f185acdfe083e7bcc925ccf9b52a86db340a2b80ee507996a8d5d8b5a4e652d747ae29de08ce1f8ae9f7bc6a8489ea9320298ac2fd787f538a92c4e821f207e7de4e901b6a3ef1029ba7ab4e67202d221c56aace97cdc2f7181a304747d7b7d0a62e877c8dfa1a46686560189295e684d1343aa47812dd9b8a5dde4986fbb6a477bc7d7f6b47701efe82b8f746c58cbcd9f71870003afa50627d6a536a3f83b418032a69a168b6dbc810aaf39b714445e9533419ec43e51b542d369463b0f9a635c32f358de109a956cd96c9f71f40fc01fe0cfc56eee5d6ea8f47d0dc09ab5b1a0f0900b045b7dc618bea0ae47e2278f0d8f8912dcc63351f197c7f76a6603e7b4224d710ef3a4c0bc09048380af91081196cba24af04a69b8a255552265a855fbd1c7044a72bcb9a564bc2d5a1274f10404501775344f635689d9c93f5e8dfc3a48fc7237ce7423043b9a60ec1031fdb561e65124a6c6c5063bbac863317c0f33765a9a9a96c7d79352eb2edf5a4a274ae8edae7967cbf511b7d6e9e50f19324b208c156aa958382176ba74b152306560dc750a72c1d87f85feafc81704a4300095397e637882f30ee1d006f6aea26d1d9d3f6277c596d2a535c4ffe8aecdedcacbcf9c4f41869721fc164e21116c464c3235d95700b09736b40f53da980e4d1d266b29685eecc7812ae5a813abacf9db7853499a64a1ef4ed09f7b04ea1479bad5c91f3f188aeba2b2e8a4900f3f56a406113a7f5c993b95bb9ef53d0ab9d5982b1eb92883d4a4bdfd3c9f47e4293276e8a6a951b2c73d9964ecd2f0569d27da0f117f49dc75ad0116bb14a4d6de711b8c937bb0028a2223273c2953026f5a58836ffe9fa0735911d5c70d60d0e4bcb1fb754fa223f145351ebd2983fccec519d8c97a8072165b60d8501f888e312bcaf75053ad6fe1f1647008d9a53fd0255e729328e992fb82ea4ae521daf936699aad7ea64a92ea049613564d8273a9054585660f141c3c2d38a6ceee4e50ebe131751350ca190a3c65169476099b58e81e2438fa4068e0a8c2b6386baca655adcea4366ed91d5514ae266199a05efd2d2c820269d5082132e9ee0a569f4938b9acfc748d5d90ddddbf1c0913a42a629b89a76eff4b19e20604f24b00f94ccac9b667e07da785e28d993afb0d29fd95ca3306f3bb04cf88efec4a1324b517e5aaa76321fe458d2e6734d91e258ab8be92a358fda26f64c3462b27aabcc8e41a80e11425bafeda1a2c0b772ae9731936e09e78ffcfb26eeda6b9f13c174bf8edc2c969f03ebecfd56ce54a919f7e068a7b64b76988222182e62d0ed0e4e9e73d859734c3b7cfb057f1be95035853570869dff548193d027a7d67813235a7cc9ae3fe3333df76d0114de50f90a3ed67833711bd9a8e0a22512bb32f8b45c839f0c9b4832ebbbc18d87697628e5f7050d656330812a9e75c0053f67e3d683842bc0aca6be48a3f7beac678aeedf2f56d3703857c98b3ded4380fc9c55a2a350060becdcf80b5fffba118ca145625990799e7e0119158cc944d73b87ed"}, 0x493)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB="010000000000000007"])

3.963149906s ago: executing program 4 (id=704):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = eventfd(0x0)
r1 = eventfd(0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000280)={r0, 0x0, 0x2, r1})
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000080)={r1, 0x1, 0x2, r0})
r2 = eventfd(0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000100)={r2, 0x0, 0x2, r1})

3.962568385s ago: executing program 2 (id=705):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_setup(0x800, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000e40)=[0x0])
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
capset(&(0x7f0000000000)={0x19980330}, 0x0)
ioctl$VT_OPENQRY(0xffffffffffffffff, 0x5600, &(0x7f00000002c0))
stat(&(0x7f0000000100)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setuid(r5)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x2, r6})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000240)={0x28, 0x0, r6, 0x0, &(0x7f0000ffb000/0x1000)=nil, 0x1000})

3.648428194s ago: executing program 0 (id=706):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x16, &(0x7f0000000080), 0x1, 0x5124, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac895ztz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVG7V/eUB6x0/eLuo5v2NjceP9yuX7109mT5pbNgYqUnsFLy8+rC4rnU7PweSfYo2l2nXq3nFM36pyfcv/IiAIAlmWp1FsXH0fwjbtHen9aTdjNpt5N2/ITQ7m4sRzbuqn7z3JDWV2iezSwqjPedZ1LP3/+i3Ur7J+0kaixhnr275pFmot8855L6Ss0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4E7yyNujD1XVT12bPnNuprnzwJaZy/um150OodHZXsvKtdXvH27+9e3WYwd+3PzV8QvPP1bP+8XlaNfO4be48sRkCG90VS7EYS+uDaHVW+g0w5flwludlediAQAAgLvJ/Z3fI0U7i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLyi3Vj8qXUF4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6Pd044bf40T3jUZwtSgqQMAAAB9xP93X/xqIeb17JuDNK8/9ejBc1XjlfJ/c7j8P3ZLXxUAAABwM458sf3hqnop/7eGy//jt3XWAAAAwFK88+HEB1X1Uv6fHS7/r86X+ZUPWaef4l8hHJoMYWJhZS4r/BzaTxcFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/12F7K5/T7oxAAAAAPei8vX88fb42ZML+j1/f9jr/x/438FXq45fyv/7h8v/9e7lwPv/F5Md/Pw/AAAAWIb/2vP/tpfGqTbo/v/3ffTuL1X9S/m/PVz+j8s13S/vRHx/3psMYf3CSn43wW/i4XYlhfmxrkJHK+mxLfbIC/PjXYWOuaTH5skQHlxY2d+4nssK/4+FdtLjytq8cCQpnI6F/HwoCseSwol4pn2+Np9uWvg+FvILLObjFRRriksikh5X+/VYKNywx9ni4AAAAPeUGJ7zLDvW2wxplJ2vDdph9aAdRgbtUB+0w2iyQ7pjv+1htrcQt7fPbFza8/+PDJf/41uxKlv0u/4/xOv/8+caFtf/z8ZCIynMx0IrvWNAKx4jC7sfx2M0WnmPK+uLAgAAANzV4vcC9RWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD/s3XuMXFd9OPAz+xrvw7ubwE+E/BAsUMe44PXaDg+1qVinqYpCKeuSElWIYmOvw+INNrZTcATIsUEpiqChRII/iuIIIZw/klokCGhAcSNhFDUkKFUjkigRaZ0gotA0gEIhEq5m7z2zd87deaztdbzh85G8c2a+53nn4Tn33jkXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3w/HPvOxv28Vv/d3lz3y+JWTHz646cpnPnnZ+Q+EMDX3eCULVwau/8rkL2679PaDd224+c4Tl7+xLy+Xx8Ng7U9XfufTsdYTK0P4ViWEnjSwdigL9Ob3h2J9rxoK4bwwH6iXmB7ISqQNh+/3h3A4zAfqVX2nP4ShQuCKB++5+3O1xE39IawKIVTTNh6rZm30p4GL+rLAQBrY1ZMFfn0yUw98uysLwGmLb4b6i/7oVGOG0YXLNXn99Z6xjr240uF1x8Ro83w/37TEnSroSx+YOq2nrVQdS6L09jjm3bYM3m2l7Xyjp634RSr/hnJyPlQNXdund2y9ZnZffKQrjI93N6tpiZ7nh5/7xLbFpJfN6zB2YPSMvA4/f/+q27rXvOuHd65d9dSRNx16+nS7+ePCJi2ml1o15K+5ZfM8RpM+T5bB26/0LWnMl64Qwo4P/cG7W8VL8//R1vP/+HKOt10NuWOtLwxnc/P4yFBMPDuczc0BAABg2VgOe013jX/vba3qK83/xzo7/h8P+eeT+Wy0x0KYnEscGgnhgrnHs8CtsbkPjoTw2rnUVGNgUxI4FsIrv/D1PJhVlZRYEUuMJYGfDueBySRwPAamksDXYuDGJPDpGDiaBLbFwLEkcGkMhJn6OOYSfzicj6PjQH8MbMk24tF4FsIvh2NrU40lHq1XBQAAcIbks8PexruFcx1ON0OcXh7tb5chnoHdNEM1qSGdwdanVU1r6GlXQ1chQ6Uw1a9nqI/7QOvhl2qutOtb6TSMSmOGr/zq794TWijN/ydaz/+rC3SkUjr+H8Lmub8xd1cema3Ht0w1ZAAAAABOw+D/PvHVVvHS/H+ys/P/4z6R7kLmcF/cDbFzJISJxkBW7R+XA9lR78E8AAAAAMtB/Xh8/Vj4TH6bnaKdzqfL+acWmT8e+J9cMH/fse9uadXf0vx/qrPz/wcab7NOHI+9+OJICCsKgR/EXtYCc8Zi4Cdvbwzk4z8eN8ANsar8xIR6VTfEEltiYCIJHG5W4kf1Ehc0BvInq974ofo4ZvIShQAAAACcdXF3QDwuH8//f91vN3ysVbnS/H/L4s7/n5sHl07vnx0MYV1PCN3pDwPuG8gWBoyBoUqe+N5AVld3WtV1AyFcUhtYWtUT+fr/Pekagw/2Z1XFwAWvO/LcRbXEV/tDWFcMPPS+W95cS+xLAvXG/7o/hNfURps2/s0VWeO9aeNfWhHCqwuBelUfXBFCrbG+tKp7qvl1DNKq/rkawssKgXpVb6mGsD8AsEzF/0q3Fx/cu//anVtnZ6f3LGEi7sPvDztmZqfHt+2a3V5t0qftSZ8bljG6rjymTq9882i+RNF779g81Em6/jvBiWJb+X780omD+f34Xah3bpwbehvubkyH/IbXl5sIhW9SzYbctcRDHihWMv8kluqP+fvCYFhxzd7pPeMf37pv35712d9Os2/I/sbDTNm2Wp9uq4GF+tbBy6PpalmJU91Wq4uVrNt39e51e/dfu3bm6q1XTV81/ZH1b9kwcfHExom3XryuNqqJ7G+boa5eqOpkqCdv6XBcZ3CoF/YUKjkbnxoSEhLLLbFrcHXL/5NL8//dref/8VMnfvLn6zM0O/4/Gg/zZ4/PH+bfEgOHy8f/G/6XqB//H212NL9+YsBYEjgQAwcc5gcAAOClIU7y49w57pX+2ZpvPtWqXGn+f6Cz3/+fofX/60vXXz7SZJn/NbHERLP1/9Nl/uvr/x9otv5/usx/ff3/wy/C+v/X1APJJvml9f8BAICXgrO3/n/b5f3TCwSUMnS1y5BeIKCUoe0y/p1eIGDR6/8/9p9/89+hhdL8/8bO5v8W7gcAAIBzx6f+4mP/r1W8NP8/3Nn8/+yv/xeanf8/1iww1WxhQOv/AQAAsEw1W/9v9PqBD7QqV5r/H+1s/h9Pu+hqyB1rfWE4W9MupGvaPTtc/8kAAAAALA9dYXy8t8O8DSujbjr1Nh/OlwJtlS564s9OLO78/2Odzf8bfpfx+ftX3da95l0/fOHOtaueOvKmQ0/PH/8HAAAAlk6n+yUAAAAAAAAAAAAAAIAX3xP/cXBjq3jp9/9h89zjzX7/H6/7F39f8PKG3LHW9uv/5feveOft++eWLLxvOITXFwM7D+48L+TX5l9dDNz9/jWvqCUOpiW++/ilT9YSH0gD71h7/vO1xCVJYEtcJPGVaSBeVfH5lUkgLq/472kgbo+jaaAvD3x2ZTaOSrqtfjaUbatKuq0eGQphpBCob6tvDWVtVNIB3pQE6gP8aBqIA/zLPNCV9ur2waxXMTAUi948mPUKAIBzVvwW2Bt2zMxOT8Sv8PH2wp7G26hhybLrytVWOmz+0XxpsvfesXmok3R3+l10/lrjvaFaG8L60tfVYpbK3CjPTC1tNt3Lmwy53WpvXU3KpRa76fqaj6g/G9H4tl2z23vbDnxj+ywbetpmWV+a7BSzdM1t0g5q6aAvHYyow23TQZfj/a4wPt6d5PqjGBwNDdq9Ijr9vX5xnb9mr4Jino+cOPTrVvWV5v+jnc3/q8VxPZ9fDOBAvLLeP4xY5h8AAACW1mc3/ebL8d97rr/3oVZ5S/P/sc7m/3EPVn4oONvbcSxe///QSAhzl9YfzQK3xuY+OBLCa+dSU7FEdkH9y2OJiSxwa9xhsiaW2DLVWNWKGDiaBH46nAeOJYHjMZDvpTgS8l05XxgO4c1zqc2NJXbHEqNJ4N0xMJYExmNgIgmsjIHJJPDMyjwwlQT+LQbCTOO2umNlvq0AAAAWI59n9TbeDek872hPuwyVdhkG2mXoapeh2i5Ds1HE+9+IGXqTk1cqhUy9aa39SS2lDPFi+IvuVylD+FFjzrRgqel4/kH9fINKY4a73tZTDS2U5v8Tnc3/syfzZGPrx+P8f/76f1ngB7F7X4ynjo/FwE/e3hjIdwwcj5PdG+pVTeUl8kn7DbHEZAyMJYHdMTCZBLZszgOHX9EYyGfa9cYP1RufyUsUAgAAAHDWxR0EcTdNnP/fvPczg63Kleb/k53N/2N7g8XGPh1rPbEyhG9V5ntTD6wdygJxP8ZQ/Hn8q4ZCOK+wg6NeYnogK9GXNBy+35/9Qr0vreo7/dmPD+L9Kx685+7P1RI39YewqrD3pd7GY9Wsjf40cFFfFhhIA7t6skDc81MPfLsrC8Bpq+8VjC+o/FSXutGFyzV5/b1UrgmaDq+0D3SBfAv95mqplHa45vtU6xb3tLXcf8sZU3p7HPNuW47vtlHvtuIXqfwbysn5UDV0bZ/esfWa2X3xkeIvWUuW6Hku/kq1k/QZeB0eOPXetldNOzCRfHxMLFxu4ddhJVb3+ftX3da95l0/vHPtqqeOvOnQ0x13o4n4Q+F7PvmvQz8ubN6lVg35a27ZfZ5M+TxZjv8NjHnaQgibn/nSDa3ipfn/VGfz/57kds5v4sbcOxLCGwob9764+f90JPscLASyT8mXlQPZIff/Gm76yQkAAABnWn13R31/wUx+m50Qns6Ty/mnFpk/7q+YXDB/p/0e+Nv3r2oVL83/t7Se/69Iuun4v+P/LBHH/xd0ru+KXpE+cOC0dkWXqmNJOP6/oHP93eb4/4Ic/3f8fyGO/7fh+P+CzvWnrfQtabcvXSGEp/7ke4+0ipfm/7s7m/9b/2/hRfvq6/9tabb+3+5m6/8dsP4fAACwpJosNJfO80qr95UypKv3lTK0XSCw7RKD1v9b9Pp/T1742G/DQvKaSvP/A53N/+PLYbDY+nJZ/29sc5OqboyB3RYGBAAA4FzUbAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL667/vF/treK3/u7yx55/MrJDx/cdOUzn7zs/AdCmJl7vJKFKwPXf2XyF7ddevvBuzbcfOeJy99Yzcv15rf/vyF3rPWF4RAOFx4Ziolnh2t35gNXvPP2/T21xH3DIby+GNh5cOd5tcTXhkNYXQzc/f41r6glDqYlvvv4pU/WEh9IA+9Ye/7ztcQlW7uybqbd/aeVWXcraXc/tzKEkUKg3t0Pr8zaqKRt/Hke6Erb+PpQ1kYMDMWiXx7K2oiB2VhiZkUI63pC6E6rureaVdWdVvUv1ayq7rSqT1VDuCSE0JNW9XhfVlVPOvIH+rKqYuCC1x157qJa4nBfCOuKgYfed8uba4mPJoF643/VF8Jrai+ZtPFv9GaN96aN39QbwqtDCH1piV/1ZCX60hJP9ITwskKg3viHekLYH3hJiB8+DZ9oe/dfu3Pr7Oz0niVM9OVt9YcdM7PT49t2zW6vJn1qplJIn7zu1Mf+6HOf2Fa7fe8dm4c6Sffk5Xrnuryht+HuxnO997FfA8VK5p+PUv0xf18YDCuu2Tu9Z/zjW/ft27M++9tp9g3Z3+48mm2r9S22VXfxzou9rVYXK1m37+rd6/buv3btzNVbr5q+avoj69+yYeLiiY0Tb714XW1UE9nfzocamg71llMa5ZW3ZrenNNQLewo1nY0PgMUl4uY5V/ojIfH7mOhq+HSbONf/0yt90Z/vaG+ozn1Al6YVxSyVuVGeiUFvOsURn8r3lLYjWl+aOJSybGifZWNpMjGfpT/LMve9rjQ5LNbUNbdJ4/2uMD7e3Ww7jDbeLW7en5/G5n0433SdpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VuH0bMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcCgAA//8aXSYE")
chdir(&(0x7f0000000140)='./file0\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

3.54356647s ago: executing program 4 (id=707):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r2, 0xab00, r1)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)

2.840774531s ago: executing program 2 (id=708):
mkdir(0x0, 0x0)
open(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
move_pages(0x0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffd000/0x1000)=nil], 0x0, &(0x7f0000000080), 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x6, @any, 0x47, 0x1}, 0xe)
readv(r3, &(0x7f0000000300)=[{&(0x7f0000000180)=""/125, 0x7d}], 0x1)

2.797628906s ago: executing program 1 (id=709):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
syz_mount_image$bcachefs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x8050, &(0x7f00000000c0)=ANY=[@ANYBLOB="6261636b67726f756e645f636f4a7072657373696f6e3d6e6f6e652c6261636b67726f756e644c636f6d7072657373696f6e3d7a7374642c7374725f686173683d63726336342c7374725f68616372633332632c646174615f636865636b73756d3d63726336342c646174615f630265636b7375003d6372eee532632c7374725f686173683d736970686173682c6261636b67726f756e645f636f6d7072657373696f6e652c00000000"], 0x1, 0x5b36, &(0x7f0000010040)="$eJzs3Q2MHdW9GPCZe3e9u17brEkAx3x4AeMa+oA1JgUsIhaqAOmLeTzIM+8Fgu3gtVniD/Daz+AXYoP0eBGh1FKrhEYKQiiRqBAiLWqaj0YmKiFqaBRLKTVpmxJBooZWxBGBxMUornZ35u69s3PuzN571xj4/WTv7Mw993/O/8zZ2ZlzZ++NAAAA+EB4/u/H/nDd4o//+P6Rt/Zc+90t90X91YntvWmBgWR597vVQo6lnq5FE8vsuNg3POf5Kx765Etf+8w3Xnl14fIVX7/j6iN3zVv94IPDP7vkyE/+dG9R3HQ8nTu1Hr8eR9HpP13+5Qd++MIp49viKIqq8cDeKFoYV36wMM6EGHo7iqINtXY2PvjMWys3ji/3fqmnYfsJmSDG+wdbbzLO/uH72077zQVXv7T/51e9NdT79va9U0Xi3rrxFEUL1tU/vzuKor7k/7h0tC1Kn5wsr4+iaG7d8y4taNdZJdt/fmB9cbKckyz7C+Kkj5+ZWe8u2Y6uzLK35PNaVZnl+Kl0/82b5fqzB7dsPQuT5beS5bkzjF9N/8dRJY66atVtjqfGSFS33+Iontj3U+uVhrEQZ8ZGHEVxZr2SWa92Z/KaqDcZaNU4btyelstsH0y2dyXbzywYazcGtn8kzTf5QT2cyT8btH/aN7W8JqTt+mWTthwLlbpjUN72tL29yc7oT7b1xydOe87RHOlja159+OlXdj+6dCDQjvibcRI/bin+i1suO7hs9y8OLQrFX1dJ4ldaij92wRtPvXbDj04Jxt+Xxq+2FP/li5d95Xt7dh0O9s/v0v7pail+ddV5R1bcP7Qm2P7H0vi9LcV//Konv7rgo889FWz/UNo/fa31z+jOd25+4qRDwfhRGn9uS/GvfPPkc1Zte3JTMP6zaf/0txT/hbHR1Q/cvmTXYCj+gTT+/Jbin/WrW27ef3Dk5WD7h9P+GWgp/seWXnn96kNbHwodO+O9db/h+gKFAAj6UHKO9cVkvdXrzHbVXS88MhBPnvPNS/7Pr3aypkbj9SyYvfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfEA9PrBh5E/fOeOdrmS9J/nmjOrkMt0+J4riviiKxnas375jdOumwTu27dy+df3mwfU7Bke27th+z+DFfza4feTOzevvGX906PyVk887MYonl/Hp0+o+evTo0cpA47a0vs9d8i+fGTzj4H+PoqGTfnZGV7D9f3Hv4n+6MOdrRjx8dPO/OOfW1+b9552TGwaSdg0E2hUF2nX5E6+v+s13+/55FA2d3Kxd/3v5NT9saNDEhqk4iUpPVJn4pieem9uOWquT9qT91bVxdPPIUHH/VgN5/Prwv/urXWO37Z3s395gHiX7t2/46B+3fvvZ2y7fff3khuN1vxf1d5pF2r60/3qT/l6Q5LUgkFdXIK8Hzjnzf/23f73l9b3RUNfvl0yvuyiv7mQAdMcfKVVvWsPcuLFPepPy6R5Pn3fhji13Xjh2z+7zR7es3zSyaWTrypUrL7145UWXXPRPLpxIffJrx/JP6/9HJfM/NuNp2yXDo+nXcuOpqF1F/THeruL+qG9R6Ofvw5+65n/c9+/33TC5oWicp6Vrx5NkOXd8N6+I6sbb9L7Ky6uoH7oD/bDpxv5/8+bgtv9XdByq3zP1XzPi4aO/H/0vV8zbf/atkxuOyXG+vkEtHudrrU7a011/3Flx/PZvT1RN8urPbdfZ97/x1//1O/FgrX1z5kR3r9+xY/uKya/HKK8P3/j5zuZ16bL/e9fudfctnJbXRZNf5yUtnRefmtuu7NY0ryUTX6tR0i3pIuqt5OfXHU22L/t7IX1etlf7k8f64xNz88pKH1vz6sNPv7L70aWhno6/OVljXzR/chmfFii5OfPEaq3BefUXjY8oitbVb0v78dlv/6vB/T9euKVwfEyOjGlfs+kNH/3CZfN+PXbTgdWTG47NcaWuQS0eV2qtnmrPRH9NHFcuOn7yePf2c8MPVjx8dP9pf7Zp5X/ckfzYF/VvrXRe/66MoqLjwJLM+mwdB7L1TJXPjzeYWe+Pqi0dN16+eNlXvrdn1+HgceN3ZY8bn29Yq7Z53IgD4+ngF/7tH//u4Iuf6Nxx4xPLqp/+n0tWJh16vPy89SbjujcwrmutTtoT14/rC27btnnD5Pbj9/w3WRZc/6S/v8fu2f259Zs3j2wfK5dX2fOStJ5sL7d6XpL+9J1YkFe6v6bymr1vyvRX2Z+3tP0bsv3V4s8b5OmP4pZ+n7245bKDy3b/4tBAIG68rpLEr7QUf+yCN5567YYfnRKMvy+N39VS/Oqq846suH9oTTD+Y3ESv7el+I9f9eRXF3z0uaeC8YfS9ve1dj4xuvOdm584Kdz/URq/v6X4L4yNrn7g9iW7gvEPxEk94+d2UfTMWys3Tq7HUXdyHE7b0d3Qrii7HmfWK5n1av16ZXIOvlZBNY4bt6flku1n1rUlz01RFB3omb49PXvsXTS5PJyuR9lvmm8/3lTqzgnythedXwPA+0n6+n96rpG+/r8k+YVY9/r/5DKe0/D8Rcn51KKpTRPXefcNTv4inem8XtqO7LxeGn/52Y0xWp3XK5qXOyuznrZrSdIraXuanDfMi0rMy02vp/m8XCb94nmzwS9mNnRNzO2F9lt3MlOR9zpzpr3zxiO0e569KL/VtfPs0LjLznekr9PHJcdd9r6IdP9m74tI4y/OTKC1el9Eu+MundZoMu4mMiueT50+LqIm/To1LvKjZcfFDMbRwOQ4mt3Xpd771/uzO//+gZlPiPY29k/J+YTj/Xo/3Z4eH7pKzgOsCWzv1DxAerhI2/XLJm05FswDAMDU9X96TjF+/T/+u3owc55fdN2SvcpI4wXvY6nmt6fo+nf6/WxzWzqvvPLNk89Zte3JTcHz4mfL3pdyZ8Pa3IL7Uor6cWlmvbAfA7eCFM07LMuU74/mt9SPZ/3qlpv3Hxx5OdiPw5MnUsX9uK9hbX6b/bg8s17Yj935rSrqx2w9ReP33Mx6f3JH0Ez7/WNLr7x+9aGtDwX7fW/Zfn+sYW2goN9dpwfiu05/X7zuXzQf+a7NAyTz1rM1D3BjYPtM5wH6p31Ty2vCe24eIPB7AQDey9Lr/9r98sn1/3/KlGv3+jB43jbcmftZg+dttfPa9s7Lg+2vnZe3d10UjF+7LmrvuiXYP7Xrlvauu4Lxa9dd7c3TBPvn2bR/pp/37ykRPz3vD/25QHre/96/LprdeQbXRcl6lP1mkusiAACOB+n1f3q6mt7//1yynj03nv3r3Nm+Dp3t6+jZnmeY7XmS9/p17rGfZygTv/w8w2zPs5kHMA9QzDwAAMD7w8eT5a0ly3dN3EMcRZ+97faL1m4Y+du1G7ePjIzduf62kbWjW0d31Mp1T1x5Tb9POlRf0X3SeeXnNim/Nhi/sT1XB8qHtJt/qL6i/PPKN8t/XTB+Y3uuCZQPaTf/UH1F+deXv6JE/uuD8Rvbc22gfEi7+YfqK8o/r3yz/D8bjN/Ynk8Eyoe0m3+ovqL888o3y/+2YPzG9vyzQPmQdvMP1VeUf175Zvln3y8zlP+fB8qHtJt/qL6i/PPKN8t/JBi/sT2fDJQPaTf/UH1F+eeVb5b/xmD8xvasDpQPaTf/UH1F+eeVb5b/pmD8xvZcFygf0m7+ofqK8s8r3yz/24PxG9vzF4HyIe3mH6qvKP+88s3yHw3Gb2zP9YHyDeomjtvNP1RfUf555Zvlf0cwfmN7/jJQPqTd/EP1FeWfV75Z/p8Lxm9szw2B8rmS10LbyT9UX1H+eeWb5b85GL+xPTcGyoe0u/9D9RXln1e+Wf5bgvEb2/OpQPmQdvMP1VeUf175ZvlvDcZvbM9fBcqHtJt/qL6i/PPKN8t/WzB+Y3vWBMqHtJt/qL6i/PPKN8v/zmD8xvbcFCgf0m7+ofqK8s8r3yz/u4LxG9vz14HyIe3mH6qvKP+88s3y3x6M39ievwmUD2k3/1B9RfnnlW+W/1gwfmN7Ph0oH9Ju/qH6ivLPK98s/x3B+I3tuTlQPqTd/EP1FeWfV75Z/juD8Rvbc0ugfEi7+YfqK8o/r3yz/P82GL+xPZ8JlA9pN/9QfUX555Vvlv+uYPzG9twaKB/Sbv6h+oryzyvfLP+7g/Eb27M2UD6klv+O7SMja3feuWH9jpG1W7dtGBlbu2v76I4dI8mJWrv3JQbvK0vuS+yOuprmvzizfkJy8XZC4P2BsuXTsKdOfDP9/YGy1XYVvE9O0f7K1l/0PkN55fPGW2j/Fh0Pyo6HrIafj8lBMrp1bGT79ON3X9P+qB8T0cRtc32Ty/jkUuWzb9cZqKZQ+Xx6m+aT3dyT3AjYE59UqnwU+Dy4mSqfTxzMJ68dM/0cuzTsjD7HLvOlJj1Y5LxHa0O+G8cmDtKj6zeP7h6Z3v6571b7o6n2l+nHvR1vR2VaO4r2f5zpj4VJSxaGPu8t0H+7vvV/Hv/tb//Dn0fR0EnV09rqv3j46LrDJ3/2p5f3XDje/krT9tdKpp+rXPD5h9nyaT5dm7eN7fjHG7ft3Jr/Clp6v3Oltj5L9zsneVZL3r8cut9jpvcvx9O+OT6VvX8ZAADggyL9+//0enVR8jeoCzNTBOXngdv7++jgPPCBcvPA2dmIonngbPk07bLzwP1tzgNn6w/N01aalG/2ukvZeeBPB8rPVPlx0t77AATHSdJTReMk+3f4ReMkW36m46SvzXGSrb9onOSVb/b6dNlxclNO+WZ/Al5+PLTwvhODU+87ERwPQ+XGQ/ZzNYvGQ7b8TMdDb5vjIVt/0XjIK9/sfp2y4+FTgfJllR8f7b0vTHB8rCs3PrKfl1I0PrLlZzo+4jbHR7b+ovGRV77Z/Yxlx8dfBsqnyu//9t63J7j/95Xb/9nPbSna/9nyM93/lTb3f7b+ov2fV77Z/dxl9/91gfKpxv0/vuMn9vvI2l3bttffAz3bn9sSUr59s/u5Na0q3/7Zfd+n2W//7L6v1Oy3v73rpmD7D7T3Slf59s/u5xK16pi9Hpv8zVDR+08VvU77N4HtM32dds60b45PXqcFAACA2Ze+/p9+HH/6/vBfSpaBj+lv2Xv/871bmufq8fnbnZnHNJ/XpLLjgPk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzujpWjSxfP7vx/5w3eKP//j+kbf2XPvdLfftG57z/BUPffKlr33mG6+8unD5iq/fcfWRu+atfvDB4Z9dcuQnf7q3MPDA5OLcZLU3iuLX4yg6/afLv/zAD184ZXxbHEVRNR7YG0UL48oP4myEobejKNpQa2fjg8+8tXLj+HLvl3oatp+QCZLNK+qvpu1paGd0d2FGvAf1JuPsH76/7bTfXHD1S/t/ftVbQ71vb987VSTurRtPUbRgXf3zu6Mo6kv+j0tH26L0ycny+iiK5tY979KCdp1Vsv3nB9YXJ8s5ybK/IE76+JmZ9e6S7ejKLHtLPq9VlVmOn0r337xZrn/a0S1Tz8Jk+a1kee4M41fT/3FUiaOuWnWb46kxEtXttziKJ/b91HqlYSzEmbERR1GcWa9k1qvdmbwm6k0GWjWOG7en5TLbB5PtXcn2MwvG2o2B7R9J801+UA9n8s8G7Z/2TS2vCWm7ftmkLcdCpe4YlLc9bW9vsjP6k2398YnTnnM0R/rYmlcffvqV3Y8uHQjUF38zTuLHLcV/cctlB5ft/sWhRYE843WVJH6lpfhjF7zx1Gs3/OiUYPx9afxqS/FfvnjZV763Z9fhgVD836X909VS/Oqq846suH9oTbD9j6Xxe1uK//hVT351wUefeyrY/qG0f/pa65/Rne/c/MRJh4LxozT+3JbiX/nmyees2vbkpmD8Z9P+6W8p/gtjo6sfuH3JrsFQ/ANp/PktxT/rV7fcvP/gyMvB9g+n/TPQUvyPLb3y+tWHtj4UOnbGe4/Vb1iA96cPJedYX0zWW73ObFfd9cIjA/HkOd+85P/8TlaUMV7PglmMDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA+9PINY/suebA2mu74iiKA2WO5kgfq84ZHh5sod7qqvOOrLh/aE39tkUtxAEAAACKpdfhldqW3mhRtCvui07NLZ/OEZyarsWN27NzCH1TJTsSp9KhONUOxenqUJzuEnF6S8SZ06H29HQoTm9BnN6oXJy+pnEqpdszt0Nx+jsUZ16H4szvUJwFHYpzQofiDDSNU34cLuxQnBM7FOdDHYrz4Q7FOalDcU7uUJxTOhQnO6c803E4Pym5OBRn4ptqYZyuuFp7IG8+Pa3n9MzzKjOsp79kPdk5+5nW01eynrPbrKe3ZD3L2qwnLlnPuW3WUymoJx23d2fbl9aTrpUc//d0KM7uDsX5uw7F+XyH4tzboThf6FCcPW3GASgrvf6fum4ciHq6Lo/mJkec7CxAer27ZPLZ045HvdkL9EQa77TM9jlF8bIX6pl4SzrcvrMy27sb4nXVzpuaxBuoj7c082BhvtkJhUz7ls80XnZiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABm0cg1j+y55sDaa6M4Gv+X62iO9LHqnOHhwRbqXfPqw0+/svvRpfXberpaCAQAAAAUSq/Du2tb/j+79hcjV1U/APzcndmZYVv4TX+BOpBCR0pXjMiWLsqf1HDRh1liUAIYDZjuljKsG7a7yG5TWJG1PhAfNJBo4uqT4QlDeFCDopIsDxqDkrCJYhNBeZEoGiABEmpiMmZ37p1/zHS2I9qCn8/DPfee8z3ne89s0+R7Zgohnx0LuSjXFldIzgEKyXOmWG+j8tBGOxJtO2F8NokfWzx019jCvUsfnjl0YLo6XZ0bHx+/8vLxvVfs/ejYHTOz1T31a8j3WW84WW/h3qU7D8zOVu9eqD93vncpmVdqdk2tX44m7/3/ffJESXwzz3/upv9fCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATq1qZWW5sjY5MRKFEPWIqXWRjmVycVweIO+1b27fffX8o9OtffnsAAsBAAAAfaV1+HCjpxDy2UzIhHM3ni5shhZDaNb9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/55qZWW5sjY5sSUKIeoRU+siHcvk4rg8QN7fLMxc/8AXdh5p7SsNsA4AAADQX1qHDzV6CqEUdoXh6Ny2uPRs4LyO+Z1x6TrnbzKu8+ygV9yuTcaNbjLug33iPpW099Sb564JAAAA8O6V1v/ZRk8x5LNn9qz/+9X1adzOjrhM0g7yWwEAAADg35PW/7lGTynks6VGvb7Zev/Cjrh0fr/v7dP5/b63T+Mu7pGn8/t8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD0Va2sLFfWJicyUQhRj5haF+lYJhfH5QHyvnj56Ld/vnzkeGtfPjvAQgAAAEBfaR3eLL0LIZ8dCcNhy0bdf+Xo37+4NHV023AxGc7lwj0HFhfv3lu/pnG7vvr6537306j8trjL6tdTsjkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAdVa2sLFfWJifOiEKIesTUukjHMrk4Lg+Q98WZw/+89ZFzXmvtKw2wDgAAANBfWoc3a/9CKIVcyIXtG0+ttf66oY75vc4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPeOhXuX7jwwO1u9240bN24aN6f6fyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB0Ua2sLFfWJicKUQhRj5haF+lYJhfH5QHyPvzxR7971kd+8VhrX2mAdQAAAID+0jq8WfsXQikMh+FwzsZTtzOBjfq/+F98SQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4LRQrawsV9YmJ86MQoh6xNS6SMcyuTguD5D3wj9//tbVY9UXW/vy2QEWAgAAAPpK6/Bco6cQ8tnLQj7sSJ5n2ydEmaTtfi7QnHdX27SRTc+7r21eZtPzvtaxs2yym/q8Qrpesd425pXfPq8cQigl80rNgam2eeGhtllnbvo9v9c2r9hnXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDTULWyslxZm5yIohCiHjG1LtKxTC6OywPkfe7QVcdGl/74WmtfaYB1AAAAgP7SOrxZ+xdCKZwfzgrnb9T9odgen8bte+SVq//6szO+EcKe7b+9INtz/b9cXPll5yWEofagoRD+L8kX9ch35Md/e/jVV3/yyRD2nJPZcbL52peMa1PHt9/27L782Ak+GAAAAHgPSev/4UZPMeSzcz3r/7TyPqn6f/7sm+7bllyTirxjxlAxyTfUI9+dV3zzR+ULjv1hvf4/Ub5Pf/m8T2wL81fEM+m13tMhimuzD+7e//LWpw+nu67nz3TkTz+Xl47/8DNHFg5+pZ6/EApJ/3nZbvnffu1wRlx7a+6Jpw7uW7qhPX+2x/4f2P3+P/3+O4deWc//xs6RRv4PnGD/J85/9s2V548+/tCN7fmHe+SfvmnL998sz/+jc/8jHQsnn3z9D97yV+gQxbU3Zp65Zuvqrv3t+UMIU62B6ef/1BPfKq/+etuhNH/6W5GLd3Xkb/mn1nrtOHOK4trqjkumx59c3NKeP+rIn+7/2P0/eOtLx567rnP/t3fuv2f+zv1fN5q55YWd44P8eAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F2gWllZrqxNToRMCFGPmFoX6VgmF8flk8iX5vjYRdfecP1rc19vHctnB9oCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8A6pVlaWK2uTE0NRCFGPmFoX6VgmF8flAfIuXPr6Yy/f+Kv3tfaVBlgHAAAA6C+tw5u1fyGUQi7kwshG3T91fPttz+7Lj4VifTRK2uzs/MLih+6YPzx3+yl6cwAAAGCz0vo/2+gphnz2ojCc1P+rOy6ZHn9ycUta/4cQptYvhTtmZqvjoXFOcN1o5pYXdo6XG+cErXGXHpyfTY4J0nXvv2rrSwufXbu+67p7m3FvzDxzzdbVXfvTuOGk3Yi7rBk3++Du/S9vffpwGjeUnlOsx+1pxr0198RTB/ct3ZCOZ1rXa4k7++bK80cff+jGxjpJO5LkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgXO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdivoxCpqjgOwOfMzOrorNtsUW5SpGKiQbJSUQnRKiQ9tCEFvljgQ1ZGJrWEIYSbkIVJ+FQRFBEFgUhB0EMRFpRBEgUR2kMY2kM9xEa0IW5U7Ow9uzNXb7veWgP5Prgcz7lzf+d/zz3enQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/NbfW12oPPz30+52Lbvt895bRXbe/v+2p/QNzDt+6745jr9z75omTvStWv/HQ+rFHuwf37h34+saxL/58ctrgJyaalVm3HkL8OYZw5ZcrXtjz6ZGF42MxhFCNzeEQemPl496YS+g/HUK4b7LOzpPvjl53/3g7/NzcjvGLciH5+wqNaqpnQrOzXi4s9WyfPfPh9it+XLX+2KFv1432108/Njz1kVhv208h9Gxuv74rhDAvO8al3daXLs7aDSGE+W3X3TRNXUtnWP+1Bf1FWTsnaxvT5KTzS3L9rhnWUcu19RleV1ZllvOT9Py6Z3n+/MstP09v1r6XtSvPMb+ajhgqMdQmp3s4Tu2R0PbcYoitZz/Vr3TshZjbGzGEmOtXcv1qV+6+WvNmG60aY+d4+lxufHE2XsvGl0yz1+4uGL883W/2H/VU7v7zoY0z/jF5Xy2pru//oZbzodL2DjrbeKq3nj2MRjbWiBefcc1fZ5HObTz5/Nsndr66rFlQR3wnZvmxVP43224+unzndyN9RfmbK1l+5VzzWztnaNWvB3+667OFhfn7U361VP3Hr1/+4ge7dpwqXJ9f0vrUSuVX11wztnp3/8bC+l9L+fVS+a+vO/Byzw2fHCysvz+tz7xy67P18T82vXXpSGF+SPnzS+Wv/e2yq9dsP/BAYf5HaX0apfKPDG0d3PPgVTsWF+V/lfIXlMpf+sM9mw4d3XK8sP6BtD7NUvm3LFu7YXDkkX1F7844fL7+wgJcmC7JvmM9m/XL/s78t9p+L7zUjBPf+bqzY8F/OVHO+Dw9s5gPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzNDhyQAAAAAAj6/7odgQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAUwEAAP//rJ9Ykw==")
lseek(r0, 0x0, 0x4)

2.795941344s ago: executing program 3 (id=710):
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeec, 0x10, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x181201900, &(0x7f0000000480)="846b59f97221af3363c1f8523246bfa85737a4c4f27a67cb2984f7fd14b3f0bd09e7145c1a1cd3", 0x27, &(0x7f0000000100), &(0x7f0000000500), &(0x7f0000000540)="9e89f61f465385c360746c0cd4284883e89a308f7634d261220293058aa307edbc4c0f11430283d9ba0a0ffcc684e8f631bf52e3ffea0a2678dcb72b2f82b75edb0ee1f793ce1fa5186d64e12daad14810dc57537d658dc7f2c6dbdb8fb11a1aa1a8cf0bab3cb239fa43c166a99aca0bc3c0fb9eb0b27f57d984e47c")
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0xc00e, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001500010300000000000000000c"], 0x14}}, 0x0)

1.80464909s ago: executing program 3 (id=711):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r3, 0xae9a)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000071000/0x18000)=nil, &(0x7f0000000380)=[@text16={0x10, &(0x7f0000000080)="f30fbd4e6166f2670f9efd0f38ca6400bad104ec2e0f01c30f01c33e660f3a224941df9a16007a000fc7f1660f38824c09", 0x31}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.75107365s ago: executing program 2 (id=712):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336", 0x1c}, {&(0x7f0000000380)="b7e4c84c12f2ec398a7c6a1f6be9de130578cdbffd74752b2f6133071864bac0717147af20e6e13af7b7100d1a6736a8e03334b7cdd90757248589134b71c162fc7e17fbcffa8487caa0469ea6ad8ab919c383554859e254c4046f5a0a494810a015491393eff01813fc6069", 0x6c}, {&(0x7f0000000400)="034415e3adefcb7057afc8876bfae181ebcfabad4aed31158fafa269802ea23350b4ccb57825bfa551317292bfde0afbd422fb950790671dacccd6e01d31ec52594c4dacd14ded6fee80769eebee46e58d09407b5a87af1859e393d4790600c24b4b76517d4ff50f9643b57d9cd0fc44f39fa2798258f61316d4b305ac3c", 0x7e}, {&(0x7f0000000940)="4804ea2edea9044529d8c3e1088695d6fc4299c5bd9ae8f5388bd9", 0x1b}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000001c0)="cba3c7a43c4cf7989ec2aa6316626e6feabc77d9cedecc05d15b6848559c1a87078de3d109f37a0d6d140144ac91f746a3d2f75c1e4ebf256dff9e046e8241cf1b97db207205", 0x46}, {&(0x7f00000002c0)="c102da7afd62449368d7", 0xa}, {&(0x7f0000000a00)="958b36983dae056fb25c1316c22dd1ceaa3382ef726a0071574b3eb11999941ebe4b806e82a56b3404ba817823010d4bb59d7941e6bbc719c216acf15127da3f567157c9842eb70f7f588659e1c88701cde5fefe18fedb90d5f8b107bb90962b7da2", 0x62}, {&(0x7f0000000300)="b43505202d1710c48dc8fe9095f1c609dc9a1f092dafef7a0efee61c17e4cec0bef25e44d138b80ee99ba041ad6d8d2991e0d220a17bc021be33585512684b20ddfe6e90c7f4323c3472c9b61b340d55be6e4bba8b2c495021f888a969c7201050", 0x61}, {&(0x7f0000000cc0)="91fc324a883d40dd8ea39ed9172f3dde360ce7e8a1bf6f72e7b7fd77a56eab188121df7dc411b41377dd66d158ac7f988ee80c1edb18931fff7a2c87b5f2a0bfc9e905757a7dc8b633677f9bc0f626ebcced33e3b0bceda3adbfd365afe7269a23058ca6764ae3f3bb6db0161de96044278ae16290e5dbd415bb97d91cccf19072730f30ad6948126a33409f30aee9b66e19e2024566fc2b3436b61f357c592e1b5450828eadf69e815a1327a8d9ae248ada151b5f6db583a4def5274e17af3ec90167deb075a980f2c4606f0b8b3123b3b0f5259157b8d749b102903644269ec46820fc6eb5cbf718bdcc62834b6d594d3ecd001b00", 0xf6}, {&(0x7f0000000480)}, {&(0x7f0000000740)="c4", 0x1}], 0x7}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendmsg$inet(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000000)="14fafa37bf25f04bda99eefbbdd8d76b8136ee6cfdee25bdb2d1873ce347c7b623dd3140cfb2326fa1bf9f1dc2375eeba25df45aefdb3c49a4e7ffab4ed7181180bde98af644d11f", 0x48}, {&(0x7f0000000240)="16a6fca1943502d7ac24a672dbecde54535371af01e67576ef51", 0x1a}, {&(0x7f0000000580)="c3e361cabaa484b0c035139c64932a377f926342f6b052b6a3b273c187a5e0c26fe049092a54eb9b6be2ac2df69e6a36fad43d88851aa162b6aa0d4734e36aad318ea99586ca9f642920068473af2e996703149f0c13bcfae9beeb8d", 0x5c}, {&(0x7f0000000800)="8434335f698d", 0x6}], 0x4}, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

1.718005968s ago: executing program 1 (id=713):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
sched_setscheduler(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
setresuid(0xee00, 0x0, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])

1.439221121s ago: executing program 2 (id=714):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000640)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@umask={'umask', 0x3d, 0x5}}, {@gid}, {@errors_continue}, {@utf8}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@errors_remount}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
r1 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0x100800001)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7ece1e40ad8871461ab0800", @ANYRES64=r2, @ANYRES64=0x0, @ANYRES64, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r6, 0x0)
sendmsg$can_bcm(r5, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r4, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x20000600}}, 0x0)

1.395778685s ago: executing program 4 (id=715):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x2c}}, 0x0)
r6 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000006a00)=0xc)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000801, r8, &(0x7f0000006a40))
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000200)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000280)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7a6, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80)
fallocate(r10, 0x0, 0x0, 0x4)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000140)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r9, @ANYBLOB="05", @ANYRES32], 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r11, &(0x7f0000001740)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000000080)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c, 0x0, 0x0, &(0x7f0000001580)=[@dontfrag={{0x14}}], 0x18}}], 0x2, 0x0)
r12 = dup(r11)
write$UHID_INPUT(r12, &(0x7f00000010c0)={0xc, {"a2e3ad21ed0d52f91b5d310987f70e06d038e7ff7fc6e5539b326d298b089b0708376d090890e0878f0e1ac6e7049b3350959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d074b0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

786.065309ms ago: executing program 3 (id=716):
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0)={'#! ', './file0', [{0x20, ',*^.\\'}, {0x20, '/dev/input/event#\x00'}], 0xa, "816c30c8aa2d90b0d1f2267316dadc0314aeb978ff32f425a8f4dcabbadf023008ef2265f185acdfe083e7bcc925ccf9b52a86db340a2b80ee507996a8d5d8b5a4e652d747ae29de08ce1f8ae9f7bc6a8489ea9320298ac2fd787f538a92c4e821f207e7de4e901b6a3ef1029ba7ab4e67202d221c56aace97cdc2f7181a304747d7b7d0a62e877c8dfa1a46686560189295e684d1343aa47812dd9b8a5dde4986fbb6a477bc7d7f6b47701efe82b8f746c58cbcd9f71870003afa50627d6a536a3f83b418032a69a168b6dbc810aaf39b714445e9533419ec43e51b542d369463b0f9a635c32f358de109a956cd96c9f71f40fc01fe0cfc56eee5d6ea8f47d0dc09ab5b1a0f0900b045b7dc618bea0ae47e2278f0d8f8912dcc63351f197c7f76a6603e7b4224d710ef3a4c0bc09048380af91081196cba24af04a69b8a255552265a855fbd1c7044a72bcb9a564bc2d5a1274f10404501775344f635689d9c93f5e8dfc3a48fc7237ce7423043b9a60ec1031fdb561e65124a6c6c5063bbac863317c0f33765a9a9a96c7d79352eb2edf5a4a274ae8edae7967cbf511b7d6e9e50f19324b208c156aa958382176ba74b152306560dc750a72c1d87f85feafc81704a4300095397e637882f30ee1d006f6aea26d1d9d3f6277c596d2a535c4ffe8aecdedcacbcf9c4f41869721fc164e21116c464c3235d95700b09736b40f53da980e4d1d266b29685eecc7812ae5a813abacf9db7853499a64a1ef4ed09f7b04ea1479bad5c91f3f188aeba2b2e8a4900f3f56a406113a7f5c993b95bb9ef53d0ab9d5982b1eb92883d4a4bdfd3c9f47e4293276e8a6a951b2c73d9964ecd2f0569d27da0f117f49dc75ad0116bb14a4d6de711b8c937bb0028a2223273c2953026f5a58836ffe9fa0735911d5c70d60d0e4bcb1fb754fa223f145351ebd2983fccec519d8c97a8072165b60d8501f888e312bcaf75053ad6fe1f1647008d9a53fd0255e729328e992fb82ea4ae521daf936699aad7ea64a92ea049613564d8273a9054585660f141c3c2d38a6ceee4e50ebe131751350ca190a3c65169476099b58e81e2438fa4068e0a8c2b6386baca655adcea4366ed91d5514ae266199a05efd2d2c820269d5082132e9ee0a569f4938b9acfc748d5d90ddddbf1c0913a42a629b89a76eff4b19e20604f24b00f94ccac9b667e07da785e28d993afb0d29fd95ca3306f3bb04cf88efec4a1324b517e5aaa76321fe458d2e6734d91e258ab8be92a358fda26f64c3462b27aabcc8e41a80e11425bafeda1a2c0b772ae9731936e09e78ffcfb26eeda6b9f13c174bf8edc2c969f03ebecfd56ce54a919f7e068a7b64b76988222182e62d0ed0e4e9e73d859734c3b7cfb057f1be95035853570869dff548193d027a7d67813235a7cc9ae3fe3333df76d0114de50f90a3ed67833711bd9a8e0a22512bb32f8b45c839f0c9b4832ebbbc18d87697628e5f7050d656330812a9e75c0053f67e3d683842bc0aca6be48a3f7beac678aeedf2f56d3703857c98b3ded4380fc9c55a2a350060becdcf80b5fffba118ca145625990799e7e0119158cc944d73b87ed"}, 0x493)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB="010000000000000007"])

658.802486ms ago: executing program 1 (id=717):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = eventfd(0x0)
r2 = eventfd(0x0)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000280)={r1, 0x0, 0x2, r2})
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000080)={r2, 0x1, 0x2, r1})
r3 = eventfd(0x0)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000100)={r3, 0x0, 0x2, r2})

498.839553ms ago: executing program 1 (id=718):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x1, 0x50ec, &(0x7f00000051c0)="$eJzs3U+IVVUcB/Dz5o8zKcw8QcighS3chhQtVIYeYZCL9KUQtDAnF0EIMtguwWxEEIwaCaSsQAuG3MgDIUGYEBe1CTRJEFqY4KaVQrtaFO/de968d67vvueojennEzP3nvu759zzHncx35fnvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhDVv194vq09tvHJh4eyWg7MHGsdvzh89EkKldbyS13e/8tqOd3fufn08dph+I9tWq72GzLr+njVWdB1s9uv+eSeEMJoMMJxvXx0ujNq5u784YKlrx/adnj25fdPCmvVTl3bNnyu+dJrGl3sCyyW/r24t3ku11u+h5Ix2u+PWq3Tdoln/9Ib7T14EAHBPNtRbm/afo/mfuO32obSetGtJey5px78Q5jobS5GNu6LXPNel9WWaZy2LCmM955nU8/e/3a6n/ZN2EjXuYZ7dp+aRZrzXPGeS+nLNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRcqb2wday+tTGKxcWzm45OHugcfzm/NEjIVRbxytZufL07RMjY9e3/fDRja9PvrT66t/Deb+4Hek4OVyPOxsnQ9jTUbkVh/1jIoR6d6HVDF8UC++1drbGAgAAAI+TZ1q/h9rtLA6OdrUrrTRZaf0XZWHx2rF9p2dPbt+0sGb91KVd8+eWPl69x3i1u47XblcXfyodwTjG33S8xXo8dX9hnHLpiGmeP//Ltq/K+hfyf7U8/8d3Tv4HAADgfsj/6Tjl+uX/PZufnSnrX8j/67ouWcj/ccYx/w+FpeV/AAAAeJQ97PxfK4xTrl/+f/Hwm9+X9S/k/w2D5f+RzmnHgz/HCe+dDGFDv6kDAAAAPcT/77740ULM69knB2lev/rNU7+WjVfI/7XB8v/oA31VAAAAwP3YXr3xfFm9kP/rg+X/sYc6awAAAOBefF75ZLasXsj/04Pl/5X5Nl/5kHX6Mf4rhM8mQxhv7sxkhZ/C3MvtAgAAAPCAxJz+6cffXi47r5D/Z8qf/x+fdBDX/3c9/6+w/r+jkD31b7MHAwAAAPAkKq7nj4/Hz765oNf37w+6/n/i5u3vyq5fyP+HBsv/w53bB/n9fwAAALAE/7fv/3urME65fs///2von4tl/Qv5f26w/B+3qzpf3sX4/hyeDGFtcyd/muCZeLm9SaEx2lFoqSc9dsYeeaEx1lFomUl6vDAZwnPNnUNJYXUszCWFOxN54VRSuBwL+f3QLpxNChfjnXZiIp9uWjgfC/kCi0ZcQbGqvSQi6fFnrx7Nwl17/Na+OAAAwBMlhuc8y452N0MaZRuVfies7HfCUL8ThvudMJKckJ7Y63iY7i7E4x/uOP1lKFHI/6cGy//xrViRbXqt/w9x/X/+vYbt9f/TsVBNCo1YqKdPDKjHa2Rh91i8RrWe97iztl0AAACAx1r8XGB4mecBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7J3rzFyXfUBwM8+Z3e93l0TpASKYAElIZW8Xm+wpZAgbKAEgQSbynyoUISNvUk33iTGDwmHh9YOQaAUNSkpCShQuxUUf0lWVIhHgVhRcVQ1VaNUQk5T8qYREtTkoVTUQa5m7z2zd87deTjedbzp7yd558z8z/POw3PuvXMuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/8ORW95xXrP4uy976Mc/vef9nz/4mbnbn/zOl24JYXL+8Y4s3HH+ia91V45/5GcHHv/mNzasefhkb14uj4dV1T+d+Z0vxFqfWR3CDzpC6E4DawezQE9+fzDW96bBENaEhUCtxNRAViJtOPy8P4RDYSFQq+pH/SEMFgJbHr7/vq9UE3f0h3BhCKGStvHLStZGfxq4qDcLDKSBG7uzwP+cytQCP+zMAnDG4puh9qKfm6zPMLJ4uQavv54l69irKx1eV0yMNM73283L3KmC3vSByTN62krVsSxKb4+j3m0r4N1W2s63edqKX6TybyinFkKV0Llj6ppt+2b2xkc6w9hYV6Oalul5fuS5z24/nfSKeR3GDowsyevwzq8/9blvPX3l3Xd98QNX3/vi86Nn2s3jhU1aTC+3SshfcyvmeYw2+TxZAW+/0rekUV+6QghffuJv/6RZvDT/H2k+/48v53jbWZc71npyKJubx0cGY+LEUDY3BwAAgBVjJew1nf3O5RPN6ivN/0fbO/4fD/nnk/lstEdD2DSfuHk4hAvmH88CR2JznxwO4a3zqcn6wOYkcDSEN8wnLqlVlZToiyVGk8CzQ3lgUxI4FgOTSeDbMXBbEvhCDMwlge0xcDQJvDcGwnT9OP54KB9H24H+GNiabcS5eBbCC0OxtWRbPVqrCgAAYInks8Oe+ruFcx3ONEOcXs71t8oQz8BumKGS1JDOYGvTqoY1dLeqobNVDbVxzzYffqnmjlY1l07D6KjPsPuzv/uz0ERp/j/efP5fWaQjHaXj/yFcNf835u7MIzO1+NbJugwAAADAGVi1+YYtzeKl+f+m9s7/j/tEugqZw4NxN8TO4RDG6wNZtZeXA9lR71V5AAAAAFaC2vH42rHw6fw2O0U7nU+X80+eZv544H/Tovl//cF3Xdesv6X5/2R75/8P1N9mnTgWe/HV4RD6CoEHYi+rgXmjMfDEe+oD+fiPxQ1wa6wqPzGhVtWtscTWGBhPAocalXioVuKC+kD+ZNUav7k2jum8RCEAAAAAZ13cHRCPy8fz/x/Zd/x9zcqV5v9bT+/8//l5cOn0/plVIazrDqEr/WHAgwPZwoAxMNiRJ346kNXVlVZ1YCCEK6oDS6t6Ml//vztdY/Dh/qyqGLjgbd997qJq4u/6Q1hXDPzi44c3VBN7k0Ct8Y/1h/CW6mjTxr/flzXekzZ+Z18Iby4EalV9si+EamO9aVX3V/LrGKRV3VsJ4bxCoFbVxkoI+wMAK1T8r3RH8cE9+2/auW1mZmr3MibiPvz+cM30zNTY9htndlQa9GlH0ue6ZYwOlMfUcDmkxKP5EkVHXr5sqJ107XeC48W+5PvxSycO5vfjd6Ge+XFO9NTdvTQd8jveXm4iFL5JvVpDHihWsvAkluqP+XvDqtC3b8/U7rFPb9u7d/f67G+72Seyv3FQ2bZan26rgcX6dg68PC4uVrJu7/W71u3Zf9Pa6eu3XTt17dQNE+Pv3LBxw8T4xo3rqqMaz/62GOrFi1WdDPXU4bM/1Dd2Fyo5G58aEhISKy0xe/PhVc0+fkrz/13N5//xUyd+8ufrMzQ6/j8SD/Nnjy8c5t8aA4faPf4/0uhofu3EgNEkMBsDsw7zAwAA8NoQd0fG3Y5xr3Xv4Ut/06xcaf4/297v/5do/f/a0vUfarTM/yWxxHij9f/TZf5r6//PNlr/P13mv7b+/6FXYf3/fbVAsklesP4/AADwWnD21v9vubx/eoGAUoaWy/unFwgoZWi5jH+7Fwg47fX/J657/JnQRGn+f1t7838L9wMAAMC54/Z/eu4tzeKl+f+h9ub/Z3/9v9Do/P/RRoHJRgsDWv8PAACAFarR+n+nhv/iY83Kleb/c+3N/+NpF511uWOtJ4eyNe1CuqbdiaHaTwYAAABgZegMY2M9beatWxl18ytv85F8KdBm6aIHLv+va5vVV5r/H21v/l/3u4w7v/7U57719JV3n7zrix+4+t4Xnx9dOP4PAAAALJ9290sAAAAAAAAAAAAAAACvvn2f+NcTzeKl3/+Hq+Yfb/T7/3jdv/j7gtfX5Y61tl7/L7+/5cP37J9fsvDBoRDeXgzsPLhzTcivzX9xMXDf1ZecX00cTEv85LH3/qqa+EQa+ODa171UTVyRBLbGRRLfkAbiVRVfWp0E4vKK/54G4vaYSwO9eeDLq7NxdKTb6teD2bbqSLfVfwyGMFwI1LbVDwazNjrSAd6RBGoD/FQaiAP8SB7oTHt1z6qsVzEwGIv+zaqsVwAAnLPit8CecM30zNR4/Aofb9/YXX8b1S1ZdqBcbVebzT+aL0125OXLhtpJd6XfRReuNd4TKtUhrC99XS1m6Zgf5dLU0mLTvb7BkFut9rZcm6638Yj6sxGNbb9xZkdPy4Ff2jrLRHfLLOtLk51ils75TdpGLW30pY0Rtblt2uhyvN8Zxsa6klzvisGRUKfVK6Ld3+sX1/lr9Coo5jkw0/OHZvWV5v8j7c3/K8VxvZRfDGA2XlnvL4ct8w8AAADL68ubf39X/PeT4Y/+Z7O8pfn/aHvz/7hjLD8UnO3tOBqv/3/zcAjzl9YfyQJHYnOfHA7hrfOpyVgiu6D+h2KJ8SxwJO4wuSSW2DpZX1VfDMwlgWeH8sDRJHAsBvK9FN8N+a6c24dC2DCfuqq+xK5YYiQJfDQGRpPAWAyMJ4HVMbApCfxmdR6YTAL/EgNhun5b/cPqfFsBAACcjnye1VN/N6TzvLnuVhk6WmUYaJWhs1WGSqsMjUYR738vZugpHo/PM8SHetJa+5NaShnixfBPu1+lDOGh+pxpwVLTtTNJRupzxgxb5g6uDk2U5v/j7c3/B+pvs9aPxfn/wvX/ssADsXtfjaeOj8bAE++pD+Q7Bo7Fye6ttaom8xL5pP3WWGJTDIwmgV0xsCkJbL0qDxw6vz6Qz7Rrjd9ca3w6L1EIAAAAwFkXdxDE3TRx/v/ffX/462blSvP/Te3N/2N7q4qNfSHW+szqEH7QsdCbWmDtYBaI+zEG48/j3zQYwprCDo5aiamBrERv0nD4eX/2C/XetKof9Wc/Poj3tzx8/31fqSbu6A/hwsLel1obv6xkbfSngYt6s8BAGrixOwvEPT+1wA87swCcsdpewfiCyk91qRlZvFyD199r5Zqg6fBK+0AXybfYb66WSyV9IN+nWnN6T1upOpZF6e1x1LttJb7bRrzbil+k8m8opxZCldC5Y+qabftm9sZHir9kLVmm57n4K9V20kvwOpx95b1trZJ2YDz5+BhfvNzir8OOWN2dX3/qc996+sq77/riB66+98XnR9vuRgPxh8I3XPe/Q8cLm3e5VUL+mltxnyeTPk9W4n8Do562EMItcxe80Cxemv9Ptjf/705u5/0+bsw9wyG8o7BxH4yb/33D2edgIZB9Sp5XDmSH3J8eavjJCQAAAEuttrujtr9gOr/NTghP58nl/JOnmT/ur9i0aP52+/2ZCy/8x2bx0vx/a/P5f1/STcf/Hf9nmTj+v6hzfVd0X/rA7Bntii5Vx7Jw/H9R5/q7zfH/RTn+7/j/Yhz/b8Hx/0Wd609b6VvSLl+6Qgj937/8oWbx0vx/V3vzf+v/Lb5oX239v62N1v/b1Wj9v1nr/wEAAMuqwUJz6TyvtHpfKUO6el8pQ8sFAlsuMWj9v9Ne/2/grz7+u9BEaf4/2978P74cVhVbXynr/41e1aCq22Jgl4UBAQAAOBc12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAq+vZ4wPvbxZ/92UP/fin97z/8wc/M3f7k9/50i0hTM8/3pGFO84/8bXuyvGP/OzA49/8xoY1D5+s5OV68ts/qssdaz05FMKhwiODMXFiqHpnIbDlw/fs764mHhwK4e3FwM6DO9dUE98eCuHiYuC+qy85v5o4mJb4yWPv/VU18Yk08MG1r3upmrgiD3Sk3b17ddbdjrS7X1kdwnAhUOvudavrq6q1cWUe6Ezb+PvBrI0YGIxF7xrM2oiBmVhiui+Edd0hdKVV/XMlq6orrerHlayqrrSqz1dCuCKE0J1W9VhvVlV3OvJ/682qioEL3vbd5y6qJg71hrCuGPjFxw9vqCY+lQRqjf9pbwhvqb5k0sa/15M13pM2fkdPCG8OIfSmJV7szkr0piWe7A7hvEKg1vifd4ewP/CaED98dhQf3LP/pp3bZmamdi9jojdvqz9cMz0zNbb9xpkdlaRPjXQU0qcOlOOdbY790ec+u716e+Tly4baSXfn5XrmuzzRU3f30qXqfccy9T72a6BYycLzUao/5u8Nq0Lfvj1Tu8c+vW3v3t3rs7/tZp/I/nbl0WxbrV+qbdWuV7qtLi5Wsm7v9bvW7dl/09rp67ddO3Xt1A0T4+/csHHDxPjGjeuqoxrP/i7FUA+X413LPNQ3dhcqORsfABISEist0Vn36TZ+rv+XXfqiv9DRnlCZ/4AuTSuKWTrmR7kUg97cPL6Ugy5NSUojWl+aOJSyTLTOcmlpMrGQpT/LMv+9rjQ5LNbUOb9J4/3OMDbW8H+6kfq7xc3320U2b7seyTddu2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//19BHGg==")
r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0)
pwritev2(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x44000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
userfaultfd(0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@mcast1, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in6=@private0}, 0xa, @in=@multicast1}}, 0xe8)
socket$kcm(0x10, 0x2, 0x0)
dup3(r1, r0, 0x0)
finit_module(r1, 0x0, 0x0)

397.594047ms ago: executing program 3 (id=719):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x13, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r3, 0xfca804a0, 0x2, 0x8, &(0x7f0000000840)="d001448a017331696ef38a14c9a7c1559bef876ed5211b21ad5130086f0344e372d9ae3b677621ba2686046782d9c41d769492870072933952573881e77a93a100000000", &(0x7f0000000300)=""/1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xfffffec7)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f00000000c0)=0x81)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0x5421, &(0x7f0000000340)={{0xffffffff, 0x1, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
read$FUSE(0xffffffffffffffff, &(0x7f00000044c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00', @ANYRES8=r5, @ANYRESHEX=r4, @ANYRES32=r6, @ANYBLOB="0863d3f30af9f36580000a00050008d70000000009000700fc01000000000000"], 0x3c}}, 0x480d4)
get_robust_list(r5, &(0x7f0000000280)=&(0x7f0000000240)={&(0x7f0000000140), 0x0, &(0x7f00000001c0)={&(0x7f0000000180)}}, &(0x7f00000002c0)=0x18)
gettid()
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r1, 0x0, 0x0, 0x100800)
r8 = socket(0x840000000002, 0x3, 0xff)
sendmsg$rds(r8, &(0x7f0000000a40)={&(0x7f0000000000)={0x2, 0x0, @private}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000040)=""/44, 0x2c}, {0x0}], 0x2}, 0x0)
close(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)

0s ago: executing program 3 (id=720):
socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x3c, 0x0, 0x0, 0x0, 0x0, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc}, @handle=@pci={{0x8}, {0x11}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000010}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$vhost_msg(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a1400000011000100000000deff0000000000000a"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)

kernel console output (not intermixed with test programs):

and tx timeout
[  108.975696][   T46] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  109.001644][ T5666] team0: Port device team_slave_0 added
[  109.010749][ T5666] team0: Port device team_slave_1 added
[  109.048965][ T5466] 8021q: adding VLAN 0 to HW filter on device team0
[  109.118004][ T5611] hsr_slave_0: entered promiscuous mode
[  109.125140][ T5611] hsr_slave_1: entered promiscuous mode
[  109.132045][ T5611] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.140345][   T46] usb 2-1: device descriptor read/64, error -71
[  109.146822][ T5611] Cannot create hsr debugfs directory
[  109.157254][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.164395][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.179385][ T5666] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.187298][ T5666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.214257][ T5666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.226676][ T5666] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.233730][ T5666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.261451][ T5666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.272563][   T46] usb usb2-port1: attempt power cycle
[  109.306283][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.313389][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.464711][ T5556] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  109.486745][ T4491] Bluetooth: hci3: command tx timeout
[  109.505156][ T2395] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.546939][ T5666] hsr_slave_0: entered promiscuous mode
[  109.553308][ T5666] hsr_slave_1: entered promiscuous mode
[  109.561320][ T5666] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.569834][ T5666] Cannot create hsr debugfs directory
[  109.589912][ T2395] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.605004][ T5556] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  109.616895][ T5556] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  109.661704][ T5556] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  109.683889][ T2395] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.706874][   T46] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  109.753785][   T46] usb 2-1: device descriptor read/8, error -71
[  109.775258][ T2395] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.025719][   T46] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  110.079370][   T46] usb 2-1: device descriptor read/8, error -71
[  110.154912][ T2395] bridge_slave_1: left allmulticast mode
[  110.178034][ T2395] bridge_slave_1: left promiscuous mode
[  110.183857][ T2395] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.209083][ T2395] bridge_slave_0: left allmulticast mode
[  110.214758][ T2395] bridge_slave_0: left promiscuous mode
[  110.216830][   T46] usb usb2-port1: unable to enumerate USB device
[  110.227902][ T2395] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.241513][ T2395] bridge_slave_1: left allmulticast mode
[  110.254287][ T2395] bridge_slave_1: left promiscuous mode
[  110.260731][ T2395] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.280483][ T2395] bridge_slave_0: left allmulticast mode
[  110.292628][ T2395] bridge_slave_0: left promiscuous mode
[  110.298959][ T2395] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.952157][ T2395] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.963622][ T2395] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.974313][ T2395] bond0 (unregistering): Released all slaves
[  111.005756][ T4491] Bluetooth: hci2: command tx timeout
[  111.055766][ T2395] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  111.070151][ T2395] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  111.080890][ T2395] bond0 (unregistering): Released all slaves
[  111.150672][ T5466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.309070][ T5556] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.497525][ T5556] 8021q: adding VLAN 0 to HW filter on device team0
[  111.590429][ T5466] veth0_vlan: entered promiscuous mode
[  111.780548][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.787888][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.890159][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.897360][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.478157][ T5466] veth1_vlan: entered promiscuous mode
[  112.592818][ T5611] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  112.612340][ T5611] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  112.625254][ T5611] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  112.648238][ T5611] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  112.748505][ T5466] veth0_macvtap: entered promiscuous mode
[  112.767471][ T5466] veth1_macvtap: entered promiscuous mode
[  112.792788][ T5556] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  113.177900][ T4491] Bluetooth: hci2: command tx timeout
[  113.792192][ T5466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.803168][ T5466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.813507][ T5466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.824660][ T5466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.834685][ T5466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.845376][ T5466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.857910][ T5466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.968766][ T5466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.994275][ T5466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.006395][ T5466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.024541][ T5466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.034934][ T5466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.055027][ T5466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.067701][ T5466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.115452][ T5466] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.124676][ T5466] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.135010][ T5466] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.144055][ T5466] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.197900][ T2395] hsr_slave_0: left promiscuous mode
[  114.222141][ T2395] hsr_slave_1: left promiscuous mode
[  114.230995][ T2395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  114.243056][ T2395] batman_adv: batadv0: Removing interface: batadv_slave_0
[  114.253448][ T2395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  114.261133][ T2395] batman_adv: batadv0: Removing interface: batadv_slave_1
[  114.273336][ T2395] hsr_slave_0: left promiscuous mode
[  114.279777][ T2395] hsr_slave_1: left promiscuous mode
[  114.290767][ T2395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  114.301471][ T2395] batman_adv: batadv0: Removing interface: batadv_slave_0
[  114.316656][ T2395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  114.324205][ T2395] batman_adv: batadv0: Removing interface: batadv_slave_1
[  114.384701][ T2395] veth1_macvtap: left promiscuous mode
[  114.390701][ T2395] veth0_macvtap: left promiscuous mode
[  114.396518][ T2395] veth1_vlan: left promiscuous mode
[  114.401977][ T2395] veth0_vlan: left promiscuous mode
[  114.409726][ T2395] veth1_macvtap: left promiscuous mode
[  114.415293][ T2395] veth0_macvtap: left promiscuous mode
[  114.422187][ T2395] veth1_vlan: left promiscuous mode
[  114.427698][ T2395] veth0_vlan: left promiscuous mode
[  114.988427][   T46] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  115.003395][ T2395] team0 (unregistering): Port device team_slave_1 removed
[  115.038302][ T2395] team0 (unregistering): Port device team_slave_0 removed
[  115.175696][   T46] usb 2-1: Using ep0 maxpacket: 16
[  115.189663][   T46] usb 2-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=b4.75
[  115.199428][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.208063][   T46] usb 2-1: Product: syz
[  115.212273][   T46] usb 2-1: Manufacturer: syz
[  115.217535][   T46] usb 2-1: SerialNumber: syz
[  115.227319][   T46] usb 2-1: config 0 descriptor??
[  115.236213][   T46] gspca_main: sn9c2028-2.14.0 probing 0458:7005
[  115.438458][   T46] gspca_sn9c2028: read1 error -32
[  115.444985][   T46] gspca_sn9c2028: read1 error 0
[  115.738445][ T2395] team0 (unregistering): Port device team_slave_1 removed
[  115.782692][ T2395] team0 (unregistering): Port device team_slave_0 removed
[  115.983111][   T46] gspca_sn9c2028: read1 error -110
[  115.989578][   T46] sn9c2028 2-1:0.0: probe with driver sn9c2028 failed with error -110
[  116.000174][   T46] usb 2-1: Found UVC 0.00 device syz (0458:7005)
[  116.006979][   T46] usb 2-1: No valid video chain found.
[  116.142070][ T5556] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.398291][ T2827] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.399966][ T5666] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  116.421442][ T2827] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.486050][ T5666] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  116.500295][ T5666] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  116.566557][ T5666] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  116.654194][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.656726][ T5556] veth0_vlan: entered promiscuous mode
[  116.671146][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.720875][ T5611] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.727461][ T5188] usb 2-1: USB disconnect, device number 10
[  116.794180][ T5556] veth1_vlan: entered promiscuous mode
[  116.912909][ T5611] 8021q: adding VLAN 0 to HW filter on device team0
[  116.965442][ T5556] veth0_macvtap: entered promiscuous mode
[  116.978794][ T5556] veth1_macvtap: entered promiscuous mode
[  117.058140][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.065448][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.118036][ T5556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.146696][ T5556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.157001][ T5556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.168684][ T5556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.180916][ T5556] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.193690][ T5556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.204339][ T5556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.370895][ T5556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  117.507737][ T5556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.663707][ T5556] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.922706][ T5666] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.999032][ T4880] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.006251][ T4880] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.064123][ T5837] loop1: detected capacity change from 0 to 4096
[  118.240546][ T5556] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.249523][ T5556] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.259324][ T5556] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.268198][ T5556] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.930390][ T5666] 8021q: adding VLAN 0 to HW filter on device team0
[  119.073997][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.081225][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.161464][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.168707][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.222523][ T5611] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  119.293469][ T5837] warning: `syz.1.115' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  119.369721][ T2395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.395897][ T2395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.508270][ T2924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  119.535864][ T2924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.559656][ T5666] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  121.192747][ T5611] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.466739][ T5611] veth0_vlan: entered promiscuous mode
[  121.635941][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  121.635959][   T29] audit: type=1326 audit(1720224159.784:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  121.683077][ T5666] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.714716][ T5611] veth1_vlan: entered promiscuous mode
[  121.724805][   T29] audit: type=1326 audit(1720224159.784:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  121.818365][   T29] audit: type=1326 audit(1720224159.784:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  121.878974][ T5611] veth0_macvtap: entered promiscuous mode
[  121.909486][   T29] audit: type=1326 audit(1720224159.784:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  121.942661][ T5611] veth1_macvtap: entered promiscuous mode
[  121.989536][   T29] audit: type=1326 audit(1720224159.784:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  122.049905][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.076244][   T29] audit: type=1326 audit(1720224159.784:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  122.082297][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.129438][   T29] audit: type=1326 audit(1720224159.784:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  122.132663][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.191425][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.206488][   T29] audit: type=1326 audit(1720224159.784:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  122.207002][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.248197][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.255599][   T29] audit: type=1326 audit(1720224159.784:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  122.263360][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.299557][   T29] audit: type=1326 audit(1720224159.784:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5882 comm="syz.0.76" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939c375bd9 code=0x7fc00000
[  122.308919][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.332959][ T5148] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  122.348980][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.364178][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.392190][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.440095][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.472530][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.490604][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.527940][ T5148] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  122.539335][ T5148] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  122.555057][ T5148] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  122.574634][ T5148] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.633412][ T5906] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  123.513516][ T5611] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.571432][ T5611] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.595286][ T5611] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.615585][ T5611] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.667853][ T5148] usb 2-1: USB disconnect, device number 11
[  123.834615][ T5666] veth0_vlan: entered promiscuous mode
[  123.839284][ T5924] loop0: detected capacity change from 0 to 256
[  123.919140][ T5666] veth1_vlan: entered promiscuous mode
[  123.930460][ T5924] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  123.963423][ T5924] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  123.986973][ T2827] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.994896][ T2827] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.999832][ T5924] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  124.038161][ T5924] UDF-fs: Scanning with blocksize 512 failed
[  124.060945][ T5924] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  124.061703][ T2827] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.082601][ T5666] veth0_macvtap: entered promiscuous mode
[  124.098895][ T5666] veth1_macvtap: entered promiscuous mode
[  124.105120][ T2827] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.111649][ T5924] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  124.159227][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.181428][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.195366][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.218892][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.234154][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.253513][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.273250][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.283955][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.298525][ T5666] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.396304][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.436529][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.485772][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.505784][ T5934] loop2: detected capacity change from 0 to 256
[  124.506156][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.540549][ T5934] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  124.549303][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.591862][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.602234][ T5934] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  124.635649][ T5934] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  124.643424][ T5934] UDF-fs: Scanning with blocksize 512 failed
[  124.650656][ T5666] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.663776][ T5666] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.689453][ T5934] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  124.700565][ T5666] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.716267][ T5934] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  124.825757][ T5666] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.834555][ T5666] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.862158][ T5666] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.913233][ T5666] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.602784][ T2802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.677293][ T1149] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  125.981261][ T2802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.032226][   T46] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  126.113955][ T2395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.138866][ T2395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.255969][   T46] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  126.278862][   T46] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  126.306783][ T1149] usb 2-1: Using ep0 maxpacket: 16
[  126.317602][   T46] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  126.384598][ T1149] usb 2-1: config 0 has no interfaces?
[  126.414932][ T1149] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  126.458671][ T1149] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  126.493273][ T1149] usb 2-1: Manufacturer: syz
[  126.561799][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.569975][   T46] usb 4-1: Product: syz
[  126.574162][   T46] usb 4-1: Manufacturer: syz
[  126.580361][   T46] usb 4-1: SerialNumber: syz
[  126.596892][ T1149] usb 2-1: config 0 descriptor??
[  127.297827][ T5946] netlink: 16 bytes leftover after parsing attributes in process `ôª\k[sC®Ö˜›Y
[  127.297827][ T5946] I}'.
[  127.352312][   T46] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  128.540381][ T5147] usb 4-1: USB disconnect, device number 4
[  128.566995][ T5147] usblp0: removed
[  128.707075][ T5986] [U] 
[  128.821264][ T5959] loop2: detected capacity change from 0 to 40427
[  128.887556][ T5959] F2FS-fs (loop2): invalid crc value
[  128.932410][ T5959] F2FS-fs (loop2): Found nat_bits in checkpoint
[  129.592528][ T5147] usb 2-1: USB disconnect, device number 12
[  131.671327][ T6027] loop3: detected capacity change from 0 to 4096
[  131.750692][ T5992] loop0: detected capacity change from 0 to 40427
[  131.771999][ T5992] F2FS-fs (loop0): invalid crc value
[  131.808815][ T5992] F2FS-fs (loop0): Found nat_bits in checkpoint
[  132.117429][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.151'.
[  132.140337][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.151'.
[  133.290581][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  133.297393][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  133.342148][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  133.342164][   T29] audit: type=1326 audit(1720224171.504:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  133.658962][   T29] audit: type=1326 audit(1720224171.544:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.003564][   T29] audit: type=1326 audit(1720224171.544:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.367002][   T29] audit: type=1326 audit(1720224171.544:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.415780][   T29] audit: type=1326 audit(1720224171.544:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.437947][    C1] vkms_vblank_simulate: vblank timer overrun
[  134.580351][   T29] audit: type=1326 audit(1720224171.544:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.598788][ T6072] loop0: detected capacity change from 0 to 32768
[  134.602518][    C1] vkms_vblank_simulate: vblank timer overrun
[  134.626454][ T6072] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.165 (6072)
[  134.649053][ T6072] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  134.659445][ T6072] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  134.668337][ T6072] BTRFS info (device loop0): using free-space-tree
[  134.756123][   T29] audit: type=1326 audit(1720224171.544:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.878563][   T29] audit: type=1326 audit(1720224171.544:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  134.900780][    C1] vkms_vblank_simulate: vblank timer overrun
[  134.972645][   T29] audit: type=1326 audit(1720224171.544:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  135.063644][   T29] audit: type=1326 audit(1720224171.544:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.2.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073bf75bd9 code=0x7fc00000
[  135.882959][ T5556] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.405656][ T5188] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  136.617372][ T5188] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  136.665854][ T5188] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  136.700519][ T6115] block nbd3: shutting down sockets
[  136.712919][ T5188] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  136.727327][ T5188] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  136.740591][ T5188] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  136.819494][ T5188] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  137.004761][ T5188] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  137.217041][ T5188] usb 1-1: Product: syz
[  137.285857][ T5188] usb 1-1: Manufacturer: syz
[  137.450060][ T5188] cdc_wdm 1-1:1.0: skipping garbage
[  137.486190][ T5188] cdc_wdm 1-1:1.0: skipping garbage
[  137.537129][ T5188] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  137.785959][ T5188] cdc_wdm 1-1:1.0: Unknown control protocol
[  138.362965][ T5188] usb 1-1: USB disconnect, device number 3
[  138.511979][ T6104] loop2: detected capacity change from 0 to 40427
[  139.343069][ T6104] F2FS-fs (loop2): invalid crc value
[  139.446258][ T6104] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4)
[  141.545675][ T4491] block nbd0: Receive control failed (result -32)
[  141.827219][ T6169] block nbd0: shutting down sockets
[  143.685815][ T5144] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  143.997327][ T5144] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  144.065640][ T5144] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  144.141821][ T5144] usb 4-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  144.177615][ T5144] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.200859][ T5144] usb 4-1: config 0 descriptor??
[  144.224540][ T5144] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  145.580444][ T5149] usb 4-1: USB disconnect, device number 5
[  145.628137][ T6224] block nbd0: shutting down sockets
[  146.344556][ T6223] loop2: detected capacity change from 0 to 4096
[  149.151783][ T6275] fuse: Bad value for 'fd'
[  150.139644][ T6293] capability: warning: `syz.1.220' uses 32-bit capabilities (legacy support in use)
[  150.154913][ T6293] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  150.276482][ T5951] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  150.457979][ T5951] usb 1-1: Using ep0 maxpacket: 16
[  150.473949][ T5951] usb 1-1: config 0 has no interfaces?
[  150.490377][ T5951] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  150.509065][ T5951] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  150.520085][ T5951] usb 1-1: Manufacturer: syz
[  150.540825][ T5951] usb 1-1: config 0 descriptor??
[  150.785700][ T5147] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  150.993501][ T5147] usb 3-1: Using ep0 maxpacket: 16
[  151.091350][ T5147] usb 3-1: config 0 has no interfaces?
[  151.129028][ T5147] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  151.549666][ T5147] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  151.672560][ T5147] usb 3-1: Manufacturer: syz
[  151.904705][ T5147] usb 3-1: config 0 descriptor??
[  152.342358][ T6333] fuse: Bad value for 'fd'
[  153.061286][ T5149] usb 1-1: USB disconnect, device number 4
[  153.311440][ T6343] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  153.367830][ T6343] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  154.086835][ T6359] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  154.131049][ T6359] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  154.792266][ T6373] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0)
[  155.030242][ T5145] usb 3-1: USB disconnect, device number 3
[  155.356993][ T6368] loop1: detected capacity change from 0 to 4096
[  156.100406][ T6380] fuse: Bad value for 'fd'
[  157.044923][ T6360] loop3: detected capacity change from 0 to 40427
[  157.265653][ T5149] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  157.477496][ T5149] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  157.504173][ T5149] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  157.524932][ T5149] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  157.557599][ T5149] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.573842][ T6425] netlink: 'syz.3.249': attribute type 10 has an invalid length.
[  157.585089][ T6425] netlink: 40 bytes leftover after parsing attributes in process `syz.3.249'.
[  157.603381][ T6414] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  157.638746][ T6425] batadv0: entered promiscuous mode
[  157.654776][ T6425] batadv0: entered allmulticast mode
[  157.697831][ T6425] bridge0: port 3(batadv0) entered blocking state
[  157.745759][ T6425] bridge0: port 3(batadv0) entered disabled state
[  157.797170][ T6425] bridge0: port 3(batadv0) entered blocking state
[  157.804651][ T6425] bridge0: port 3(batadv0) entered forwarding state
[  158.259422][   T46] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  158.352145][   T61] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  158.361232][ T5144] usb 5-1: USB disconnect, device number 4
[  158.361527][   T61] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  158.538249][   T46] usb 4-1: config 3 has an invalid interface descriptor of length 2, skipping
[  158.580607][   T46] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  158.675153][   T46] usb 4-1: config 3 has 1 interface, different from the descriptor's value: 3
[  158.768527][   T46] usb 4-1: config 3 has no interface number 0
[  158.898252][   T46] usb 4-1: config 3 interface 1 has no altsetting 0
[  158.904927][   T46] usb 4-1: New USB device found, idVendor=15ba, idProduct=0004, bcdDevice=ee.f1
[  158.915604][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.136058][   T46] usb 4-1: string descriptor 0 read error: -71
[  159.170404][   T46] ftdi_sio 4-1:3.1: FTDI USB Serial Device converter detected
[  159.239285][   T46] ftdi_sio ttyUSB0: unknown device type: 0xeef1
[  159.266291][ T5110] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  159.275920][ T5110] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  159.283951][ T5110] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  159.293302][ T5110] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  159.301033][ T5110] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  159.305994][   T46] usb 4-1: USB disconnect, device number 6
[  159.556680][   T46] ftdi_sio 4-1:3.1: device disconnected
[  159.820856][ T5110] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  160.751354][   T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.810305][ T6453] chnl_net:caif_netlink_parms(): no params data found
[  160.942836][ T6478] loop0: detected capacity change from 0 to 4096
[  161.034701][ T6485] bridge0: port 4(netdevsim0) entered blocking state
[  161.075354][ T6485] bridge0: port 4(netdevsim0) entered disabled state
[  161.092189][ T6485] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  161.159750][ T6485] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  161.202281][ T6492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.259'.
[  161.218584][ T6492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.259'.
[  161.245300][ T6485] bridge0: port 4(netdevsim0) entered blocking state
[  161.252592][ T6485] bridge0: port 4(netdevsim0) entered forwarding state
[  161.411515][   T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.671395][   T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.940437][   T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.966121][ T4491] Bluetooth: hci4: command tx timeout
[  163.147546][ T6453] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.187552][ T6453] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.307784][ T6453] bridge_slave_0: entered allmulticast mode
[  163.329028][ T6453] bridge_slave_0: entered promiscuous mode
[  163.351727][ T6453] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.375746][ T6453] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.395991][ T6453] bridge_slave_1: entered allmulticast mode
[  163.425291][ T6453] bridge_slave_1: entered promiscuous mode
[  164.055687][ T4491] Bluetooth: hci4: command tx timeout
[  164.079516][ T6453] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.176533][ T6453] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.302125][ T6453] team0: Port device team_slave_0 added
[  164.331504][ T6453] team0: Port device team_slave_1 added
[  165.349391][ T6527] netlink: 'syz.0.266': attribute type 10 has an invalid length.
[  165.404511][ T6527] netlink: 40 bytes leftover after parsing attributes in process `syz.0.266'.
[  165.479526][ T6527] batadv0: entered promiscuous mode
[  165.508320][ T6527] batadv0: entered allmulticast mode
[  165.582889][ T6527] bridge0: port 3(batadv0) entered blocking state
[  165.639488][ T6527] bridge0: port 3(batadv0) entered disabled state
[  165.667836][ T6527] bridge0: port 3(batadv0) entered blocking state
[  165.674421][ T6527] bridge0: port 3(batadv0) entered forwarding state
[  165.744753][ T6453] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.768535][ T6453] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.796002][ T5147] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  165.853653][ T6540] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0)
[  165.979653][ T6453] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.073533][ T5147] usb 1-1: config 3 has an invalid interface descriptor of length 2, skipping
[  166.118103][   T35] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  166.128124][   T35] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  166.168793][ T6453] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.183733][ T5147] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  166.200567][ T4491] Bluetooth: hci4: command tx timeout
[  166.239169][ T6453] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.276867][ T5147] usb 1-1: config 3 has 1 interface, different from the descriptor's value: 3
[  166.338759][ T5147] usb 1-1: config 3 has no interface number 0
[  166.358999][ T5147] usb 1-1: config 3 interface 1 has no altsetting 0
[  166.379272][ T5147] usb 1-1: New USB device found, idVendor=15ba, idProduct=0004, bcdDevice=ee.f1
[  166.389539][ T6453] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.419846][   T61] bridge_slave_1: left allmulticast mode
[  166.427237][   T61] bridge_slave_1: left promiscuous mode
[  166.432978][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.448263][ T5147] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.465767][ T5149] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  166.474067][   T61] bridge_slave_0: left allmulticast mode
[  166.497193][   T61] bridge_slave_0: left promiscuous mode
[  166.512190][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.653252][ T6542] loop3: detected capacity change from 0 to 4096
[  166.703929][ T5147] usb 1-1: string descriptor 0 read error: -71
[  166.711367][ T5149] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.720749][ T5147] ftdi_sio 1-1:3.1: FTDI USB Serial Device converter detected
[  166.729961][ T5149] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  166.744050][ T5149] usb 5-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  166.763730][ T5147] ftdi_sio ttyUSB0: unknown device type: 0xeef1
[  166.804367][ T5147] usb 1-1: USB disconnect, device number 5
[  166.840480][ T5147] ftdi_sio 1-1:3.1: device disconnected
[  167.185263][ T5149] usb 5-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  167.193522][ T5149] usb 5-1: Manufacturer: syz
[  167.238045][ T5149] usb 5-1: config 0 descriptor??
[  167.624923][ T6539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  167.634907][ T6539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.295779][ T4491] Bluetooth: hci4: command tx timeout
[  168.571835][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.608512][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.622851][ T6566] loop0: detected capacity change from 0 to 4096
[  168.647263][   T61] bond0 (unregistering): Released all slaves
[  168.703230][ T6539] netlink: 'syz.4.270': attribute type 4 has an invalid length.
[  168.775627][ T6539] netlink: 17 bytes leftover after parsing attributes in process `syz.4.270'.
[  169.231441][ T6453] hsr_slave_0: entered promiscuous mode
[  169.252117][ T6453] hsr_slave_1: entered promiscuous mode
[  169.266527][ T6453] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.275864][ T6453] Cannot create hsr debugfs directory
[  169.429437][ T4880] usb 5-1: USB disconnect, device number 5
[  169.723776][   T61] hsr_slave_0: left promiscuous mode
[  169.786641][   T61] hsr_slave_1: left promiscuous mode
[  169.807479][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.828488][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.883989][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.915775][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.974776][   T61] veth1_macvtap: left promiscuous mode
[  170.011406][   T61] veth0_macvtap: left promiscuous mode
[  170.033872][   T61] veth1_vlan: left promiscuous mode
[  170.048077][   T61] veth0_vlan: left promiscuous mode
[  170.217708][ T6592] loop0: detected capacity change from 0 to 32768
[  170.251733][ T6592] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.280 (6592)
[  170.312667][ T6592] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.351946][ T6592] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  170.385757][ T6592] BTRFS info (device loop0): using free-space-tree
[  170.474385][ T6575] loop3: detected capacity change from 0 to 40427
[  170.520575][ T6575] F2FS-fs (loop3): invalid crc value
[  170.601451][ T6575] F2FS-fs (loop3): Found nat_bits in checkpoint
[  170.804731][ T5556] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.842905][ T6575] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  171.345407][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  171.345447][   T29] audit: type=1326 audit(1720224209.494:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  171.597191][   T29] audit: type=1326 audit(1720224209.504:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  171.713485][   T29] audit: type=1326 audit(1720224209.504:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  171.744077][   T29] audit: type=1326 audit(1720224209.504:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  171.774203][   T29] audit: type=1326 audit(1720224209.504:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  171.803591][   T29] audit: type=1326 audit(1720224209.504:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  171.805467][ T5466] syz-executor: attempt to access beyond end of device
[  171.805467][ T5466] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  171.873903][ T5466] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  172.136284][   T46] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  172.308273][   T61] team0 (unregistering): Port device team_slave_1 removed
[  172.358477][   T46] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.395378][   T46] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  172.442219][   T46] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  172.465705][   T46] usb 2-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  172.475032][   T46] usb 2-1: Manufacturer: syz
[  172.495162][   T61] team0 (unregistering): Port device team_slave_0 removed
[  172.506662][   T46] usb 2-1: config 0 descriptor??
[  172.533462][ T6628] loop4: detected capacity change from 0 to 32768
[  172.680596][ T6632] loop0: detected capacity change from 0 to 32768
[  172.835435][ T6634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  172.899495][ T6634] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.156483][   T29] audit: type=1804 audit(1720224211.244:209): pid=6639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.287" name="/newroot/31/file0/bus" dev="loop4" ino=7 res=1 errno=0
[  174.272478][ T6634] netlink: 'syz.1.289': attribute type 4 has an invalid length.
[  174.378213][ T6634] netlink: 17 bytes leftover after parsing attributes in process `syz.1.289'.
[  175.096120][ T4880] usb 2-1: USB disconnect, device number 13
[  175.180578][ T6652] netlink: 4 bytes leftover after parsing attributes in process `syz.3.291'.
[  175.196225][ T6652] netlink: 4 bytes leftover after parsing attributes in process `syz.3.291'.
[  176.519229][ T6667] PKCS7: Unknown OID: [4] 0.28.0.0
[  176.524792][ T6667] PKCS7: Only support pkcs7_signedData type
[  177.529070][ T6453] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  177.602206][ T6453] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  177.619679][ T5144] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  177.649057][ T6453] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  177.711920][ T6453] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  177.827567][ T5144] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.855749][ T5144] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  177.900104][ T5144] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  177.915942][ T5144] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  177.931439][ T5144] usb 2-1: SerialNumber: syz
[  177.989230][ T6453] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.051258][ T6453] 8021q: adding VLAN 0 to HW filter on device team0
[  178.097270][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.104510][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.181624][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.188876][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.212393][ T1149] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  178.853875][ T6673] loop3: detected capacity change from 0 to 40427
[  178.988938][ T5144] usb 2-1: 0:2 : does not exist
[  178.994277][ T5144] usb 2-1: unit 5: unexpected type 0x0b
[  178.998292][ T6673] F2FS-fs (loop3): invalid crc value
[  179.035932][ T5144] usb 2-1: USB disconnect, device number 14
[  179.062929][ T6673] F2FS-fs (loop3): Found nat_bits in checkpoint
[  179.096894][ T1149] usb 5-1: Using ep0 maxpacket: 8
[  179.110653][ T1149] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  179.159701][ T1149] usb 5-1: New USB device found, idVendor=05ac, idProduct=0252, bcdDevice= 0.40
[  179.192591][ T1149] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.229104][ T1149] usb 5-1: Product: syz
[  179.233537][ T1149] usb 5-1: Manufacturer: syz
[  179.258537][ T1149] usb 5-1: SerialNumber: syz
[  179.346849][ T5104] udevd[5104]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  179.365917][ T6673] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  179.414572][ T6453] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.698014][ T6453] veth0_vlan: entered promiscuous mode
[  180.015813][   T29] audit: type=1326 audit(1720224218.034:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.3.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  180.100334][ T6453] veth1_vlan: entered promiscuous mode
[  180.304519][   T29] audit: type=1326 audit(1720224218.034:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.3.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  180.327020][   T29] audit: type=1326 audit(1720224218.034:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.3.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  180.349265][   T29] audit: type=1326 audit(1720224218.034:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.3.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  180.372582][   T29] audit: type=1326 audit(1720224218.034:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.3.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  180.396066][   T29] audit: type=1326 audit(1720224218.034:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.3.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  180.505914][ T5466] syz-executor: attempt to access beyond end of device
[  180.505914][ T5466] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  180.541937][ T6453] veth0_macvtap: entered promiscuous mode
[  180.582051][ T6453] veth1_macvtap: entered promiscuous mode
[  180.588209][ T5466] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  180.622321][ T1149] usbhid 5-1:1.0: can't add hid device: -22
[  180.638873][ T1149] usbhid 5-1:1.0: probe with driver usbhid failed with error -22
[  180.669339][ T1149] usb 5-1: USB disconnect, device number 6
[  180.676431][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.722706][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.760053][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.785001][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.809027][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.823094][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.837898][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.874066][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.920753][ T6453] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.944799][ T6700] loop0: detected capacity change from 0 to 32768
[  180.969650][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.995094][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.131856][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.144555][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.166182][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.191898][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.235676][ T6453] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  181.275696][ T6453] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.354816][ T6453] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.370593][ T6453] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.660060][ T6453] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.724936][ T6453] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.747715][ T6453] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.807649][ T6740] bridge0: port 3(netdevsim0) entered blocking state
[  181.815417][ T6740] bridge0: port 3(netdevsim0) entered disabled state
[  181.868021][ T6740] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  181.924995][ T6740] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  181.967030][ T6740] bridge0: port 3(netdevsim0) entered blocking state
[  181.973978][ T6740] bridge0: port 3(netdevsim0) entered forwarding state
[  182.212958][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.255694][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.361395][ T2913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.392884][ T2913] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.830590][ T6755] loop2: detected capacity change from 0 to 4096
[  182.968111][ T6734] loop1: detected capacity change from 0 to 32768
[  183.025640][ T1149] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  183.959648][ T1149] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.991840][ T1149] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  184.228836][ T1149] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  184.238181][ T1149] usb 1-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  184.255729][ T1149] usb 1-1: Manufacturer: syz
[  184.271747][ T1149] usb 1-1: config 0 descriptor??
[  184.680762][ T6760] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.708933][ T6760] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.769565][ T6798] PKCS7: Unknown OID: [4] 0.28.0.0
[  184.774774][ T6798] PKCS7: Only support pkcs7_signedData type
[  185.538031][ T6760] netlink: 'syz.0.312': attribute type 4 has an invalid length.
[  185.575899][ T6760] netlink: 17 bytes leftover after parsing attributes in process `syz.0.312'.
[  185.633169][ T6790] loop2: detected capacity change from 0 to 32768
[  186.447156][ T5110] Bluetooth: hci1: command 0x0406 tx timeout
[  186.526824][ T5145] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  186.729371][ T5145] usb 5-1: Using ep0 maxpacket: 16
[  186.746495][ T5145] usb 5-1: config 0 has no interfaces?
[  187.039925][ T5145] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  187.659108][ T5145] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  187.675561][ T5145] usb 5-1: Manufacturer: syz
[  187.771804][ T5145] usb 5-1: config 0 descriptor??
[  187.869734][   T25] usb 1-1: USB disconnect, device number 6
[  188.235266][ T6851] loop2: detected capacity change from 0 to 4096
[  188.435763][ T5147] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  188.468764][ T6851] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  188.601201][ T6851] ntfs3: loop2: Failed to load $Extend (-22).
[  188.939368][ T6851] ntfs3: loop2: Failed to initialize $Extend.
[  189.405241][ T6870] loop0: detected capacity change from 0 to 4096
[  189.573453][ T5149] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  189.654887][ T6870] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  189.700184][ T6870] ntfs3: loop0: Failed to load $Extend (-22).
[  189.732125][ T6870] ntfs3: loop0: Failed to initialize $Extend.
[  189.932644][ T5147] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  189.945689][ T5147] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  189.966071][ T5147] usb 2-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  189.987108][ T5147] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.019750][ T5147] usb 2-1: config 0 descriptor??
[  190.029128][ T5149] usb 4-1: Using ep0 maxpacket: 32
[  190.037363][ T5149] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  190.051330][ T5149] usb 4-1: New USB device found, idVendor=12d1, idProduct=1436, bcdDevice= 0.00
[  190.060875][ T5149] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.070025][ T5147] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  190.098989][ T5149] usb 4-1: Product: syz
[  190.385607][ T5144] usb 5-1: USB disconnect, device number 7
[  190.422153][ T5149] usb 4-1: Manufacturer: syz
[  190.455606][ T5149] usb 4-1: SerialNumber: syz
[  190.516714][ T5149] usb 4-1: config 0 descriptor??
[  190.626984][ T5149] usb-storage 4-1:0.0: USB Mass Storage device detected
[  190.904688][ T5149] usb 4-1: USB disconnect, device number 7
[  191.966313][   T25] usb 2-1: USB disconnect, device number 15
[  192.043132][ T6909] bridge0: port 4(netdevsim0) entered blocking state
[  192.065916][ T6909] bridge0: port 4(netdevsim0) entered disabled state
[  192.095436][ T6909] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  192.135857][ T6909] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  192.174592][ T6909] bridge0: port 4(netdevsim0) entered blocking state
[  192.181626][ T6909] bridge0: port 4(netdevsim0) entered forwarding state
[  194.657411][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  194.664000][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  195.445881][ T4880] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  195.770955][ T4880] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  195.815682][ T4880] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  195.864328][ T4880] usb 2-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  195.904519][ T4880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.916243][ T5147] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  195.947765][ T4880] usb 2-1: config 0 descriptor??
[  195.957462][ T4880] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  196.126930][ T5147] usb 5-1: Using ep0 maxpacket: 32
[  196.276981][ T5147] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  196.299093][ T5147] usb 5-1: New USB device found, idVendor=12d1, idProduct=1436, bcdDevice= 0.00
[  196.308414][ T5147] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.316666][ T5147] usb 5-1: Product: syz
[  196.321001][ T5147] usb 5-1: Manufacturer: syz
[  196.325833][ T5147] usb 5-1: SerialNumber: syz
[  196.333957][ T5147] usb 5-1: config 0 descriptor??
[  196.341480][ T5147] usb-storage 5-1:0.0: USB Mass Storage device detected
[  196.424266][ T4880] usb 2-1: USB disconnect, device number 16
[  196.593527][ T5147] usb 5-1: USB disconnect, device number 8
[  196.697773][ T6973] loop0: detected capacity change from 0 to 32768
[  197.041154][   T29] audit: type=1804 audit(1720224235.204:216): pid=6987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.366" name="/newroot/57/file0/bus" dev="loop0" ino=7 res=1 errno=0
[  202.439157][ T5149] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  203.268404][ T5149] usb 1-1: device descriptor read/all, error -71
[  203.988280][ T7064] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  205.722521][ T7090] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  206.065277][ T7090] netlink: 'syz.3.403': attribute type 1 has an invalid length.
[  206.613421][ T5149] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  206.799626][ T5149] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.815925][ T5149] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  206.834285][ T5149] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  206.865712][ T5149] usb 3-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  206.892812][ T5149] usb 3-1: Manufacturer: syz
[  206.911460][ T5149] usb 3-1: config 0 descriptor??
[  207.183258][ T7105] loop0: detected capacity change from 0 to 32768
[  207.206801][ T7092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.347853][ T7092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.107321][ T7092] netlink: 'syz.2.401': attribute type 4 has an invalid length.
[  208.115399][ T7092] netlink: 17 bytes leftover after parsing attributes in process `syz.2.401'.
[  208.297203][   T29] audit: type=1804 audit(1720224246.444:217): pid=7130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.406" name="/newroot/63/file0/bus" dev="loop0" ino=7 res=1 errno=0
[  209.727713][ T4491] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  209.736571][ T4491] Bluetooth: hci5: Injecting HCI hardware error event
[  209.748341][ T4491] Bluetooth: hci5: hardware error 0x00
[  210.915353][ T5149] usb 3-1: USB disconnect, device number 4
[  211.236586][ T7159] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  211.731961][ T7163] loop1: detected capacity change from 0 to 256
[  212.152205][ T7155] loop3: detected capacity change from 0 to 32768
[  212.170485][ T7174] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  212.417518][ T4491] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  212.946990][   T29] audit: type=1804 audit(1720224251.084:218): pid=7180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.420" name="/newroot/80/file0/bus" dev="loop3" ino=7 res=1 errno=0
[  214.500494][ T7204] loop2: detected capacity change from 0 to 256
[  215.938168][ T7221] loop1: detected capacity change from 0 to 32768
[  215.951633][ T7202] loop0: detected capacity change from 0 to 32768
[  216.727826][   T29] audit: type=1804 audit(1720224254.884:219): pid=7225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.443" name="/newroot/111/file0/bus" dev="loop1" ino=7 res=1 errno=0
[  216.760963][   T29] audit: type=1804 audit(1720224254.884:220): pid=7226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.435" name="/newroot/68/file0/bus" dev="loop0" ino=7 res=1 errno=0
[  217.211799][ T7223] loop2: detected capacity change from 0 to 32768
[  217.478393][ T7223] XFS: ikeep mount option is deprecated.
[  217.897757][ T7223] XFS: ikeep mount option is deprecated.
[  218.061244][ T7247] loop1: detected capacity change from 0 to 256
[  218.183961][ T7247] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  218.224270][ T7223] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  218.780377][ T7223] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop2": -EINTR
[  218.968824][ T7223] XFS (loop2): log mount failed
[  219.280689][ T7258] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  219.961336][ T7258] netlink: 'syz.0.447': attribute type 1 has an invalid length.
[  220.685688][ T5145] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  220.895684][ T5145] usb 2-1: Using ep0 maxpacket: 16
[  220.910954][ T5145] usb 2-1: config 0 has no interfaces?
[  220.925449][ T5145] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  220.955160][ T5145] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  220.983922][ T5145] usb 2-1: Manufacturer: syz
[  221.011439][ T5145] usb 2-1: config 0 descriptor??
[  221.062296][ T7269] loop4: detected capacity change from 0 to 32768
[  221.520777][   T29] audit: type=1107 audit(1720224259.674:221): pid=7286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  221.982580][   T29] audit: type=1804 audit(1720224259.894:222): pid=7297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.454" name="/newroot/65/file0/bus" dev="loop4" ino=7 res=1 errno=0
[  222.570612][ T5110] Bluetooth: hci0: command 0x0406 tx timeout
[  222.574022][ T7292] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  223.325721][ T4491] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  223.335475][ T4491] Bluetooth: hci0: Injecting HCI hardware error event
[  223.344705][ T5110] Bluetooth: hci0: hardware error 0x00
[  226.031594][ T5110] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  226.057255][ T5149] usb 2-1: USB disconnect, device number 17
[  226.210727][ T7336] loop4: detected capacity change from 0 to 256
[  226.500044][ T7336] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  226.774704][   T29] audit: type=1107 audit(1720224264.934:223): pid=7341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  228.046503][ T5110] Bluetooth: hci2: command 0x0406 tx timeout
[  230.665867][ T4880] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  230.821356][ T7402] netlink: 'syz.3.486': attribute type 10 has an invalid length.
[  230.855701][ T7402] netlink: 40 bytes leftover after parsing attributes in process `syz.3.486'.
[  230.879919][ T4880] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  230.915699][ T4880] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  230.944826][ T4880] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  230.975312][ T4880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  230.991578][ T4880] usb 5-1: SerialNumber: syz
[  231.149748][ T7375] loop2: detected capacity change from 0 to 32768
[  231.299682][ T4880] usb 5-1: 0:2 : does not exist
[  231.320097][ T4880] usb 5-1: unit 5: unexpected type 0x0b
[  231.333220][ T7374] loop0: detected capacity change from 0 to 32768
[  231.373262][ T7375] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  231.405755][ T4880] usb 5-1: USB disconnect, device number 9
[  231.415855][ T5144] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  231.463491][ T7374] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  231.586728][ T7375] XFS (loop2): Ending clean mount
[  231.607285][ T5144] usb 4-1: config 3 has an invalid interface descriptor of length 2, skipping
[  231.631650][ T5144] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  231.665579][ T5144] usb 4-1: config 3 has 1 interface, different from the descriptor's value: 3
[  231.690030][ T5144] usb 4-1: config 3 has no interface number 0
[  231.707473][ T5104] udevd[5104]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  231.709700][ T7374] XFS (loop0): Ending clean mount
[  231.725112][ T5144] usb 4-1: config 3 interface 1 has no altsetting 0
[  231.741229][ T5144] usb 4-1: New USB device found, idVendor=15ba, idProduct=0004, bcdDevice=ee.f1
[  231.767825][ T6453] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  231.780696][ T7374] XFS (loop0): Quotacheck needed: Please wait.
[  231.791456][ T5144] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.936078][ T7374] XFS (loop0): Quotacheck: Done.
[  232.042043][ T5144] usb 4-1: string descriptor 0 read error: -71
[  232.066236][ T5144] ftdi_sio 4-1:3.1: FTDI USB Serial Device converter detected
[  232.074779][ T5144] ftdi_sio ttyUSB0: unknown device type: 0xeef1
[  232.113229][ T5144] usb 4-1: USB disconnect, device number 8
[  232.148402][ T5144] ftdi_sio 4-1:3.1: device disconnected
[  232.177830][   T29] audit: type=1804 audit(1720224270.324:224): pid=7374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.480" name="/newroot/79/file0/bus" dev="loop0" ino=9291 res=1 errno=0
[  232.252452][ T7432] loop4: detected capacity change from 0 to 256
[  232.284593][ T7432] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  233.379505][ T5556] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  234.309388][ T7445] loop3: detected capacity change from 0 to 4096
[  234.995230][ T7462] loop4: detected capacity change from 0 to 256
[  235.177169][ T7462] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  236.317134][ T7473] netlink: 'syz.0.493': attribute type 10 has an invalid length.
[  236.422800][ T7477] netlink: 12 bytes leftover after parsing attributes in process `syz.0.493'.
[  236.492973][ T7477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.493'.
[  237.859855][ T7489] loop4: detected capacity change from 0 to 256
[  237.874365][ T7473] batman_adv: batadv0: Adding interface: team0
[  237.916570][ T7473] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.983767][ T7489] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  238.038963][ T7473] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  238.513771][ T7498] netlink: 'syz.3.505': attribute type 10 has an invalid length.
[  238.703914][ T7498] netlink: 40 bytes leftover after parsing attributes in process `syz.3.505'.
[  239.455674][   T25] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  239.659303][   T25] usb 4-1: config 3 has an invalid interface descriptor of length 2, skipping
[  239.689880][   T25] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  239.748644][   T25] usb 4-1: config 3 has 1 interface, different from the descriptor's value: 3
[  239.805578][   T25] usb 4-1: config 3 has no interface number 0
[  239.864730][   T25] usb 4-1: config 3 interface 1 has no altsetting 0
[  239.894981][   T25] usb 4-1: New USB device found, idVendor=15ba, idProduct=0004, bcdDevice=ee.f1
[  239.990777][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.688943][ T7520] loop1: detected capacity change from 0 to 4096
[  240.759429][   T25] usb 4-1: string descriptor 0 read error: -71
[  240.766735][   T25] ftdi_sio 4-1:3.1: FTDI USB Serial Device converter detected
[  240.777975][   T25] ftdi_sio ttyUSB0: unknown device type: 0xeef1
[  240.792674][   T25] usb 4-1: USB disconnect, device number 9
[  240.799733][   T25] ftdi_sio 4-1:3.1: device disconnected
[  241.517079][ T7533] netlink: 'syz.3.517': attribute type 10 has an invalid length.
[  241.807098][ T7539] loop2: detected capacity change from 0 to 256
[  241.838233][ T7538] netlink: 12 bytes leftover after parsing attributes in process `syz.3.517'.
[  241.912062][ T7539] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  241.928066][ T7533] batman_adv: batadv0: Adding interface: team0
[  241.934286][ T7533] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.033794][ T7538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.517'.
[  242.077017][ T7533] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  243.324203][   T29] audit: type=1326 audit(1720224281.484:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7558 comm="syz.3.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  243.957732][   T29] audit: type=1326 audit(1720224281.484:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7558 comm="syz.3.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  244.041658][   T29] audit: type=1326 audit(1720224281.484:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7558 comm="syz.3.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  244.237061][   T29] audit: type=1326 audit(1720224281.484:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7558 comm="syz.3.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  244.275606][   T29] audit: type=1326 audit(1720224281.484:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7558 comm="syz.3.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  244.300586][ T7570] Bluetooth: MGMT ver 1.23
[  244.374077][   T29] audit: type=1326 audit(1720224281.484:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7558 comm="syz.3.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6720975bd9 code=0x7ffc0000
[  245.884538][ T7590] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  247.635647][ T4880] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  247.959429][ T7609] loop0: detected capacity change from 0 to 256
[  247.966782][ T7609] exfat: Deprecated parameter 'utf8'
[  247.980416][ T7609] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  248.059522][ T7610] netlink: 20 bytes leftover after parsing attributes in process `syz.3.536'.
[  248.068858][ T7610] batman_adv: batadv0: Removing interface: team0
[  248.164184][ T7610] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  248.172002][ T7610] batman_adv: batadv0: Removing interface: batadv_slave_0
[  248.189344][ T7610] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  248.197277][ T7610] batman_adv: batadv0: Removing interface: batadv_slave_1
[  248.232974][ T7610] bridge0: port 3(batadv0) entered disabled state
[  248.289150][ T7610] bridge0: port 3(batadv0) entered disabled state
[  248.585621][ T4880] usb 2-1: Using ep0 maxpacket: 32
[  248.592934][ T4880] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  248.617994][ T4880] usb 2-1: New USB device found, idVendor=12d1, idProduct=1436, bcdDevice= 0.00
[  248.627500][ T4880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.635758][ T4880] usb 2-1: Product: syz
[  248.639953][ T4880] usb 2-1: Manufacturer: syz
[  248.644560][ T4880] usb 2-1: SerialNumber: syz
[  248.651646][ T4880] usb 2-1: config 0 descriptor??
[  248.663037][ T4880] usb-storage 2-1:0.0: USB Mass Storage device detected
[  249.139768][ T7616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.535'.
[  249.191991][ T7616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.535'.
[  249.225667][ T4880] usb 2-1: USB disconnect, device number 18
[  249.621850][ T5149] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  250.451902][ T5149] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  250.462126][ T5149] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  250.490328][ T5149] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  250.515632][ T5149] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.533119][ T5149] usb 4-1: Product: syz
[  250.546259][ T5149] usb 4-1: Manufacturer: syz
[  250.561069][ T5149] usb 4-1: SerialNumber: syz
[  250.824785][ T5149] usblp 4-1:1.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  251.995850][ T7620] netlink: 16 bytes leftover after parsing attributes in process `ôª\k[sC®Ö˜›Y
[  251.995850][ T7620] I}'.
[  253.222524][ T5149] usb 4-1: USB disconnect, device number 10
[  253.263349][ T5149] usblp0: removed
[  254.474548][ T7677] loop3: detected capacity change from 0 to 4096
[  254.652488][ T7682] loop2: detected capacity change from 0 to 4096
[  255.057632][ T7692] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  255.952568][ T7704] loop4: detected capacity change from 0 to 256
[  256.005555][ T7704] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  256.050565][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  256.057409][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  256.798378][ T7711] loop2: detected capacity change from 0 to 256
[  256.823033][ T7711] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  256.838666][ T7706] loop3: detected capacity change from 0 to 4096
[  259.084592][ T7740] fuse: Invalid rootmode
[  259.607126][ T7746] loop2: detected capacity change from 0 to 256
[  259.608359][ T7742] loop1: detected capacity change from 0 to 256
[  259.653164][ T7746] exfat: Deprecated parameter 'utf8'
[  259.660533][ T7745] loop4: detected capacity change from 0 to 4096
[  259.677789][ T7742] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  259.724677][ T7746] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  259.732803][ T7745] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  259.840250][ T7745] ntfs3: loop4: Failed to load $Extend (-22).
[  259.871329][ T7745] ntfs3: loop4: Failed to initialize $Extend.
[  260.670536][ T7757] loop0: detected capacity change from 0 to 256
[  260.742348][ T7757] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  260.979854][ T7752] loop3: detected capacity change from 0 to 32768
[  261.071722][   T29] audit: type=1804 audit(1720224299.234:231): pid=7760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.569" name="/newroot/42/file0/bus" dev="loop2" ino=1048680 res=1 errno=0
[  261.099952][ T7759] loop1: detected capacity change from 0 to 4096
[  261.117515][ T7759] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  261.136688][ T7752] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  261.582031][ T7752] XFS (loop3): Ending clean mount
[  261.863998][ T7759] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  261.944625][ T5466] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  262.208312][ T7759] ntfs3: loop1: ino=1c, "file0" attr_set_size
[  262.494530][ T5092] ntfs3: loop1: ino=1a, ntfs_sync_fs failed, -22.
[  263.644507][ T7791] fuse: Bad value for 'rootmode'
[  264.171633][ T7786] loop1: detected capacity change from 0 to 4096
[  265.405369][ T7804] loop4: detected capacity change from 0 to 256
[  265.452279][ T7804] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  265.808157][ T7806] loop0: detected capacity change from 0 to 4096
[  265.838797][ T7806] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  266.261203][ T7810] loop2: detected capacity change from 0 to 256
[  266.333920][ T7810] exfat: Deprecated parameter 'utf8'
[  266.386516][ T7810] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  266.533406][ T7806] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  266.747662][ T5110] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  266.759237][ T5110] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  266.779930][ T5110] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  266.800525][ T7806] ntfs3: loop0: ino=1c, "file0" attr_set_size
[  266.810381][ T5110] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  266.820292][ T5110] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  266.828497][ T5110] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  266.916712][ T5556] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22.
[  267.103361][   T29] audit: type=1804 audit(1720224305.254:232): pid=7810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.586" name="/newroot/44/file0/bus" dev="loop2" ino=1048684 res=1 errno=0
[  267.908726][ T2802] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.050996][ T7826] loop4: detected capacity change from 0 to 256
[  268.090513][ T7826] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  269.000908][ T5110] Bluetooth: hci3: command tx timeout
[  269.117774][ T2802] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.491016][ T2802] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.742276][ T7815] chnl_net:caif_netlink_parms(): no params data found
[  270.569065][ T2802] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.794716][ T7815] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.804326][ T7858] loop4: detected capacity change from 0 to 256
[  270.846626][ T7815] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.853898][ T7815] bridge_slave_0: entered allmulticast mode
[  270.878271][ T7815] bridge_slave_0: entered promiscuous mode
[  270.882107][ T7858] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  270.887643][ T7815] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.903545][ T7815] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.912006][ T7815] bridge_slave_1: entered allmulticast mode
[  270.923180][ T7815] bridge_slave_1: entered promiscuous mode
[  270.976411][ T5147] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  271.048016][ T7815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.080238][ T7815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.105808][ T4491] Bluetooth: hci3: command tx timeout
[  271.146696][ T5147] usb 1-1: device descriptor read/64, error -71
[  271.486642][ T5147] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  271.723851][ T7815] team0: Port device team_slave_0 added
[  271.753923][ T2802] bridge0: port 3(batadv0) entered disabled state
[  271.770850][ T5147] usb 1-1: device descriptor read/64, error -71
[  271.784200][ T2802] bridge_slave_1: left allmulticast mode
[  271.810355][ T2802] bridge_slave_1: left promiscuous mode
[  271.825063][ T2802] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.856735][ T2802] bridge_slave_0: left allmulticast mode
[  271.862424][ T2802] bridge_slave_0: left promiscuous mode
[  271.885783][ T2802] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.908866][ T5147] usb usb1-port1: attempt power cycle
[  272.935666][ T5147] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  272.948089][ T2802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.966086][ T2802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.976480][ T5147] usb 1-1: device descriptor read/8, error -71
[  272.977512][ T2802] bond0 (unregistering): Released all slaves
[  273.005092][ T7815] team0: Port device team_slave_1 added
[  273.026391][ T7867] netlink: 20 bytes leftover after parsing attributes in process `syz.4.599'.
[  273.036558][ T7867] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.044091][ T7867] batman_adv: batadv0: Removing interface: batadv_slave_0
[  273.078350][ T7867] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.085914][ T7867] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.168507][ T4491] Bluetooth: hci3: command tx timeout
[  273.191111][ T7815] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.201826][ T7815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.228528][ T7815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.255729][ T5147] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  273.263727][ T7815] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.271030][ T7815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.297975][ T7815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.326285][ T5147] usb 1-1: device descriptor read/8, error -71
[  273.457030][ T5147] usb usb1-port1: unable to enumerate USB device
[  273.677620][   T25] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  273.691565][ T7815] hsr_slave_0: entered promiscuous mode
[  273.732261][ T7815] hsr_slave_1: entered promiscuous mode
[  273.781456][ T7815] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  273.809162][ T7815] Cannot create hsr debugfs directory
[  273.912378][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  273.984558][   T25] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  274.540612][   T25] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  274.568935][   T25] usb 3-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  274.873800][   T25] usb 3-1: Manufacturer: syz
[  274.901809][ T5110] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  274.912052][ T5110] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  275.012555][ T5110] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  275.020934][   T25] usb 3-1: config 0 descriptor??
[  275.064082][ T5110] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  275.079097][ T5110] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  275.089303][ T5110] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  275.281701][ T5110] Bluetooth: hci3: command tx timeout
[  275.393526][ T7874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.453886][ T7874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.891546][ T7904] loop0: detected capacity change from 0 to 4096
[  275.964104][ T2802] hsr_slave_0: left promiscuous mode
[  276.031003][ T2802] hsr_slave_1: left promiscuous mode
[  276.061581][ T2802] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.144648][ T2802] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.172383][ T2802] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.183460][ T2802] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.215054][ T2802] veth1_macvtap: left promiscuous mode
[  276.221473][ T2802] veth0_macvtap: left promiscuous mode
[  276.234385][ T2802] veth1_vlan: left promiscuous mode
[  276.239833][ T2802] veth0_vlan: left promiscuous mode
[  276.955400][ T2802] team0 (unregistering): Port device team_slave_1 removed
[  277.022532][ T2802] team0 (unregistering): Port device team_slave_0 removed
[  277.165986][ T5110] Bluetooth: hci1: command tx timeout
[  277.584369][ T7874] netlink: 'syz.2.601': attribute type 4 has an invalid length.
[  277.597602][ T7874] netlink: 17 bytes leftover after parsing attributes in process `syz.2.601'.
[  277.749710][ T5147] usb 3-1: USB disconnect, device number 5
[  278.469420][ T7895] chnl_net:caif_netlink_parms(): no params data found
[  278.764593][ T7947] loop2: detected capacity change from 0 to 4096
[  278.833125][ T7932] loop0: detected capacity change from 0 to 32768
[  278.870602][ T7932] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.612 (7932)
[  278.908110][ T7947] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  279.095677][ T7932] BTRFS info (device loop0): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  279.126051][ T7947] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  279.153351][ T7932] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  279.176877][ T7932] BTRFS info (device loop0): using free-space-tree
[  279.209712][ T2802] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.246037][ T5110] Bluetooth: hci1: command tx timeout
[  279.381419][ T6453] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22.
[  279.554724][ T2802] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.603711][ T7895] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.611701][ T7895] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.622503][ T7895] bridge_slave_0: entered allmulticast mode
[  279.631169][ T7895] bridge_slave_0: entered promiscuous mode
[  279.660873][ T7895] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.688314][ T7895] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.730553][ T7895] bridge_slave_1: entered allmulticast mode
[  279.766035][ T7895] bridge_slave_1: entered promiscuous mode
[  279.869187][ T7983] fuse: Unknown parameter 'use0000000000000000000000000000000000000000'
[  279.883136][ T2802] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.565254][ T2802] bridge0: port 4(netdevsim0) entered disabled state
[  280.637940][ T2802] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode
[  280.670410][ T2802] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[  280.693045][ T2802] bridge0: port 4(netdevsim0) entered disabled state
[  280.730086][ T2802] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.768615][ T7895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.869458][ T7895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  280.912132][ T7815] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  280.999754][ T7815] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  281.056158][ T7815] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  281.056661][ T7992] loop4: detected capacity change from 0 to 4096
[  281.337017][ T5110] Bluetooth: hci1: command tx timeout
[  281.704972][ T7815] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  281.814557][ T7895] team0: Port device team_slave_0 added
[  281.827146][ T7895] team0: Port device team_slave_1 added
[  281.884921][ T5556] BTRFS info (device loop0): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  281.978062][ T7895] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.985054][ T7895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.026585][ T7895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.100611][ T7895] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.129765][ T7895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.171234][ T7895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.484836][ T8009] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  282.512720][ T7895] hsr_slave_0: entered promiscuous mode
[  282.541764][ T7895] hsr_slave_1: entered promiscuous mode
[  282.552534][ T8009] netlink: 'syz.2.626': attribute type 1 has an invalid length.
[  282.572344][ T7895] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  282.612046][ T7895] Cannot create hsr debugfs directory
[  282.651916][ T2802] bridge_slave_1: left allmulticast mode
[  282.651947][ T2802] bridge_slave_1: left promiscuous mode
[  282.652143][ T2802] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.664702][ T2802] bridge_slave_0: left allmulticast mode
[  282.664732][ T2802] bridge_slave_0: left promiscuous mode
[  282.664926][ T2802] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.415722][ T5110] Bluetooth: hci1: command tx timeout
[  283.872268][ T8032] fuse: Unknown parameter 'use0000000000000000000000000000000000000000'
[  284.776101][ T4880] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  285.040879][ T4880] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  285.190255][ T4880] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  285.343357][ T4880] usb 5-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  285.415155][ T4880] usb 5-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  285.465729][ T4880] usb 5-1: Manufacturer: syz
[  285.499011][ T4880] usb 5-1: config 0 descriptor??
[  285.756555][ T2802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.806201][ T2802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.812718][ T8041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.838019][ T2802] bond0 (unregistering): Released all slaves
[  285.851933][ T8041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.858120][ T1149] kernel write not supported for file /dsp (pid: 1149 comm: kworker/0:2)
[  285.954317][ T8041] netlink: 'syz.4.630': attribute type 4 has an invalid length.
[  285.981686][ T8041] netlink: 17 bytes leftover after parsing attributes in process `syz.4.630'.
[  286.318126][ T8074] loop0: detected capacity change from 0 to 256
[  286.431636][ T8074] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  286.525901][ T5110] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  286.535226][ T5110] Bluetooth: hci4: Injecting HCI hardware error event
[  286.545053][ T5110] Bluetooth: hci4: hardware error 0x00
[  287.755986][   T46] usb 5-1: USB disconnect, device number 10
[  287.911380][ T2802] hsr_slave_0: left promiscuous mode
[  287.939802][ T2802] hsr_slave_1: left promiscuous mode
[  287.984571][ T2802] veth1_macvtap: left promiscuous mode
[  288.000455][ T2802] veth0_macvtap: left promiscuous mode
[  288.063267][ T8101] fuse: Unknown parameter 'user_i0000000000000000000000000000000000000000'
[  288.195425][ T2802] veth1_vlan: left promiscuous mode
[  288.289982][ T2802] veth0_vlan: left promiscuous mode
[  288.611069][ T5110] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  289.075671][   T46] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  289.285475][   T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  289.311269][   T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  289.338468][   T46] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  289.352471][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.370078][   T46] usb 3-1: Product: syz
[  289.374287][   T46] usb 3-1: Manufacturer: syz
[  289.393294][   T46] usb 3-1: SerialNumber: syz
[  289.399330][ T2802] team0 (unregistering): Port device team_slave_1 removed
[  289.490634][ T2802] team0 (unregistering): Port device team_slave_0 removed
[  289.636082][   T46] usblp 3-1:1.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  289.750354][ T8107] loop4: detected capacity change from 0 to 32768
[  289.800092][ T8107] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  289.987425][ T8107] XFS (loop4): Ending clean mount
[  290.013145][ T8107] XFS (loop4): Quotacheck needed: Please wait.
[  290.111461][ T8107] XFS (loop4): Quotacheck: Done.
[  291.311590][ T8117] netlink: 16 bytes leftover after parsing attributes in process `syz.2.640'.
[  291.420746][ T7815] 8021q: adding VLAN 0 to HW filter on device bond0
[  291.460621][ T7815] 8021q: adding VLAN 0 to HW filter on device team0
[  291.493413][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.500636][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.529010][   T29] audit: type=1800 audit(1720224329.674:233): pid=8130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.644" name="/" dev="fuse" ino=1 res=0 errno=0
[  291.571957][ T5666] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  291.588802][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.595985][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.964014][ T1149] usb 3-1: USB disconnect, device number 6
[  291.984507][ T1149] usblp0: removed
[  292.161317][ T2802] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.394487][ T2802] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.441040][ T7895] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  292.471030][ T7895] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  292.496966][ T7895] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  292.523827][ T7895] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  292.536300][ T4491] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  292.548690][ T4491] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  292.557866][ T4491] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  292.578653][ T4491] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  292.588984][ T2802] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.602103][ T4491] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  292.614660][ T4491] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  292.646778][ T7815] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.693926][ T2802] bridge0: port 3(netdevsim0) entered disabled state
[  292.723559][ T2802] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode
[  292.737549][ T2802] netdevsim netdevsim4 netdevsim0 (unregistering): left promiscuous mode
[  292.747157][ T8146] loop2: detected capacity change from 0 to 32768
[  292.748791][ T2802] bridge0: port 3(netdevsim0) entered disabled state
[  292.762753][ T8146] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.647 (8146)
[  292.780610][ T2802] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.786326][ T8146] BTRFS info (device loop2): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  292.803317][ T8146] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  292.828828][ T8146] BTRFS info (device loop2): using free-space-tree
[  293.172972][ T7815] veth0_vlan: entered promiscuous mode
[  293.214736][ T7895] 8021q: adding VLAN 0 to HW filter on device bond0
[  293.285966][ T2802] bridge_slave_1: left allmulticast mode
[  293.295885][ T2802] bridge_slave_1: left promiscuous mode
[  293.309315][ T2802] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.327171][ T2802] bridge_slave_0: left allmulticast mode
[  293.336161][ T2802] bridge_slave_0: left promiscuous mode
[  293.342009][ T2802] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.820488][ T2802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  293.831384][ T2802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  293.843118][ T2802] bond0 (unregistering): Released all slaves
[  293.870939][ T7815] veth1_vlan: entered promiscuous mode
[  293.933567][ T7895] 8021q: adding VLAN 0 to HW filter on device team0
[  293.963337][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.970541][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  294.128878][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.136103][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  294.172420][ T6453] BTRFS info (device loop2): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  294.187125][ T7815] veth0_macvtap: entered promiscuous mode
[  294.338382][ T7815] veth1_macvtap: entered promiscuous mode
[  294.687664][ T5110] Bluetooth: hci2: command tx timeout
[  294.702464][ T2802] hsr_slave_0: left promiscuous mode
[  294.729263][ T2802] hsr_slave_1: left promiscuous mode
[  294.774459][ T2802] veth1_macvtap: left promiscuous mode
[  294.784904][ T2802] veth0_macvtap: left promiscuous mode
[  294.800381][ T2802] veth1_vlan: left promiscuous mode
[  294.820438][ T2802] veth0_vlan: left promiscuous mode
[  294.963058][ T8209] fuse: Unknown parameter 'user_i0000000000000000000000000000000000000000'
[  296.238876][ T8214] loop2: detected capacity change from 0 to 32768
[  296.610861][ T8214] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  296.814195][ T8214] XFS (loop2): Ending clean mount
[  296.834729][ T5110] Bluetooth: hci2: command tx timeout
[  296.908572][ T8229] loop0: detected capacity change from 0 to 256
[  296.930529][ T8229] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  297.027523][ T2802] team0 (unregistering): Port device team_slave_1 removed
[  297.092331][ T2802] team0 (unregistering): Port device team_slave_0 removed
[  298.058200][ T7815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  298.075795][ T7815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  298.091222][ T7815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  298.102295][ T7815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  298.132772][ T7815] batman_adv: batadv0: Interface activated: batadv_slave_0
[  298.156822][ T7815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  298.196519][ T7815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  298.207479][ T7815] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  298.218567][ T7815] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  298.231248][ T7815] batman_adv: batadv0: Interface activated: batadv_slave_1
[  298.299809][ T8235] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  298.512577][ T8151] chnl_net:caif_netlink_parms(): no params data found
[  298.850992][ T6453] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  298.862586][ T7815] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.886795][ T7815] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.899387][ T5110] Bluetooth: hci2: command tx timeout
[  298.909766][ T7815] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.919675][ T7815] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  299.316434][ T8151] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.323615][ T8151] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.343424][ T8151] bridge_slave_0: entered allmulticast mode
[  299.362982][ T8151] bridge_slave_0: entered promiscuous mode
[  299.396664][ T8151] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.404014][ T8151] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.419264][ T8151] bridge_slave_1: entered allmulticast mode
[  299.427112][ T8151] bridge_slave_1: entered promiscuous mode
[  299.476681][ T7895] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.498196][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.516052][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.569486][ T8151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  299.584215][ T8151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.639828][ T2913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.653535][ T2913] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.661701][ T8151] team0: Port device team_slave_0 added
[  299.674465][ T8151] team0: Port device team_slave_1 added
[  299.779132][ T8151] batman_adv: batadv0: Adding interface: batadv_slave_0
[  299.789292][ T8151] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.824783][ T8151] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  299.851621][ T8151] batman_adv: batadv0: Adding interface: batadv_slave_1
[  299.865097][ T8151] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  299.893762][ T8151] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  300.391422][ T8151] hsr_slave_0: entered promiscuous mode
[  300.591523][ T8151] hsr_slave_1: entered promiscuous mode
[  300.748284][ T7895] veth0_vlan: entered promiscuous mode
[  300.935701][ T5110] Bluetooth: hci2: command tx timeout
[  301.052392][ T7895] veth1_vlan: entered promiscuous mode
[  301.150058][ T8282] fuse: Unknown parameter 'user_i0000000000000000000000000000000000000000'
[  302.018258][ T7895] veth0_macvtap: entered promiscuous mode
[  302.038747][ T7895] veth1_macvtap: entered promiscuous mode
[  302.879910][ T5188] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  303.256099][ T7895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  303.748428][ T5188] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  303.759409][ T7895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.135564][ T7895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.146114][ T5188] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  304.158334][ T7895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.168264][ T5188] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  304.178225][ T7895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  304.183088][ T5188] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 6
[  304.189621][ T7895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.233160][ T7895] batman_adv: batadv0: Interface activated: batadv_slave_0
[  304.278442][ T5188] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  304.312500][ T5188] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  304.314780][ T7895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.340128][ T5188] usb 3-1: SerialNumber: syz
[  304.357791][ T8292] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  304.379251][ T5188] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  304.445709][ T7895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.460159][ T7895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.472029][ T7895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.482151][ T7895] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  304.513609][ T7895] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  304.532601][ T7895] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.600002][ T7895] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.628196][ T8318] loop1: detected capacity change from 0 to 4096
[  304.629863][ T7895] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.643985][ T7895] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.657705][ T7895] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.765755][   T25] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  304.942262][ T2924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.965617][   T25] usb 1-1: Using ep0 maxpacket: 16
[  304.969383][   T25] usb 1-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=b4.75
[  304.973931][ T2924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.983242][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.054437][ T2827] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.071026][ T2827] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.200138][   T25] usb 1-1: Product: syz
[  305.204508][   T25] usb 1-1: Manufacturer: syz
[  305.209850][   T25] usb 1-1: SerialNumber: syz
[  305.225485][   T25] usb 1-1: config 0 descriptor??
[  305.233772][   T25] gspca_main: sn9c2028-2.14.0 probing 0458:7005
[  305.313772][ T8329] fuse: Unknown parameter 'user_id0000000000000000000000000000000000000000'
[  305.967575][   T25] gspca_sn9c2028: read1 error -32
[  305.976842][   T25] gspca_sn9c2028: read1 error -32
[  305.993514][   T25] gspca_sn9c2028: read1 error 0
[  306.000462][   T25] sn9c2028 1-1:0.0: probe with driver sn9c2028 failed with error -5
[  306.022643][   T25] usb 1-1: Found UVC 0.00 device syz (0458:7005)
[  306.045738][   T25] usb 1-1: No valid video chain found.
[  306.263054][ T8151] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  306.294724][ T8151] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  306.359736][ T8151] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  306.378463][ T8151] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  306.456596][   T25] usb 1-1: USB disconnect, device number 13
[  306.859555][ T8151] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.893742][ T8151] 8021q: adding VLAN 0 to HW filter on device team0
[  306.923585][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.930726][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.961172][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.968326][ T5147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.979184][ T5188] kernel write not supported for file /dsp (pid: 5188 comm: kworker/0:6)
[  307.083786][ T5147] usb 3-1: USB disconnect, device number 7
[  309.006737][ T8388] fuse: Unknown parameter 'user_id0000000000000000000000000000000000000000'
[  309.789933][ T8151] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.204101][ T8151] veth0_vlan: entered promiscuous mode
[  311.269935][ T8151] veth1_vlan: entered promiscuous mode
[  311.382800][ T8151] veth0_macvtap: entered promiscuous mode
[  311.412502][ T8151] veth1_macvtap: entered promiscuous mode
[  311.461609][ T8416] kvm: kvm [8415]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x25c00000000
[  311.469378][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.499473][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.530070][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.571498][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.602204][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.643506][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.655762][ T5149] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  311.673907][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.704023][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.734172][ T8151] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.786934][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.838285][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.855704][ T5149] usb 3-1: Using ep0 maxpacket: 16
[  311.868736][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.882492][ T5149] usb 3-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=b4.75
[  311.905599][ T5149] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.905648][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.913595][ T5149] usb 3-1: Product: syz
[  311.913613][ T5149] usb 3-1: Manufacturer: syz
[  311.913628][ T5149] usb 3-1: SerialNumber: syz
[  311.954076][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.989076][ T5149] usb 3-1: config 0 descriptor??
[  311.995323][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.004368][ T5149] gspca_main: sn9c2028-2.14.0 probing 0458:7005
[  312.035952][ T8151] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  312.077810][ T8151] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.108018][ T8151] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.149429][ T8151] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.185752][ T8151] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.204570][ T5149] gspca_sn9c2028: read1 error -32
[  312.210456][ T8151] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.225022][ T8425] loop1: detected capacity change from 0 to 32768
[  312.243734][ T8151] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.246136][ T5149] gspca_sn9c2028: read1 error -32
[  312.315276][ T5149] gspca_sn9c2028: read1 error 0
[  312.359877][ T5149] sn9c2028 3-1:0.0: probe with driver sn9c2028 failed with error -5
[  312.454113][ T5149] usb 3-1: Found UVC 0.00 device syz (0458:7005)
[  312.468902][ T5149] usb 3-1: No valid video chain found.
[  312.498489][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.527382][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.581265][ T8425] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,str_hash=crc64,nojournal_transaction_names
[  312.640642][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.656263][ T8425] bcachefs (loop1): recovering from clean shutdown, journal seq 8
[  312.668613][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.676734][ T8425] bcachefs (loop1): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.9: disk_accounting_v2
[  312.676734][ T8425]   running recovery passes: check_allocations
[  312.785013][ T8425] bcachefs (loop1): accounting_read... done
[  312.819283][ T8425] bcachefs (loop1): alloc_read... done
[  312.842653][ T8425] bcachefs (loop1): stripes_read... done
[  312.871823][ T8425] bcachefs (loop1): snapshots_read... done
[  312.900356][ T8425] bcachefs (loop1): check_allocations...
[  312.937521][ T8425] btree ptr not marked in member info btree allocated bitmap
[  312.937575][ T8425]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 56308231fb2a3a03 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, shutting down
[  312.972397][ T8425] bcachefs (loop1): inconsistency detected - emergency read only at journal seq 8
[  312.982233][ T8425] bcachefs (loop1): bch2_gc_mark_key(): error fsck_errors_not_fixed
[  312.990347][ T8425] bcachefs (loop1): bch2_gc_btree(): error fsck_errors_not_fixed
[  313.079026][ T8425] bcachefs (loop1): bch2_gc_btrees(): error fsck_errors_not_fixed
[  313.096913][ T8425] bcachefs (loop1): bch2_check_allocations(): error fsck_errors_not_fixed
[  313.108659][ T8425] bcachefs (loop1): bch2_fs_recovery(): error fsck_errors_not_fixed
[  313.116928][ T8425] bcachefs (loop1): bch2_fs_start(): error starting filesystem fsck_errors_not_fixed
[  313.130033][ T8425] bcachefs (loop1): shutting down
[  313.174782][ T8465] fuse: Unknown parameter 'user_id0000000000000000000000000000000000000000'
[  313.840587][ T8425] bcachefs (loop1): shutdown complete
[  313.873144][ T5149] usb 3-1: USB disconnect, device number 8
[  314.082691][ T8473] loop0: detected capacity change from 0 to 256
[  314.124392][ T8473] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  314.381340][ T8482] loop4: detected capacity change from 0 to 256
[  314.389483][ T8482] exfat: Deprecated parameter 'utf8'
[  314.419338][ T8482] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  316.664185][   T29] audit: type=1326 audit(1720224354.824:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  316.778871][   T29] audit: type=1326 audit(1720224354.854:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  316.848409][   T29] audit: type=1326 audit(1720224354.854:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  316.950051][   T29] audit: type=1326 audit(1720224354.854:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  317.516163][ T1247] ieee802154 phy0 wpan0: encryption failed: -22
[  317.522618][ T1247] ieee802154 phy1 wpan1: encryption failed: -22
[  317.553128][   T29] audit: type=1326 audit(1720224354.854:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  317.704806][   T29] audit: type=1326 audit(1720224354.854:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  317.798566][   T29] audit: type=1326 audit(1720224354.854:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  317.823177][   T29] audit: type=1326 audit(1720224354.854:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  317.908195][ T8531] fuse: Bad value for 'fd'
[  318.258919][   T29] audit: type=1326 audit(1720224354.854:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  318.281330][   T29] audit: type=1326 audit(1720224354.854:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.2.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0188b75bd9 code=0x7fc00000
[  318.826054][ T8547] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  320.705596][ T8574] block nbd4: shutting down sockets
[  320.990212][ T8581] fuse: Bad value for 'fd'
[  321.419092][ T8582] loop2: detected capacity change from 0 to 256
[  321.546551][ T8582] exfat: Deprecated parameter 'utf8'
[  321.657975][ T8582] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  322.055659][   T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  322.099661][ T8555] loop0: detected capacity change from 0 to 32768
[  322.126645][ T8555] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.706 (8555)
[  322.211328][ T8555] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  322.242915][ T8555] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  322.284537][ T8555] BTRFS info (device loop0): using free-space-tree
[  322.312374][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  322.354531][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  322.406866][   T25] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  322.425652][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  322.444018][   T25] usb 5-1: SerialNumber: syz
[  322.526170][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  322.540717][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  322.591285][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  322.600928][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  322.621149][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  322.653997][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  322.721348][ T8618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.720'.
[  322.747130][ T8618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.720'.
[  323.073323][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  323.129224][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  323.279156][ T4880] ==================================================================
[  323.296632][ T4880] BUG: KASAN: slab-use-after-free in nf_tables_trans_destroy_work+0x152b/0x1750
[  323.305857][ T4880] Read of size 2 at addr ffff888023f741c4 by task kworker/1:3/4880
[  323.313752][ T4880] 
[  323.316087][ T4880] CPU: 1 UID: 0 PID: 4880 Comm: kworker/1:3 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  323.326339][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  323.336415][ T4880] Workqueue: events nf_tables_trans_destroy_work
[  323.342792][ T4880] Call Trace:
[  323.346075][ T4880]  <TASK>
[  323.349006][ T4880]  dump_stack_lvl+0x241/0x360
[  323.353699][ T4880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.358908][ T4880]  ? __pfx__printk+0x10/0x10
[  323.363524][ T4880]  ? _printk+0xd5/0x120
[  323.367699][ T4880]  ? __virt_addr_valid+0x183/0x530
[  323.372836][ T4880]  ? __virt_addr_valid+0x183/0x530
[  323.376331][ T8555] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  323.377948][ T4880]  print_report+0x169/0x550
[  323.377976][ T4880]  ? __virt_addr_valid+0x183/0x530
[  323.397008][ T4880]  ? __virt_addr_valid+0x183/0x530
[  323.402132][ T4880]  ? __virt_addr_valid+0x45f/0x530
[  323.407256][ T4880]  ? __phys_addr+0xba/0x170
[  323.411777][ T4880]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  323.418033][ T4880]  kasan_report+0x143/0x180
[  323.422547][ T4880]  ? nf_tables_trans_destroy_work+0x152b/0x1750
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[  323.428804][ T4880]  nf_tables_trans_destroy_work+0x152b/0x1750
[  323.434885][ T4880]  ? lock_acquire+0x264/0x550
[  323.439581][ T4880]  ? __pfx_nf_tables_trans_destroy_work+0x10/0x10
[  323.446014][ T4880]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  323.452016][ T4880]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  323.458369][ T4880]  ? process_scheduled_works+0x945/0x1830
[  323.464104][ T4880]  process_scheduled_works+0xa2c/0x1830
[  323.469767][ T4880]  ? __pfx_process_scheduled_works+0x10/0x10
[  323.475780][ T4880]  ? assign_work+0x364/0x3d0
[  323.480386][ T4880]  worker_thread+0x86d/0xd40
[  323.485088][ T4880]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  323.491001][ T4880]  ? __kthread_parkme+0x169/0x1d0
[  323.496133][ T4880]  ? __pfx_worker_thread+0x10/0x10
[  323.501346][ T4880]  kthread+0x2f0/0x390
[  323.505435][ T4880]  ? __pfx_worker_thread+0x10/0x10
[  323.510572][ T4880]  ? __pfx_kthread+0x10/0x10
[  323.515176][ T4880]  ret_from_fork+0x4b/0x80
[  323.519606][ T4880]  ? __pfx_kthread+0x10/0x10
[  323.524292][ T4880]  ret_from_fork_asm+0x1a/0x30
[  323.529069][ T4880]  </TASK>
[  323.532086][ T4880] 
[  323.534392][ T4880] Allocated by task 8618:
[  323.538700][ T4880]  kasan_save_track+0x3f/0x80
[  323.543366][ T4880]  __kasan_kmalloc+0x98/0xb0
[  323.547939][ T4880]  __kmalloc_cache_noprof+0x19c/0x2c0
[  323.553301][ T4880]  nf_tables_newtable+0x52e/0x1dc0
[  323.558492][ T4880]  nfnetlink_rcv+0x1427/0x2a90
[  323.563249][ T4880]  netlink_unicast+0x7f0/0x990
[  323.568008][ T4880]  netlink_sendmsg+0x8e4/0xcb0
[  323.572764][ T4880]  __sock_sendmsg+0x221/0x270
[  323.577440][ T4880]  ____sys_sendmsg+0x525/0x7d0
[  323.582199][ T4880]  __sys_sendmsg+0x2b0/0x3a0
[  323.586775][ T4880]  do_syscall_64+0xf3/0x230
[  323.591261][ T4880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.597141][ T4880] 
[  323.599447][ T4880] Freed by task 8608:
[  323.603409][ T4880]  kasan_save_track+0x3f/0x80
[  323.608070][ T4880]  kasan_save_free_info+0x40/0x50
[  323.613103][ T4880]  poison_slab_object+0xe0/0x150
[  323.618033][ T4880]  __kasan_slab_free+0x37/0x60
[  323.622785][ T4880]  kfree+0x149/0x360
[  323.626665][ T4880]  __nft_release_table+0xe80/0xf40
[  323.631768][ T4880]  nft_rcv_nl_event+0x55f/0x6d0
[  323.636604][ T4880]  notifier_call_chain+0x19f/0x3e0
[  323.641703][ T4880]  blocking_notifier_call_chain+0x69/0x90
[  323.647508][ T4880]  netlink_release+0x11a6/0x1b10
[  323.652430][ T4880]  sock_close+0xbc/0x240
[  323.656671][ T4880]  __fput+0x24a/0x8a0
[  323.660641][ T4880]  task_work_run+0x24f/0x310
[  323.665222][ T4880]  syscall_exit_to_user_mode+0x168/0x370
[  323.670843][ T4880]  do_syscall_64+0x100/0x230
[  323.675415][ T4880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.681293][ T4880] 
[  323.683601][ T4880] Last potentially related work creation:
[  323.689294][ T4880]  kasan_save_stack+0x3f/0x60
[  323.693955][ T4880]  __kasan_record_aux_stack+0xac/0xc0
[  323.699313][ T4880]  insert_work+0x3e/0x330
[  323.703631][ T4880]  __queue_work+0xc16/0xee0
[  323.708119][ T4880]  queue_work_on+0x1c2/0x380
[  323.712698][ T4880]  rhltable_remove+0x1097/0x1160
[  323.717705][ T4880]  __nft_release_table+0xc57/0xf40
[  323.722803][ T4880]  nft_rcv_nl_event+0x55f/0x6d0
[  323.727639][ T4880]  notifier_call_chain+0x19f/0x3e0
[  323.732733][ T4880]  blocking_notifier_call_chain+0x69/0x90
[  323.738439][ T4880]  netlink_release+0x11a6/0x1b10
[  323.743371][ T4880]  sock_close+0xbc/0x240
[  323.747600][ T4880]  __fput+0x24a/0x8a0
[  323.751575][ T4880]  task_work_run+0x24f/0x310
[  323.756149][ T4880]  syscall_exit_to_user_mode+0x168/0x370
[  323.761770][ T4880]  do_syscall_64+0x100/0x230
[  323.766345][ T4880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.772222][ T4880] 
[  323.774530][ T4880] The buggy address belongs to the object at ffff888023f74000
[  323.774530][ T4880]  which belongs to the cache kmalloc-cg-512 of size 512
[  323.788850][ T4880] The buggy address is located 452 bytes inside of
[  323.788850][ T4880]  freed 512-byte region [ffff888023f74000, ffff888023f74200)
[  323.802631][ T4880] 
[  323.804941][ T4880] The buggy address belongs to the physical page:
[  323.811338][ T4880] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23f74
[  323.820085][ T4880] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  323.828569][ T4880] memcg:ffff888011f71801
[  323.832790][ T4880] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  323.840323][ T4880] page_type: 0xfdffffff(slab)
[  323.844985][ T4880] raw: 00fff00000000040 ffff88801504f140 dead000000000100 dead000000000122
[  323.853554][ T4880] raw: 0000000000000000 0000000080100010 00000001fdffffff ffff888011f71801
[  323.862119][ T4880] head: 00fff00000000040 ffff88801504f140 dead000000000100 dead000000000122
[  323.870777][ T4880] head: 0000000000000000 0000000080100010 00000001fdffffff ffff888011f71801
[  323.879434][ T4880] head: 00fff00000000002 ffffea00008fdd01 ffffffffffffffff 0000000000000000
[  323.888087][ T4880] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  323.896735][ T4880] page dumped because: kasan: bad access detected
[  323.903133][ T4880] page_owner tracks the page as allocated
[  323.908826][ T4880] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5090, tgid 5090 (syz-executor), ts 63577204394, free_ts 63086753501
[  323.931958][ T4880]  post_alloc_hook+0x1f3/0x230
[  323.936717][ T4880]  get_page_from_freelist+0x2ccb/0x2d80
[  323.942339][ T4880]  __alloc_pages_noprof+0x256/0x6c0
[  323.947523][ T4880]  alloc_slab_page+0x5f/0x120
[  323.952219][ T4880]  allocate_slab+0x5a/0x2f0
[  323.956805][ T4880]  ___slab_alloc+0xcd1/0x14b0
[  323.961465][ T4880]  __slab_alloc+0x58/0xa0
[  323.965778][ T4880]  __kmalloc_node_noprof+0x286/0x440
[  323.971068][ T4880]  __kvmalloc_node_noprof+0x72/0x190
[  323.976371][ T4880]  alloc_netdev_mqs+0xa1f/0xff0
[  323.981224][ T4880]  rtnl_create_link+0x2f9/0xc20
[  323.986068][ T4880]  veth_newlink+0x2c5/0xcd0
[  323.990559][ T4880]  rtnl_newlink+0x14fe/0x2070
[  323.995220][ T4880]  rtnetlink_rcv_msg+0x8a0/0x1180
[  324.000231][ T4880]  netlink_rcv_skb+0x1e3/0x430
[  324.004984][ T4880]  netlink_unicast+0x7f0/0x990
[  324.009733][ T4880] page last free pid 5095 tgid 5095 stack trace:
[  324.016039][ T4880]  free_unref_page+0xd22/0xea0
[  324.020792][ T4880]  __put_partials+0xeb/0x130
[  324.025369][ T4880]  put_cpu_partial+0x17c/0x250
[  324.030121][ T4880]  __slab_free+0x2ea/0x3d0
[  324.034525][ T4880]  qlist_free_all+0x9e/0x140
[  324.039102][ T4880]  kasan_quarantine_reduce+0x14f/0x170
[  324.044542][ T4880]  __kasan_slab_alloc+0x23/0x80
[  324.049377][ T4880]  kmem_cache_alloc_noprof+0x135/0x2a0
[  324.054819][ T4880]  __kernfs_new_node+0xd8/0x870
[  324.059652][ T4880]  kernfs_new_node+0x137/0x240
[  324.064401][ T4880]  kernfs_create_dir_ns+0x43/0x120
[  324.069495][ T4880]  sysfs_create_dir_ns+0x189/0x3a0
[  324.074592][ T4880]  kobject_add_internal+0x435/0x8d0
[  324.079773][ T4880]  kobject_init_and_add+0x124/0x190
[  324.084956][ T4880]  br_add_if+0x387/0xef0
[  324.089180][ T4880]  do_setlink+0xe70/0x41f0
[  324.093589][ T4880] 
[  324.095895][ T4880] Memory state around the buggy address:
[  324.101506][ T4880]  ffff888023f74080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  324.109546][ T4880]  ffff888023f74100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  324.117589][ T4880] >ffff888023f74180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  324.125639][ T4880]                                            ^
[  324.131790][ T4880]  ffff888023f74200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  324.139874][ T4880]  ffff888023f74280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  324.148124][ T4880] ==================================================================
[  324.189575][ T8555] BTRFS error (device loop0): open_ctree failed
[  324.218680][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  324.218700][   T29] audit: type=1804 audit(1720224362.384:302): pid=8582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.714" name="/newroot/84/file0/bus" dev="loop2" ino=1048700 res=1 errno=0
[  324.269281][ T4880] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  324.276520][ T4880] CPU: 1 UID: 0 PID: 4880 Comm: kworker/1:3 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0
[  324.286774][ T4880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  324.296854][ T4880] Workqueue: events nf_tables_trans_destroy_work
[  324.303303][ T4880] Call Trace:
[  324.306594][ T4880]  <TASK>
[  324.309541][ T4880]  dump_stack_lvl+0x241/0x360
[  324.314247][ T4880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.319482][ T4880]  ? __pfx__printk+0x10/0x10
[  324.324094][ T4880]  ? preempt_schedule+0xe1/0xf0
[  324.328971][ T4880]  ? vscnprintf+0x5d/0x90
[  324.333485][ T4880]  panic+0x349/0x870
[  324.337407][ T4880]  ? check_panic_on_warn+0x21/0xb0
[  324.342544][ T4880]  ? __pfx_panic+0x10/0x10
[  324.346978][ T4880]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  324.352968][ T4880]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  324.359309][ T4880]  ? print_report+0x502/0x550
[  324.363996][ T4880]  check_panic_on_warn+0x86/0xb0
[  324.368945][ T4880]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  324.375205][ T4880]  end_report+0x77/0x160
[  324.379458][ T4880]  kasan_report+0x154/0x180
[  324.383952][ T4880]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  324.390187][ T4880]  nf_tables_trans_destroy_work+0x152b/0x1750
[  324.396255][ T4880]  ? lock_acquire+0x264/0x550
[  324.400926][ T4880]  ? __pfx_nf_tables_trans_destroy_work+0x10/0x10
[  324.407428][ T4880]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  324.413399][ T4880]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  324.419720][ T4880]  ? process_scheduled_works+0x945/0x1830
[  324.425431][ T4880]  process_scheduled_works+0xa2c/0x1830
[  324.430990][ T4880]  ? __pfx_process_scheduled_works+0x10/0x10
[  324.436965][ T4880]  ? assign_work+0x364/0x3d0
[  324.441547][ T4880]  worker_thread+0x86d/0xd40
[  324.446130][ T4880]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  324.452014][ T4880]  ? __kthread_parkme+0x169/0x1d0
[  324.457029][ T4880]  ? __pfx_worker_thread+0x10/0x10
[  324.462128][ T4880]  kthread+0x2f0/0x390
[  324.466194][ T4880]  ? __pfx_worker_thread+0x10/0x10
[  324.471386][ T4880]  ? __pfx_kthread+0x10/0x10
[  324.475967][ T4880]  ret_from_fork+0x4b/0x80
[  324.480374][ T4880]  ? __pfx_kthread+0x10/0x10
[  324.484955][ T4880]  ret_from_fork_asm+0x1a/0x30
[  324.489822][ T4880]  </TASK>
[  324.493042][ T4880] Kernel Offset: disabled
[  324.497356][ T4880] Rebooting in 86400 seconds..