last executing test programs:

6m3.350704257s ago: executing program 2 (id=3):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680))
r1 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

6m2.722450189s ago: executing program 2 (id=12):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000000400)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}, {@nodiscard}, {@quota}]}, 0x1, 0x56f, &(0x7f00000004c0)="$eJzs3c9vHFcdAPDvjH82SesEeoAKSIBCQFHW8aaNql5aLiBUVUJUHBCH1Ngby2Q3G7LrUptIuH8DSCBxgj+BAxIHpJ44wIkjEgdAlANSgYgqRuph0MyO1669Jou93m12Px9pMj/ezHzf283Me367Oy+AiXUpIrYjYjYiXo+IhXJ7Uk7xcmfK93v44P7KzoP7K0lk2Wv/TIr0fFtxwHy5f0ScLc85HxFf/0rEt5PDcVubW7eX6/XavXJ9sd24u9ja3Lq63lheq63V7lSrN5ZuXHvh+vPVgZX1YuMX7355/ZVv/PpXn3zn99tf/H6erXNlWrccA9Yp+kw3Tm46Il45jWAjMFXOZ0ecD44njYiPRMRniut/IaaK/50AwDjLsoXIFvavAwDjLi36wJK0EhFpWjYCKp0+vKfjTFpvttpXbjU37qx2+srOx0x6a71eu3Zh7o/fLXaeSfL1pSKtSC/WqwfWr0fEhYj40dwTxXplpVlfHU2TBwAm3tn99X9EvDeXppVKX4f2+FQPAHhszI86AwDA0Kn/AWDyqP8BYPL0Uf+XH/Zvn3peAIDh6O/vf9/3A4Bxov8fACaP+h8AJsrXXn01n7Kd8vnXq29sbtxuvnF1tda6XWlsrFRWmvfuVtaazbXimT2NR52v3mzeXXouNt5cbNda7cXW5tbNRnPjTvtm8Vzvm7WZoZQKAPhfLlx8+w9JRGy/+EQxxb6xHNTVMN7SAe4FPF6mTnKwBgI81oz2BZOrryq8aCT89tTzAoxGzx/3zPdc/KCf/B9BfM8IPlQuf7z//n9jPMN4OdCz/342qowAQ3e8/v+XBp4PYPiO3f//58HmAxi+LEsOjvk/200CAMbSCb7Cl/1gUI0QYKQe9XDPgXz+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGPmXER8J5K0UowFnub/ppVKxJMRcT5mklvr9dq1iHgqLkbEzFy+vrR78HujzTsAcFzp35Ny/K/LC8+eO5g6m/xnrphHxPd++tqP31xut+8t5dv/1d0+tzt8WHXvuBOMKwgA9O+v/exU1N/Vcr60t/3hg/sru9Mp5vGQd7/UHXx0ZefB/WLqpExHlmVZxHzRljjz7ySmy2PmI+KZiJgaQPzttyLiY73KnxR9I+fLkU/3x48y9pNDjZ9+IH5apHXm+cv30QHkBSbN2/n95+Ve118al4p57+t/vrhDnVxx/5uP2L337eyLP11GmuoRP7/mL/Ub47nffPXQxmyhk/ZWxDPTveIn3fjJEfGf7TP+nz7xqR++dERa9rOIy9E7/v5Yi+3G3cXW5tbV9cbyWm2tdqdavbF049oL15+vLhZ91Iu7PdWH/ePFK08dlbe8/GeOiN95588eKP9s99jP9Vn+n7//+rc+vbc6dzD+Fz7b+/1/uojY+/XP68TP9xl/+cwvjxy+O4+/ekT5H/X+X+kz/jt/21rtc1cAYAham1u3l+v12r0TLeR/hQ7iPIcW8iz2t/Nuc/FkQf8SxcLey5JEEsc+4UzvpLwx1tfhp/WqnvrCdLetONgzfzM/45CLkw68FMdZiPPlwsNhBR3dPQkYjr2LPiJ+N+rcAAAAAAAAAAAAAAAAvQzjN0yjLiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADj678BAAD//2PAxWs=")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x185641, 0x0)
r1 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x11, r1, 0x0)
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX, @ANYRES32=r0, @ANYRESHEX=0xee00, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d11f57832035e96a1513231140da182ca77aeedc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14f9, &(0x7f0000002a80)="$eJzs3AlwVcW2N/Be3b0hxIjHiAyBXr02HDFAExERGURABhERERERmURAxIiIiIAIAQERMSAiIGNEZAiIiAwxRAzzPMgsYuQiRkREJpkE+ivU73Lv877ne9+936PqZv2qutL/s8/q0zsrlbP3qUp+6DmyXov6tZsRkfinwG9fUoQQMUKIoUKI64QQgRCiUnyl+MvHCyhI+edehP1rPZx+tXfAribuf97G/c/buP95G/c/b+P+523c/7yN+5+3cf8Zy8u2zi52PY+8O/jz/7yM3///jeSWn/TN+vI39voflHD/8zbuf97G/c/buP95G/c/b+P+//ur9V8c4/7nbdx/xvKyq/35M4+rO672zx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsbzhrP+rNnG/PfRruNr7YowxxhhjjDHG2L+Oz3+1d8AYY4wxxhhjjLH//0BIoYQWgcgn8osYUUDEimtEnLhWFBTXiYi4XsSLG0QhcaMoLIqIoqKYSBDFRQlhBAorSISipCglouImUVrcLBJFGVFWlBNOlBdJ4hZRQdwqKorbRCVxu6gs7hBVRFVRTVQXd4oa4i5RU9QStcXdoo6oK+qJ+uIe0UDcKxqK+0Qjcb9oLB4QTcSDoql4SDQTD4vm4hHRQjwqWorHRCvRWrQRbUW7/6f6l0Rf8bLoJ/qLFDFADBSviEFisBgiXhVDxWtimHhdDBdviFQxQowUb4pR4i0xWrwtxoixYpx4R4wXE8REMUlMFlNEmnhXTBXviWnifTFdzBAzxSyRLmaLOeIDMVd8KOaJj8R88bFYIBaKRWKxyBCfiEyxRGSJT8VS8ZnIFsvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBWfi21iu9ghdopdYrfYI74Qe8WXYp/4SuSIr/+H9Wf+Q30vECBAggQNGvJBPoiBGIiFWIiDOCgIBSECEYiHeCgEhaAwFIaiUBQSIAFKQAlAQCAgKAklIQpRKA2lIRESoSyUBQcOkiAJKsCtUBEqQiWoBJWhMlSBqlAVqkN1qAE1oCbUhNpQG+pAHagH9eAeuAfuhYbQEBpBI2gMjaEJNIGm0BSaQTNoDs2hBbSAltASWkEraANtoB20g/bQHjpAB+gEnaAzdIYu0AWSIRm6QlfoBt2gO3SHHtADekJP6AW9oTe8BC/By/Ay9Ic6cgAMhIEwCAbBEHgVXoXXYBi8Dq/DG5AKI2AkvAlvwlswGk7DGBgL42Ac1JATYCJMApJTIA3SYCpMhWkwDabDDJgBsyAdZsMcmANz4UP4ED6C+fAxfAwLYSEshgzIgExYAlmQBUvhDGTDMlgOK2AlrIKVsAbWwhpYDxtgPWyCTbAFtsDn8Dlsh+2wE3bCbtgNX8AX8CV8CamQAzmwH/bDATgAB+Eg5EIuHIJDcBgOwxE4AkfhKByD43ACjsMpOAWn4QychbNwHs7DBXgh4bvmu8usSxXyMi21zCfzyRgZI2NlrIyTcbKgLCgjMiLjZbwsJAvJwrKwLCqLygSZIEvIEhIlSpKhLClLyqiMytKytEyUibKsLCuddDJJJskKsoKsKCvKSvJ2WVneIavIqrKjqy6ryxqyk6spa8nasrasI+vKerK+rC8byAayoWwoG8lGsrFsLJvIB2VTOQCGwMPycmdayBHQUo6EVrK1bCPbyrfgcdlejoYOsqPsJJ+UY2EMdJHtXbJ8RnaVE6GbfE5OgudlDzkFesoXZS/ZW/aRL8m+soPrJ/vL6TBADpSzYJAcLIfIV+VcqCsvd6yefEOmyhFypHxTLoa35Gj5thwjx8px8h05Xk6QE+UkOVlOkWnyXTlVvienyffldDlDzpSzZLqcLefID+Rc+aGcJz+S8+XHcoFcKBfJxTJDfiIz5RKZJT+VS+VnMlsuk8vlCrlSrpKr5Rq5Vq6T6+UGuVFukpvlFrlVfi63ye1yh9wpd8ndco/8Qu6VX8p98iuZI7+W++Vf5AH5jTwov5W58jt5SH4vD8sf5BH5ozwqf5LH5HF5Qp6Up+TP8rQ8I8/Kc/K8/EVekBflJemlUKCkUkqrQOVT+VWMKqBi1TUqTl2rCqrrVERdr+LVDaqQulEVVkVUUVVMJajiqoQyCpVVpEJVUpVSUXWTKq1uVomqjCqryimnyqskdYuqoG5VFdVtqpK6XVVWd6gqqqqqpqqrO1UNdZeqqWqp2upuVUfVVfVUfXWPaqDuVQ3VfaqRul81Vg+oJupB1VQ9pJqph1Vz9YhqoR5VLdVjqpVqrdqotqqdely1V0+oDqqj6qSeVJ3VU6qLelolq2dUV/Ws6qaeU93V86qHekH1VC+qXqq36qMuqkvKq36qv0pRA9RA9YoapAarIepVNVS9poap19Vw9YZKVSPUSPWmGqXeUqPV22qMGqvGqXfUeDVBTVST1GQ1RaWpd9VU9Z6apt5X09UMNVPNUulqthry+0rz/hv17/2D+uG/vvoWtVV9rrap7WqH2ql2qd1qj9qj9qq9ap/ap3JUjtqv9qsD6oA6qA6qXJWrDqlD6rA6rI6oI+qoOqqOqePqnDqpTqmf1Wl1Rp1R59R5dV5d+P17IDRoqZXWOtD5dH4dowvoWH2NjtPX6oL6Oh3R1+t4fYMupG/UhXURXVQX0wm6uC6hjUZtNelQl9SldFTfpEvrm3WiLqPL6nLa6fI6Sd/yT9f/2f7a6Xa6vW6vO+gOupPupDvrzrqL7qKTdbLuqrvqbrqb7q676x66h+6pe+peupfuo/vovrqv7qf76RSdogfqV/QgPViDEGKofk0P08P0cD1cp+pUPVKP1KP0KD1aj9Zj9Bg9To/T4/V4PVFP1JP1ZJ2m0/RUPVVP09P0dD1dz9QzdbpO13P0HD1Xz9Xz9Dw9X8/XC/QCvUgv0hk6Q2fqTJ2ls/RSvVRn62V6mV6hV+hVepVeo9fodXqd3qA36E16k87WW/VWvU1v0zv0Dr1L79J79B69V+/V+/Q+naNz9H69Xx/QB/RBfVDn6lx9SB/Sh/VhfUQf0Uf1UX1MH9Mn9Al9Sp/Sp/VpfVaf1ef1eX1BX9CX9KXLl32BDGSgAx3kC/IFMUFMEBvEBnFBXFAwKBhEgkgQH8QHhYIbg8JBkaBoUCxICIoHJQITYGADCsKgZFAqiAY3BaWDm4PEoExQNigXuKB8kBTcElQIbg0qBrcFlYLbg8rBHUGVoGpQLage3BnUCO4Kaga1gtrB3UGdoG5QL6gf3BM0CO4NGgb3BY2C+4PGwQNBk+DBoGnwUNAseDhoHjwStAgeDVoGjwWtgtZBm6Bt0O5fur73p4s84fqZ/ibFDDADzStmkBlshphXzVDzmhlmXjfDzRsm1YwwI82bZpR5y4w2b5sxZqwZZ94x480EM9FMMpPNFJNm3jVTzXtmmnnfTDczzEwzy6Sb2WaO+cDMNe1jfrv2/tgsMAvNIrPYZJhPTKZZYrLMp2ap+cxkm2VmuVlhVppVZrVZY9aadWa92WA2mk1ms9litprPzTaz3ewwO80us9vsMV+YveZLs898ZXLM12a/+Ys5YL4xB823Jtd8Zw6Z781h84M5Yn40R81P5pg5bk6Yk+aU+dmcNmfMWXPOnDe/mAvmorlk/OWL+8tv76hRYz7MhzEYg7EYi3EYhwWxIEYwgvEYj4WwEBbGwlgUi2ICJmAJLIGXERKWxJIYxSiWxtKYiIlYFsuiQ4dJmIQVsAJWxIpYCSthZayMVbAKVsNqeCfeiXfhXVgLa+HdeDfWxbpYH+tjA2yADbEhNsJG2BgbYxNsgk2xKTbDZtgcm2MLbIEtsSW2wlbYBttgO2yH7bE9dsAO2Ak7YWfsjF2wCyZjMnbFrtgNu2F37I49sAf2xJ7YC3thH+yDfbEv9sN+mIIpOBAH4iAchENwCA7FoTgMh+FwHI6pmIojcSSOwlE4GkfjGByL4/AdHI8TcCJOwsk4BdMwDafiVJyG03A6TseZOBPTMR3n4Byci3NxHs7D+TgfF+ACXISLMAMzMBMzMQuzcCkuxWzMxuW4HFfiSlyNq3EtrsX1uB434kbcjJtxK27FbbgNd+AO3IW7cA/uwb24F/fhPszBHNyP+/EAHsCDeBBzMRcP4SE8jIfxCB7Bo3gUj+ExPIEn8BSewtN4Gs/iWTyPv+AFvIiX0GOMlSLWXmPj7LW2oL3OxtgC9m9zUVvMJtjitoQ1trAt8ncZrbWJtowta8tZZ8vbJHvLH3IVW9VWs9XtnbaGvcvW/ENuYO+1De19tpG939a39/xdbmwfsE3so7apfcw2s61tc9vWtrCP2pb2MdvKtrZtbFvb2T5lu9inbbJ9xna1z/4hZ9oldq1dZ9fbDXav/dKetefsYfuDPW9/sf1sfzvUvmaHWSFE9hs21Y74Pb9uh9vf8jj7jh1vJ9iJdpKdbKf8Ic+0s2y6nW3n2A/sXPvhH3KG/cTOt1l2gV1oF9nFv+bLe8qyn9ql9jObbZfZ5XaFXWlX2dV2zV/3usJuspvtFrvHfmG32e12h91pd9ndv+bL57HPfmVz7Nf2kP3eHrDf2IP2iM213/2aL5/fEfujPWp/ssfscXvCnrSn7M/2tD3z6/lfPveT9qK9ZL0VBCRJkaaA8pEUQhSgWLqG4uhaKkjXUYSup3i6gQrRjVSYilBRKkYJVJxKkCEkS0QhlaRSFKWbqDTdTIlUhspSOXJUnpLoFqpAt1JFuo0q0e1Ume6gKlSVqlF1upNq0F1Uk2pRbbqb6lBdqkf16R5qQPdSQ7qPGtH91JgeoCb0IDWlh6gZPUzN6RFqQY9SS3qMWlFrakNtqR09Tu3pCepAHakTPUmd6SnqQk9TMj1DXelZ6kbPUXd6nnrQC9STXqRe1Jv60EvUl16mftSfUmgADaRXaBANpiH0Kg2l12gYvU7D6Q1KpRE0kt6kUfQWjaa3aQyNpXH0Do2nCTSRJtFkmkJp9C5NpfdoGr1P02kGzaRZlE6zaQ59QHPpQ5pHH9F8+pgW0EJaRIspgz6hTFpCWfQpLaXPKJuW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EOfU376S90gL6hg/Qt5dJ3dIi+p8P0Ax2hH+ko/UTH6DidoJN0in6m03SGztI5Ok+/0AW6SJfIkwghlKEKdRiE+cL8YUxYIIwNrwnjwmvDguF1YSS8PowPbwgLhTeGhcMiYdGwWJgQFg9LhCbE0IYUhmHJsFQYDW8KS4c3h4lhmbBsWC50YfkwKbwlrBDeGlYMbwsrhbeHlcM7wiph1fDR+6uHd4Y1wrvCmmGtsHZ4d1gnrBvWC+uH94QNwnvDhuF9YaPw/rBi+EDYJHwwbBo+FDYLHw6bh4+ELcJHw5bhY2GrsHXYJmwbtgsfD9uHT4Qdwo5hp/DJsHP4VNglfDpMDp8Ju4bP/unxlHBAODB8JXwl9P4+tSi6OJoR/SSaGV0SzYp+Gl0a/SyaHV0WXR5dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEvW+fn7hwEmnnHaBy+fyuxhXwMW6a1ycu9YVdNe5iLvexbsbXCF3oyvsiriirphLcMVdCWccOuvIha6kK+Wi7iZX2t3sEl0ZV9aVc86Vd0murWvn2rn27gnXwXV0ndyT7kn3lHvKPe2eds+4ru5Z180957q7510P94J7wb3oernero97yfV1L7t+rr9LcSluoBvoBrlBbogb4oa6oW6YG+aGu+Eu1aW6kW6kG+VGudFutBvjxrhxbpwb78a7iW6im+wmuzSX5qa6qW6am+amu+luppvp0l26m+PmuLlurpvn5rn5ifPdArfALXKLXIbLcJku02W5LLfULXXZLtstd8vdSrfSrXar3Vq31q13691Gt9FtdpvdVrfVbXPb3A63w+1yu9wet8ftdXvdPrfP5bgct9/tdwfcAXfQfety3XfukPveHXY/uCPuR3fU/eSOuePuhDvpTrmf3Wl3xp1159x594u74C66S867tMi7kamR9yLTIu9HpkdmRGZGZkXSI7MjcyIfROZGPozMi3wUmR/5OLIgsjCyKLI4khH5JJIZWRLJinwaWRr5LJIdWRZZHlkRWRlZFfG++LbQl/SlfNTf5Ev7m32iL+PL+nLe+fI+yd/iK/hbfUV/m6/kb/eV/R2+iq/qq/nHfCvf2rfxbX07/7hv75/wHXxH38k/6Tv7p3wX/7RP9s/4rv5Z380/57v7530P/4Lv6V/0vXxv38e/5Pv6l30/39+n+AF+oH/FD/KD/RD/qh/qX/PD/Ot+uH/Dp/oRfqR/04/yb/nR/m0/xo/14/w7fryf4Cf6SX6yn+LT/Lt+qn/PT/Pv++l+hp/pZ/l0P9vP8R/4uf5DP89/5Of7j/0Cv9Av8ot9hv/EZ/olPst/6pf6z3y2X+aX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q//cb/Pb/Q6/0+/yu/0e/4Xf67/0+/xXPsd/7ff7v/gD/ht/0H/rc/13/pD/3h/2P/gj/kd/1P/kj/nj/oQ/6U/5n/1pf8af9ef8ef+Lv+Av+kv8N2uMMcYYY/8t6k+OD/gHj8nfx2UDhRDXbi+W+x/X3Fj4t/lgmdA5IoR4pn/Ph//vqFMnJSXl9+dmKxGUWiiEiFypzyeu5GWik3hKJIuOosI/3N9g2fs8/cn60duFiP2bmhhxJV9Z/9b/ZP3HnxyXWTk8G/9frL9QiMRSV2oKiCv5yvoV/5P1i7T/k/0X+CZNiA5/UxMnruQr6yeJJ8SzIvnvnskYY4wxxhhjjP1msKzW/c/uny/fnyfoKzX581/Jf3Z/zhhjjDHGGGOMsavv+d59nn48Obljd57whCc8+evkav9mYowxxhhjjP2rXbnov9o7YYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG8q7/jX8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/k8AAAD//6IGM+I=")
socket(0x26, 0x6, 0x8)
write$FUSE_ATTR(r0, &(0x7f0000000440)={0x78, 0x0, 0x0, {0x4c5c, 0x7, 0x0, {0xffffffffff7ffffc, 0x40, 0xffffffffffffffff, 0x6, 0x0, 0x80000000000006, 0x4, 0x9, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}}, 0x78)

6m1.462651772s ago: executing program 2 (id=16):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x4d, &(0x7f0000000480)='\x00\x00\toup\x00C\xaf\x00\x00\x00\x04\x81fj:\xee\x03\xa6\xd3o\x02z\xc1\xbbI\xc2#\x19\xd8\xd6\x99\x91{\x8fI\xce\xe2-\xefv*\xd1\xf2\x0f\xa0\xa0T\xdbmpY\xe2\x83e\xff\xd2\xe2\xec+\xcc\x16\x1c`\xddv\x86_\x85\x18Fh\x83\n\xbc\xfc'}, 0x30)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c01000013000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="050027000000000008008500", @ANYRES32=0x0, @ANYBLOB="140003006d6163766c616e31000000000000000008000a00", @ANYRES32=r3, @ANYBLOB="e8001a8048000a8014000700ff02000000000000000000000000000114000700fe8000000000000000000000000000aa050008000000000014000700fe8000000000000000000000000000bb9c00028010010180bafc0000000000000400070040ff0700100002800c000180080000000000000018000a80140007000000000000000000000000000000000144000a80050008000000000014000700fc020000000000000000000000000000140007000000000000000000000000000000000100000700fe80000000000000000000000000000005000800000000000400070004000700100002800c0001"], 0x15c}}, 0x0)

6m0.03593165s ago: executing program 2 (id=20):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socket(0xa, 0x3, 0xff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x200002, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x200000400000000, 0x4, 0x344}, 0x0, 0x0)

5m59.859004494s ago: executing program 32 (id=20):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socket(0xa, 0x3, 0xff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x200002, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x200000400000000, 0x4, 0x344}, 0x0, 0x0)

5m10.293598624s ago: executing program 0 (id=197):
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000000), 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000280)={0x5, 0x0, 0x120000000000, 0x2, 0x500, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x7, 0x0, 0x9, 0x86, 0x800, 0x80000002}, 0x0, 0x0)

5m7.957343246s ago: executing program 0 (id=204):
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, &(0x7f0000000040)=ANY=[@ANYBLOB="01"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
syz_emit_ethernet(0x0, 0x0, 0x0)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = syz_io_uring_setup(0xb, &(0x7f00000002c0)={0x0, 0x200002f, 0x800, 0x1, 0x100020b}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0xc000000, &(0x7f0000000000)=[{0x0}], 0x1, 0x12})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

5m6.033117174s ago: executing program 0 (id=209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0xa)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r2, r4, 0x0)

5m5.95873149s ago: executing program 0 (id=211):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000700)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x3000046, &(0x7f00000001c0)={[{@init_itable}, {@init_itable_val={'init_itable', 0x3d, 0x400}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2}}, {@dioread_lock}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@resgid}, {@grpquota}, {@minixdf}, {@nouser_xattr}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
mkdirat(r0, &(0x7f0000000100)='./control\x00', 0x0)

5m1.831426209s ago: executing program 0 (id=224):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
r1 = syz_open_dev$video4linux(0x0, 0x400, 0x82d41)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r1, 0xc0305602, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r2, 0xc0045520, &(0x7f00000002c0)=0x40000012)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0xf0f041, 0x2, '\x00', @value=0x1}})
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x240400c6)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

4m58.671964768s ago: executing program 0 (id=234):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
syz_open_dev$sndctrl(0x0, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000e40)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r2, 0xf21, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001440)={0x1c, r6, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c000)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r1)

4m58.446445377s ago: executing program 33 (id=234):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
syz_open_dev$sndctrl(0x0, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000e40)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r2, 0xf21, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001440)={0x1c, r6, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c000)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r1)

1m42.434629537s ago: executing program 6 (id=854):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x3c, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x96c}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x3c}}, 0x20004800)

1m42.232578764s ago: executing program 6 (id=858):
r0 = socket$inet6(0xa, 0x80002, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
syz_emit_ethernet(0x36, &(0x7f0000000d00)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa1e86dd6000010400008700fc010000000000000000000000000008fe8000e0ffffffffff"], 0x0)

1m42.105694004s ago: executing program 6 (id=859):
socket$nl_route(0x10, 0x3, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xffff, 0x20000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x7b53a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd885000000040000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)

1m41.06260451s ago: executing program 6 (id=863):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x20108c0, &(0x7f0000006580)=ANY=[@ANYBLOB='discard,iocharset=cp855,nodiscard,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c696f636861727365743d6e6f6e652c646973636172643d3078303030303030303030303030303030382c696f636861727365743d637038363300696f636861727365743d69736f383835392d342c756d61736b3d3078303030303030303030303030303038312c75737271756f74612c6572726f72733d636f6e74696e75652c8f6d61736b3d3078303030303030303030303030303030302c726573697a652c6e6f71756f74612c00eb087ef48befe8928022e8421cf04364868c3eef39b2b0ec47f0701746320708d941b9e6830ba062050000008bb89515e1d6b682be63e40c3f685f374732fcd0a45507d5980e92b65ff48a6613a0bfdcce606f91fa61adda7829428a8a035ef01b1f8e49ecf3a68e519eba3b798eeb3ce3e5e0335c31df596fa5d1"], 0xfe, 0x612b, &(0x7f0000006700)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})

1m38.565826465s ago: executing program 6 (id=887):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000001c0)=0x1)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000040)={0x0, 0x2, 0x2})
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000480)=0x7)

1m37.838140925s ago: executing program 6 (id=900):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000001c0)={0x1, 0x0, [{0x400000f5, 0x0, 0x6}]})

1m37.641146521s ago: executing program 34 (id=900):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000001c0)={0x1, 0x0, [{0x400000f5, 0x0, 0x6}]})

37.337707789s ago: executing program 7 (id=1386):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x800, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x800000}, 0x1c)

36.384093876s ago: executing program 7 (id=1388):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={0x0}}, 0x40859)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80, {0x10000, 0x6000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9fae702d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b9f802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963cd14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb193213f4bccab1c34c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f0d9ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d579531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a785d820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37dfd149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f2729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab21842da1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336343f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a99b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f8f4ed0b27cedd1c5e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="660f388084000072baf80c66b860b4498c66efbafc0c66b80e00000066ef64f30fc7b000100f850100f30fc7b1030066b9800000c00f326635000400000f30d2bc0a000f23c80f21f86635040040000f23f8b8f4008ee0", 0x57}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

34.811267725s ago: executing program 7 (id=1397):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, &(0x7f0000000080)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000180)={0x0, 0x17}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

28.773724506s ago: executing program 7 (id=1425):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x100004c, &(0x7f0000000100), 0x1, 0x560, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbDbpT20KpaiIBHqwUrtpEn9U8FCPosWC3uuSTEPJpluym9LEgu3BXrxIEUQsiHe9eyzePPlXFLRQpAQ9eInMZjZNu7vJNt120+7nAxPe25ndN9+d+b682TfLBjCwxrI/hYiXI+KbJOJARCT5umLkK8fWtlu5d2U6W5JYXf3076SxXVZvvlbzefvyyksR8dtXEccKre3WlpbnypVKupDXx+vzF8drS8vHz8+XZ9PZ9MLk1NTJt6cm33v3nZ7F+saZf7//5NaHJ78+svLdL3cO3kjiVOzP122M4zFc3VgZi7H8PRmOUw9tONGDxnaSpN87wLYM5Xk+HFkfcCCG8qwHnn9fRsQqMKCSbvL/96JuAp47sWttHNC8tu/RdfAz4+4HaxdArfEX1z4bid2Na6O9K8kDV0bZ9e5oD9rP2vj1r5s3siV69zkEwJauXouIE8Via/+X5P3f9p3oYpuH29D/wdNzKxv/vNlu/FNYH/9Em/HPvja5ux1b53/hTg+a6Sgb/73fdvy7Pmk1OpTXXmiM+YaTc+crada3vRgRR2N4V1bfbD7n5Mrt1U7rNo7/siVrvzkWzPfjTnHXg8+ZKdfLjxPzRnevRbzSdvybrB//pM3xz96PM60vN9KujcPpzdc6tb91/E/W6k8Rr7c9/vdntJLN5yfHG+fDePOsaPXP9cN/dGq/3/Fnx3/v5vGPJhvna2uP3saPu/9LO617IP7o/vwfST5rlJsn3OVyvb4wETGSfNz6+OT95zbrze2z+I8e2bz/a3f+74mIz7uM//qhn1/tKv4+Hf+ZRzr+j164/dEXP3Rqv7v+761G6Wj+SDf9X7c7+DjvHQAAAAAAAOw0hYjYH0mhtF4uFEqltfs7DsXeQqVaqx87V128MBON78qOxnChOdN9YMP9EBP5/bDN+uRD9amIOBgR3w7tadRL09XKTL+DBwAAAAAAAAAAAAAAAAAAgB1iX4fv/2f+HOr33gFPnJ/8hsG1Zf734peegB3J/38YXPIfBtWI/IcBJv9hcMl/GFzyHwaX/IfBJf8BAAAAAAAAAAAAAAAAAAAAAAAAAACgp86cPp0tqyv3rkxn9ZlLS4tz1UvHZ9LaXGl+cbo0XV24WJqtVmcraWm6Or/V61Wq1YsTk7F4ebye1urjtaXls/PVxQv1s+fny7Pp2XT4qUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcuVJJFxQUtlUo7ozdUOhxod89EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADc938AAAD//yHENJU=")
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x500, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r2=>0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[], 0x48)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800004, 0x8005, 0x0, 0x0, 0x9, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0x7fffffffffffffff]})
io_submit(r2, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0xfffffe10, 0x0, 0x0, 0x0, r1}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff}])
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

26.233680433s ago: executing program 7 (id=1437):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = syz_usbip_server_init(0x1)
unshare(0x2040400)
unshare(0x2c020400)
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00')
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x9, 0x4, 0x78e, 0x401, 0x7})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1e2e81)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client1\x00', 0xffffffff80000004, "00000000ffffffe3", "e4a18560d99f00", 0x800000})
fremovexattr(r2, &(0x7f0000000080)=@random={'system.', '!],)[\x00'})
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

21.689777294s ago: executing program 7 (id=1453):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000100)={0x4, <r4=>r2})
r5 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r4})

21.455274462s ago: executing program 35 (id=1453):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000100)={0x4, <r4=>r2})
r5 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r4})

15.422345434s ago: executing program 5 (id=1481):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x402, &(0x7f0000000ec0)="$eJzs289rHOUbAPBnJj/6bdN+E2v91VbdNogBNWkSFQJeKioKgge9eZDQpKWYNKVZsS0eVARPxYsnPXnSP8CLB0G8exI81bsUghRvgqzM7kx33ezGbLLraufzgU3ed+Zd3vfZ2Wf3nXdmAyitSvYniTgcETcjYrJR/WuDSuPfb7ffO5c9kqjVXv81qbcba2laPG8ir8ykEelHSZzo0O/mtetvL6+trV7J63PV9ctzm9euP3VxffnC6oXVS4tLz5xZWFx6dmmxb7HeuH3yp43PX/vjk9M/Tzx/460XsvEezvdlcfWto1wlKlHLte97rN+dDdmRlnIyOsSB0JORiBjN8/hmTMZINA/eZLz44VAHBwxU9t10oG3b783i+zXgLpbEsEcADEfxRV+c2w/iPPjfbOts4wRoe/yjkeZtxtrOb/spO9u6+ubH32aPGNA6BABAq++y+c+TneY/adzf0u7/+bWhqYi4JyKORsS9EXEsIu6LqLd9ICIe7LH/SlH4X+Pf9vlPemvPwe1CNv97ruP8t5j9xdRIXjtSj38sOX9xbfVM/prMxNiBrD6/Qx8/vvLVl932VVrmf9kj67+YC+bjuDXatkC3slxd3k/MrbY+iDjecf6b3LkSkETEQxFxfI99fHO29lm3fX8f/2DVvoh4vOPxb14FTXa+PjlXfz/MFe+K7U6+e3mlW//Djj87/od2jn8qab1eu9l7H19Pndrqtm+v7//x5I16eTzfdnW5Wr0yHzGevLp9+0LzuUW9aJ/FPzPdOf+PRvOVOJEdx4h4OCIeiYhH87GfiojTETG9Q/wvTb+8uvf4ByuLf6Wn4997YX3h+x+69b+74/90vXQw37Kbz7/dDnA/rx0AAAD8V6T1e+CTdPZOOU1nZxv38B+LQ+naxmb1ifMb71xaadwrPxVjabHSNdmyHjqfrw0X9YW2+mK+bvzpyMF6ffbcxlrXRTHgHzHRJf8zv4wMe3TAwPm9FpSX/Ifykv9QXvIfykv+Q3nJfygv+Q/lJf+hvOQ/lJf8h1Laz+/6FRQU7tbCsD+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+uPPAAAA//958+U6")
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x4014001}, 0x9590f6cc3ea35512)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = open$dir(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @aes256, 0x0, @desc3})

12.361725133s ago: executing program 5 (id=1486):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000140)='./file1\x00', 0x3000c00, &(0x7f0000000200)=ANY=[], 0x1, 0x654, &(0x7f0000000a40)="$eJzs3c9vHGf9B/D3rje2N99+UzdN2hRVitVIgLBI/EMumAsBIeRDhapy4GwlTmNlkxbbRW6FqMvPaw/5A8rBN05I3COVCxe49epjJQSXXjCnRTM7a29tr38Ux2uX1yuafZ6ZZ+Z5Ps9nZ3Z214o2wP+s+Yk0nqSW+YnX1or1zY2Z1ubGzMNuPclIknrS6BSp/avdbn+c3E5nyUvFxqq7Wr9xHi/NvfHJZ5ufdtYa1VLuXz/ouKNZr5aMJxmqypPq785h/Y0e1l1te4ZFwm50EweDdiFJu/SPx50tP/3LM9stPZr7HX3omQ+cA7XOfXOPseRidaEX7wM6d8XOPftcWx90AAAAAHAKnt3KVtZyadBxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHlS/f5/rVrq3fp4at3f/x+utqWqny3Xj7f7k6cVBwAAAAAAAACcoutb2cpaLnXX27Xyb/6vlCtXysf/yztZyWKWczNrWchqVrOcqSRjPR0Nry2sri5PHeHI6X2PnD4k0JGqbJ7MvAEAAAAAAADgS+aXmd/5+z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwFtWSoU5TLlW59LPVGktEkw8V+68nfuvXz7MmgAwAAAIBT8OxWtrKWS931dq38zP9C+bl/NO/kUVazlNW0spi75XcBnU/99c2NmdbmxszDYtnb7/f+eawwyh7T+e5h/5GvlXs0cy9L5ZabuZO30srd1MsjC9e68ewf1wdFTLXvVo4Y2d2qLGb+YVXu8f6xJtvPMb9MGSszcmE7I5NVbEU2njs4E8d8dnaPNJX6drBXdo20axJfKOcXq7KYz2/75Xwgdmdiuufse+HgnCdf+9MffnK/9ejB/XsrE2dnSgdbr8qhqmyXj829mZjpycSLX8ZM9DVZZuLq9vp8fpgfZyLjeT3LWcrPspDVLGY8PyhrC9X5XOu55Ptk6vbn1l4/LJLh6gztPFnHi+mV8thLWcqP8lbuZjGvlv+mM5VvZTazmet5hq8e4ZW23ueqb///vsHf+HpVaSb5XVWeDUVen+vJa+9r7ljZ1rtlJ0uXT/5+1PhKVSnG+FVVng27MzHVk4nnD87E78uXlZXWowfL9xfePtpwlz+sKsV19JszdZcozpfLxZNVrn3+7Cjant+3bapsu7LdVt/TdnW7rXOlrve9Uoer93B7e5ou217ct22mbLvW07bf+y0AzryL37g43Px786/Nj5q/bt5vvjb6/ZFvj7w8nAt/vvCdxuTQV+sv1/6Yj/KLnc//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF7fy7nsPFlqtxeVdlXa7/X6fpvNc6f6c2SkO+tIzyaCmPJzkbGT+3+12u9pSOwvxHFxpF0bSfupjNZLs13S9d8sHAzl/BvzCBDx1t1Yfvn1r5d33vrn0cOHNxTcXH83Nzs5Nzs2+OnPr3lJrcbLzOOgogadh56Y/6EgAAAAAAAAAAACAozqZ/zPQTNJ/n/6jj57mVAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBzan4ijSepZWry5mSxvrkx0yqWbn1nz0aSepLaz5Pax8ntdJaM9XRX6zfO46W5Nz75bPPTnb4a3f3rBx13NOvVkvEkQ1V5Uv3d+a/7q23PsEjYjW7iYND+EwAA//9nMgTf")
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000009c0)=0x1234, 0x4)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES64], 0x47, 0xc1b, &(0x7f0000001940)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi27CufMO9LIlm3t+kPy7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER8/gsXTpxMB90KAOBRujT5lROnff8DwHvKZT//AwAAAAAAAAAAAADAYZeiiCORYujVzTRdPe+oX2y1b9ycGp/Y+7DBFClqUVT15aN+8tTpM585e260m3c//kH7aDw/eflC47nFa9eX5peX5+caU+3W7OLc/L7f4X6Pv9VINQCNay/emLtyZblx6vjpXS/fHH594Mkjw+fPHTs72q2dGp+YmOyp6et/x3/6be60wuOJKKIZKd4cfiM1I6IW9z8W9/jsPGyDVSdGqk5MjU9UHVloNdsr5YuplqtqEY2eg8a6Y/QI5uK+jEWsls0vGzxSdm/yenOpObMw3/hyc2mltdJabKdap7VlfxpRi9EUsRYRGwO3v11/FPHxSPHyic00ExFFdxw+XS0Mvnd7ag+hj/tQtrPRH7FWewzm7BAbiCIuRYpfvHY0Zssxy4/4ZMSXynw14pUyPxeRyg/GmYif7/E54vHUF0X8e6RYTJtprjofdM8rF7/a+GL7ymJPbfe88th/PzxKh/zcVI8iZqoz/mZ65xc7AAAAAAAAAAAAAAAAADxog1HEdyPFnzz7e9W64qjWpX/g/Oj7Xvjt3jXjz9zjfcra4xGxWtvfmtz+vHQ41cr/HkLH2Jd6FPGtvP7vjw66MQAAAAAAAAAAAAAAAAAAAO9pRbwQKb527Ghai957irfaVxuXmzMLnbvCdu/9271n+tbW1lYjdXIs53TO1ZxrOddzbuSMWj4+51jO6ZyrOddyrufcyBlFPj7nWM7pnKs513Ku59zIGX35+JxjOadzruZcy7mecyNnHJJ79wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvJvUooi3IsV3vrGZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmI45Fi/YV69XytFnE5It7a2trqPiJis8z7ddB9BQAAAAAAAAAAAAAAAAAAgEMrFfGJSPH0/22mRkTcHH594Mkjw+fPHTs7WkQRqSzprX9+8vKFxnOL164vzS8vz881ptqt2cW5+f3+cfWLrfaNm1PjEw+lM/c0+JDbP1h/bvH6S0utq19f2fP1ofqFmeWVpebs3i/HYNQipnv3jFQNnhqfqBq90Gq2q0NT7Q4NrEWM7bczAAAAAAAAAAAAAAAAAAAAHBpDqYgvRIqf/deZ1F033tdZ8/8rnWfFdu0rf7DzuwAWbsmu3t8fsJ/ttN+GjlQL7xtT4xMTkz27+/pvLy3blFIRz0SKT738kWo9fIqhPdfGl3XvL+uuncl1w79W1q3uqqqPTI1PNC4tto9dWFhYnG2uNGcW5huT15uz+/7FAQAAAAAAAAAAAAAAAAAAAHAXQ6mIn0SK//n7/0jd+87n9f99nWc96/9/q1pCX6mn3bmtWtv//mptf2f7A+dHhz7+7J32P4z1/2WbUiri25Hi9E8+Ut1Pv7v+f/qW2rLuzyLFG89+LNfVnijrmt3udN7xSmth/kRZ+9eR4tff7NZGVXs11z69U3uyrB2MFH+5ubv267n2Qzu1p8rao5HiB/+9d+2Hd2pPl7U/ixT/9HeNbu1QWfv7ufbITu3x2cWFuXsNazn/34sUf3vpd1K3z3ec/57f/7B6S267bc7vvv2g5n+4Z99qntc/zfPfvMf8n40U36t/LNd1xn4mv/5U9f+d+f9UpPjPf9tdeyXXfnCn9uR+u3XQyvn/bqT4/l/9dLvPef7zyO7MUO/8/2rf7tz+lLyN+R98gPP/VM++4dyu2bc5Fu9Fyy9988XmwsL8kg0bNmxsbxz0mYlHofz+//NI8f9HitS9jsnf/+/rPNu5/vvfb+18/5+/Jbcd0PXfB3v2nc9XLf19EfWVa9f7n4moL7/0zWOta82r81fn26dOnvjsZ8+ePHHybP8T3Yu7na19j927QTn/P4oUP/6HH2//HLP7+m/v6/+hW3LbAc3/07192nVds++heE8q5/9vIsVTn//p9s+bd7v+7/78f/QTu3P7798Bzf+HevYN53a13uZYAAAAAAAAAAAAPE6GUhF/ESl+949/M3XXEO3n3//N3ZLbDujffx3p2Tf3iNY17HuQAQAOkfL678OR4p+3fri9lnv39V/8Rre29/rvTg7D/f8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBxl6KIP4wUQ69upvWB8nlH/WKrfePm1PjE3ocNpkhRi6KqLx/1k6dOn/nM2XOj3bz78Q/aR+P5ycsXGs8tXru+NL+8PD/XmGq3Zhfn5vf9Dvd7/K1GqgFoXHvxxtyVK8uNU8dP73r55vDrA08eGT5/7tjZ0W7t1PjExGRPTV//O/7Tb5PusP+JKOKHkeLN4TfS9wcianH/Y3GPz87DNlh1YqTqxNT4RNWRhVazvVK+mGq5qhbR6DlorDtGj2Au7stYxGrZ/LLBI2X3Jq83l5ozC/ONLzeXVlorrcV2qnVaW/anEbUYTRFrEbExcPvb9UcR344UL5/YTP8yEFF0x+HTlya/cuL0vdtTewh93IeynY3+iLXaYzBnh9hAFPGPkeIXrx2NHwxE9EXnEZ+M+FKZr0a8UubnIlL5wTgT8fM9Pkc8nvqiiDORYjFtptcGyvNB97xy8auNL7avLPbUds8rj/33w6O057mpODTnpnoU8aPqjL+Z/tXfawAAAAAAAAAAAAAAAIBDpIi1SPG1Y0dTtT54e01xq321cbk5s9BZ1tdd+9ddM721tbXVSJ0cyzmdczXnWs71nBs5o5aPzzmWczrnas61nOs5N3JGkY/POZZzOudqzrWc6zk3ckZfPj7nWM7pTvZ1u7iW96/n3MgZh2TtHgAAAAAAAAAAAAAAAAAA8O5Si6K6i/t3vrGZtgY695eejk6uux/ou94vAwAA//9E4XBP")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_emit_vhci(&(0x7f0000001980)=ANY=[@ANYBLOB="043d0eaaaaaaaaaa1049956e36fc9c1ed3"], 0x11)
migrate_pages(0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)

11.365832054s ago: executing program 5 (id=1490):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$rds(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$rds(r1, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000001a40)=[@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}, @in={0x2, 0x0, @dev}, @in={0x2, 0x0, @multicast1}], 0x30)

10.581672228s ago: executing program 5 (id=1491):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xc4)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xc4)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}], 0x54)
write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4)
write$sndseq(r1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x8c)
write$sndseq(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}], 0x8c)
write$sndseq(r1, &(0x7f0000000b00)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"b5f8fbe8c20c855083221c33"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xc4)
write$sndseq(r1, &(0x7f00000004c0)=[{0x81, 0x80, 0x2, 0x4, @time={0x8, 0x5}, {0x3, 0x31}, {0xff, 0x7f}, @queue={0x80, {0x8, 0x4}}}, {0x8, 0x2, 0x8f, 0x6, @time={0x3, 0x1cddab93}, {0x0, 0x6e}, {0xf2, 0x30}, @addr={0x9, 0x1}}, {0x8, 0x7, 0x0, 0xe3, @time={0x200, 0x9}, {0x8}, {0x6, 0x1}, @raw8={"7aa27555b79e43403e7fa600"}}, {0x0, 0x7, 0x3, 0x6, @time={0x0, 0x7}, {0x8, 0xfd}, {0x93, 0x80}, @queue={0x14, {0x10, 0x80}}}, {0x6, 0x8, 0x3, 0x40, @tick=0xf6, {0x2, 0x8}, {0x3}, @ext={0x0, 0x0}}, {0xba, 0x6, 0x54, 0x7, @time={0xe5b, 0x10001}, {0x80, 0x8}, {0x2, 0x7f}, @control={0x5, 0x40, 0x5}}, {0x3, 0xc, 0x4, 0x6, @time={0x6, 0x1}, {0x10, 0x4}, {0x8, 0xa}, @raw8={"80408bcf99ee1216e4e59519"}}, {0xd2, 0x5, 0xd9, 0x0, @time={0x8, 0x4}, {0x54, 0x6}, {0x8, 0x8}, @result={0x5, 0x6}}, {0xcf, 0x1, 0xff, 0x5, @tick=0x9, {0x4, 0xb3}, {0x80, 0xd}, @control={0x66, 0x800, 0x3}}], 0xfc)

9.08153627s ago: executing program 5 (id=1495):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000000c0)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@compress}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, 0x0, 0x20008850)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x80)
write$dsp(r0, &(0x7f0000000100)='n', 0x1)
sendfile(r0, r3, 0x0, 0x1000000201005)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x41, 0x7a00, 0x0, 0x3)

7.287890807s ago: executing program 5 (id=1498):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000000400)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c756e695f786c6174653d302c696f636861727365743d63703933362c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c636f6465706167653d3733372c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c73686f72746e616d653d6d697865642c757466383d302c756e695f786c617465001d18"], 0x83, 0x371, &(0x7f0000001280)="$eJzs3U9oHFUYAPBvO5vdpFCTg1AUxNGboKGteNCLKSWFYi4qi38O4mJTlexa2MXF9tBtvIhHwaOevPWgBw89i6CINw9erSBV8aA9WbA6Mruzm93sJk3AbbX+fofhy3vvm/e9zJJMJuzbl1di4/RcnLl27WrMz5eivHJiJa6XYimSGLgYkypT2gCA/4brWRa/ZX17TCn1jslMywIAZqj3+//VQyMtb3+x2/isNAz/nGVdAMDsFH//L+w2Zn6njrMzKQkAmLGJ5/8PjnVXxv/VX/bYHwDuAM++8OJTx9cinknT+YjmO51apxZPbPUfPxOvRyPW40gsxo2I/o1Cfij1jidPra0eSdO0Gz8uRS3P6NQimt1OrX+ncDzp5VfjaCzGUpFf3G1kWZac/HRt9WjaExEXu735o1nq1ObiYDH/dwdjPY5FGndP5EecWls9lhYnqDUH+d2Iza3nFnn9y7EY37wSZ6MRpyPPrUT8np9hbfXC0TQ9ka2N5Xdq1d64vp2egLRmd2EAAAAAAAAAAAAAAAAAAAAAALijLadDS8P9b7Kt/XuWl6f0RzPp1Pr5xf5Am/39gbJqFln261uP1N5NYmx/oO3783Rq5Thwe5cOAAAAAAAAAAAAAAAAAAAA/xrtc5WoNxrrrfa58xujQbfVPncgIvKWN776+POFmBxzk6BczDHSlRZN5zfqWTIYnCVjY4ogyScftFy6nGct5IfRMdXhKqaWUd25q9E49MAPH2y13JcMzvzXgWFWEtMXmGwrYzRo3tUvaT/fqGFw7CZjrmRZtlP6hZcms6IUUd7/hds9yPLgy6uv3fNo+/BjvZbPsr6HHl587sr7H/28UW/kM0fvClZa7RvZRr34OuqXqvuZNBl5/ZSiHwxO1RtT3i19c7ylnnz7y/P3vvf13mbPRlvenDImr63eaHyyvavSD/Iyt3UtTJtrbrDAJ4cvm/v7Z15vtcv/2IU7/OFK/fKF73/aa9bIDwkbdQAAAAAAAAAAAAAAAAAAwC0x8l7xQvFm37ndsh5/evaVAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCts/X5/yPB5kTLXoI/ujHZVV1vtSMqt3uZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8z/0dAAD//+JLbdg=")
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

6.175108547s ago: executing program 4 (id=1500):
socket(0x10, 0x3, 0x0)
syz_mount_image$erofs(&(0x7f00000012c0), &(0x7f0000000240)='./file0\x00', 0x2000401, &(0x7f0000000000)=ANY=[], 0x1, 0x22f, &(0x7f0000001080)="$eJzsmL9uE0EQxr/dO59tAgiaFDQURCIIYsfnJk0EQUKiQkgJ/yqwyBEFOzFyDolYQiiioYGOAomGghegiEQqCjpeIBIUgIQEEi4oaNIcmt31ee3D+HJJx/yK1bc7s7sz470pDIZh/lu+fvn9+en5mYUzAA5iAnmz/t0BhNBaWv6fXtw//Xz2wss3H1+/Xz38cGvwPNoSRf0LhX/c7wJ4N+fgUXxTvHuHxISZLECS/kH6CiROmfVrECgZfQsSV40OIHDD6LuWbpJ/qXRnuRGUbjcbiySmaajQ4NNQHYyvsyGwaOZR5EBY9rX1dr3WaAQtS7jG9hdTJhFfVh9P1C8HD505mUMcXxRRFa8/ebxB825tpnX9FBVIVEwSVQjMm/UZ5Lu10SWx8j/m9s53Evkns915q3zJMCrJghazv/alWCQ8aHF0Kts5k5TOuaTpCLLEg/5dOfRMVMn9SXno01HCHf0Wz5ofdHdXjNEDuJQ2i2dFAHvKK58qwt1m0SfGO1sfkqZvo7ZHYvQVIv37KaSNufshZq9qEe263EvFhgW2van7R/RK4KTVn1yrf5TDlXvltfX21PJKbSlYClZ9v5of0zbViMpqTPS9Xn8uqv50wDo/N8TXkx4e1MKwVdGjJzwUEYYtX81967OZ32z+vGm2hbgI4ISeUNv04hOdxB3C0z5S+ZKaTDoxDMMwDMMwDMMwDMMwDMNk4jiE+heU2D6EWA/gX1befwIAAP//gpVaLg==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
chdir(&(0x7f00000001c0)='./file0\x00')

5.16131256s ago: executing program 4 (id=1502):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0xa0000, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48)

5.023897291s ago: executing program 1 (id=1504):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0xfffffffd)
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0xfffffffd)
r3 = socket$inet(0xa, 0x801, 0x84)
listen(r3, 0x8)
r4 = socket$inet(0xa, 0x801, 0x84)
listen(r4, 0x8)
r5 = socket$inet(0xa, 0x801, 0x84)
listen(r5, 0x1)
r6 = socket$netlink(0x10, 0x3, 0x4)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

3.642658153s ago: executing program 4 (id=1505):
socket(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403, 0x0, 0x3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_TYPE={0x6}]}}}]}, 0x40}}, 0x0)

3.359838477s ago: executing program 3 (id=1508):
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x10e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_buf(r2, 0x6, 0x21, 0x0, 0x0)
write$sysctl(r1, &(0x7f0000000000)='2\x00', 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000000c0)={'team0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}})

2.480413098s ago: executing program 1 (id=1509):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYRES64], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/18, @ANYBLOB="ebffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.478331678s ago: executing program 4 (id=1510):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYRES64, @ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/18, @ANYBLOB="ebffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.362519588s ago: executing program 1 (id=1511):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60040, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@delchain={0x24, 0x65, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

2.362118688s ago: executing program 3 (id=1512):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000240)="957bc3871f54da01138019ebbb3587e39b0af28eea1dc1c5b6b0f27c1111d0f8b71e196a9bb19b466172df083b602f37901653c0b41e9ea3218f6680923cb44fcde97805fe3eaf057d955a0de7c0d566c5549dfde8c0703c0f633cd8c5f98fc10f484ec2ab2611e94e", 0x69}, {&(0x7f0000000380)="eed4fbdbc377aaa1f97890499828239f7ce11e4611999338e6da1d1d2deca77c81b916aaaa389580ca6ed38e8d0330bc2f0cce161f489d863da5d3adc46e5c8160ccc889403f20dae567d9969efc4355fd27ba3d6e13f78bf9e57c4e3b723dd7b8540917d4c38bd6d37c70c43032fb1cae37de9f57c3bf053fa22d788b5629b444cd80b5c5257223c6d71b597d9c77a96733b2c18bf7adbe30f66959119bbed4e063dbbad441", 0xa6}, {&(0x7f0000000440)="b9c8ea7741e24130b11e66fa8118a2cda01b3f0acd758075e1c9d7949dcabe424ea007a38ff2c228d330852a68f81c6d7ce898bd7e628ae1242068c2e81985e9ee753e1d02319449f6c878bb5726dbc4eda9097bc6315fec72ff234fb9f26512af7b647069e3415c0338618c7adb1ac5b2f77a9effa9b33193a6da989be1900ce5158f956fcb9510d3850911ba7792fbc8ceaff1c9d7ceba64850bf02eeae9c814fb4cdb5e0e9b836ea2cca20b60440969419d09b1a0bbfb1e25c9dc429446bc2ddb467d972c56938e24", 0xca}, {&(0x7f0000000140)="6b7a240a296a37fa753082010bbab360f5b4702580e51f24741ca0e156030aea99d1b437951913173b3187878dc29f77c7a9ec2bf03cada5b063cb819d7f8bf1dd40a6db89c1a2955a4cdde24c64c76d6020de2dd053d020203535947f", 0x5d}, {0x0}, {&(0x7f0000000300)="d4eb0cb9b5afe8a92397fd6083599c6c", 0x10}], 0x6, &(0x7f00000005c0)=[@tclass={{0x14, 0x29, 0x43, 0x2}}], 0x18}}], 0x1, 0x40004)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff00000000000000000004851000000600000018000000", @ANYRES32, @ANYBLOB="0000000000000004180000000000001000000000000200009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100200000ffffb702000008000000b50a00000000000085000000b400000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.342610159s ago: executing program 4 (id=1513):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001400), 0x1, 0x0)
ioctl$SNDCTL_SEQ_THRESHOLD(r4, 0x4004510d, 0xffffffffffffffff)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000001800dd8d00000000000000000200000000000006000000000600150004000000140016"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmmsg(r5, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2.271583515s ago: executing program 3 (id=1514):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e21, @local}], 0x10)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0xf16, 0x400, 0xfff, 0x18, 0x1}, 0x14)
listen(r1, 0xfffffffa)
sendmsg$inet_sctp(r0, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)

2.115686678s ago: executing program 3 (id=1515):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x1, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20004800)

2.057996143s ago: executing program 1 (id=1516):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_open_procfs$namespace(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x21d, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff8f, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x10000000, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

1.299424614s ago: executing program 1 (id=1517):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000018c0)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6000003, 0x42031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)

993.524459ms ago: executing program 3 (id=1518):
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0x1d, r0, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ppp(0xffffffffffffff9c, 0x0, 0x1610c3, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000000)=0x3)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r4, r3, &(0x7f0000002080)=0x64, 0x23b)

649.681867ms ago: executing program 4 (id=1519):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0xfffffffd)
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0xfffffffd)
r3 = socket$inet(0xa, 0x801, 0x84)
listen(r3, 0x8)
r4 = socket$inet(0xa, 0x801, 0x84)
listen(r4, 0x8)
r5 = socket$inet(0xa, 0x801, 0x84)
listen(r5, 0x1)
r6 = socket$netlink(0x10, 0x3, 0x4)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

48.387947ms ago: executing program 1 (id=1520):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000003c0)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x8001)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0006"], 0x1c}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 3 (id=1521):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket(0x10, 0x803, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

kernel console output (not intermixed with test programs):

, 0] type 2 family 0 port 6081 - 0
[   76.368322][   T13] cfg80211: failed to load regulatory.db
[   76.431875][  T718] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   76.449979][  T718] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   76.493692][ T4380] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.538019][ T4546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.65'.
[   76.557343][ T4546] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.829945][ T4535] EXT4-fs error (device loop4): __ext4_get_inode_loc:4321: comm syz.4.61: Invalid inode table block 1422223676860481803 in block_group 0
[   76.845874][ T4545] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm ext4lazyinit: Invalid block bitmap block 14930446441942504304 in block_group 0
[   76.867989][ T4557] loop3: detected capacity change from 0 to 8
[   76.924129][ T4557] SQUASHFS error: xz decompression failed, data probably corrupt
[   76.933613][ T4557] SQUASHFS error: Failed to read block 0x108: -5
[   76.940010][ T4557] SQUASHFS error: Unable to read metadata cache entry [106]
[   76.947333][ T4557] SQUASHFS error: Unable to read inode 0x11f
[   76.950832][ T4546] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.973810][ T4535] EXT4-fs error (device loop4): __ext4_get_inode_loc:4321: comm syz.4.61: Invalid inode table block 1422223676860481803 in block_group 0
[   76.998537][ T4535] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5836: Corrupt filesystem
[   77.050782][ T4535] EXT4-fs error (device loop4): ext4_dirty_inode:6040: inode #12: comm syz.4.61: mark_inode_dirty error
[   77.315970][ T1280] EXT4-fs error (device loop4): __ext4_get_inode_loc:4321: comm kworker/u4:5: Invalid inode table block 1422223676860481803 in block_group 0
[   77.861008][ T4577] loop0: detected capacity change from 0 to 2048
[   78.194036][ T4577] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   78.204158][ T4577] NILFS (loop0): unrecognized mount option "#! 
[   78.204158][ T4577] "
[   79.740564][ T4380] device veth0_vlan entered promiscuous mode
[   79.936783][ T1257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   79.984286][ T1257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   80.061364][ T1257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   80.117587][ T1257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   80.126766][ T1257] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   80.134778][ T1257] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   80.172258][ T4380] device veth1_vlan entered promiscuous mode
[   80.885972][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   80.905260][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   82.090651][ T4631] loop3: detected capacity change from 0 to 764
[   82.243781][ T4631] rock: directory entry would overflow storage
[   82.250479][ T4631] rock: sig=0x5245, size=8, remaining=5
[   82.749455][ T4380] device veth0_macvtap entered promiscuous mode
[   82.778331][ T4380] device veth1_macvtap entered promiscuous mode
[   82.820931][ T4640] loop0: detected capacity change from 0 to 2048
[   82.853641][ T4640] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   82.863488][ T4640] NILFS (loop0): unrecognized mount option "#! 
[   82.863488][ T4640] "
[   82.954729][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.011219][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.037008][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.083990][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.102090][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.134993][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.149780][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.164524][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.175416][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.194479][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.220599][ T4380] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.270391][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   83.308453][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   83.359973][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.377277][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.445862][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.509941][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.543907][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.575797][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.595811][ T4380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.607109][ T4380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.698589][ T4380] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.641991][ T4645] syz.3.85 (4645) used greatest stack depth: 19680 bytes left
[   85.793061][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   85.802364][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.812930][ T4380] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.828962][ T4380] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.841010][ T4380] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.858350][ T4380] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.966279][ T4601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.974503][ T4601] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.013074][ T4601] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   87.039258][ T4601] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.139747][ T4601] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.112943][    T9] device hsr_slave_0 left promiscuous mode
[   89.126566][    T9] device hsr_slave_1 left promiscuous mode
[   89.136371][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.143895][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.169363][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.187941][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.256434][    T9] device bridge_slave_1 left promiscuous mode
[   89.264290][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.328793][    T9] device bridge_slave_0 left promiscuous mode
[   89.388511][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.235924][ T4746] sched: RT throttling activated
[   90.572761][ T4744] loop0: detected capacity change from 0 to 764
[   91.226149][ T4744] rock: directory entry would overflow storage
[   91.235395][ T4744] rock: sig=0x5245, size=8, remaining=5
[   91.276398][    T9] device veth1_macvtap left promiscuous mode
[   91.311922][    T9] device veth0_macvtap left promiscuous mode
[   91.349336][    T9] device veth1_vlan left promiscuous mode
[   91.416057][    T9] device veth0_vlan left promiscuous mode
[   93.416313][    T9] team0 (unregistering): Port device team_slave_1 removed
[   93.671480][    T9] team0 (unregistering): Port device team_slave_0 removed
[   94.701812][ T4788] fuse: Bad value for 'fd'
[   94.712105][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   94.769559][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   95.193865][ T4798] loop0: detected capacity change from 0 to 764
[   95.822859][    T9] bond0 (unregistering): Released all slaves
[   95.859750][ T4798] rock: directory entry would overflow storage
[   95.866098][ T4798] rock: sig=0x5245, size=8, remaining=5
[   96.081500][ T4378] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   96.132337][ T4801] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   96.207718][ T4801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   96.215253][ T4801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   96.252845][ T4801] device bridge_slave_0 left promiscuous mode
[   96.273174][ T4801] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.293422][ T4801] device bridge_slave_1 left promiscuous mode
[   96.301941][ T4801] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.322132][ T4801] bond0: (slave bond_slave_0): Releasing backup interface
[   96.344353][ T4801] bond0: (slave bond_slave_1): Releasing backup interface
[   96.411005][ T4801] team0: Failed to send options change via netlink (err -105)
[   96.424310][ T4801] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[   96.457583][ T4801] team0: Port device team_slave_0 removed
[   96.485889][ T4801] team0: Failed to send options change via netlink (err -105)
[   96.493817][ T4801] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[   96.510725][ T4801] team0: Port device team_slave_1 removed
[   97.784721][ T4801] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.823480][ T4801] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.032535][ T4802] team0: Failed to send options change via netlink (err -105)
[   98.045571][ T4802] team0: Mode changed to "loadbalance"
[  100.421096][ T4863] device team0 entered promiscuous mode
[  100.434118][ T4863] device team_slave_0 entered promiscuous mode
[  100.444207][ T4863] device team_slave_1 entered promiscuous mode
[  100.454413][ T4863] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  100.516578][ T4863] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  101.460728][   T26] audit: type=1326 audit(1754412206.465:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  101.492744][ T4865] bridge0: port 3(vlan2) entered blocking state
[  101.499290][ T4865] bridge0: port 3(vlan2) entered disabled state
[  101.508732][ T4865] device vlan2 entered promiscuous mode
[  101.518456][ T4865] device bond0 entered promiscuous mode
[  101.524311][ T4865] device bond_slave_0 entered promiscuous mode
[  101.531007][ T4865] device bond_slave_1 entered promiscuous mode
[  101.537574][ T4865] device macvlan2 entered promiscuous mode
[  101.596762][   T26] audit: type=1326 audit(1754412206.525:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  101.752736][   T26] audit: type=1326 audit(1754412206.525:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  101.774810][    C0] vkms_vblank_simulate: vblank timer overrun
[  102.102965][ T4888] netlink: 12 bytes leftover after parsing attributes in process `syz.4.143'.
[  102.498907][ T4891] netlink: 'syz.3.146': attribute type 25 has an invalid length.
[  102.529047][   T26] audit: type=1326 audit(1754412206.525:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  102.922636][   T26] audit: type=1326 audit(1754412206.525:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  102.970508][   T26] audit: type=1326 audit(1754412206.525:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  102.992785][    C0] vkms_vblank_simulate: vblank timer overrun
[  103.949064][ T4913] mip6: mip6_rthdr_init_state: state's mode is not 2: 4
[  103.965056][ T4911] loop0: detected capacity change from 0 to 512
[  103.993698][   T26] audit: type=1326 audit(1754412206.525:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  104.063535][   T26] audit: type=1326 audit(1754412206.525:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  104.150199][ T4911] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  104.172210][   T26] audit: type=1326 audit(1754412206.525:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  104.181162][ T4910] netlink: 4 bytes leftover after parsing attributes in process `syz.5.152'.
[  104.208253][ T4910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.245984][ T4911] Zero length message leads to an empty skb
[  104.262809][ T4910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.272885][   T26] audit: type=1326 audit(1754412206.525:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.1.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  104.340693][ T4927] ODEBUG: Out of memory. ODEBUG disabled
[  106.259288][ T4489] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  106.265864][ T4977] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  106.330500][ T4489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.364416][ T4489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.795823][ T4268] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  107.166070][ T4268] usb 1-1: Using ep0 maxpacket: 8
[  107.765959][ T4268] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  109.112798][ T4268] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.121336][ T4268] usb 1-1: Product: syz
[  109.125518][ T4268] usb 1-1: Manufacturer: syz
[  109.130435][ T4268] usb 1-1: SerialNumber: syz
[  109.256838][ T4268] usb 1-1: config 0 descriptor??
[  110.467170][ T4268] dvb_usb_rtl28xxu 1-1:0.0: chip type detection failed -110
[  110.474746][ T4268] dvb_usb_rtl28xxu: probe of 1-1:0.0 failed with error -110
[  110.697703][ T5035] netlink: 28 bytes leftover after parsing attributes in process `syz.1.182'.
[  110.719941][ T4268] usb 1-1: USB disconnect, device number 2
[  116.184658][ T5111] netlink: 28 bytes leftover after parsing attributes in process `syz.5.199'.
[  118.241797][ T5147] loop0: detected capacity change from 0 to 1024
[  118.335686][ T5147] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
[  118.335686][ T5147] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  118.335686][ T5147] 
[  119.329786][ T5147] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable,init_itable=0x0000000000000400,inode_readahead_blks=0x0000000000000002,dioread_lock,norecovery,max_dir_size_kb=0x00000000004007b1,resgid=0x0000000000000000,grpquota,minixdf,nouser_xattr,barrier=0x0000000000000002,errors=continue. Quota mode: writeback.
[  120.213769][ T5147] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5836: Corrupt filesystem
[  121.204605][ T5147] EXT4-fs error (device loop0): ext4_write_end:1347: inode #18: comm syz.0.211: mark_inode_dirty error
[  121.319054][ T5175] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.211: Invalid block bitmap block 0 in block_group 0
[  121.432542][ T5175] EXT4-fs error (device loop0): ext4_discard_preallocations:5131: comm syz.0.211: Error -117 reading block bitmap for 0
[  122.226657][ T5175] EXT4-fs error (device loop0): ext4_ext_remove_space:2846: inode #18: comm syz.0.211: path[1].p_hdr == NULL
[  122.273818][ T5175] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5836: Corrupt filesystem
[  122.299025][ T5175] EXT4-fs error (device loop0): ext4_punch_hole:4113: inode #18: comm syz.0.211: mark_inode_dirty error
[  122.343876][ T4186] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[  123.406516][ T4186] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5836: Corrupt filesystem
[  123.450178][ T5208] loop5: detected capacity change from 0 to 512
[  123.457878][ T4186] EXT4-fs error (device loop0): ext4_dirty_inode:6040: inode #18: comm syz-executor: mark_inode_dirty error
[  123.498381][ T5208] EXT4-fs (loop5): Unrecognized mount option "smackfstransmute=:'*." or missing value
[  123.695387][ T5221] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  123.710010][ T5221] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  124.281365][ T5221] bridge0: port 3(vlan2) entered blocking state
[  125.228532][ T5221] bridge0: port 3(vlan2) entered disabled state
[  125.264940][ T5221] device vlan2 entered promiscuous mode
[  125.425943][ T5221] device bond0 entered promiscuous mode
[  125.440319][ T5221] device bond_slave_0 entered promiscuous mode
[  125.453928][ T5236] loop5: detected capacity change from 0 to 512
[  125.460536][ T5221] device bond_slave_1 entered promiscuous mode
[  125.467245][ T5221] device macvlan2 entered promiscuous mode
[  125.543825][ T1280] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.565553][ T5236] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  125.643482][ T1280] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.743254][ T1280] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.780542][ T5252] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  126.667409][ T5261] loop5: detected capacity change from 0 to 8192
[  127.621981][ T5261] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal
[  127.642879][ T5261] REISERFS (device loop5): using ordered data mode
[  127.649761][ T5261] reiserfs: using flush barriers
[  127.666071][ T5261] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  127.686038][ T5261] REISERFS (device loop5): checking transaction log (loop5)
[  127.705604][ T5261] REISERFS warning: reiserfs-5083 is_leaf: wrong item type for item *3.5*[1 2 0xbff01f400000000 DIRECT], item_len 0, item_location 0, free_space(entry_count) 0
[  127.722496][ T5261] REISERFS error (device loop5): vs-5150 search_by_key: invalid format found in block 531. Fsck?
[  127.733395][ T5261] REISERFS (device loop5): Remounting filesystem read-only
[  127.740938][ T5261] REISERFS error (device loop5): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD]
[  128.653996][ T1280] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.097298][ T5274] mmap: syz.4.243 (5274) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  129.167076][ T5276] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  129.609279][ T4234] Bluetooth: hci1: command 0x0409 tx timeout
[  129.659814][ T5254] chnl_net:caif_netlink_parms(): no params data found
[  130.001859][ T5254] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.415892][ T5254] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.532060][ T5254] device bridge_slave_0 entered promiscuous mode
[  130.545775][ T5254] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.552928][ T5254] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.561256][ T5254] device bridge_slave_1 entered promiscuous mode
[  130.586285][ T5254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.631860][ T5254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.903252][   T23] Bluetooth: hci1: command 0x041b tx timeout
[  132.132718][ T5254] team0: Port device team_slave_0 added
[  132.689449][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  132.699774][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  133.448753][ T5254] team0: Port device team_slave_1 added
[  133.522764][ T5340] kAFS: unable to lookup cell '.,'
[  134.260586][ T4242] Bluetooth: hci1: command 0x040f tx timeout
[  134.300462][ T5254] batman_adv: batadv0: Adding interface: batadv_slave_0
[  134.307661][ T5254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.333973][ T5254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  134.356530][ T5254] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.363770][ T5331] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  134.394797][ T5346] syz.3.258 uses obsolete (PF_INET,SOCK_PACKET)
[  134.555972][ T5254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  135.263927][ T5254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.295825][ T2399] Bluetooth: hci1: command 0x0419 tx timeout
[  136.603563][ T5254] device hsr_slave_0 entered promiscuous mode
[  136.616075][ T5254] device hsr_slave_1 entered promiscuous mode
[  136.628597][ T5254] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  136.730276][ T5254] Cannot create hsr debugfs directory
[  139.417033][ T5393] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  139.425628][ T5393] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  139.605885][ T1280] device hsr_slave_0 left promiscuous mode
[  139.655945][ T1280] device hsr_slave_1 left promiscuous mode
[  140.168156][ T1280] device veth1_macvtap left promiscuous mode
[  140.174782][ T1280] device veth0_macvtap left promiscuous mode
[  140.192369][ T1280] device veth1_vlan left promiscuous mode
[  140.245095][ T1280] device veth0_vlan left promiscuous mode
[  140.849572][ T5438] overlayfs: failed to clone upperpath
[  141.198219][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  141.231886][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  141.258980][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000
[  141.282943][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x4000
[  141.303165][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000
[  141.339331][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000
[  141.365637][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x4000
[  141.387643][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000
[  141.420757][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x4000
[  141.430784][ T5446] kvm [5445]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x4000
[  142.273530][ T1280] bond0 (unregistering): Released all slaves
[  143.601251][ T5254] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  143.641086][ T5254] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  143.698330][ T5254] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  143.750997][ T5254] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  143.955803][   T21] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  144.246056][   T21] usb 6-1: Using ep0 maxpacket: 16
[  144.386506][   T21] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  144.510671][   T21] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  144.637336][ T5254] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.730648][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  144.748867][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  144.816235][   T21] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  144.836028][   T21] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.866335][   T21] usb 6-1: Product: syz
[  144.870527][   T21] usb 6-1: Manufacturer: syz
[  144.904535][   T21] usb 6-1: SerialNumber: syz
[  144.907748][ T5254] 8021q: adding VLAN 0 to HW filter on device team0
[  144.942916][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  144.972221][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  145.015637][ T4332] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.022817][ T4332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.597929][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  145.609325][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  145.619573][ T4332] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.626697][ T4332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.649752][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  145.689390][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  145.713870][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  145.758285][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  145.772250][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  145.784871][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  145.794282][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  145.818654][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  145.846873][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  145.857441][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  145.868393][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  145.878750][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  146.547805][ T5254] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  146.586061][   T21] usb 6-1: 0:2 : does not exist
[  146.661876][   T21] usb 6-1: USB disconnect, device number 2
[  148.487762][ T5545] overlayfs: failed to clone upperpath
[  149.804805][ T5254] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.970620][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  149.982265][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  150.877041][ T5574] loop5: detected capacity change from 0 to 764
[  151.442324][ T5574] rock: directory entry would overflow storage
[  151.449048][ T5574] rock: sig=0x5245, size=8, remaining=5
[  152.142564][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  152.192111][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  152.278021][ T5254] device veth0_vlan entered promiscuous mode
[  152.336424][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  152.417085][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  152.442585][ T5254] device veth1_vlan entered promiscuous mode
[  152.450156][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  152.476896][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  152.484796][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  152.576234][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  152.666213][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  152.787302][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  152.970514][ T5254] device veth0_macvtap entered promiscuous mode
[  153.123380][ T5254] device veth1_macvtap entered promiscuous mode
[  153.226819][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  153.320194][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  153.403311][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.414096][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.562918][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.652615][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.849514][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.185485][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.323150][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.400884][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.573890][ T5254] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.583817][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.594645][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.605753][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.616817][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.631056][ T5254] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.641840][ T5254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.735677][ T5631] netlink: 452 bytes leftover after parsing attributes in process `syz.4.315'.
[  155.282098][ T5254] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.538947][ T5254] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.692969][ T5254] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.702068][ T5254] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.711399][ T5254] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.745920][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  155.765271][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  155.802168][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  155.823691][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  156.301586][ T4601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.312790][ T4601] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.372261][ T4797] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  156.488201][ T4797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  156.589189][ T4797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.695859][ T5265] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  157.543467][ T5680] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  158.287503][ T5694] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  158.525620][ T5700] tipc: Started in network mode
[  158.547407][ T5700] tipc: Node identity ca196db7c652, cluster identity 4711
[  158.558860][ T5700] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  158.623431][ T5700] device syzkaller0 entered promiscuous mode
[  159.126710][ T5706] tipc: Resetting bearer <eth:syzkaller0>
[  159.243401][ T5699] tipc: Resetting bearer <eth:syzkaller0>
[  159.287464][ T5699] tipc: Disabling bearer <eth:syzkaller0>
[  159.761299][ T5722] ip6t_rpfilter: unknown options
[  165.997798][ T5788] Cannot find add_set index 0 as target
[  166.471933][ T5801] loop6: detected capacity change from 0 to 1024
[  169.119395][ T5831] loop5: detected capacity change from 0 to 256
[  170.470715][ T5831] FAT-fs (loop5): Directory bread(block 64) failed
[  170.478057][ T5831] FAT-fs (loop5): Directory bread(block 65) failed
[  170.489121][ T5831] FAT-fs (loop5): Directory bread(block 66) failed
[  170.496573][ T5831] FAT-fs (loop5): Directory bread(block 67) failed
[  170.503844][ T5831] FAT-fs (loop5): Directory bread(block 68) failed
[  170.510592][ T5831] FAT-fs (loop5): Directory bread(block 69) failed
[  170.517920][ T5831] FAT-fs (loop5): Directory bread(block 70) failed
[  170.524735][ T5831] FAT-fs (loop5): Directory bread(block 71) failed
[  170.538040][ T5831] FAT-fs (loop5): Directory bread(block 72) failed
[  170.544883][ T5831] FAT-fs (loop5): Directory bread(block 73) failed
[  172.139560][ T5855] Cannot find add_set index 0 as target
[  174.040895][ T5867] cgroup: Invalid name
[  174.990661][ T5885] loop5: detected capacity change from 0 to 1024
[  175.619809][ T5885] __quota_error: 30 callbacks suppressed
[  175.619826][ T5885] Quota error (device loop5): find_tree_dqentry: Getting block too big (64 >= 6)
[  175.635616][ T5885] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  175.645111][ T5885] EXT4-fs error (device loop5): ext4_acquire_dquot:6207: comm syz.5.370: Failed to acquire dquot type 0
[  175.661259][ T5885] EXT4-fs error (device loop5): mb_free_blocks:1865: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  175.678318][ T5885] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #13: comm syz.5.370: corrupted inode contents
[  175.693694][ T5885] EXT4-fs error (device loop5): ext4_dirty_inode:6040: inode #13: comm syz.5.370: mark_inode_dirty error
[  175.711513][ T5885] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #13: comm syz.5.370: corrupted inode contents
[  175.725212][ T5885] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #13: comm syz.5.370: mark_inode_dirty error
[  175.737171][ T5885] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #13: comm syz.5.370: corrupted inode contents
[  175.755218][ T5885] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  175.765139][ T5885] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #13: comm syz.5.370: corrupted inode contents
[  175.777832][ T5885] EXT4-fs error (device loop5): ext4_truncate:4273: inode #13: comm syz.5.370: mark_inode_dirty error
[  175.789433][ T5885] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  175.801923][ T5885] EXT4-fs (loop5): 1 truncate cleaned up
[  175.807661][ T5885] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  176.138834][   T23] Bluetooth: hci3: command 0x0406 tx timeout
[  176.139825][   T23] Bluetooth: hci0: command 0x0406 tx timeout
[  176.595457][   T13] Bluetooth: hci2: command 0x0406 tx timeout
[  180.719454][ T5938] netlink: 'syz.5.382': attribute type 10 has an invalid length.
[  180.804055][ T5938] netlink: 40 bytes leftover after parsing attributes in process `syz.5.382'.
[  180.968156][ T5938] batman_adv: batadv0: Adding interface: virt_wifi0
[  181.042543][ T5938] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  181.298145][ T5938] batman_adv: batadv0: Interface activated: virt_wifi0
[  183.677641][ T5978] capability: warning: `syz.1.390' uses deprecated v2 capabilities in a way that may be insecure
[  191.513879][ T4242] Bluetooth: hci4: command 0x0406 tx timeout
[  191.574474][ T6047] netlink: 32 bytes leftover after parsing attributes in process `syz.6.405'.
[  194.602073][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  194.608732][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  197.870820][ T6107] netlink: 64 bytes leftover after parsing attributes in process `syz.4.420'.
[  198.586389][ T6113] overlayfs: failed to clone upperpath
[  199.311859][ T6081] overlayfs: failed to clone lowerpath
[  200.710132][ T6140] loop6: detected capacity change from 0 to 1024
[  203.289519][ T6140] EXT4-fs: failed to create workqueue
[  203.295192][ T6140] EXT4-fs (loop6): mount failed
[  203.907826][ T6166] loop6: detected capacity change from 0 to 16
[  203.940309][ T6166] erofs: (device loop6): mounted with root inode @ nid 36.
[  204.976175][   T26] audit: type=1800 audit(1754412309.565:42): pid=6173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.436" name="file1" dev="loop6" ino=86 res=0 errno=0
[  205.260306][ T6180] netlink: 16 bytes leftover after parsing attributes in process `syz.1.439'.
[  205.479393][ T6184] netlink: 16 bytes leftover after parsing attributes in process `syz.1.439'.
[  206.326316][ T6194] netlink: 16 bytes leftover after parsing attributes in process `syz.6.438'.
[  206.761667][ T4199] Bluetooth: hci2: Received unexpected HCI Event 00000000
[  206.829765][ T6202] netlink: 16 bytes leftover after parsing attributes in process `syz.6.438'.
[  210.200840][ T6227] loop5: detected capacity change from 0 to 32768
[  214.407655][ T6307] tipc: Started in network mode
[  214.415522][ T4176] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 scanned by udevd (4176)
[  214.616622][ T6307] tipc: Node identity 4, cluster identity 4711
[  214.622814][ T6307] tipc: Node number set to 4
[  218.742948][ T6364] syz.1.470 sent an empty control message without MSG_MORE.
[  219.547445][ T6366] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  220.318484][ T4199] Bluetooth: hci4: Received unexpected HCI Event 00000000
[  222.487505][ T6374] overlayfs: failed to clone upperpath
[  225.303909][ T6440] netlink: 16 bytes leftover after parsing attributes in process `syz.4.489'.
[  228.495742][ T6467] loop5: detected capacity change from 0 to 4096
[  229.855126][ T6485] overlayfs: failed to clone lowerpath
[  229.865977][ T6485] overlayfs: failed to clone upperpath
[  230.928499][ T6488] ntfs3: loop5: failed to convert "0080" to cp864
[  232.472171][ T6501] loop6: detected capacity change from 0 to 32768
[  233.826853][ T6508] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  233.835584][   T26] audit: type=1800 audit(1754412338.825:43): pid=6508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.500" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  233.836812][ T6508] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  233.836858][ T6508] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  239.073625][ T6571] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  239.084950][ T6571] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  243.793983][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  245.468111][ T6651] netlink: 'syz.5.531': attribute type 21 has an invalid length.
[  245.476226][ T6651] netlink: 156 bytes leftover after parsing attributes in process `syz.5.531'.
[  251.742380][ T6698] sctp: failed to load transform for md5: -2
[  253.330110][ T6737] mkiss: ax0: crc mode is auto.
[  253.418659][   T26] audit: type=1326 audit(1754412358.425:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6723 comm="syz.5.548" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f79fe3e9b69 code=0x0
[  255.560268][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  255.567008][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  256.008574][ T6763] xt_CT: You must specify a L4 protocol and not use inversions on it
[  256.727654][ T6755] syz.5.552 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  258.519510][ T6764] loop6: detected capacity change from 0 to 2048
[  258.892278][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.4.557'.
[  259.970693][ T6764] NILFS (loop6): error -4 creating segctord thread
[  260.036611][ T6796] overlayfs: failed to get index nlink (file1/bus, err=-61)
[  260.546678][ T6801] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  260.765013][ T6801] CIFS: Unable to determine destination address
[  263.362156][ T6825] loop6: detected capacity change from 0 to 256
[  267.005464][ T6825] FAT-fs (loop6): Directory bread(block 64) failed
[  267.042861][ T6825] FAT-fs (loop6): Directory bread(block 65) failed
[  267.150818][ T6825] FAT-fs (loop6): Directory bread(block 66) failed
[  268.206122][ T6825] FAT-fs (loop6): Directory bread(block 67) failed
[  268.297815][ T6825] FAT-fs (loop6): Directory bread(block 68) failed
[  268.304385][ T6825] FAT-fs (loop6): Directory bread(block 69) failed
[  268.316567][ T6825] FAT-fs (loop6): Directory bread(block 70) failed
[  268.330505][ T6825] FAT-fs (loop6): Directory bread(block 71) failed
[  268.488917][ T6825] FAT-fs (loop6): Directory bread(block 72) failed
[  269.190512][ T6825] FAT-fs (loop6): Directory bread(block 73) failed
[  269.729216][ T4199] Bluetooth: hci1: link tx timeout
[  269.734868][ T4199] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa
[  269.745345][ T4199] Bluetooth: hci1: link tx timeout
[  269.827824][ T4199] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  272.059676][ T6893] overlayfs: failed to clone upperpath
[  272.061887][ T2399] Bluetooth: hci1: command 0x0406 tx timeout
[  272.338099][ T6902] netlink: 12 bytes leftover after parsing attributes in process `syz.5.585'.
[  272.394396][ T6902] loop5: detected capacity change from 0 to 764
[  272.885455][ T6902] rock: directory entry would overflow storage
[  272.892541][ T6902] rock: sig=0x5245, size=8, remaining=5
[  273.291738][ T6909] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  273.320168][   T26] audit: type=1326 audit(1754412378.325:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6908 comm="syz.1.589" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fba9053fb69 code=0x0
[  273.614467][ T6921] vivid-008: =================  START STATUS  =================
[  273.622845][ T6921] vivid-008: Enable Output Cropping: true
[  273.630441][ T6921] vivid-008: Enable Output Composing: true
[  273.636525][ T6921] vivid-008: Enable Output Scaler: true
[  273.642176][ T6921] vivid-008: Tx RGB Quantization Range: Automatic
[  273.648917][ T6921] vivid-008: Transmit Mode: HDMI
[  273.654099][ T6921] vivid-008: Display Present: true inactive
[  273.660553][ T6921] vivid-008: Hotplug Present: 0x00000001
[  273.782725][ T6921] vivid-008: RxSense Present: 0x00000001
[  273.788772][ T6921] vivid-008: EDID Present: 0x00000001
[  273.794497][ T6921] vivid-008: ==================  END STATUS  ==================
[  274.263634][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  274.428383][    C1] Illegal XDP return value 16128, expect packet loss!
[  274.602792][ T6936] binder: BINDER_SET_CONTEXT_MGR already set
[  274.609454][ T6936] binder: 6931:6936 ioctl 4018620d 200000004a80 returned -16
[  275.936204][ T6949] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  275.945936][ T6949] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  276.203212][ T6952] loop5: detected capacity change from 0 to 4096
[  276.209846][ T6949] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.318524][ T6952] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  277.234086][ T4380] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22.
[  277.339257][ T6966] netlink: 12 bytes leftover after parsing attributes in process `syz.6.598'.
[  277.397285][ T6966] loop6: detected capacity change from 0 to 764
[  277.835156][ T6966] rock: directory entry would overflow storage
[  277.841700][ T6966] rock: sig=0x5245, size=8, remaining=5
[  279.016045][ T4487] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  279.910186][ T6987] sctp: failed to load transform for md5: -2
[  279.919529][ T6999] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  279.928039][ T6999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  279.935460][ T6999] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  280.086519][   T26] audit: type=1326 audit(1754412385.055:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6995 comm="syz.1.608" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fba9053fb69 code=0x0
[  280.204079][   T26] audit: type=1326 audit(1754412385.185:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.4.607" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7febfdeceb69 code=0x0
[  280.206109][ T4487] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  280.272938][ T4487] usb 7-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  280.300084][ T4487] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.341239][ T4487] usb 7-1: config 0 descriptor??
[  280.470089][ T4487] smsusb:smsusb_probe: board id=8, interface number 0
[  280.496002][ T4487] smsusb:smsusb_probe: Device initialized with return code -19
[  280.922670][ T7031] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  282.030187][ T7053] overlayfs: failed to clone upperpath
[  282.132808][ T4487] usb 7-1: USB disconnect, device number 2
[  282.170449][ T4484] libceph: connect (1)[c::]:6789 error -101
[  283.017870][ T4484] libceph: mon0 (1)[c::]:6789 connect error
[  283.398493][ T4484] libceph: connect (1)[c::]:6789 error -101
[  283.398597][ T4484] libceph: mon0 (1)[c::]:6789 connect error
[  284.241007][ T7038] ceph: No mds server is up or the cluster is laggy
[  284.251568][ T4487] libceph: connect (1)[c::]:6789 error -101
[  284.252850][ T4487] libceph: mon0 (1)[c::]:6789 connect error
[  287.970307][ T7110] overlayfs: failed to clone lowerpath
[  288.372097][ T7112] loop5: detected capacity change from 0 to 128
[  288.421926][ T7112] omfs: Invalid superblock (7b3184f9)
[  288.431061][ T7101] dlm: no local IP address has been set
[  288.506269][ T7119] xt_CT: You must specify a L4 protocol and not use inversions on it
[  289.101650][ T7101] dlm: cannot start dlm midcomms -107
[  289.552635][ T7101] loop6: detected capacity change from 0 to 16
[  289.873742][ T7137] netlink: 12 bytes leftover after parsing attributes in process `syz.3.631'.
[  290.455608][ T7101] erofs: (device loop6): check_layout_compatibility: unidentified incompatible feature 8, please upgrade kernel version
[  291.490869][ T7162] loop5: detected capacity change from 0 to 256
[  292.985213][ T7185] xt_CT: You must specify a L4 protocol and not use inversions on it
[  293.752494][ T7194] loop5: detected capacity change from 0 to 256
[  294.034200][ T7202] netlink: 12 bytes leftover after parsing attributes in process `syz.6.647'.
[  294.092311][ T7202] loop6: detected capacity change from 0 to 764
[  294.660075][ T7205] loop5: detected capacity change from 0 to 8
[  294.672489][ T7202] rock: directory entry would overflow storage
[  294.678808][ T7202] rock: sig=0x5245, size=8, remaining=5
[  295.447887][ T7205] SQUASHFS error: lzo decompression failed, data probably corrupt
[  295.484843][ T7205] SQUASHFS error: Failed to read block 0x91: -5
[  295.543525][ T7205] SQUASHFS error: Unable to read metadata cache entry [8f]
[  295.611859][ T7205] SQUASHFS error: Unable to read inode 0x11f
[  295.742799][ T7222] loop6: detected capacity change from 0 to 8192
[  295.912870][ T7236] xt_CT: You must specify a L4 protocol and not use inversions on it
[  296.494383][ T7239] loop5: detected capacity change from 0 to 128
[  296.502413][ T7222]  loop6: p1 p2 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p2
[  296.502501][ T7222] loop6: partition table partially beyond EOD, truncated
[  296.618560][ T7222] loop6: p1 start 16777216 is beyond EOD, truncated
[  296.835828][ T7222] loop6: p5 start 16777216 is beyond EOD, truncated
[  297.839496][ T7222] loop6: p6 start 16777216 is beyond EOD, truncated
[  297.846730][ T7222] loop6: p7 start 16777216 is beyond EOD, truncated
[  297.853585][ T7222] loop6: p8 start 16777216 is beyond EOD, truncated
[  297.860769][ T7222] loop6: p9 start 16777216 is beyond EOD, truncated
[  297.867886][ T7222] loop6: p10 start 16777216 is beyond EOD, truncated
[  297.874695][ T7222] loop6: p11 start 16777216 is beyond EOD, truncated
[  297.889080][ T7222] loop6: p12 start 16777216 is beyond EOD, truncated
[  297.897594][ T7222] loop6: p13 start 16777216 is beyond EOD, truncated
[  297.904395][ T7222] loop6: p14 start 16777216 is beyond EOD, truncated
[  297.911747][ T7222] loop6: p15 start 16777216 is beyond EOD, truncated
[  297.918883][ T7222] loop6: p16 start 16777216 is beyond EOD, truncated
[  297.926711][ T7222] loop6: p17 start 16777216 is beyond EOD, truncated
[  297.933530][ T7222] loop6: p18 start 16777216 is beyond EOD, truncated
[  298.043590][ T7222] loop6: p19 start 16777216 is beyond EOD, truncated
[  298.072509][ T7222] loop6: p20 start 16777216 is beyond EOD, truncated
[  298.115774][ T7222] loop6: p21 start 16777216 is beyond EOD, truncated
[  298.122591][ T7222] loop6: p22 start 16777216 is beyond EOD, truncated
[  298.208423][ T7222] loop6: p23 start 16777216 is beyond EOD, truncated
[  298.228383][ T7260] loop5: detected capacity change from 0 to 256
[  298.241559][ T7222] loop6: p24 start 16777216 is beyond EOD, truncated
[  298.270041][ T7222] loop6: p25 start 16777216 is beyond EOD, truncated
[  298.283109][ T7222] loop6: p26 start 16777216 is beyond EOD, truncated
[  298.291491][ T7222] loop6: p27 start 16777216 is beyond EOD, truncated
[  298.315053][ T7222] loop6: p28 start 16777216 is beyond EOD, truncated
[  298.906868][ T7222] loop6: p29 start 16777216 is beyond EOD, truncated
[  299.040225][ T7222] loop6: p30 start 16777216 is beyond EOD, truncated
[  299.047528][ T7222] loop6: p31 start 16777216 is beyond EOD, truncated
[  299.054328][ T7222] loop6: p32 start 16777216 is beyond EOD, truncated
[  299.091075][ T7222] loop6: p33 start 16777216 is beyond EOD, truncated
[  299.321347][ T7222] loop6: p34 start 16777216 is beyond EOD, truncated
[  299.365723][ T7222] loop6: p35 start 16777216 is beyond EOD, truncated
[  299.418376][ T7222] loop6: p36 start 16777216 is beyond EOD, truncated
[  299.490669][ T7222] loop6: p37 start 16777216 is beyond EOD, truncated
[  299.566270][ T7222] loop6: p38 start 16777216 is beyond EOD, truncated
[  300.565799][ T7222] loop6: p39 start 16777216 is beyond EOD, truncated
[  300.585984][ T7222] loop6: p40 start 16777216 is beyond EOD, truncated
[  300.715758][ T7222] loop6: p41 start 16777216 is beyond EOD, truncated
[  300.726474][ T7222] loop6: p42 start 16777216 is beyond EOD, truncated
[  300.744062][ T7222] loop6: p43 start 16777216 is beyond EOD, truncated
[  300.816062][ T7222] loop6: p44 start 16777216 is beyond EOD, truncated
[  300.822891][ T7222] loop6: p45 start 16777216 is beyond EOD, truncated
[  300.864557][ T7222] loop6: p46 start 16777216 is beyond EOD, truncated
[  301.445038][ T7222] loop6: p47 start 16777216 is beyond EOD, truncated
[  301.488987][ T7222] loop6: p48 start 16777216 is beyond EOD, truncated
[  301.695687][ T7222] loop6: p49 start 16777216 is beyond EOD, truncated
[  301.712715][ T7222] loop6: p50 start 16777216 is beyond EOD, truncated
[  301.722847][ T7222] loop6: p51 start 16777216 is beyond EOD, truncated
[  301.732714][ T7222] loop6: p52 start 16777216 is beyond EOD, truncated
[  301.770062][ T7222] loop6: p53 start 16777216 is beyond EOD, truncated
[  301.846981][ T7222] loop6: p54 start 16777216 is beyond EOD, truncated
[  301.853699][ T7222] loop6: p55 start 16777216 is beyond EOD, truncated
[  301.880951][ T7222] loop6: p56 start 16777216 is beyond EOD, truncated
[  301.919435][ T7222] loop6: p57 start 16777216 is beyond EOD, truncated
[  301.975008][ T7222] loop6: p58 start 16777216 is beyond EOD, truncated
[  301.986725][ T7222] loop6: p59 start 16777216 is beyond EOD, truncated
[  302.000818][ T7222] loop6: p60 start 16777216 is beyond EOD, truncated
[  302.008069][ T7222] loop6: p61 start 16777216 is beyond EOD, truncated
[  302.014767][ T7222] loop6: p62 start 16777216 is beyond EOD, truncated
[  302.087509][ T7316] netlink: 16 bytes leftover after parsing attributes in process `syz.1.677'.
[  302.098032][ T7316] netlink: 16 bytes leftover after parsing attributes in process `syz.1.677'.
[  302.386684][ T7222] loop6: p63 start 16777216 is beyond EOD, truncated
[  302.436933][ T7222] loop6: p64 start 16777216 is beyond EOD, truncated
[  302.562977][ T7222] loop6: p65 start 16777216 is beyond EOD, truncated
[  302.689549][ T7222] loop6: p66 start 16777216 is beyond EOD, truncated
[  302.731571][ T7222] loop6: p67 start 16777216 is beyond EOD, truncated
[  302.795930][ T7222] loop6: p68 start 16777216 is beyond EOD, truncated
[  302.844239][ T7222] loop6: p69 start 16777216 is beyond EOD, truncated
[  302.880158][ T7327] loop5: detected capacity change from 0 to 8192
[  303.004834][ T7222] loop6: p70 start 16777216 is beyond EOD, truncated
[  303.063687][ T7222] loop6: p71 start 16777216 is beyond EOD, truncated
[  303.105831][ T7222] loop6: p72 start 16777216 is beyond EOD, truncated
[  303.112548][ T7222] loop6: p73 start 16777216 is beyond EOD, truncated
[  303.490289][ T7327] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  303.573149][ T7327] REISERFS (device loop5): using ordered data mode
[  303.747693][ T7222] loop6: p74 start 16777216 is beyond EOD, truncated
[  303.754521][ T7222] loop6: p75 start 16777216 is beyond EOD, truncated
[  303.785898][ T7327] reiserfs: using flush barriers
[  303.821878][ T7222] loop6: p76 start 16777216 is beyond EOD, truncated
[  303.831660][ T7222] loop6: p77 start 16777216 is beyond EOD, truncated
[  303.845922][ T7222] loop6: p78 start 16777216 is beyond EOD, truncated
[  303.860482][ T7222] loop6: p79 start 16777216 is beyond EOD, truncated
[  303.867477][ T7327] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  303.875812][ T7222] loop6: p80 start 16777216 is beyond EOD, truncated
[  303.907208][ T7222] loop6: p81 start 16777216 is beyond EOD, truncated
[  303.925791][ T7222] loop6: p82 start 16777216 is beyond EOD, truncated
[  303.940912][ T7222] loop6: p83 start 16777216 is beyond EOD, truncated
[  303.950074][ T7222] loop6: p84 start 16777216 is beyond EOD, truncated
[  303.957466][ T7222] loop6: p85 start 16777216 is beyond EOD, truncated
[  303.964250][ T7222] loop6: p86 start 16777216 is beyond EOD, truncated
[  303.984513][ T7222] loop6: p87 start 16777216 is beyond EOD, truncated
[  303.986083][ T7327] REISERFS (device loop5): checking transaction log (loop5)
[  304.005901][ T7222] loop6: p88 start 16777216 is beyond EOD, truncated
[  304.022992][ T7222] loop6: p89 start 16777216 is beyond EOD, truncated
[  304.043240][ T7222] loop6: p90 start 16777216 is beyond EOD, truncated
[  304.055720][ T7222] loop6: p91 start 16777216 is beyond EOD, truncated
[  304.067576][ T7327] REISERFS (device loop5): Using r5 hash to sort names
[  304.080485][ T7222] loop6: p92 start 16777216 is beyond EOD, truncated
[  304.105674][ T7222] loop6: p93 start 16777216 is beyond EOD, truncated
[  304.107094][ T7327] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  304.133092][ T7222] loop6: p94 start 16777216 is beyond EOD, truncated
[  304.153400][ T7222] loop6: p95 start 16777216 is beyond EOD, truncated
[  304.177817][ T7222] loop6: p96 start 16777216 is beyond EOD, truncated
[  304.184686][ T7222] loop6: p97 start 16777216 is beyond EOD, truncated
[  304.202275][ T7222] loop6: p98 start 16777216 is beyond EOD, truncated
[  304.215939][ T7327] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  304.219547][ T7222] loop6: p99 start 16777216 is beyond EOD, truncated
[  304.333122][ T7222] loop6: p100 start 16777216 is beyond EOD, truncated
[  304.362857][ T7222] loop6: p101 start 16777216 is beyond EOD, truncated
[  304.410826][ T7222] loop6: p102 start 16777216 is beyond EOD, truncated
[  304.484596][ T7222] loop6: p103 start 16777216 is beyond EOD, truncated
[  305.387771][ T7222] loop6: p104 start 16777216 is beyond EOD, truncated
[  305.387812][ T7222] loop6: p105 start 16777216 is beyond EOD, truncated
[  305.387828][ T7222] loop6: p106 start 16777216 is beyond EOD, truncated
[  305.387845][ T7222] loop6: p107 start 16777216 is beyond EOD, truncated
[  305.387861][ T7222] loop6: p108 start 16777216 is beyond EOD, truncated
[  305.387877][ T7222] loop6: p109 start 16777216 is beyond EOD, truncated
[  305.387893][ T7222] loop6: p110 start 16777216 is beyond EOD, truncated
[  305.387909][ T7222] loop6: p111 start 16777216 is beyond EOD, truncated
[  305.387924][ T7222] loop6: p112 start 16777216 is beyond EOD, truncated
[  305.387940][ T7222] loop6: p113 start 16777216 is beyond EOD, truncated
[  305.387956][ T7222] loop6: p114 start 16777216 is beyond EOD, truncated
[  305.387972][ T7222] loop6: p115 start 16777216 is beyond EOD, truncated
[  305.387988][ T7222] loop6: p116 start 16777216 is beyond EOD, truncated
[  305.388004][ T7222] loop6: p117 start 16777216 is beyond EOD, truncated
[  305.388020][ T7222] loop6: p118 start 16777216 is beyond EOD, truncated
[  305.388035][ T7222] loop6: p119 start 16777216 is beyond EOD, truncated
[  305.388051][ T7222] loop6: p120 start 16777216 is beyond EOD, truncated
[  305.388067][ T7222] loop6: p121 start 16777216 is beyond EOD, truncated
[  305.388083][ T7222] loop6: p122 start 16777216 is beyond EOD, truncated
[  305.388099][ T7222] loop6: p123 start 16777216 is beyond EOD, truncated
[  305.388114][ T7222] loop6: p124 start 16777216 is beyond EOD, truncated
[  305.388130][ T7222] loop6: p125 start 16777216 is beyond EOD, truncated
[  305.388146][ T7222] loop6: p126 start 16777216 is beyond EOD, truncated
[  305.388162][ T7222] loop6: p127 start 16777216 is beyond EOD, truncated
[  305.388187][ T7222] loop6: p128 start 16777216 is beyond EOD, truncated
[  305.388202][ T7222] loop6: p129 start 16777216 is beyond EOD, truncated
[  305.388218][ T7222] loop6: p130 start 16777216 is beyond EOD, truncated
[  305.388234][ T7222] loop6: p131 start 16777216 is beyond EOD, truncated
[  305.388250][ T7222] loop6: p132 start 16777216 is beyond EOD, truncated
[  305.388265][ T7222] loop6: p133 start 16777216 is beyond EOD, truncated
[  305.388281][ T7222] loop6: p134 start 16777216 is beyond EOD, truncated
[  305.388297][ T7222] loop6: p135 start 16777216 is beyond EOD, truncated
[  305.388313][ T7222] loop6: p136 start 16777216 is beyond EOD, truncated
[  305.388329][ T7222] loop6: p137 start 16777216 is beyond EOD, truncated
[  305.388345][ T7222] loop6: p138 start 16777216 is beyond EOD, truncated
[  305.388361][ T7222] loop6: p139 start 16777216 is beyond EOD, truncated
[  305.388377][ T7222] loop6: p140 start 16777216 is beyond EOD, truncated
[  305.388393][ T7222] loop6: p141 start 16777216 is beyond EOD, truncated
[  305.388409][ T7222] loop6: p142 start 16777216 is beyond EOD, truncated
[  305.388424][ T7222] loop6: p143 start 16777216 is beyond EOD, truncated
[  305.388440][ T7222] loop6: p144 start 16777216 is beyond EOD, truncated
[  305.388456][ T7222] loop6: p145 start 16777216 is beyond EOD, truncated
[  305.388471][ T7222] loop6: p146 start 16777216 is beyond EOD, truncated
[  305.388487][ T7222] loop6: p147 start 16777216 is beyond EOD, truncated
[  305.388503][ T7222] loop6: p148 start 16777216 is beyond EOD, truncated
[  305.388519][ T7222] loop6: p149 start 16777216 is beyond EOD, truncated
[  305.388534][ T7222] loop6: p150 start 16777216 is beyond EOD, truncated
[  305.388550][ T7222] loop6: p151 start 16777216 is beyond EOD, truncated
[  305.388566][ T7222] loop6: p152 start 16777216 is beyond EOD, truncated
[  305.388581][ T7222] loop6: p153 start 16777216 is beyond EOD, truncated
[  305.388597][ T7222] loop6: p154 start 16777216 is beyond EOD, truncated
[  305.388613][ T7222] loop6: p155 start 16777216 is beyond EOD, truncated
[  305.388629][ T7222] loop6: p156 start 16777216 is beyond EOD, truncated
[  305.388645][ T7222] loop6: p157 start 16777216 is beyond EOD, truncated
[  305.388660][ T7222] loop6: p158 start 16777216 is beyond EOD, truncated
[  305.388676][ T7222] loop6: p159 start 16777216 is beyond EOD, truncated
[  305.388692][ T7222] loop6: p160 start 16777216 is beyond EOD, truncated
[  305.388708][ T7222] loop6: p161 start 16777216 is beyond EOD, truncated
[  305.388723][ T7222] loop6: p162 start 16777216 is beyond EOD, truncated
[  305.388739][ T7222] loop6: p163 start 16777216 is beyond EOD, truncated
[  305.388755][ T7222] loop6: p164 start 16777216 is beyond EOD, truncated
[  305.388771][ T7222] loop6: p165 start 16777216 is beyond EOD, truncated
[  305.388787][ T7222] loop6: p166 start 16777216 is beyond EOD, truncated
[  305.388803][ T7222] loop6: p167 start 16777216 is beyond EOD, truncated
[  305.388818][ T7222] loop6: p168 start 16777216 is beyond EOD, truncated
[  305.388834][ T7222] loop6: p169 start 16777216 is beyond EOD, truncated
[  305.388850][ T7222] loop6: p170 start 16777216 is beyond EOD, truncated
[  305.388865][ T7222] loop6: p171 start 16777216 is beyond EOD, truncated
[  305.388881][ T7222] loop6: p172 start 16777216 is beyond EOD, truncated
[  305.388896][ T7222] loop6: p173 start 16777216 is beyond EOD, truncated
[  305.388911][ T7222] loop6: p174 start 16777216 is beyond EOD, truncated
[  305.388925][ T7222] loop6: p175 start 16777216 is beyond EOD, truncated
[  305.388940][ T7222] loop6: p176 start 16777216 is beyond EOD, truncated
[  305.388956][ T7222] loop6: p177 start 16777216 is beyond EOD, truncated
[  305.388972][ T7222] loop6: p178 start 16777216 is beyond EOD, truncated
[  305.388988][ T7222] loop6: p179 start 16777216 is beyond EOD, truncated
[  305.389004][ T7222] loop6: p180 start 16777216 is beyond EOD, truncated
[  305.389020][ T7222] loop6: p181 start 16777216 is beyond EOD, truncated
[  305.389036][ T7222] loop6: p182 start 16777216 is beyond EOD, truncated
[  305.389051][ T7222] loop6: p183 start 16777216 is beyond EOD, truncated
[  305.389067][ T7222] loop6: p184 start 16777216 is beyond EOD, truncated
[  305.389083][ T7222] loop6: p185 start 16777216 is beyond EOD, truncated
[  305.389098][ T7222] loop6: p186 start 16777216 is beyond EOD, truncated
[  305.389114][ T7222] loop6: p187 start 16777216 is beyond EOD, truncated
[  305.389130][ T7222] loop6: p188 start 16777216 is beyond EOD, truncated
[  305.389145][ T7222] loop6: p189 start 16777216 is beyond EOD, truncated
[  305.389162][ T7222] loop6: p190 start 16777216 is beyond EOD, truncated
[  305.389183][ T7222] loop6: p191 start 16777216 is beyond EOD, truncated
[  305.389199][ T7222] loop6: p192 start 16777216 is beyond EOD, truncated
[  305.389215][ T7222] loop6: p193 start 16777216 is beyond EOD, truncated
[  305.389231][ T7222] loop6: p194 start 16777216 is beyond EOD, truncated
[  305.389247][ T7222] loop6: p195 start 16777216 is beyond EOD, truncated
[  305.389263][ T7222] loop6: p196 start 16777216 is beyond EOD, truncated
[  305.389279][ T7222] loop6: p197 start 16777216 is beyond EOD, truncated
[  305.389294][ T7222] loop6: p198 start 16777216 is beyond EOD, truncated
[  305.389310][ T7222] loop6: p199 start 16777216 is beyond EOD, truncated
[  305.389325][ T7222] loop6: p200 start 16777216 is beyond EOD, truncated
[  305.389341][ T7222] loop6: p201 start 16777216 is beyond EOD, truncated
[  305.389357][ T7222] loop6: p202 start 16777216 is beyond EOD, truncated
[  305.389372][ T7222] loop6: p203 start 16777216 is beyond EOD, truncated
[  305.389388][ T7222] loop6: p204 start 16777216 is beyond EOD, truncated
[  305.389404][ T7222] loop6: p205 start 16777216 is beyond EOD, truncated
[  305.389420][ T7222] loop6: p206 start 16777216 is beyond EOD, truncated
[  305.389436][ T7222] loop6: p207 start 16777216 is beyond EOD, truncated
[  305.389451][ T7222] loop6: p208 start 16777216 is beyond EOD, truncated
[  305.389467][ T7222] loop6: p209 start 16777216 is beyond EOD, truncated
[  305.389483][ T7222] loop6: p210 start 16777216 is beyond EOD, truncated
[  305.389499][ T7222] loop6: p211 start 16777216 is beyond EOD, truncated
[  305.389515][ T7222] loop6: p212 start 16777216 is beyond EOD, truncated
[  305.389530][ T7222] loop6: p213 start 16777216 is beyond EOD, truncated
[  305.389546][ T7222] loop6: p214 start 16777216 is beyond EOD, truncated
[  305.389562][ T7222] loop6: p215 start 16777216 is beyond EOD, truncated
[  305.389577][ T7222] loop6: p216 start 16777216 is beyond EOD, truncated
[  305.389592][ T7222] loop6: p217 start 16777216 is beyond EOD, truncated
[  305.389608][ T7222] loop6: p218 start 16777216 is beyond EOD, truncated
[  305.389624][ T7222] loop6: p219 start 16777216 is beyond EOD, truncated
[  305.389639][ T7222] loop6: p220 start 16777216 is beyond EOD, truncated
[  305.389655][ T7222] loop6: p221 start 16777216 is beyond EOD, truncated
[  305.389672][ T7222] loop6: p222 start 16777216 is beyond EOD, truncated
[  305.389688][ T7222] loop6: p223 start 16777216 is beyond EOD, truncated
[  305.389702][ T7222] loop6: p224 start 16777216 is beyond EOD, truncated
[  305.389718][ T7222] loop6: p225 start 16777216 is beyond EOD, truncated
[  305.389734][ T7222] loop6: p226 start 16777216 is beyond EOD, truncated
[  305.389751][ T7222] loop6: p227 start 16777216 is beyond EOD, truncated
[  305.389767][ T7222] loop6: p228 start 16777216 is beyond EOD, truncated
[  305.389783][ T7222] loop6: p229 start 16777216 is beyond EOD, truncated
[  305.389799][ T7222] loop6: p230 start 16777216 is beyond EOD, truncated
[  305.389815][ T7222] loop6: p231 start 16777216 is beyond EOD, truncated
[  305.389832][ T7222] loop6: p232 start 16777216 is beyond EOD, truncated
[  305.389848][ T7222] loop6: p233 start 16777216 is beyond EOD, truncated
[  305.389864][ T7222] loop6: p234 start 16777216 is beyond EOD, truncated
[  305.389880][ T7222] loop6: p235 start 16777216 is beyond EOD, truncated
[  305.389896][ T7222] loop6: p236 start 16777216 is beyond EOD, truncated
[  305.389912][ T7222] loop6: p237 start 16777216 is beyond EOD, truncated
[  305.389927][ T7222] loop6: p238 start 16777216 is beyond EOD, truncated
[  305.389944][ T7222] loop6: p239 start 16777216 is beyond EOD, truncated
[  305.389960][ T7222] loop6: p240 start 16777216 is beyond EOD, truncated
[  305.389976][ T7222] loop6: p241 start 16777216 is beyond EOD, truncated
[  305.389993][ T7222] loop6: p242 start 16777216 is beyond EOD, truncated
[  305.390009][ T7222] loop6: p243 start 16777216 is beyond EOD, truncated
[  305.390025][ T7222] loop6: p244 start 16777216 is beyond EOD, truncated
[  305.390041][ T7222] loop6: p245 start 16777216 is beyond EOD, truncated
[  305.390057][ T7222] loop6: p246 start 16777216 is beyond EOD, truncated
[  305.390074][ T7222] loop6: p247 start 16777216 is beyond EOD, truncated
[  305.390089][ T7222] loop6: p248 start 16777216 is beyond EOD, truncated
[  305.390113][ T7222] loop6: p249 start 16777216 is beyond EOD, truncated
[  305.390129][ T7222] loop6: p250 start 16777216 is beyond EOD, truncated
[  305.390145][ T7222] loop6: p251 start 16777216 is beyond EOD, truncated
[  305.390162][ T7222] loop6: p252 start 16777216 is beyond EOD, truncated
[  305.390183][ T7222] loop6: p253 start 16777216 is beyond EOD, truncated
[  305.390199][ T7222] loop6: p254 start 16777216 is beyond EOD, truncated
[  305.390216][ T7222] loop6: p255 start 16777216 is beyond EOD, truncated
[  308.670507][ T6981] udevd[6981]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  308.713312][ T6691] udevd[6691]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  311.792641][ T7484] loop5: detected capacity change from 0 to 128
[  311.984511][ T7484] EXT4-fs (loop5): mounted filesystem without journal. Opts: nogrpid,resuid=0x0000000000000000,,errors=continue. Quota mode: none.
[  312.009242][ T7484] ext4 filesystem being mounted at /110/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  312.072892][ T7484] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.724: No space for directory leaf checksum. Please run e2fsck -D.
[  312.098508][ T7484] EXT4-fs error (device loop5): __ext4_find_entry:1696: inode #2: comm syz.5.724: checksumming directory block 0
[  312.175952][ T4487] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  312.232412][ T7514] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  312.244386][ T7514] comedi comedi3: 8255: I/O port conflict (0x10000,4)
[  312.268182][ T7514] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  312.274835][ T7514] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  312.292817][ T7514] comedi comedi3: 8255: I/O port conflict (0x10,4)
[  312.300966][ T7514] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  312.310867][ T7514] comedi comedi3: 8255: I/O port conflict (0x400000a,4)
[  312.318721][ T7514] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff8,4)
[  312.326944][ T7514] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  312.333529][ T7514] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  312.340750][ T7514] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  312.347519][ T7514] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  312.354110][ T7514] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  312.499702][ T7531] loop5: detected capacity change from 0 to 256
[  312.570632][ T7531] FAT-fs (loop5): Directory bread(block 64) failed
[  312.578588][ T7531] FAT-fs (loop5): Directory bread(block 65) failed
[  312.585191][ T7531] FAT-fs (loop5): Directory bread(block 66) failed
[  312.593558][ T7531] FAT-fs (loop5): Directory bread(block 67) failed
[  312.600581][ T7531] FAT-fs (loop5): Directory bread(block 68) failed
[  312.611977][ T7531] FAT-fs (loop5): Directory bread(block 69) failed
[  312.623508][ T7531] FAT-fs (loop5): Directory bread(block 70) failed
[  312.627003][ T4487] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  312.634506][ T7531] FAT-fs (loop5): Directory bread(block 71) failed
[  312.642247][ T4487] usb 7-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  312.656442][ T7531] FAT-fs (loop5): Directory bread(block 72) failed
[  312.663471][ T7531] FAT-fs (loop5): Directory bread(block 73) failed
[  312.663758][ T4487] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.701715][ T4487] usb 7-1: config 0 descriptor??
[  312.900688][ T7546] loop5: detected capacity change from 0 to 64
[  313.003143][ T4487] usb 7-1: USB disconnect, device number 3
[  313.435827][ T4482] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  313.621907][ T7584] netlink: 24 bytes leftover after parsing attributes in process `syz.1.772'.
[  313.659162][ T7582] loop6: detected capacity change from 0 to 8192
[  313.696225][ T7582] REISERFS (device loop6): found reiserfs format "3.6" with non-standard journal
[  313.715929][ T7582] REISERFS (device loop6): using journaled data mode
[  313.725239][ T7582] reiserfs: using flush barriers
[  313.775925][ T7582] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  313.812504][ T7582] REISERFS (device loop6): checking transaction log (loop6)
[  313.829187][ T4482] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  313.838501][ T7582] REISERFS (device loop6): Using r5 hash to sort names
[  313.845946][ T4482] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.846480][ T7582] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  313.874528][ T7582] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  313.900316][ T4482] usb 6-1: config 0 descriptor??
[  313.987100][ T4482] cp210x 6-1:0.0: cp210x converter detected
[  314.433226][ T4482] usb 6-1: cp210x converter now attached to ttyUSB0
[  314.565728][ T4484] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  314.619638][ T4487] usb 6-1: USB disconnect, device number 4
[  314.641950][ T4487] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  314.694805][ T4487] cp210x 6-1:0.0: device disconnected
[  314.828839][ T4484] usb 7-1: Using ep0 maxpacket: 16
[  315.106003][ T4484] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  315.114049][ T4484] usb 7-1: config 0 has no interface number 0
[  315.177152][ T7673] netlink: 16 bytes leftover after parsing attributes in process `syz.3.796'.
[  315.192099][ T7673] netlink: 16 bytes leftover after parsing attributes in process `syz.3.796'.
[  316.445544][ T4484] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  316.456550][ T4484] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  316.466411][ T4484] usb 7-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  316.475534][ T4484] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.485297][ T4484] usb 7-1: config 0 descriptor??
[  317.254099][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  317.260486][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  317.745958][ T4484] uclogic 0003:28BD:0071.0001: failed retrieving string descriptor #100: -71
[  317.757435][ T4484] uclogic 0003:28BD:0071.0001: failed retrieving pen parameters: -71
[  317.765755][ T4484] uclogic 0003:28BD:0071.0001: pen probing failed: -71
[  317.772922][ T4484] uclogic 0003:28BD:0071.0001: failed probing parameters: -71
[  317.784902][ T4484] uclogic: probe of 0003:28BD:0071.0001 failed with error -71
[  317.797606][ T4484] usb 7-1: USB disconnect, device number 4
[  317.965693][   T21] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  318.205787][   T21] usb 6-1: Using ep0 maxpacket: 16
[  318.435915][   T21] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.452469][   T21] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  318.480521][   T21] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  318.512256][   T21] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  318.540091][   T21] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.588647][   T21] usb 6-1: config 0 descriptor??
[  318.785412][ T7751] loop6: detected capacity change from 0 to 32768
[  318.829825][ T7751] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.825 (7751)
[  318.850557][ T7751] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  318.861521][ T7751] BTRFS info (device loop6): allowing degraded mounts
[  318.869004][ T7751] BTRFS info (device loop6): turning on flush-on-commit
[  318.876216][ T7751] BTRFS info (device loop6): max_inline at 0
[  318.882332][ T7751] BTRFS info (device loop6): setting nodatasum
[  318.889177][ T7751] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_LZO (0x8)
[  318.899996][ T7751] BTRFS info (device loop6): use lzo compression, level 0
[  318.907703][ T7751] BTRFS warning (device loop6): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  318.918961][ T7751] BTRFS info (device loop6): trying to use backup root at mount time
[  318.927762][ T7751] BTRFS info (device loop6): turning on sync discard
[  318.934618][ T7751] BTRFS info (device loop6): using free space tree
[  318.941511][ T7751] BTRFS info (device loop6): has skinny extents
[  318.974083][ T7751] BTRFS info (device loop6): enabling ssd optimizations
[  319.139628][   T21] microsoft 0003:045E:07DA.0002: No inputs registered, leaving
[  319.173487][   T21] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  319.232461][ T7789] netlink: 16 bytes leftover after parsing attributes in process `syz.1.832'.
[  319.242267][ T7789] netlink: 16 bytes leftover after parsing attributes in process `syz.1.832'.
[  319.656070][   T21] microsoft 0003:045E:07DA.0002: no inputs found
[  319.675680][   T21] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway
[  319.735566][   T21] usb 6-1: USB disconnect, device number 5
[  319.993180][ T7795] fido_id[7795]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  320.026197][ T7803] capability: warning: `syz.5.837' uses 32-bit capabilities (legacy support in use)
[  320.126810][ T7807] loop6: detected capacity change from 0 to 128
[  320.260632][ T7813] loop5: detected capacity change from 0 to 2048
[  320.281879][ T7807] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  320.294015][ T7807] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  320.336688][ T7813] EXT4-fs (loop5): Ignoring removed orlov option
[  320.343071][ T7813] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  320.491464][ T7813] EXT4-fs (loop5): mounted filesystem without journal. Opts: orlov,errors=remount-ro,nomblk_io_submit,barrier,norecovery,jqfmt=vfsv0,noload,nobarrier,. Quota mode: none.
[  320.615363][ T7813] EXT4-fs error (device loop5): ext4_find_inline_data_nolock:163: inode #15: comm syz.5.844: inline data xattr refers to an external xattr inode
[  320.697517][ T7813] EXT4-fs (loop5): Remounting filesystem read-only
[  320.849002][ T7823] loop6: detected capacity change from 0 to 2048
[  321.009774][ T7831] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  321.074162][ T7832] netlink: 16 bytes leftover after parsing attributes in process `syz.5.849'.
[  321.084281][ T7832] netlink: 16 bytes leftover after parsing attributes in process `syz.5.849'.
[  323.939232][ T7878] overlayfs: failed to resolve './file0': -2
[  324.004708][ T7862] loop6: detected capacity change from 0 to 32768
[  324.148975][ T7862] overlayfs: upper fs needs to support d_type.
[  324.186009][ T7862] overlayfs: upper fs does not support tmpfile.
[  324.248629][ T7862] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  324.275746][ T7817] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap
[  324.324040][ T7817] EXT4-fs (loop5): Remounting filesystem read-only
[  325.903005][ T7920] netlink: 20 bytes leftover after parsing attributes in process `syz.4.891'.
[  326.094109][ T1257] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.181498][ T1257] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.321855][ T1257] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.404595][ T1257] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.695094][ T1257] tipc: Left network mode
[  327.972237][ T7959] chnl_net:caif_netlink_parms(): no params data found
[  328.225388][ T1257] device hsr_slave_0 left promiscuous mode
[  328.236878][ T1257] device hsr_slave_1 left promiscuous mode
[  328.286007][ T1257] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  328.311915][ T1257] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.328711][ T1257] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  328.360375][ T1257] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.392445][ T1257] device bridge_slave_1 left promiscuous mode
[  328.418578][ T1257] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.461664][ T1257] device bridge_slave_0 left promiscuous mode
[  328.492301][ T1257] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.572500][ T1257] device veth1_macvtap left promiscuous mode
[  328.603720][ T1257] device veth0_macvtap left promiscuous mode
[  328.620775][ T1257] device veth1_vlan left promiscuous mode
[  328.636830][ T1257] device veth0_vlan left promiscuous mode
[  328.807061][ T7997] xt_hashlimit: max too large, truncated to 1048576
[  329.130228][ T1257] team0 (unregistering): Port device team_slave_1 removed
[  329.148437][ T1257] team0 (unregistering): Port device team_slave_0 removed
[  329.157481][   T21] Bluetooth: hci1: command 0x0409 tx timeout
[  329.177711][ T1257] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.192550][ T1257] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.328391][ T1257] bond0 (unregistering): Released all slaves
[  329.443853][ T7959] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.451263][ T7959] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.460719][ T7959] device bridge_slave_0 entered promiscuous mode
[  329.474694][ T7959] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.482441][ T7959] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.490760][ T7959] device bridge_slave_1 entered promiscuous mode
[  329.565407][ T7959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.630950][ T7959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.845054][ T7959] team0: Port device team_slave_0 added
[  329.862847][ T7959] team0: Port device team_slave_1 added
[  329.973351][ T7959] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.984937][ T7959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.061318][ T7959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.100011][ T7959] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.116003][ T7959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.176649][ T7959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.353731][ T7959] device hsr_slave_0 entered promiscuous mode
[  330.381411][ T7959] device hsr_slave_1 entered promiscuous mode
[  330.396515][ T7959] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  330.404178][ T7959] Cannot create hsr debugfs directory
[  330.759644][ T7959] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  330.789078][ T7959] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  330.818039][ T7959] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  330.853198][ T7959] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  331.051190][ T7959] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.094847][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  331.109435][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  331.128326][ T7959] 8021q: adding VLAN 0 to HW filter on device team0
[  331.154588][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  331.174281][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  331.193091][ T6736] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.200251][ T6736] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.235735][ T4383] Bluetooth: hci1: command 0x041b tx timeout
[  331.252927][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  331.286280][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  331.305190][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  331.333449][ T6736] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.340728][ T6736] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.369529][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  331.390044][ T6736] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  331.465369][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  331.495110][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  331.524671][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  331.546531][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  331.590450][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  331.616295][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  331.636005][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  331.656680][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  331.708362][ T7959] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  331.736078][ T4384] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  332.606822][ T7959] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.614900][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  332.624394][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  333.112855][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  333.136673][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  333.233997][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  333.247639][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  333.269633][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  333.284024][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  333.313364][ T7959] device veth0_vlan entered promiscuous mode
[  333.319662][   T23] Bluetooth: hci1: command 0x040f tx timeout
[  333.381369][ T7959] device veth1_vlan entered promiscuous mode
[  333.451415][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  333.469735][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  333.510081][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  333.533795][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  333.557792][ T7959] device veth0_macvtap entered promiscuous mode
[  333.601754][ T7959] device veth1_macvtap entered promiscuous mode
[  333.650765][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.678624][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.715740][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.756750][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.783269][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.824455][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.846215][ T8175] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  333.876984][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.897777][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.922972][ T7959] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.944892][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  333.962003][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  333.990437][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  334.036331][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  334.082356][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  334.121842][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  334.170708][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  334.201758][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  334.242507][ T7959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  334.285748][ T7959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  334.316970][ T7959] batman_adv: batadv0: Interface activated: batadv_slave_1
[  334.337284][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  334.354486][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  334.405186][ T7959] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.435684][ T7959] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.445106][ T7959] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.475714][ T7959] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.634397][ T1257] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.664909][ T1257] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.696147][ T6736] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.703044][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  334.704224][ T6736] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.754269][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  334.816006][ T8219] xt_bpf: check failed: parse error
[  335.403457][ T4234] Bluetooth: hci1: command 0x0419 tx timeout
[  335.816432][ T8238] device syzkaller1 entered promiscuous mode
[  336.144080][ T8266] netlink: 20 bytes leftover after parsing attributes in process `syz.3.993'.
[  337.820663][ T8305] overlayfs: failed to clone upperpath
[  338.454604][ T8301] loop7: detected capacity change from 0 to 32768
[  338.526795][ T8301] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 scanned by syz.7.1003 (8301)
[  338.594225][ T8301] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm
[  338.630725][ T8301] BTRFS info (device loop7): setting nodatacow, compression disabled
[  338.663216][ T8301] BTRFS info (device loop7): max_inline at 0
[  338.683501][ T8301] BTRFS info (device loop7): enabling disk space caching
[  338.703796][ T8301] BTRFS info (device loop7): turning off barriers
[  338.724073][ T8301] BTRFS info (device loop7): turning on flush-on-commit
[  338.759854][ T8301] BTRFS info (device loop7): doing ref verification
[  338.795949][ T8301] BTRFS info (device loop7): force clearing of disk cache
[  338.837603][ T8301] BTRFS info (device loop7): enabling ssd optimizations
[  339.005513][ T8301] BTRFS info (device loop7): max_inline at 4096
[  339.045781][ T8301] BTRFS info (device loop7): disk space caching is enabled
[  339.065936][ T8301] BTRFS info (device loop7): has skinny extents
[  339.129597][ T8354] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1015'.
[  339.139669][ T8354] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1015'.
[  339.366641][   T21] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  339.607943][ T8301] BTRFS info (device loop7): clearing free space tree
[  339.615875][   T21] usb 6-1: Using ep0 maxpacket: 16
[  339.625162][ T8301] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  339.641738][ T8301] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  339.737158][   T21] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  339.775423][   T21] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  340.278875][   T26] audit: type=1800 audit(1754412445.285:48): pid=8301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1003" name="file1" dev="loop7" ino=264 res=0 errno=0
[  340.315900][   T21] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  340.328184][   T21] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.365671][   T21] usb 6-1: Product: syz
[  340.369870][   T21] usb 6-1: Manufacturer: syz
[  340.375208][   T21] usb 6-1: SerialNumber: syz
[  340.427032][   T26] audit: type=1326 audit(1754412445.435:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.494483][   T26] audit: type=1326 audit(1754412445.465:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.594367][   T26] audit: type=1326 audit(1754412445.465:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.665980][   T26] audit: type=1326 audit(1754412445.465:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.745080][   T26] audit: type=1326 audit(1754412445.465:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.785936][   T21] usb 6-1: 0:2 : does not exist
[  340.836890][   T26] audit: type=1326 audit(1754412445.465:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.955522][   T26] audit: type=1326 audit(1754412445.465:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  340.995834][   T26] audit: type=1326 audit(1754412445.465:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  341.020663][   T26] audit: type=1326 audit(1754412445.465:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8424 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f119a1eeb69 code=0x7ffc0000
[  341.031565][   T21] usb 6-1: USB disconnect, device number 6
[  341.129931][ T4234] Bluetooth: hci2: command 0x0401 tx timeout
[  341.154905][ T6691] udevd[6691]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  341.366772][ T8452] xt_socket: unknown flags 0xe4
[  341.586119][   T23] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  341.866362][   T23] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  341.976249][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  341.994538][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  342.305112][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  342.435983][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  342.444896][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  342.479259][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  342.580967][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  342.593580][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  342.624606][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  342.729329][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  342.747782][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  342.764938][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  342.876128][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  342.895442][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  342.910549][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  343.006081][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.015414][ T8490] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1049'.
[  343.025744][ T8490] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1049'.
[  343.026684][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.134825][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  343.365822][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.436518][ T8511] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1053'.
[  343.446497][ T8511] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1053'.
[  343.689095][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.718269][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  343.817158][   T23] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  343.837818][   T23] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  343.870029][ T8523] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1063'.
[  343.880779][ T8523] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1063'.
[  343.931852][   T23] usb 8-1: config 0 interface 0 has no altsetting 0
[  344.144267][ T8547] netlink: 28 bytes leftover after parsing attributes in process `wg1'.
[  344.153798][ T8547] netlink: 28 bytes leftover after parsing attributes in process `wg1'.
[  344.165848][   T23] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  344.177500][   T23] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  344.195763][   T23] usb 8-1: Product: syz
[  344.200152][   T23] usb 8-1: Manufacturer: syz
[  344.205052][   T23] usb 8-1: SerialNumber: syz
[  344.238788][   T23] usb 8-1: config 0 descriptor??
[  344.258175][   T23] usb 8-1: can't set config #0, error -71
[  344.323617][ T8557] tipc: Failed to remove unknown binding: 66,1,1/4:1905744285/1905744287
[  344.323763][   T23] usb 8-1: USB disconnect, device number 2
[  344.415001][ T8563] block device autoloading is deprecated and will be removed.
[  344.651215][ T8435] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  344.770358][ T8580] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1082'.
[  344.780476][ T8580] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1082'.
[  345.296008][    T7] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  345.365852][ T8435] usb 6-1: config index 0 descriptor too short (expected 65535, got 36)
[  345.374655][ T8435] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  345.427143][ T8435] usb 6-1: config 0 has no interfaces?
[  345.432661][ T8435] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  345.458780][ T8435] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.483301][ T8435] usb 6-1: config 0 descriptor??
[  345.498217][ T8612] netlink: 'syz.3.1092': attribute type 1 has an invalid length.
[  345.522015][ T8612] device bond1 entered promiscuous mode
[  345.532414][ T8612] 8021q: adding VLAN 0 to HW filter on device bond1
[  345.573171][ T8612] bond1: (slave bridge1): making interface the new active one
[  345.585485][ T8612] device bridge1 entered promiscuous mode
[  345.592260][ T8612] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  345.601467][    T7] usb 8-1: Using ep0 maxpacket: 16
[  345.608909][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  345.744416][   T23] usb 6-1: USB disconnect, device number 7
[  345.745868][    T7] usb 8-1: config 0 has an invalid interface number: 41 but max is 0
[  345.764008][    T7] usb 8-1: config 0 has no interface number 0
[  345.770376][    T7] usb 8-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  345.783497][    T7] usb 8-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  345.793843][    T7] usb 8-1: config 0 interface 41 has no altsetting 0
[  345.985867][    T7] usb 8-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  345.996414][    T7] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.004777][    T7] usb 8-1: Product: syz
[  346.009342][    T7] usb 8-1: Manufacturer: syz
[  346.013952][    T7] usb 8-1: SerialNumber: syz
[  346.021742][    T7] usb 8-1: config 0 descriptor??
[  346.056038][ T8579] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  346.068925][ T8579] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  346.312868][ T8579] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  346.356439][ T8579] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  346.717359][ T8652] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  346.857671][    T7] Error reading MAC address
[  346.884149][ T8579] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  346.901012][ T8579] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  347.938377][    T7] sr9700 8-1:0.41 eth13: register 'sr9700' at usb-dummy_hcd.7-1, CoreChip SR9700 USB Ethernet, d6:5a:d6:71:ef:33
[  347.963052][    T7] usb 8-1: USB disconnect, device number 3
[  347.973108][    T7] sr9700 8-1:0.41 eth13: unregister 'sr9700' usb-dummy_hcd.7-1, CoreChip SR9700 USB Ethernet
[  348.085369][ T8677] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  348.499191][ T8688] loop7: detected capacity change from 0 to 128
[  349.025703][   T23] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  349.391096][   T26] kauditd_printk_skb: 9 callbacks suppressed
[  349.391110][   T26] audit: type=1326 audit(1754412454.395:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.1.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  349.492851][   T23] usb 8-1: config 0 has no interfaces?
[  349.549949][   T26] audit: type=1326 audit(1754412454.455:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.1.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  349.573266][ T8708] __nla_validate_parse: 6 callbacks suppressed
[  349.573277][ T8708] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1126'.
[  349.590008][ T8708] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1126'.
[  349.621959][   T26] audit: type=1326 audit(1754412454.455:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.1.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  349.649483][   T26] audit: type=1326 audit(1754412454.455:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.1.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  349.675691][   T26] audit: type=1326 audit(1754412454.455:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.1.1127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba9053fb69 code=0x7ffc0000
[  349.715883][   T23] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  349.737644][   T23] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.764099][   T23] usb 8-1: Product: syz
[  349.769072][   T23] usb 8-1: Manufacturer: syz
[  349.831024][   T23] usb 8-1: SerialNumber: syz
[  349.868989][   T23] usb 8-1: config 0 descriptor??
[  350.108653][   T23] usb 8-1: USB disconnect, device number 4
[  350.703233][ T8782] loop7: detected capacity change from 0 to 128
[  350.732988][ T8787] overlayfs: failed to clone upperpath
[  350.881332][ T8793] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1155'.
[  350.933872][ T8782] EXT4-fs (loop7): mounted filesystem without journal. Opts: usrjquota=,bsddf,,errors=continue. Quota mode: none.
[  350.974812][ T8782] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  351.053906][ T6981] udevd[6981]: incorrect jbd checksum on /dev/loop7
[  351.964616][ T8856] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  352.366707][ T8880] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1177'.
[  352.423752][ T8883] tipc: Started in network mode
[  352.433823][ T8883] tipc: Node identity d6cc1b502ae4, cluster identity 4711
[  352.452415][ T8883] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  352.514971][ T8889] device syzkaller0 entered promiscuous mode
[  352.552230][ T8881] tipc: Resetting bearer <eth:syzkaller0>
[  352.702343][ T8881] tipc: Disabling bearer <eth:syzkaller0>
[  355.897554][ T8964] loop7: detected capacity change from 0 to 40427
[  356.254839][ T8964] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  356.271097][ T8964] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  356.309436][ T8964] F2FS-fs (loop7): invalid crc value
[  356.364025][ T8964] F2FS-fs (loop7): Found nat_bits in checkpoint
[  356.479134][ T8964] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  356.488770][ T8964] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  356.533891][ T8964] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(105223034277721) <= P.seqno(0) <= S.SWH(105223034277795)) and (P.ackno exists or LAWL(6187437100158) <= P.ackno(6187437100159) <= S.AWH(6187437100159), sending SYNC...
[  357.259528][ T9062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1224'.
[  357.271084][ T9062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1224'.
[  359.066380][ T9122] loop7: detected capacity change from 0 to 512
[  359.116067][ T4484] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  359.296720][ T9122] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001004,nodiscard,quota,,errors=continue. Quota mode: writeback.
[  359.344392][ T9122] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  359.474771][ T9122] EXT4-fs error (device loop7): ext4_do_update_inode:5204: inode #2: comm syz.7.1240: corrupted inode contents
[  359.557334][ T4484] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.605120][ T4484] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.659290][ T9122] EXT4-fs error (device loop7): ext4_dirty_inode:6040: inode #2: comm syz.7.1240: mark_inode_dirty error
[  359.762098][ T4484] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  359.972146][ T4484] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.129086][ T9122] EXT4-fs error (device loop7): ext4_do_update_inode:5204: inode #2: comm syz.7.1240: corrupted inode contents
[  360.154823][ T4484] usb 6-1: config 0 descriptor??
[  360.158806][ T9122] EXT4-fs error (device loop7): __ext4_ext_dirty:183: inode #2: comm syz.7.1240: mark_inode_dirty error
[  360.828256][ T4484] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  360.841119][ T4484] cp2112 0003:10C4:EA90.0003: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.5-1/input0
[  360.848713][ T9182] loop7: detected capacity change from 0 to 40427
[  360.900611][ T9182] F2FS-fs (loop7): build fault injection attr: rate: 771, type: 0x1ffff
[  360.910692][ T9182] F2FS-fs (loop7): invalid crc value
[  360.919160][ T9182] F2FS-fs (loop7): Found nat_bits in checkpoint
[  360.957963][ T9182] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  361.036361][ T4484] cp2112 0003:10C4:EA90.0003: Part Number: 0x82 Device Version: 0xFE
[  361.671268][ T9099] cp2112 0003:10C4:EA90.0003: Error starting transaction: -38
[  361.705840][ T4484] cp2112 0003:10C4:EA90.0003: error reading lock byte: -71
[  361.834471][ T7959] attempt to access beyond end of device
[  361.834471][ T7959] loop7: rw=2049, want=45104, limit=40427
[  362.353160][ T4484] usb 6-1: USB disconnect, device number 8
[  363.147875][ T9214] overlayfs: failed to clone upperpath
[  363.196726][ T9231] overlayfs: failed to clone upperpath
[  363.244494][ T9234] tipc: Failed to remove unknown binding: 66,1,1/0:2847350057/2847350059
[  364.378154][ T9260] binder: 9259:9260 ioctl c0306201 0 returned -14
[  364.400834][ T9258] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1280'.
[  364.415823][ T9258] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1280'.
[  365.487234][ T9271] overlayfs: failed to get inode (-116)
[  365.493817][ T9271] overlayfs: failed to look up (file2) for ino (-116)
[  366.606653][ T9300] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1294'.
[  366.708215][ T9300] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1294'.
[  368.127864][ T9328] overlayfs: failed to clone upperpath
[  368.153496][ T9327] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1302'.
[  368.231380][ T9333] netlink: 'syz.4.1303': attribute type 21 has an invalid length.
[  368.239357][ T9333] IPv6: NLM_F_CREATE should be specified when creating new route
[  368.290768][ T9327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1302'.
[  368.960171][ T9351] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1309'.
[  368.971843][ T9351] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1309'.
[  369.327008][ T9360] netlink: 'syz.3.1313': attribute type 10 has an invalid length.
[  369.377560][ T9364] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  369.499692][ T9360] device wlan1 entered promiscuous mode
[  369.554918][ T9360] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  369.591596][ T9360] syz.3.1313 (9360) used greatest stack depth: 19424 bytes left
[  374.035857][ T9420] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1332'.
[  374.053619][ T9420] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1332'.
[  374.403316][ T9422] netlink: 'syz.1.1333': attribute type 10 has an invalid length.
[  374.435361][ T9422] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  375.984577][ T9449] binder: 9448:9449 ioctl c0306201 0 returned -14
[  376.080795][ T9457] 9pnet: Could not find request transport: fd9¡~no=0xffffffffffffffff
[  376.146064][ T9460] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  376.218846][ T9460] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  378.499095][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  378.505634][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  378.666093][ T9506] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1356'.
[  378.727819][ T9506] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1356'.
[  379.360458][ T9517] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1359'.
[  379.370147][ T9517] device bridge_slave_1 left promiscuous mode
[  379.377209][ T9517] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.613111][ T9517] device bridge_slave_0 left promiscuous mode
[  379.620202][ T9517] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.799945][ T9523] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1363'.
[  379.847012][ T9528] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1360'.
[  380.323830][ T9539] overlayfs: failed to clone upperpath
[  380.709572][ T4242] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  381.475790][ T4242] usb 6-1: Using ep0 maxpacket: 16
[  383.205756][ T4242] usb 6-1: unable to read config index 0 descriptor/all
[  383.215918][ T4242] usb 6-1: can't read configurations, error -71
[  385.630631][ T9587] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  385.667214][ T9587] cramfs: wrong magic
[  386.812545][ T9595] netlink: 'syz.5.1385': attribute type 10 has an invalid length.
[  386.951156][ T9595] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  388.991339][ T9619] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1389'.
[  389.001561][ T9619] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1389'.
[  390.307736][ T9634] netlink: 'syz.3.1399': attribute type 10 has an invalid length.
[  390.433410][ T4484] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  390.497863][ T9638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  390.932710][ T9642] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  390.976492][ T4484] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  391.234900][ T9638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  391.336341][ T4484] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.344368][ T4484] usb 8-1: Product: syz
[  391.348974][ T4484] usb 8-1: Manufacturer: syz
[  391.357274][ T4484] usb 8-1: SerialNumber: syz
[  391.364140][ T4484] usb 8-1: config 0 descriptor??
[  391.665274][ T9644] overlayfs: failed to clone upperpath
[  391.665932][ T4484] usb 8-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  393.943210][ T9683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.013457][ T9683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.648665][ T9683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.694533][ T9683] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  394.704620][ T4484] dvb_usb_rtl28xxu: probe of 8-1:0.0 failed with error -71
[  394.715140][ T4484] usb 8-1: USB disconnect, device number 5
[  395.822363][ T9706] loop7: detected capacity change from 0 to 1024
[  396.979242][ T9712] device syzkaller0 entered promiscuous mode
[  397.172683][ T9706] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  397.198649][   T26] audit: type=1804 audit(1754412502.205:72): pid=9706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1425" name="/newroot/50/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  397.250111][   T26] audit: type=1804 audit(1754412502.245:73): pid=9706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.1425" name="/newroot/50/file1/bus" dev="loop7" ino=18 res=1 errno=0
[  397.327412][ T9706] loop_set_status: loop7 () has still dirty pages (nrpages=4)
[  398.063352][ T7959] EXT4-fs error (device loop7): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /50/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.215883][ T7959] EXT4-fs error (device loop7): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: inode out of bounds - offset=5120, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.462813][ T7959] EXT4-fs error (device loop7): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /50/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.514381][ T7959] EXT4-fs error (device loop7): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: inode out of bounds - offset=5120, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.595839][ T7959] EXT4-fs error (device loop7): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /50/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.621682][ T7959] EXT4-fs error (device loop7): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: inode out of bounds - offset=5120, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.653853][ T7959] EXT4-fs error (device loop7): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /50/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.686748][ T7959] EXT4-fs error (device loop7): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: inode out of bounds - offset=5120, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.712699][ T7959] EXT4-fs error (device loop7): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /50/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=100663296, rec_len=1024, size=1024 fake=0
[  398.821902][ T7959] EXT4-fs error (device loop7): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: inode out of bounds - offset=5120, inode=100663296, rec_len=1024, size=1024 fake=0
[  400.405784][ T4242] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  400.660036][ T9768] netlink: 'syz.1.1445': attribute type 25 has an invalid length.
[  401.096733][ T4242] usb 6-1: config 0 has an invalid interface number: 120 but max is 0
[  401.144552][ T4242] usb 6-1: config 0 has no interface number 0
[  401.176688][ T4242] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  401.389522][ T4242] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  401.399557][ T4242] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.418571][ T4242] usb 6-1: config 0 descriptor??
[  401.471704][ T4242] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input7
[  402.348218][ T4242] usb 6-1: USB disconnect, device number 11
[  402.506535][ T9795] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1451'.
[  402.541225][ T9795] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1451'.
[  402.628230][ T4332] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.567599][ T4332] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.488449][ T4332] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.591246][ T4332] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.565693][   T21] Bluetooth: hci1: command 0x0409 tx timeout
[  407.816842][ T9828] chnl_net:caif_netlink_parms(): no params data found
[  408.728074][ T9828] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.735305][ T9828] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.210200][ T9828] device bridge_slave_0 entered promiscuous mode
[  409.249975][ T9828] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.962159][ T4242] Bluetooth: hci1: command 0x041b tx timeout
[  410.985971][ T9828] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.659023][ T9828] device bridge_slave_1 entered promiscuous mode
[  411.849637][ T9828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  411.876996][ T9828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.379002][ T9828] team0: Port device team_slave_0 added
[  412.586483][ T9828] team0: Port device team_slave_1 added
[  413.007399][ T4242] Bluetooth: hci1: command 0x040f tx timeout
[  413.015045][ T9828] batman_adv: batadv0: Adding interface: batadv_slave_0
[  413.022454][ T9828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.467295][ T9828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  413.663490][ T9828] batman_adv: batadv0: Adding interface: batadv_slave_1
[  413.695736][ T9828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.797375][ T9828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  413.877784][ T4332] device hsr_slave_0 left promiscuous mode
[  415.085938][ T2399] Bluetooth: hci1: command 0x0419 tx timeout
[  415.640651][ T4332] device hsr_slave_1 left promiscuous mode
[  415.652567][ T4332] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  415.695792][ T4332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.744485][ T4332] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  415.791804][ T4332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  415.806862][ T4332] device bridge_slave_1 left promiscuous mode
[  415.813100][ T4332] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.837884][ T4332] device bridge_slave_0 left promiscuous mode
[  415.844373][ T4332] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.096890][ T4332] device veth1_macvtap left promiscuous mode
[  416.135727][ T4332] device veth0_macvtap left promiscuous mode
[  416.168930][ T4332] device veth1_vlan left promiscuous mode
[  416.214996][ T4332] device veth0_vlan left promiscuous mode
[  416.799767][ T4332] team0 (unregistering): Port device team_slave_1 removed
[  416.819996][ T4332] team0 (unregistering): Port device team_slave_0 removed
[  416.833296][ T4332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  416.850770][ T4332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  416.977667][ T4332] bond0 (unregistering): Released all slaves
[  418.631786][ T9828] device hsr_slave_0 entered promiscuous mode
[  418.723601][ T9828] device hsr_slave_1 entered promiscuous mode
[  418.791091][ T9828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  418.862075][ T9828] Cannot create hsr debugfs directory
[  421.723046][ T9828] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  421.759562][ T9828] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  421.817226][ T9828] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  421.858383][ T9828] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  422.416963][ T9828] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.753145][ T9828] 8021q: adding VLAN 0 to HW filter on device team0
[  422.862147][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  422.897401][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  423.134035][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  423.166725][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  423.603202][ T1280] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.610439][ T1280] bridge0: port 1(bridge_slave_0) entered forwarding state
[  424.162356][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  424.186176][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  424.194875][ T1280] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.202007][ T1280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  424.363553][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  424.422726][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  424.516183][    C1] ==================================================================
[  424.524809][    C1] BUG: KASAN: use-after-free in rose_timer_expiry+0x470/0x490
[  424.532301][    C1] Read of size 2 at addr ffff88805fb5882a by task syz.3.1521/10071
[  424.540287][    C1] 
[  424.542617][    C1] CPU: 1 PID: 10071 Comm: syz.3.1521 Not tainted 5.15.189-syzkaller #0
[  424.550899][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  424.555473][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  424.560969][    C1] Call Trace:
[  424.561017][    C1]  <IRQ>
[  424.561027][    C1]  dump_stack_lvl+0x168/0x230
[  424.561056][    C1]  ? show_regs_print_info+0x20/0x20
[  424.561073][    C1]  ? _printk+0xcc/0x110
[  424.561090][    C1]  ? rose_timer_expiry+0x470/0x490
[  424.561112][    C1]  ? load_image+0x3b0/0x3b0
[  424.561132][    C1]  print_address_description+0x60/0x2d0
[  424.561153][    C1]  ? rose_timer_expiry+0x470/0x490
[  424.561170][    C1]  kasan_report+0xdf/0x130
[  424.613979][    C1]  ? rose_timer_expiry+0x470/0x490
[  424.619114][    C1]  rose_timer_expiry+0x470/0x490
[  424.624072][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  424.629132][    C1]  call_timer_fn+0x16c/0x530
[  424.633837][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  424.638878][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  424.640958][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  424.645002][    C1]  ? __run_timers+0x7c0/0x7c0
[  424.645034][    C1]  ? rcu_is_watching+0x11/0xa0
[  424.645051][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  424.667707][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  424.672922][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  424.677971][    C1]  __run_timers+0x525/0x7c0
[  424.682513][    C1]  ? detach_timer+0x2b0/0x2b0
[  424.687210][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  424.693216][    C1]  ? sched_clock_cpu+0x15/0x3c0
[  424.698088][    C1]  ? ktime_get_real_ts64+0x420/0x420
[  424.703529][    C1]  run_timer_softirq+0x63/0xf0
[  424.708396][    C1]  handle_softirqs+0x328/0x820
[  424.713199][    C1]  ? __irq_exit_rcu+0x12f/0x220
[  424.717124][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  424.718088][    C1]  ? do_softirq+0x200/0x200
[  424.718117][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  424.735575][    C1]  __irq_exit_rcu+0x12f/0x220
[  424.740261][    C1]  ? irq_exit_rcu+0x20/0x20
[  424.744784][    C1]  irq_exit_rcu+0x5/0x20
[  424.749039][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  424.754684][    C1]  </IRQ>
[  424.757629][    C1]  <TASK>
[  424.760838][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  424.766847][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100
[  424.773381][    C1] Code: 74 05 e8 2e 47 cc f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f6 d4 9f f7 65 8b 05 97 d4 50 76 85 c0 74 3c 48 c7 04 24 0e 36
[  424.786618][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  424.793291][    C1] RSP: 0018:ffffc900043c75c0 EFLAGS: 00000206
[  424.793318][    C1] RAX: 2324f061f10c5f00 RBX: 0000000000000a06 RCX: 2324f061f10c5f00
[  424.793331][    C1] RDX: dffffc0000000000 RSI: ffffffff8a0b15c0 RDI: 0000000000000001
[  424.793344][    C1] RBP: ffffc900043c7650 R08: dffffc0000000000 R09: fffffbfff1ff6e2f
[  424.793358][    C1] R10: fffffbfff1ff6e2f R11: 1ffffffff1ff6e2e R12: dffffc0000000000
[  424.793372][    C1] R13: 0000000000000000 R14: ffff88807e99cec0 R15: 1ffff92000878eb8
[  424.846810][    C1]  ? _raw_spin_unlock+0x40/0x40
[  424.851684][    C1]  ? __wake_up_common+0x2a4/0x4e0
[  424.856740][    C1]  __wake_up_sync_key+0x11b/0x180
[  424.861853][    C1]  ? __wake_up_locked_key_bookmark+0x20/0x20
[  424.867858][    C1]  ? sock_load_diag_module+0x130/0x130
[  424.873344][    C1]  __unix_dgram_recvmsg+0x497/0xd50
[  424.878560][    C1]  ? lock_chain_count+0x20/0x20
[  424.879165][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  424.883518][    C1]  ? unix_unhash+0x10/0x10
[  424.883553][    C1]  ? mark_lock+0x94/0x320
[  424.883578][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  424.905300][    C1]  ? unix_dgram_sendmsg+0x1890/0x1890
[  424.910704][    C1]  ____sys_recvmsg+0x291/0x580
[  424.915601][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  424.920663][    C1]  ? import_iovec+0x6f/0xa0
[  424.925197][    C1]  ___sys_recvmsg+0x1af/0x4f0
[  424.929904][    C1]  ? __sys_recvmsg+0x250/0x250
[  424.934749][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  424.939809][    C1]  ? __might_fault+0xb3/0x110
[  424.943257][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  424.944504][    C1]  do_recvmmsg+0x344/0x7a0
[  424.944542][    C1]  ? __sys_recvmmsg+0x280/0x280
[  424.961974][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  424.967137][    C1]  __x64_sys_recvmmsg+0x18d/0x240
[  424.972201][    C1]  ? do_recvmmsg+0x7a0/0x7a0
[  424.977029][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  424.982347][    C1]  do_syscall_64+0x4c/0xa0
[  424.986911][    C1]  ? clear_bhb_loop+0x30/0x80
[  424.991613][    C1]  ? clear_bhb_loop+0x30/0x80
[  424.994997][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  424.996407][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  424.996435][    C1] RIP: 0033:0x7f119a1eeb69
[  424.996455][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.996468][    C1] RSP: 002b:00007f1198035038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  424.996488][    C1] RAX: ffffffffffffffda RBX: 00007f119a416080 RCX: 00007f119a1eeb69
[  424.996502][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  424.996515][    C1] RBP: 00007f119a271df1 R08: 0000000000000000 R09: 0000000000000000
[  424.996525][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  424.996535][    C1] R13: 0000000000000001 R14: 00007f119a416080 R15: 00007ffccfd4c8e8
[  424.996566][    C1]  </TASK>
[  425.063209][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  425.067459][    C1] 
[  425.067467][    C1] Allocated by task 9:
[  425.067477][    C1]  __kasan_kmalloc+0xb5/0xf0
[  425.067500][    C1]  __alloc_skb+0x22c/0x750
[  425.067516][    C1]  skb_copy+0x139/0x790
[  425.067529][    C1]  mac80211_hwsim_tx_frame_no_nl+0xcc7/0x15d0
[  425.067553][    C1]  mac80211_hwsim_tx_frame+0x1b5/0x200
[  425.067569][    C1]  mac80211_hwsim_beacon_tx+0x4f3/0x920
[  425.067585][    C1]  __iterate_interfaces+0x243/0x500
[  425.067603][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  425.067622][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  425.122848][ T9828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  425.126023][    C1]  __hrtimer_run_queues+0x53d/0xc40
[  425.126050][    C1]  hrtimer_run_softirq+0x176/0x240
[  425.126065][    C1]  handle_softirqs+0x328/0x820
[  425.126078][    C1]  __irq_exit_rcu+0x12f/0x220
[  425.126091][    C1]  irq_exit_rcu+0x5/0x20
[  425.126103][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  425.126120][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  425.126137][    C1] 
[  425.126143][    C1] Last potentially related work creation:
[  425.126149][    C1]  kasan_save_stack+0x35/0x60
[  425.126165][    C1]  kasan_record_aux_stack+0xb8/0x100
[  425.154951][ T9828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  425.159962][    C1]  insert_work+0x54/0x3d0
[  425.159986][    C1]  __queue_work+0x9c5/0xd50
[  425.159999][    C1]  queue_work_on+0x11d/0x1d0
[  425.160012][    C1]  rhltable_remove+0xf12/0xfd0
[  425.160027][    C1]  __nft_release_table+0xb87/0xe50
[  425.160043][    C1]  nft_rcv_nl_event+0x44c/0x590
[  425.160059][    C1]  blocking_notifier_call_chain+0x103/0x1b0
[  425.160077][    C1]  netlink_release+0xf13/0x1790
[  425.160095][    C1]  sock_close+0xd5/0x240
[  425.160113][    C1]  __fput+0x234/0x930
[  425.160129][    C1]  task_work_run+0x125/0x1a0
[  425.160146][    C1]  exit_to_user_mode_loop+0x10f/0x130
[  425.160166][    C1]  exit_to_user_mode_prepare+0xb1/0x140
[  425.160184][    C1]  syscall_exit_to_user_mode+0x16/0x40
[  425.160203][    C1]  do_syscall_64+0x58/0xa0
[  425.160220][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  425.160241][    C1] 
[  425.160246][    C1] Second to last potentially related work creation:
[  425.160253][    C1]  kasan_save_stack+0x35/0x60
[  425.160269][    C1]  kasan_record_aux_stack+0xb8/0x100
[  425.160286][    C1]  insert_work+0x54/0x3d0
[  425.160301][    C1]  __queue_work+0x9c5/0xd50
[  425.160315][    C1]  call_timer_fn+0x16c/0x530
[  425.160333][    C1]  __run_timers+0x550/0x7c0
[  425.160347][    C1]  run_timer_softirq+0x63/0xf0
[  425.160363][    C1]  handle_softirqs+0x328/0x820
[  425.160377][    C1]  run_ksoftirqd+0x98/0xf0
[  425.160391][    C1]  smpboot_thread_fn+0x4f6/0x970
[  425.160409][    C1]  kthread+0x436/0x520
[  425.160422][    C1]  ret_from_fork+0x1f/0x30
[  425.160439][    C1] 
[  425.160443][    C1] The buggy address belongs to the object at ffff88805fb58800
[  425.160443][    C1]  which belongs to the cache kmalloc-512 of size 512
[  425.160459][    C1] The buggy address is located 42 bytes inside of
[  425.160459][    C1]  512-byte region [ffff88805fb58800, ffff88805fb58a00)
[  425.160477][    C1] The buggy address belongs to the page:
[  425.160486][    C1] page:ffffea00017ed600 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88805fb5a400 pfn:0x5fb58
[  425.160505][    C1] head:ffffea00017ed600 order:2 compound_mapcount:0 compound_pincount:0
[  425.160519][    C1] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  425.223910][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  425.226075][    C1] raw: 00fff00000010200 ffffea0000778308 ffffea0001814308 ffff888016841c80
[  425.226092][    C1] raw: ffff88805fb5a400 0000000000100003 00000001ffffffff 0000000000000000
[  425.226101][    C1] page dumped because: kasan: bad access detected
[  425.226122][    C1] page_owner tracks the page as allocated
[  425.226128][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4190, ts 59021607121, free_ts 11861030675
[  425.226155][    C1]  get_page_from_freelist+0x1b77/0x1c60
[  425.226187][    C1]  __alloc_pages+0x1e1/0x470
[  425.226203][    C1]  new_slab+0xc0/0x4b0
[  425.231476][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  425.235536][    C1]  ___slab_alloc+0x81e/0xdf0
[  425.235558][    C1]  __kmalloc+0x1cd/0x330
[  425.235570][    C1]  fib6_info_alloc+0x2e/0xe0
[  425.235583][    C1]  ip6_route_info_create+0x44f/0x1210
[  425.235600][    C1]  ip6_route_add+0x24/0x130
[  425.235614][    C1]  addrconf_prefix_route+0x20d/0x2b0
[  425.235631][    C1]  inet6_addr_add+0x4ff/0x9c0
[  425.235645][    C1]  inet6_rtm_newaddr+0x5d7/0x840
[  425.235658][    C1]  rtnetlink_rcv_msg+0x9b9/0xe60
[  425.235676][    C1]  netlink_rcv_skb+0x1e0/0x430
[  425.235693][    C1]  netlink_unicast+0x774/0x920
[  425.235709][    C1]  netlink_sendmsg+0x8ab/0xbc0
[  425.235725][    C1]  __sys_sendto+0x423/0x580
[  425.569286][    C1] page last free stack trace:
[  425.574054][    C1]  free_unref_page_prepare+0x637/0x6c0
[  425.579527][    C1]  free_unref_page+0x94/0x280
[  425.584245][    C1]  free_contig_range+0x96/0xf0
[  425.589025][    C1]  destroy_args+0xef/0x8b0
[  425.593544][    C1]  debug_vm_pgtable+0x318/0x370
[  425.598417][    C1]  do_one_initcall+0x1ee/0x680
[  425.603267][    C1]  do_initcall_level+0x137/0x1f0
[  425.608218][    C1]  do_initcalls+0x4b/0x90
[  425.612599][    C1]  kernel_init_freeable+0x3ce/0x560
[  425.617901][    C1]  kernel_init+0x19/0x1b0
[  425.622245][    C1]  ret_from_fork+0x1f/0x30
[  425.626674][    C1] 
[  425.629005][    C1] Memory state around the buggy address:
[  425.634654][    C1]  ffff88805fb58700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  425.642826][    C1]  ffff88805fb58780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  425.651076][    C1] >ffff88805fb58800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  425.659205][    C1]                                   ^
[  425.664710][    C1]  ffff88805fb58880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  425.672881][    C1]  ffff88805fb58900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  425.680949][    C1] ==================================================================
[  425.681445][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  425.689010][    C1] Disabling lock debugging due to kernel taint
[  425.689083][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  425.689096][    C1] CPU: 1 PID: 10071 Comm: syz.3.1521 Tainted: G    B             5.15.189-syzkaller #0
[  425.689114][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  425.689132][    C1] Call Trace:
[  425.689137][    C1]  <IRQ>
[  425.689143][    C1]  dump_stack_lvl+0x168/0x230
[  425.729867][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  425.730206][    C1]  ? show_regs_print_info+0x20/0x20
[  425.747452][ T9828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  425.748453][    C1]  ? load_image+0x3b0/0x3b0
[  425.748485][    C1]  panic+0x2c9/0x7f0
[  425.768978][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  425.773507][    C1]  ? _raw_spin_unlock_irqrestore+0xa5/0x100
[  425.779548][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  425.785464][    C1]  ? _raw_spin_unlock+0x40/0x40
[  425.790335][    C1]  ? print_memory_metadata+0x314/0x400
[  425.795815][    C1]  ? rose_timer_expiry+0x470/0x490
[  425.801028][    C1]  check_panic_on_warn+0x80/0xa0
[  425.805985][    C1]  ? rose_timer_expiry+0x470/0x490
[  425.811204][    C1]  end_report+0x6d/0xf0
[  425.815376][    C1]  kasan_report+0x102/0x130
[  425.819892][    C1]  ? rose_timer_expiry+0x470/0x490
[  425.825148][    C1]  rose_timer_expiry+0x470/0x490
[  425.830101][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  425.835135][    C1]  call_timer_fn+0x16c/0x530
[  425.839916][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  425.844950][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  425.850954][    C1]  ? __run_timers+0x7c0/0x7c0
[  425.855917][    C1]  ? rcu_is_watching+0x11/0xa0
[  425.860692][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  425.865915][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  425.871124][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  425.876163][    C1]  __run_timers+0x525/0x7c0
[  425.880691][    C1]  ? detach_timer+0x2b0/0x2b0
[  425.885380][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  425.891383][    C1]  ? sched_clock_cpu+0x15/0x3c0
[  425.896274][    C1]  ? ktime_get_real_ts64+0x420/0x420
[  425.901575][    C1]  run_timer_softirq+0x63/0xf0
[  425.906432][    C1]  handle_softirqs+0x328/0x820
[  425.911203][    C1]  ? __irq_exit_rcu+0x12f/0x220
[  425.916115][    C1]  ? do_softirq+0x200/0x200
[  425.920638][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  425.925936][    C1]  __irq_exit_rcu+0x12f/0x220
[  425.930622][    C1]  ? irq_exit_rcu+0x20/0x20
[  425.935137][    C1]  irq_exit_rcu+0x5/0x20
[  425.939558][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  425.945199][    C1]  </IRQ>
[  425.948149][    C1]  <TASK>
[  425.951086][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  425.957077][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100
[  425.963599][    C1] Code: 74 05 e8 2e 47 cc f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f6 d4 9f f7 65 8b 05 97 d4 50 76 85 c0 74 3c 48 c7 04 24 0e 36
[  425.983603][    C1] RSP: 0018:ffffc900043c75c0 EFLAGS: 00000206
[  425.989700][    C1] RAX: 2324f061f10c5f00 RBX: 0000000000000a06 RCX: 2324f061f10c5f00
[  425.997685][    C1] RDX: dffffc0000000000 RSI: ffffffff8a0b15c0 RDI: 0000000000000001
[  426.005765][    C1] RBP: ffffc900043c7650 R08: dffffc0000000000 R09: fffffbfff1ff6e2f
[  426.013747][    C1] R10: fffffbfff1ff6e2f R11: 1ffffffff1ff6e2e R12: dffffc0000000000
[  426.021738][    C1] R13: 0000000000000000 R14: ffff88807e99cec0 R15: 1ffff92000878eb8
[  426.029735][    C1]  ? _raw_spin_unlock+0x40/0x40
[  426.034779][    C1]  ? __wake_up_common+0x2a4/0x4e0
[  426.039823][    C1]  __wake_up_sync_key+0x11b/0x180
[  426.044892][    C1]  ? __wake_up_locked_key_bookmark+0x20/0x20
[  426.050887][    C1]  ? sock_load_diag_module+0x130/0x130
[  426.056363][    C1]  __unix_dgram_recvmsg+0x497/0xd50
[  426.061590][    C1]  ? lock_chain_count+0x20/0x20
[  426.066634][    C1]  ? unix_unhash+0x10/0x10
[  426.071073][    C1]  ? mark_lock+0x94/0x320
[  426.075421][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  426.080465][    C1]  ? unix_dgram_sendmsg+0x1890/0x1890
[  426.085862][    C1]  ____sys_recvmsg+0x291/0x580
[  426.086400][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  426.090634][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  426.103704][    C1]  ? import_iovec+0x6f/0xa0
[  426.108220][    C1]  ___sys_recvmsg+0x1af/0x4f0
[  426.112909][    C1]  ? __sys_recvmsg+0x250/0x250
[  426.117688][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  426.118357][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  426.122805][    C1]  ? __might_fault+0xb3/0x110
[  426.122827][    C1]  do_recvmmsg+0x344/0x7a0
[  426.139919][    C1]  ? __sys_recvmmsg+0x280/0x280
[  426.144797][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  426.149924][    C1]  __x64_sys_recvmmsg+0x18d/0x240
[  426.154966][    C1]  ? do_recvmmsg+0x7a0/0x7a0
[  426.159568][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  426.164772][    C1]  do_syscall_64+0x4c/0xa0
[  426.169188][    C1]  ? clear_bhb_loop+0x30/0x80
[  426.173855][    C1]  ? clear_bhb_loop+0x30/0x80
[  426.178601][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  426.184479][    C1] RIP: 0033:0x7f119a1eeb69
[  426.188877][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.208553][    C1] RSP: 002b:00007f1198035038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  426.217042][    C1] RAX: ffffffffffffffda RBX: 00007f119a416080 RCX: 00007f119a1eeb69
[  426.225047][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  426.233051][    C1] RBP: 00007f119a271df1 R08: 0000000000000000 R09: 0000000000000000
[  426.241099][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  426.249154][    C1] R13: 0000000000000001 R14: 00007f119a416080 R15: 00007ffccfd4c8e8
[  426.257170][    C1]  </TASK>
[  426.260478][    C1] Kernel Offset: disabled
[  426.264941][    C1] Rebooting in 86400 seconds..