last executing test programs:

13m42.674328493s ago: executing program 32 (id=72):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xfd, 0x120c, &(0x7f0000004500)="$eJzs3E9rXFUYB+A349Skqfmj1mq70ANuXF2aLFwJEiQFyYBSG6EVhFsz0SHXmZA7BEbE6sptP4drd4LfIBs/g7tsXHYhXum9jc3UadTFZESfZzH35Zzz49wzDAN3OGeO37r/+d5ume3mw2jNzUVrPyI9SJGiFSde3Wqut+9sbXQ6mzdTurFxa+3NlNLyaz9+9OV8RFz68PvlH+bjaPXj41/Wfz66cnT1+Ldbn/XK1CtTfzBMebo7GAzzu0U37fTKvSyl94tuXnZTr192D8b6d4vB/v4o5f2dpcX9g25Zprw/Snv384hBGh6MUv5p3uunLMvS0mLwVBf+esj2dw+qqoqoqgvxbFRVVV2MxbgUz8VSLMfXEfF8vBAvxuV4Ka7Ey/FKXK1HncftAwAAAAAAAAAAAAAAAAAAwP/H6fP/ETF2/n8lVp3/BwAAAAAAAAAAAAAAAAAAgHPwwe07WxudzubNlBYiim8Ptw+3m2vTv7EbvSiiG9djJX6N+vR/o6lvvNvZvJ5qq/FNce9R/t7h9jNN/uHLw/xa/XcCj/Ltuu8kv9bk03h+PhZPz78eK3F58vzrE/ML8cbrp/JZrMRPn8Qgitip536c/2otpXfe6zyRv1aPAwAAgP+CLP1h4vN7lj2tv8n/7d8H2vHE83U7rrVnu3YiytEXe3mr6B7URXFSLPypRXFGMT/e0prSXK04e8zctBbY/pe8z4rpFRdjvGXW30ych8cfg1nfCQAAAAAAAAAAAP/ElPcVtmPCzrK3Z7NUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5nB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFQAA//8TZ8Qf")
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$KVM_IOEVENTFD(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, r2})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)

13m7.620735784s ago: executing program 33 (id=166):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x228, &(0x7f0000000300)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiMwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1v9mjOH4hVjOKXcKufG3HWLF+Rapn6+7g0Dw8GozxMZGJcz7mdiYJgZtnMPsr/KG6CRwcDMwMCgwsDAwMTAwpCWmZNq4MHAyMAM5RiyQFXBVDMxcIAl9JLzc1LaGRjBSQCsbTkDC9wMw8cMrHCOETLH2KIBahJDO5RWgdIeUHo5lH4MpeXRkg0L2IR+KE+jgYGBjaEisaSkyJCNgQHKgosZwcWMBOA2M0FtncuE6rnjTAyjYBSMglEwCkbBKBgFo2AUjIJRMJIBIAAA///ZbLn7")
socket(0x11, 0x3, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x84, 0x40, 0x0, 0x0)

13m7.534554189s ago: executing program 34 (id=167):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/69, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000016c0))
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000180)=r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000040)=0x1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000380)={0x0, r1})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x792, &(0x7f0000001a40)="$eJzs3ctrXFUYAPDvTl5NWk0EQesqINhA6cTU2Cq4qLgQwUJB17ZhMg01k0zJTEoTAraI4EZQcSHopmsfdefWx1b/CxdSKZoWKy4kciczybSZSSdpZiaQ3w9O5pz7yDnfnPs4d+5lJoADazT9k4k4GhEfJxHD1elJRPRVcr0RZ9aXu7e6kktTEmtrb/2ZVJa5u7qSi7p1Uoerhacj4qcPIo5nttZbWlqenSoU8gvV8nh57vJ4aWn5xKW5qZn8TH7+1MTk5MnTL54+tXex/v3r8pE/Pnn92Ldn/n3/qZsf/ZzEmThSnVcfx14ZjdHqe9KXvoX3eW2vK+uypNsNYFfSXbNnfS+PozEcPZVcE4Ob2YnljjQPAGiD9yJiDQA4YBLnfwA4YGqfA9xdXcnVUnc/keis269GxKH1+Gv3N9fn9Fbv2R2q3Acdupvcd2ckiYiRPah/NCK+/P6dr9MU1X5wLw3ohGvXI+LCyOjW43+y5ZmFnXp+u5lrA5WX0QcmH7TzD3TTD+n456VG47/MxvgnGox/Bhrsu7vx8P0/c2sPqmkqHf+9Uvds2726+KtGeqqlxypjvr7k4qVCPj22PR4RY9E3kJYnKos2HrmN3fnvTrP668d/f3367ldp/enr5hKZW70D968zPVWeetS4a25fj3imt1H8yUb/J03Gv+darOONlz/8otm8NP403lraGn97rd2IeK5h/2/2ZbLt84njlc1hvLZRNPDdb58PNat/9Fj/Rv+nKa2/di3QCWn/D20f/0hS/7xmaed1/HJj+Mdm8+q3/8bxN97++5O3K/n+6rSrU+XywkREf/Lm1uknN9etlWvLp/GPPdt4/1+vtvH2n14TXmgx/t7e+Gb38bdXGv/0jvp/55mb92Z7mtXfWv9PVnJj1SmtHP9abeCjvHcAAAAAAAAAAAAAAAAAAAAAAAAA0KpMRByJJJPdyGcy2ez6b3g/GUOZQrFUPn6xuDg/HZXfyh6Jvkztqy6H674PdaL6ffi18skHyi9ExBMR8dnAYKWczRUL090OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqDjf5/f/U7wPdbh0A0DaHut0AAKDjnP8B4ODZ2fl/sG3tAAA6x/U/ABw8LZ//L7S3HQBA57j+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM3OnT2bprV/VldyaXn6ytLibPHKiel8aTY7t5jL5ooLl7MzxeJMIZ/NFeea/qNr6y+FYvHyZMwvXh0v50vl8dLS8vm54uJ8+fyluamZ/Pl8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDWlZaWZ6cKhfyCzLaZwf3RjH2T6Y190QyZh2QyEbG71euPEoPdO0ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7HP/BwAA///F9Cf0")
r2 = open(&(0x7f00000006c0)='./file1\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)

12m40.590180806s ago: executing program 35 (id=230):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x10008d0, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c7072656665727265645f736c6f743d30303030303030303030303030303030303030312c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c00b83578110c8182871d1a888ab910bda6ed5eb8d85850b69e5f00a4b2822944f8a40011442cbdd903ae8f5dbd229f91fe1093b9e1d8042b3023b0ec8f09897497044a104701d3013512e0487b6bd6650f232292d8b0155a94728bba1a8248fed123795bcc184683b33d0d5f4455ea61c1cb567c01edd33f14c229437ce876bf88798ec1e2f28b87b591031c3d50710d9cc51b760aff0105a5c3772f54bdf7395bb2bb7b4a0323ca"], 0x1, 0x4432, &(0x7f0000004480)="$eJzs3c9PG1ceAPA3A9lANtmFbA5ZaaW1tJF2tbtCkFNbIpUQEgIJTZU2UdWLY8BJaA2OwFQ95EBvkXqq1EPVQ9RKvXGKOPSa/gm99JieI7WHXlpVikplewyewRYuwtCkn8+B8bzf9nfm+fkwvDhRubuwkltYyRWWcuW52ytnc++VS6uLxRAfkJb9Hzm4/ulMN66Tw772/siuXbj0xs2zIXw1/83Tzc3NzVDVG1oaaXr94w/355qPDXGmTrXd1q3tl7dDCKd2jKuqJ4Tw1pchRCGE80naeHLsDyGcCPW8m/c/vJXbp9E8elI8l38282Bj9Mz0+sON9u89CuHT0t//f2fxu3/1jH77333qHgAAAAAAAAAAAAAAAACA59zk9Ws3Xh8eCY+j0Lse7XxedzI5tns+dnPf/LP7bxYAAAAAAAAAAAAAAAAAAAB+p7af/89FJ1s8/z+RHMfa1N98tftjpHumXrs2cXF4JNn/PdqR/1KS9P35njDYYt/37P7v5zP1W+//vrOfvWqMr9HvQIjiodR5HA8NhfB5svH76ehYXCqvVP53u7y6NL9vw3hupeNf370/FZ1kQ/9O4z+eab/7+///bcfVVD2/tX+X2AstHf+etuW++CDqKP4XMvUOIv7sXTr+vbW0/uYCY/UJoBr/j3p3j/9Epv3uxP/I1qv+kEvNANU1TC5qv14hLR3/+ueamjqTD7Ld/f9zJv4XM+0f1vy/lv0ioqV0/P9US+tLldi+/wfj3e//S5n2DyP+1fGv+f7vSDr+R+uJvakitU+y0/l/MtN+U/x/2s9x34iTcf4lSl0B61E9vd3/qyMtHf++Hfnbv//ijtZ/lzP1D+r3X6Pfxu+/xvT/n6j++4/W0vHvb1uu0/t/KlOv2/P/WG39x16l43+slpZeOw/U/nYa/+lM+92Kf21V0teI//Z88svRevpn1n8dScf/z/XEuLnEWu1vbf0X7b7+v5Jp/zDWf9Xxr8Xd7fVFkY7/8bblqvH/uoPv/6uZet2PfwjD1vp7lo7/ibblavd/3+7xn8nU63b8/93NxgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeA+PJcSBE8VDqPI6HhkK4kJyfDsei2cJ8frZUnnt3JYSJJD0XTkZ3SuXZQim/sFSeL+YLpVJ5LoSLSf6p0BetlMqV/GLh3qWttvqju8XCcmW2WKiEECaT9H+EE422Zhcqi4V7IYTLW3l/jcvL9+4WlvLzC8uvDA8PD4eprTEMRsX3K8WlSr33em4I01t1B6KmwdWyr2yN5Xj0Tnl1ealQqqVfbapTKs8VSk11ZpK8j8NgVFleXZorVIr5UvlOo7/DNJYcJ6auv3n96siO/FtR/Th+sMMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dd6PPryJyGE3vpZHEIYa7yIWpV/9KR4Lv9s5sHG6Jnp9YcbT9uVAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBXduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBL/ygRA1EcgN+MhX8qj2EVks42oogWRgRPoMfwMHoUL+EdLCxsLWRhd4ZdshtIs1t9X/NIfsy8B/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmuX0anh/bLiLFyf9xxOfr1/dmfl/q+9Xu80cHmJH9uXsYrm/arrx72sovy6+fPi/Tv9+3l1jXs/pdfYz2ZLxPK7XP6eRcU/s2NV/tex4pNxHRl/wi5dw08+4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMEOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UUfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//sfkf5w==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000440), 0x1000a)

12m15.481215926s ago: executing program 36 (id=277):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x343901, 0x0)
preadv(r1, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a30000000001400078005001500"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})

12m5.4761282s ago: executing program 37 (id=308):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r4, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)

12m1.59798792s ago: executing program 38 (id=319):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000240)=""/154, 0x7c)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f000049e000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0, 0x11}], 0xaaaad7d, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000180)=0x3000)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10m34.873959289s ago: executing program 39 (id=507):
r0 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x54}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000280)={&(0x7f0000000140), 0xc, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

10m29.831350657s ago: executing program 6 (id=525):
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
signalfd4(r2, &(0x7f0000000140), 0x8, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="8c0000000001010400000000ffffff8802000000240001801400018008000100ac1414bb08000200ac1414bb0c00028005000100000000002400028014000180080001000000004008000200ac1414bb0c0002800500010000000000080007400000000028000680080002007f000001080001000000000014000380060001"], 0x8c}, 0x1, 0x600000000000000, 0x0, 0x40}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))

10m25.099289602s ago: executing program 6 (id=535):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000bc0)={{0x0, 0x1}, {0xe}, 0x5, 0xbfbf})

10m22.386226215s ago: executing program 6 (id=539):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_writepages_result\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
close(r4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r1, 0x0, 0x0}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)

10m21.446350945s ago: executing program 6 (id=542):
mkdir(&(0x7f0000000500)='./file0/../file0\x00', 0x0)
chdir(0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
sendfile(r2, r1, 0x0, 0x8000000d)

10m20.146362411s ago: executing program 40 (id=543):
syz_open_dev$sg(0x0, 0x0, 0x2)
prctl$PR_MCE_KILL(0x43, 0x0, 0x300)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x810484, &(0x7f0000000340)=ANY=[@ANYRES64=0x0, @ANYRES64, @ANYRES8, @ANYRES64, @ANYRES16=0x0, @ANYRES16, @ANYRESDEC=0x0], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, r1)

10m19.180543264s ago: executing program 6 (id=546):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x2a14000, &(0x7f0000000480)={[{@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0x4000000}}, {@block_validity}, {@i_version}, {}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@noquota}, {@stripe={'stripe', 0x3d, 0xff}}, {@discard}, {@block_validity}, {@user_xattr}, {@grpid}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
open(&(0x7f00000003c0)='./bus\x00', 0x14bb42, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0xcf5)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000080)={0x3ff}, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000018c0)=0x13)
r2 = dup(r1)
ioctl$TCXONC(r2, 0x540a, 0x2)

10m16.735757914s ago: executing program 6 (id=551):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'erspan0\x00', &(0x7f00000002c0)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @ra={0x94, 0x4}, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10m16.40470478s ago: executing program 41 (id=551):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'erspan0\x00', &(0x7f00000002c0)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote, 0x8}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @ra={0x94, 0x4}, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m31.177376975s ago: executing program 3 (id=908):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0xe)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000000)=""/74, 0x32a000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
open(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

7m25.535619792s ago: executing program 3 (id=921):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[0x0], &(0x7f0000000380), 0x0, 0x3e, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x20, 0x0, 0x0, &(0x7f0000000440), 0x8, 0x3d, 0x8, 0x8, &(0x7f0000000480)}}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
unshare(0x2000400)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

7m24.350032021s ago: executing program 3 (id=925):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1e, 0x1, 0x0)
connect$tipc(r3, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000200)=""/2, 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000d80)=""/157, 0x9d}], 0x1}}], 0x2, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x9, 0x2, 0x1})
close(0xffffffffffffffff)

7m19.481172565s ago: executing program 3 (id=935):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0xfffffff7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='pstore\x00', 0x0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000580)='./file0/file0\x00', &(0x7f00000005c0)='./file0\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x14, r4, 0xc4fc9e906872378b, 0x0, 0x0, {{0x5}, {@void, @void}}}, 0x14}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000a80), r3)

7m16.207780248s ago: executing program 3 (id=940):
socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
flock(0xffffffffffffffff, 0xa422928b49da8f63)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r3, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "0f03c8c7e8da000000000000ffffff017f000000cce67e1d0000e565aa9a9d32c7627ffe7a54cdbd77b3000000000000000000060000000000000000deff00", 0x1b}, 0x60)
getsockopt$nfc_llcp(r3, 0x118, 0x0, &(0x7f0000000140)=""/192, 0x20000057)

7m13.027950013s ago: executing program 3 (id=948):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00')
read$FUSE(r4, &(0x7f0000000080)={0x2020}, 0x2035)

7m11.235954564s ago: executing program 42 (id=948):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00')
read$FUSE(r4, &(0x7f0000000080)={0x2020}, 0x2035)

6m33.69645089s ago: executing program 4 (id=1028):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ipvlan1\x00', <r4=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
write(r1, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)

6m31.007268864s ago: executing program 4 (id=1037):
syz_mount_image$udf(&(0x7f0000000c00), &(0x7f0000000c40)='./file0\x00', 0x1000010, &(0x7f0000000140)=ANY=[@ANYBLOB="008252ed6493d7e433c5eebd696eccff301b3e4e92f3d4dd19291d59af9a226bcca149e53a11a91a8d34f94def62947afea70942277724b0f1eec98f4fece5f63b2cea3f630aac65edf72206739d7bf5d6e991a0c4891894a8b611b9470d1b6460c24aa18310a677e9a1b9ec59328e806e645b523b8ca6908f672db9b0752bd2da3eb796d939083b077024fa6123ed19917ab6c588af31aaadf8d9ded9043aa5a7aca2dcf9"], 0xfe, 0xbf6, &(0x7f00000022c0)="$eJzs3UFsHNd5B/DvjUiRkotk61iykxrB2gUcVWkUkootGwxQq2aJplFs1hSTtu7BK3GlbkUtFyTlyEabuCcfWqBsCvTSFChQpDB6CNhDDu0pBQr0ShS5FQXUtHVdFAX2EMOXwixm9q24lGiLEUVRkn8/QPoPZ763O/Peeme4b8cKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDil3/l9Nh42u+9AADuphdnXx6bcP4HgI+Vs37/BwAAAAAAAAAAAACAe12KIt6NFN98vJterX7uGT3Tal+5Ojc1vX2zQ6lqeaCqL/+Mjk+c/NLTz5x6tp8f3f5O+3S8NHv2dP2FxcudpebycnO+PtdunV+cb+74EXbb/kbHqw6oX750Zf7CheX6xImTWzZfrb0z8tDR2uSp8VeO9GvnpqanZwdqhoZv+9lv8mF3eByMIi5Eiktvv5saEVHE7vviFq+dvXaoOojj1UHMTU1XB7LQarRXyo0z/Y4oImoDjZ7v99FdGItdqUe8We5+ucPHy8Ob7TSWGucWmvWZxtJKa6W12J5Jvb1NVXkRz6aITkR0R25+uOEo4luR4q3vdtO5iM2Kz1c3Bt96f4o7e3g7NRQRteGI9eI+GLN72EgU8f1I8Z1vj8X53K9Vtz0V8bUyj0ZcKfNaxGqZn41I5QvrkYj3tnk9cX8ZiiL+MFL8ZLKb5vtjX72vnPl6/SvtC4sDtf33lfv+/HA33ePvTaNRRKM6U3TT7V/sAAAAAABw7yniTyLFEz86ljoxOKfYal+sn22cW+h9Ktz/7L+eW21sbGzUUi/Hcs7k7ORczbmWcz1nN2etyO1zzuTs5FzNuZZzPWc3Z+1Abp9zJmcn52rOtZzrObs5a0O5fc6ZnJ2cqznXcq7n7A7t43ABAAAAAAAAwDYORRHfiBRPffG16r7iqO5L/+TkqZdP/NrgPeOP3eJxytoTEbFW7Oye3IP51uGZNJPSPt1DTO/+v9/P9//9wX7vDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsK+KKOLJSPHaD7opUkTUI16NXl4b2e+9AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7oTRVMR7keLPvjpa/bxeRPxWteGDjYi49sHGnbbfRwwAAAAAAAAAD6BUxOuR4smXu6kWEVdr74w8dLQ2eWr8lSMH4kCksmSw/qXZs6frLyxe7iw1l5eb8/W5duv84nxzp083eqbVvnJ1bmp6Tw7mlg7t8f4fGn1hsfP6Uuvi76xsu/3w6OlzyytLjfPbb45DUUTUB9ccr3Z4bmq62umFVqNdNZ1JO91jAAAAAAAAAD4OhlMRH0SKt/767evzzkO9Of+hG2u/9+WIIi9P5fnn69PQ1fcGPlF9b6C3/MnJU78+8ZnB5W2nrI9XE+r1uanp6dmB1UPDN5eO5ucd290hM6Ac/5VI8Ud/UU9P5HVbx//A9drv/d7meL954wN9yJjvdvx/dmBd+ZwpFfG3keLnfuOxeKLaz8Nx03cmct1XI8Vvrj2e6+JgWfdk3v5w9ffohdZCc6ysvRop/uHK1tqncu2nNmvHd9yx94ly/J+MFP/z22vX+yaPfx6BzVEbHP/P3Pjq2KPxf3hgXS0/78/fmUMnIpZff+NSY2GhuXTLhed3UGPBgoUHY2G/35m4G8rz/zcixd//6b9cv97J5/+f6f20ef33/rc2z/+TNz7QHp3/PzWwbjJfjQwPRYyuXO4MPxoxuvz6G19oXW5cbF5stk+eeu6ZibHnxsdODh/sX9xtLu26rx5E5fj/bqT4/o//Jj6X1229/tv++v/wjQ+0R+P/yMC6w1uuV3Z96OTx/79I8U9TP4xjed1HXf/3f/8/li/Cr1+f79H4HxlYV/2O94mIXxhYd+xIxAP3SxkAAADcYSkV8cM8nzp2i/nUf4wUb/z3L+a6dLSsez5vr1V/D7242P7C6YWFxfONlca5hWZ9ttM43yzb/kek6P7V47ltUc2v9uebe3O8m3Ox/xwpnvvVfm1vLrb/2dQjm7XjZe2JSPHHL26t7X+OcWSzdqKs/ddIMf7K9rVHN2tPlrX/FSne//N6v/ZwWfvlXPvoZu2J84sL83swLAAAAAAAsCvDqYhnIsXfnRxK/c+3d/L9z5s+9N6j7/89OrBu/qe6X+X2F3bdqQBwjyvP/8fKs/ov/eX1ufyt5//N/w/A4Pn/RoP/bsCHLd/O+b92Zw4TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GMnRRGLkeKbj3fTtZHy557RM632latzU9PbNzuUqpYHqvryz+j4xMkvPf3MqWf7+dHt77RPx0uzZ0/XX1i83FlqLi835+tz7db5xfnmjh9ht+1vdLzqgPrlS1fmL1xYrk+cOLll89XaOyMPHa1Nnhp/5Ui/dm5qenp2oGZo+Laf/SbpQ9YfjCL+N1Jcevvd9G8jEUXsvi9u8drZa4eqgzheHcTc1HR1IAutRnul3DjT74giojbQ6Pl+H92FsdiVesSb5e6XO3y8PLzZTmOpcW6hWZ9pLK20VlqL7ZnU29tUlRfxbIroRER35OaHG44ihiPFW9/tph+PRBzo98PnX5x9eWxi213Y8loq9ug4b2EoImrDEevFfTBm97CRKOLpSPGdb4/Fv4/0+rXqtqcivlbm0YgrZV6LWC3zsxGpfAE8EvHeNq8n7i9DUcTDkeInk930xf7YV+8rZ75e/0r7wuJAbf995b4/P9xN9/h702gU8W71jt5N/+m/ZwAAAACAB0gRj0WKJ350LFXzg3lOcTha7Yv1s41zC72P9fuf/ddzq42NjY1a6uVYzpmcnZyrOddyrufs5qwVuX3OmZydnKs513Ku5+zmrB3I7XPO5OzkXM25lnM9ZzdnbSi3zzmTs5NzNedazvWc3aH9HC8AAAAAAACA7RVRxOcixWs/6KaNkd4E76vRy2vuB3rg/X8AAAD//yYVV88=")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x34}}, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
utime(&(0x7f0000000200)='.\x00', 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

6m29.136949939s ago: executing program 4 (id=1041):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140), &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r6 = eventfd(0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000001880)=r6, 0x1)
rt_sigsuspend(&(0x7f0000000100), 0x8)

6m25.129055358s ago: executing program 4 (id=1049):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000001c40)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x121000, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000180)=""/105, 0x69)

6m19.594020369s ago: executing program 4 (id=1061):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'tunl0\x00', 0x0})

6m14.459817419s ago: executing program 4 (id=1072):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/route\x00')
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sysvipc/shm\x00', 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@bridge_dellink={0x44, 0x10, 0x401, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @remote}]}]}]}, 0x44}}, 0x0)
socket(0xa, 0x2, 0x0)
mount$9p_fd(0x20100000, 0x0, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000007700)={0x2020}, 0x2020)
socket$inet6_icmp(0xa, 0x2, 0x3a)
pread64(r0, &(0x7f0000004c40)=""/103, 0x67, 0x0)
socket(0x11, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
read$FUSE(r0, &(0x7f0000000a40)={0x2020}, 0x2020)

6m13.646159215s ago: executing program 43 (id=1072):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/route\x00')
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sysvipc/shm\x00', 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@bridge_dellink={0x44, 0x10, 0x401, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @remote}]}]}]}, 0x44}}, 0x0)
socket(0xa, 0x2, 0x0)
mount$9p_fd(0x20100000, 0x0, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r0, &(0x7f0000007700)={0x2020}, 0x2020)
socket$inet6_icmp(0xa, 0x2, 0x3a)
pread64(r0, &(0x7f0000004c40)=""/103, 0x67, 0x0)
socket(0x11, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x0)
read$FUSE(r0, &(0x7f0000000a40)={0x2020}, 0x2020)

6m9.27123712s ago: executing program 1 (id=1080):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x35, 0x4, 0x0, 0x0, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52ae}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @private, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000c50018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200000a000000b703000000000000850000002a000000bf090000000000004d090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000080095"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

6m6.973655173s ago: executing program 1 (id=1086):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r3, 0x100, 0x0)
getdents64(r3, &(0x7f00000000c0)=""/74, 0x4a)

6m5.929842175s ago: executing program 1 (id=1089):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=@allocspi={0xf8, 0x16, 0x0, 0x0, 0x0, {{{@in=@local, @in6=@mcast1}, {@in=@broadcast}, @in6=@loopback, {}, {0x0, 0x48a9, 0x0, 0x1}}, 0x0, 0x800000}}, 0xf8}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, r4, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)

6m4.773222555s ago: executing program 1 (id=1094):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000b00)=ANY=[], 0xe, 0x2b3, &(0x7f0000000200)="$eJzs3UFrI3UUAPA3yTQb9ZAgXhTBAT14KluvXhplBbEnJYJ60ODugiRhYRcCVjDbUz+BR7+HH8GLF7+B4FXw1iKVkcnMNAlN2lJjCvX3Oz3mP+/Nm/mH5JQ3X70+Hj58ksTRyW/RbifR2I/9OE2iG42oPY80AIC74zTP48/8JplpY/PdAADbUP7+l267FwBgOz757POPegcHDz7Osna82jme9JOIGB9P+uV673F8E6N4FPejE2cR+bky/uDDgweRZoVuvDWeTvpF5vjLX6r6vT8iZvl70Ynu6vy9rLSQP530d+LFyKL3eKdutROvrM5/Z0V+9Fvx9psL/e9GJ379Op7EKB5GkTvP/34vy97Pfzj57oviMkV+0oj+vdl5c3lzm/sCAAAAAAAAAAAAAAAAAAAAAMDdtptlSTm+Zza/pzhUzd9pns3Wd7Nad3k+T5mf1IXK+UB5VCN6pnn8WM7X+Su/n2VZXp04z0/jtdSLBQAAAAAAAAAAAAAAAAAAAKDw7NvD4WA0evR0I0E9DaD+W/8N6qQxHIz2F468EYfDQXNdweR8AME1LrE4baDodd3JUQSRprGhx3JV8ELRTxHE8yrYROV78839NMqg3piN3sXL75VFD4eDrFqqH/JwkFx1rXa9cT8tLrXi3zaWzz4SZ/nSUrTPW13Oam3oabReWrn0d57n16vz7u/lHlVHktmIjetdfaf+9K66wSJoX9yLn9cXXPuV0dzE9w4AAAAAAAAAAAAAAAAAAHDR/E+/KxaPLk1t/GdNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWzd//XwftiFg+ciGYVsmXnVMFrXj67JZvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BfwIAAP//j89OGA==")
openat(0xffffffffffffff9c, 0x0, 0x1a3842, 0x47)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)

5m59.829714637s ago: executing program 1 (id=1101):
syz_emit_ethernet(0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0806450000280000000000069078ac1414", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="726ff032fbc50104b0f718228e63ed8f17bb4616432fbebb9acd1f944f85ebbc5cf625cfa07523154ed7a6644b5f1fb809f1b3d418547eb67f5d4880f325739492ede87413e52039b415c5d9b9e35eca5fa54d0d62d5c86e7c1e183269000f442ba9b568573b17d1925f2cf6136213c5eb353037c56bff5deb80d0bbfa791503b9bbe1f951e83fc9f7ef7654bd75c8145f2bf7423b999ca9dd7fc7114b1e28f907"], 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth0_to_hsr\x00', 0x0})
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='contention_end\x00'}, 0x18)
r1 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f00000000c0)={0x1, 0x2})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000140)={0x1, 0x1})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x84, &(0x7f0000000040)={0x0, @in={{0xa, 0x0, @local}}, 0xffff}, 0x90)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000000c0)={'wg1\x00'})
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x8241)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@cgroup=r3, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

5m58.407925991s ago: executing program 1 (id=1104):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
shutdown(r0, 0x1)

5m55.843970153s ago: executing program 44 (id=1104):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
shutdown(r0, 0x1)

5m26.505374623s ago: executing program 5 (id=1166):
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
socket(0x15, 0x5, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r2], 0x4}}, 0x0)
sendfile(r4, r3, 0x0, 0x100000002)

5m25.963945009s ago: executing program 5 (id=1168):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x6d89}, &(0x7f0000000440)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x30, 0x2, r7, 0x0, 0x0, 0x0, 0x40, 0x1, {0x1}})
io_uring_enter(r4, 0x8aa, 0x0, 0x0, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

5m23.315878065s ago: executing program 5 (id=1172):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x0, 0x77f, &(0x7f0000000d00)="$eJzs3c1rXFUbAPDnTpKmSfu+iSJoXQUEDZROTI2tgouKCxEsFHRtGybTUDPJlMykNCFQiwhuBBUXgm669qPu3Pqx1f/ChbRUTYsVFxK5kzvtpJlJJ2kmU8zvB7d9zv3IOc+c+3Fm7mUmgD1rJP0nF3EoIj5MIoay+UlE9NWi3ogTa+vdXlkupFMSq6tv/J7U1rm1slyIhm1SB7LCExHxw3sRh3Mb660sLs1MlkrF+aw8Vp09P1ZZXDpybnZyujhdnDs2PjFx9Pjzx4/tXKJ//rx08PpHrz7z9Ym/33386gc/JnEiDmaLG/PYKSMxkr0mfelLuM4rO11ZlyXdbgDbkh6aPWtHeRyKoeipRQDAf9mliFgFAPaYxPUfAPaY+ucAt1aWC/Wpu59I7K4bL0fE/rX86/c315b0Zvfs9tfugw7eStbdGUkiYngH6h+JiM+/fevLdIoO3YcEaOadyxFxZnhk4/k/2fDMwlY928Y6I/eUnf9g93yXjn9eaDb+y90Z/0ST8U9/k2N3O+5//Oeu7UA1LaXjv5canm273ZB/ZrgnK/2vNubrS86eKxXTc9v/I2I0+vrT8vgmdYze/Odmq2WN478/Pn77i7T+9P+7a+Su9fav32Zqsjr5IDk3unE54sneZvknd/o/aTH+PdVmHa+9+P5nWfjovcvS/NN869PG/GNg28m1YfVKxNNN+//uE23Jps8njtV2h7H6TtHEN798Otiq/sb+T6e0/vp7gd2Q9v/g5vkPJ43Pa1a2XsdPV4a+b7Xs/vk33//3JW/W4n3ZvIuT1er8eMS+5PWN84/WwoGG8kBk66f5jz7V/PjfbP9P3xOeaTP/3uu/fbX9/DsrzX9qS/2/9eDq7ZmeVvW31/8TtWg0m9PO+a/dBj7IawcAAAAAAAAAAAAAAAAAAAAAAAAA7cpFxMFIcvk7cS6Xz6/9hvdjMZgrlSvVw2fLC3NTUfut7OHoy9W/6nKo4ftQx7Pvw6+Xj95Tfi4iHomIT/oHauV8oVya6nbyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJA50OL3/1O/9ne7dQBAx+zvdgMAgF23/et/z462AwDYPd7/A8De4/oPAHuP6z8A7D2u/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTYqZMn02n1r5XlQlqeurC4MFO+cGSqWJnJzy4U8oXy/Pn8dLk8XSrmC+XZu1v2Nf17pXL5/ETMLVwcqxYr1bHK4tLp2fLCXPX0udnJ6eLp4vqtBjqcHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0p7K4NDNZKhXnOxfkouNVCDoepDvLQ9AMwW4FaYdf6vbpCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCh928AAAD//wuwKAw=")
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x3a, 0x40, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f6400940005002892", 0x43}, {&(0x7f00000003c0)="f38d1f8ae9d1061afd8ab46a0363a49448d9e53c19", 0x15}], 0x2)
r3 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_int(r3, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)

5m20.699443422s ago: executing program 5 (id=1176):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000001c40)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x121000, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000180)=""/105, 0x69)

5m18.983283301s ago: executing program 5 (id=1183):
creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000200), 0x129082, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040))
write$binfmt_elf32(r3, 0x0, 0x4cd)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000100))
write$dsp(r3, &(0x7f0000000300)="755a5398d512d39077459e67ee110daaf0413bc3deef85b89f2141d512b2c14020e625b0d98e6f09000000ac3c22dbfdebb1ab51524cf9df6f80884a8ab6dfa96eb977c4c1165db5a2034aff8a1bce0b5e3928d4aa605c76fe83be50a4b0ba64896d0020fe6d7b0100000058b323da6238f784a6243e9e97f0f00fee7a3dffffffffffffffffa944c98d62397cf81a19b53f976eb6ba587421841544bdae0f86285b301419aba1b51462aac228d4c1dad4a65fcc65c3ab6ad98d12cf879d2f5465cfd6f919f33adc822c7041fba7a3b1e26c70bb5f3b85fe74e990a4165d1b397da252dee6d382e8b54f383c3f00ce3e370ce6065a9278d0a9", 0xf9)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

5m18.452090897s ago: executing program 5 (id=1187):
syz_open_dev$sndpcmp(0x0, 0xb, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x1104)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)

5m18.38049254s ago: executing program 45 (id=1187):
syz_open_dev$sndpcmp(0x0, 0xb, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x1104)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)

26.107180795s ago: executing program 7 (id=1776):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r4, &(0x7f0000000080)={'#! ', './file0', [{0x20, '\xebX\xce\xd0\xaaw\xf5\x80\xa3\b\xa1\xa3\xa2\xca.\t'}, {}]}, 0x1d)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

23.019412455s ago: executing program 7 (id=1781):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1a, 0x0, 0x0, 0x0, 0x1004, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000200)={'team0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0xb, 0x0, 0x20, 0x37, r0, 0x9, '\x00', r2, 0xffffffffffffffff, 0x5, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x48)
syz_io_uring_setup(0x4072, &(0x7f0000000080), &(0x7f0000001280), 0x0)
madvise(&(0x7f0000000000/0x4000)=nil, 0xffffffdfffffffff, 0x11)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000003840))
fallocate(r4, 0x0, 0x0, 0x58)
shutdown(r3, 0x1)
socket$can_bcm(0x1d, 0x2, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r6, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @remote}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000003c0), r6}}, 0x18)

20.456186115s ago: executing program 7 (id=1787):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0xffffffffffffffb6)

19.695841207s ago: executing program 7 (id=1789):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r3, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)

17.863559019s ago: executing program 7 (id=1793):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000870a000000000000637e00000000000095000000d3031a00"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x118, &(0x7f0000000140)=""/250, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9e70617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
clock_adjtime(0xa, &(0x7f0000000000))
r0 = epoll_create1(0x0)
r1 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
ioctl$TFD_IOC_SET_TICKS(r1, 0x40085400, &(0x7f00000002c0)=0xc6c)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000080)={0x100000001})
ppoll(&(0x7f0000000180)=[{r0}], 0x1, &(0x7f0000000200), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000008500000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(r2, 0x5406, &(0x7f0000000200)={0xffff, 0x0, 0x0, 0x800a, 0x0, "5f7300fbffffff00"})
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000006c0)=0x16)
ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000040))

13.779877858s ago: executing program 7 (id=1800):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1527bad77b813b44c5320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce43a51814d714aae6a09e878e1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084275ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c88dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839f40ac968165c40a0d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b70e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f080000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_open_dev$ttys(0xc, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000800000000000000000000000000000002"])
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r4, 0x1, 0x2, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)

13.117614276s ago: executing program 46 (id=1800):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1527bad77b813b44c5320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce43a51814d714aae6a09e878e1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084275ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c88dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839f40ac968165c40a0d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b70e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f080000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_open_dev$ttys(0xc, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000800000000000000000000000000000002"])
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r4, 0x1, 0x2, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)

13.073637541s ago: executing program 2 (id=1802):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f0000000040)=0xba, &(0x7f0000000240)=0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000600), 0x0, 0x5e7, &(0x7f0000000c00)="$eJzs3c1vFVUbAPBnbj9oKe/bQoyKC2liDCRKSwsYYlzA1pAGP+LGjZUWRAo0tEaLJpQENybGjTEmrlyI/4US2bLSlQs3rgwJUUNcmXjN3DtTetvpJ+0dZH6/5HLnnHOn5wy3T+fMuefMDaCyBtN/ahF7I2I6iehP5hfKOiMrHGy+7t6fH51OH0nU66/9nkSS5eWvT7Lnvmznnoj48Yck9nQsr3dm7sr58ampyctZenj2wvTwzNyVg+cujJ+dPDt5cfSF0WNHjxw9NnJoU8d1tSDv5PV33+//ZOzNb776Oxn59pexJI7Hy9kLFx/HVhmMwcb/SbK8qO/YVldWko7s92TxW5x0ltggNiR//7oi4onoj464/+b1x8evlNo4YFvVk4g6UFGJ+IeKyvsB+bX90uvgWim9EqAd7p5oDgAsj//O5thg9DTGBnbeS2LxsE4SEZsbmWu1KyJu3xq7fubW2PXYpnE4oNj8tYh4sij+k0b8D0RPDDTiv9YS/2m/4FT2nOa/usn6lw4Vi39on2b896wa/7FC/L+VPl9txvDbm6x/8P7mO70t8d+72UMCAAAAAACAyrp5IiKeL/r8v7Yw/ycan//91bJfX0Qc34L6B5ekl3/+X7uzBdUABe6eiHipcP5vLZ/9O9CRbf2vMR+gKzlzbmryUET8PyIORNeOND2ySh0HP93z5Uplg9n8v/yR1n87mwuYteNO547WfSbGZ8cf9LiBiLvXIp4qnP+bLJz/k4L5v+nfg+l11rHn2RunVipbO/6B7VL/OmJ/4fn//l0rktXvzzHc6A8M572C5Z7+8LPvVqp/s/HvFhPw4NLz/87V438gWXy/npmN13F4rrNekN0I4c32/7uT1xu3nOnO8j4Yn529PBLRnZzsSHNb8kc33mZ4FOXxkMdLGv8Hnll9/K+o/98bEfNLfnbyR+ua4tzj//T9ulJ79P+hPGn8T2zo/L/xjdEbA9+vVP/6zv9HGuf6A1mO8T9o+iIP0+7W/IJw7Cwqand7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBRUIuIXZHUhha2a7U00RcRj8XO2tSlmdnnzlx67+JEWtb4/v9a/k2//c10kn///8Ci9OiS9OGI2B0Rn3f0NtJDpy9NTZR98AAAAAAAAAAAAAAAAAAAAPCQ6CtY/z801Cz7raPs1gHbrrPsBgClKYj/n8poB9B+zv9QXeIfqkv8Q3WJf6gu8Q/VJf6husQ/VJf4BwAAAACAR8rufTd/TiJi/sXexiPVnZV1ldoyYLvVym4AUBq3+IHqMvUHqss1PpCsUd6z4k5r7bma6dMPsDMAAAAAAAAAAAAAVM7+vdb/Q1VZ/w/VZf0/VFe+/n9fye0A2s81PhBrrOQvXP+/5l4AAAAAAAAAAAAAwFaambtyfnxqavKyjTcejma0c6Ner19Nfwselvb8xzfyqfDtr7071vHifK3f+n5yeX+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVv8GAAD///5GJUU=")
quotactl_fd$Q_GETQUOTA(r6, 0xffffffff80000701, 0x0, 0x0)

11.706123048s ago: executing program 2 (id=1805):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xff, 0xfffffffffffffffc}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000000c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0xc})
socket$igmp6(0xa, 0x3, 0x2)

11.463378773s ago: executing program 8 (id=1807):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f00000004c0)=0x37)

10.855904914s ago: executing program 9 (id=1808):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000500), 0x0}, 0x20)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640), 0x0, &(0x7f0000000a40)=ANY=[@ANYRES32, @ANYBLOB], 0x30, 0x40400d1}}], 0x1, 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230310000700600000"])
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x1, 0x2ffffffff}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000080), 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x40860)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e0003000f000000028000001294", 0x2e}], 0x1}, 0x0)

10.854632455s ago: executing program 0 (id=1809):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x28, 0x0, 0x0, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}]}]}, 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000240)={0x20, 0x4})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

9.407445759s ago: executing program 8 (id=1810):
r0 = open(0x0, 0x68042, 0x62)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_route(r1, 0x0, 0x40000c0)
r2 = open(0x0, 0x185102, 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
write$dsp(r0, 0x0, 0x0)
ftruncate(r2, 0x2007ffb)
sendfile(r0, r2, 0x0, 0x1000000201005)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x19)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
prctl$PR_SET_THP_DISABLE(0x29, 0x1)
writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
open(0x0, 0x14927e, 0x0)

9.406713183s ago: executing program 0 (id=1811):
prlimit64(0x0, 0xe, &(0x7f0000000940)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)
recvmsg$kcm(r4, &(0x7f0000002940)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xfc}}, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
socket$inet6(0xa, 0x3, 0x1)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r5, &(0x7f00000002c0), 0x0)
ioctl$VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000080)={0xf0f046})

8.82375544s ago: executing program 2 (id=1812):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
r0 = memfd_create(0x0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000080), 0x6)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
prctl$PR_MCE_KILL(0x35, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x0, 0x80, 0x0, 0x0, {{0xc, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @multicast2, {[@noop, @timestamp={0x44, 0x18, 0x68, 0x0, 0x0, [0x2fb2db9b, 0x8, 0x2, 0x0, 0x8]}, @noop]}}}}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="fbff68000000faffff28000000240000"], 0xc}, 0x0)
bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfd, 0x80000}, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000040)=0x13, 0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0xfffffffffffffe90}}, 0x10040)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x1})
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r4, 0xc0585609, &(0x7f0000000040)={0x0, 0xa})

8.767980035s ago: executing program 9 (id=1813):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

8.694808767s ago: executing program 9 (id=1814):
syz_open_dev$media(&(0x7f0000001540), 0x7, 0x200)
r0 = socket$inet6(0xa, 0x6, 0x0)
listen(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$inet6_dccp(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000400)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x62)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e21, 0xd, @loopback, 0x200}, 0x1c)

7.630446106s ago: executing program 0 (id=1815):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ptrace$pokeuser(0x6, r0, 0x28a, 0x8000000000000000)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_print_times', 0x40901, 0x0)
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000cab000)=0xc)
write$FUSE_DIRENT(r3, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x10)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/run\x00', 0x2, 0x0)
sendfile(r5, r5, 0x0, 0xffffffff)

6.718319493s ago: executing program 9 (id=1816):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x100}})
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000200)={0x0, 0x0, 0x9})
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000100)={0x0, 0x0})
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, 0x0, 0x0)

5.105359102s ago: executing program 0 (id=1817):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x23e, &(0x7f0000000580)="$eJzs3TFoJFUcBvBvZnc9c7fIqY0gqCAiGghnJ9icjcKBhCAiqBARsVESISbYJVY2FrFWSWUTxM5oKWmCjSJYRU0RG0GDhcFCi5XZSSSaFSWb7Ijz+8Hszuy+N/83zHxvthk2QGtdTXI9SSfJdJJekuJkg3vq5erR5sbUznwyGDz5UzFsV2/XfY77XUmyluThJNtlkZe7ycrWs/u/7D5+/1vLvfve33pmauIHmuRgf++Jw/dm3/zoxkMrX3z1w2yR6+n/6bjOXzHis26R3HYRxf4jim7TI+DfmHv9w6+r3N+e5N5h/nspU5+89aWbtnt58N2/6/v2j1/eOcmxAudvMOhV98C1AdA6ZZJ+inImSb1eljMz9W/4bzqXy1cWl16bfmlxeeHFpmcq4Lz0k73HPrn08ZW/5P/7Tp1/4P+ryv9Tc5vfVuuHnaZHA0xSlf/p51cfiPxD68g/tJf8Q3vJP7SX/EN7yT+0l/xDe501/+sXOCZgMtz/ob3kH9rrZP4BgHYZXGr6CWSgKU3PPwAAAAAAAAAAAAAAAAAAwGkbUzvzx8ukan72TnLwaJLuqPqd4f8RJzcPXy//XFTN/lDU3cby3N1j7mBMHzT89PUt3zVb//O7mq2/upCsvZHkWrd7+vorjq6/s7v1H77vvTBmgTE98nSz9X/bbLb+jd3k02r+uTZq/ilzx/B99PzTr87fmPVf/XXMHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxvwcAAP//MVptug==")
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0xd8f3dccb89506ebe, 0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000440)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x4000000, 0x0, 0x7e}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@multicast, @remote, @val={@void}, {@ipv4={0x88a8, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @broadcast}, @timestamp={0xd, 0x0, 0x0, 0x800}}}}}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15)

5.100727758s ago: executing program 9 (id=1818):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2)
socket$kcm(0xa, 0x3, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_create(0x208000)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, 0x0, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000100)={0x400, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})

3.905334113s ago: executing program 8 (id=1819):
timer_settime(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000780)=""/115, 0x73)
getdents(r4, &(0x7f00000001c0)=""/59, 0x9c)

3.629003121s ago: executing program 0 (id=1820):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f00000004c0)=0x37)

3.551701348s ago: executing program 2 (id=1821):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
preadv(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/140, 0x8c}], 0x1, 0x0, 0x0)

2.745211248s ago: executing program 8 (id=1822):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000001240)=[@in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3b}}]}, &(0x7f0000000180)=0x10)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b00)=@newlink={0x3c, 0x10, 0x401, 0x70bd2c, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'ip6tnl0\x00'}, @IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_MPLS={0x4}]}]}, 0x3c}}, 0x0)

1.503790424s ago: executing program 8 (id=1823):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

1.501412129s ago: executing program 2 (id=1824):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x4d, 0x0, &(0x7f0000000100))
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000940)=<r5=>0xffffffffffffffff)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0x7c80, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./file0\x00', &(0x7f00000000c0), 0x0, 0xfe37, 0x0)

23.42204ms ago: executing program 2 (id=1825):
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000d80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000480)="c13b292da99ed6d4da3b431e679c2a93569a8f8f772014ecf88beb2c742eb2094e0c1282fa25716d5af541996da720188065a77f788efc0045702d17b8d792053dbe81b24cd949acf814044f00faca6c90762b3090ef63176f3d911fcb2933e99dac1bc9aa5374f9ed6f0ee0bd9832e0e10c700f7cc683ddd00f6eabb5a310740993f5f1a753addd2e574555419e3c25ffa311d2b9cc16ca85d087e9641f50ca2778b94ec1368cc03852981af0758785fc74e4949604c5d83293f31ef249d42dbd653ebf972b1868e9444252a87e1351632c8ef048b5012d92ce29820e5f65f36e8a0b9173cf47d4587d2ba34ae3731110c1195cf5b8da6cef71178dac363dca7a8665034244e35d655a67d8183d742c42996bce470ae98b4acca6da077b5704f613fec2fa1ad05a98a2a3ba72b66a2538e20ece5aa382d6e2d8728dcb2206fba40aee37c4903af27508c1e31fa91b1ddfabd1b69414fed82d6ec8b1a69d264b4954d49d373f624e48186541cbe910157b62db2fc6d4708c3cf8138f18f2e9ec593a8cbaecc179ba0d4641154fcf86af8e45fab39c0703c162d7a48ffc31d0ffe7d951b92102121bfc9c42f4f8a99a64a743de4d417e5c94599676eb59ebd62d05e80a57812a6dd7947146bb0b81bcd34f6e3ca92bd0935ff67ec1f5a4c274ec159aff712db63396790781612033e023675b64a9e34ff566c9876adca931610ad2d73101d9bade6513534ce115321710f12fbcdc59340698f8bfb8224e027bb714d6a732dcbd0db19df9c1d84acc292b3cba2233d91763847fd6b307a6c466e0059421d29319b14cb01c8df4e41c94ad1a0fed8b08536be8af60a1fc95ee8add5808d97b546ae8d914708c304dd1307ce6d9e34cbd4c2c5bd93445da6f7df35e228ee4d5553842ca827d928036380a695201b90449e9c1bf2a3a5dfaece2d4c46e0ff7478ce5b4fbd56627a48ac69d61761209e2a8841982598dbc0d1d2c923711c20c89a0b6774903687634838ccbb73976f8861e04083ee6021dfc5e1cf6c5664560e4fdd8adc1b73bd40394e1e8738f266cb93d4481b86601f1e58171fd089b20aa25e0700f2db862a25b5131b65e7fb66cc7059f9311f806713f2aea5fd4752fee5307719cefdd3b1161a16154dfe4a3c6f0e7ddea9f7fc77ccf37afbf98b5474b950321ecbc02aa79fdeb1ad676a21ef0168a6e86a0bdc8aa3a2a22e70f347f1330d0ebb0d1421739b939091bcd76c4d721863ef633a6ba4b93aba5d52790e49cde678ea6c4fd7ceeb790d9a22c41315c3f79d70f24a2f50b5da23d34af7340387e9484db36c7ec1e7ca308ffb3703fc58c5b8abee1699e18ce42b112e7b64bb041210ad2629bbece87f72e420e99ecf2d35d1043b44217f78f266c7825f2c630e44897be168427176dcce5cb840b60f8fcec009910995bcbd03465e0cf4de1e08ebb505f7d55a9f5ea8e1cd5a44c796deba43c0469c32e4dfb47285ebc47890eedf2737627823fc17cc0e7bdaf43b2d91a239bd1936e9f30b524154d6979e414f4a61a7364a700299d0317d326f31af02fe4f987b5436d87232f4d25a84ed420cad169d399f30aaac06c4132d93ef05c6c64d684a890fb3987bcb5c130a41ef6b3de94ef932d67929560d5d011e2b21876f6ca13269ab084957cf7baa8c06303f0582a23c0412fe9ef7a37ea4ebe61cc40d1006c8b9768e9b46b2de557bc4abb1af74463d252f6ce659f722df8c19a976d8d4d66ac97e0993e05ea8d659d7ec2470ca0dac532d4972ec731d5ca26accb7acd0956e951e121044fa0aa399403a785e2a0fb6f76c1005696d2c756e256c38812d5d2b90b12b613162153e66758030ea21b8608d23a62d18712df98323f102cf2fbb25c2a9f3b2098b6ac23f5a397d7f3d15d88ce42a2c5960c89dc90e69d523827d3da6599e6ab0e00206e479e40d09ff4264018e5c8d955e6aca45fbb9c2669657bcca06549d5aacb15a7092d4364dd01c561e3a15ddae81095a5d36b0edd91c8336f5ba937c9451f6d86592e471b97e28715d014ae6fb0536e5cc7b17a8e5edecbe189eb69141261461fced1919c2b82d2afa2d02222bd86fb5b1c936b4258ed78098c9d8a790a759abedc5d78fffb3311632986982918a816ce96fabd3c1f1cc57dba3d323a6cfbe0490b5e2b60fea8401ed66f5ec40c4e541a795990030fa082650d8e8f4207a9ba7da29297e493e5386d77d999ad415930edd3592c601fe5d0c81fcac9893d0037d25f632458c4b0113684420d0705643bb884eda083d78de1f6e39a12d72b77dcd7bd707459a298a529845b8374c7e3a56ce8b48ae40da35eea6e66e10f01b4a2f32e6da98e99e08cfe0b62e209bc677b5859e24767ffaf943400145781f0357a0f89e75fb4f8052cdb6f85463ae1184661a1495d2c141e98ca825837debdd5fbbc30e87b4cf83278bfeb33acd655443a850f2b3df572af2b62abdb57dfd87eb69f7a124749d64781a5711f32ea4edb877c70f4d36ec90f59ac14ad1b1520d350d73299ea166642dc06aca42dac71574a9eabd79ffd616b34d887bf24c9f2f2a61164357487477373d45cdbf42eb534a17b1739002532f991cf4e11189e98cebecd6c96a03801faaa029db7f891ba13cb5d7f2adef1621b9a6318a6465ca8af9dcfbb2c728323d2fc58b7e3f0a9aaf2cebe2e81f9872e7551b03b3a6e9a961bca0cc5ebc32c0093ac3025d1376922e14cd5333e9a9b8a4b3cb69e47827bc0688b70fcf0b93b395c376376a2daee8d7a120bf5273a98dccce092745630543b02878dffe11afc213b5eb0b04b318cc469795b78cc0ee5b173fe1824350856a16bec43b3528f1bf738110f0408b640f06e24890a88f0d81209b6dc4ea8e9770abc62e0abb8106a5150242ac0c31dcb688e2f1888ac2849f5322465f216b83f0db87619703c73cb7f331bd6a8a9e2e150ed4dc2a4cf77cc74c07d0072e655ffa44ff27dd89038fc58435dbb55e73a3146af9d54c82ad2bf54c6776540cff1648d9b5dd7bcab8bdc9aa33970d2776b53aafcc916294b2f8224a63809e74725f752646f7050c5658d6c66e2c98ad4e8b0f3c7099d66f14ce211d05ccbfbef5b74695ab4ab3957975e4c9c82c1f9ab4e88dffc210f5e9d7491c81b531afd897a05656951d07b6a80dc3181f564edf8cbf837e16e6f4289c627a08026cd17915b3240675ca7c9215ba8c53e71097b073fc4bd1dc44626faba8eca8b6c11245c89a6766a7dae716a3de8de3fe4266294e3ca90511d032a08e42589ea1ba782f7a1dba0644b600103f8207b6ef110999eec0e84483d8544ad32e57bab96c6b10088ba60078dc8d4ec194d14f565ef1fa5d1a4db2bcc6372acff020bb2ef726871fc5b049786cfeeb240380231cd24096d7b62bbd73a08ae5ba8ec48ce7bc12ff7415e45500d2e4b9dd277f6977b94e5dc76da2cf4df87aa51eb9787fe3631daa373817fb1947533072a4edcbcd3f983f380168835b833d61749fa7ae6ff9b683f07f7377ccbdc3bd0209863c4730bfeed3324f733287f5175f1ae518332309f5c92611402ed345b05b5c6bb4cb14b9f4efb7e148d3d8fe663bde6f302f50f51fe82ff2d498dc137e035f4eb01eee3b4fe4a1721887573d5ab0219b5bed1597c93e81ecd17de1ce544040661e89bccf2b48466441abfc32c0fe8a99379871645a1f58e79708cf1d8d3c9291e8cba9acf6841792884919750c4c52b57cad2b498081ddc603d0b771b831650532fdcb035863d64ea34b00f7c16fb366a2796c03ac2ac891b31f1aa442226281f63a5236b11d8914b9313b2fec36a47377497ed7b3adb1a2a1f72b817e34d43dbe4b98b1815d4ba301d065c9f05c77f15532113c874580db1e50c75de61f3e39db457d212d393b1f40193f5286b53443e9cce5b5224e4858867a37945b7025e15344cbc05870d86281d9f5425a8e7c7971718ac3afac265d8c83976e77e", 0xb02}, {&(0x7f0000000140)="d9e7", 0x2}], 0x2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000019000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0xa, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.387732ms ago: executing program 8 (id=1826):
pipe2(&(0x7f0000000040), 0x0)
memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x10000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0xd, &(0x7f0000000140)={r0, 0x0, 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_mount_image$xfs(&(0x7f000000b840), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000380)={[{@grpquota}, {@filestreams}, {@logbufs={'logbufs', 0x3d, 0x3}}]}, 0x1, 0xb862, &(0x7f0000017140)="$eJzs3XtsnWUdwPGnXdu1kMEwdFwUGZMBA9nWbVAKwbUd6yiXymVgB0yorMCk4zIKblxLCAmoGMB4IWZRIl6jRHEQiYLTiHJxGGOA+AeRgDFgsuhfoMZQ8/acU9pDaehTnqeBfT7J+p73Pf29Oz3f87wnLKSnt+vszhDqQslQqPb869se++L6rsd//qV7dzx4x7MPlY62N5bvbi9vO8rbzjByspHDtaVDdV/f/nBtsVM79rx7NDXV7BXCxVXnaS1tbmipfN9wlfLh+ZX7a0d3az5f+jNqz+LLH9rX94UQ5o6ZrwkhLH3bD7qb6u1Y01V+TsKYbrPKd9e8dd/Itq70Z+XTIazcEd7x9TGjisc5t2vOxw+c6QfyftDbsaa7qn97uXNNeT22V6/B3VH16/yVBxbfXn4KR15vM5hwWno7uk4Lk6zjY/53wcLh0nWzPoTQEEKYHUJonOkevDc6OpcX79m1lf1y9sr6nzvR6+LwZa/8J4Qwr3gbL10vSu8FwPtLR+fyVROs/4bJ1n/bbdtfs/7h/a+7o3N5sdar1n/jZOt/Y9u650rrvr21NPXmzP4QAAAAAMCErtl6/eV9AwP9m91www03Rm/M9JUJSO2tRT/TjwQAAAAAAAAAAAB4t3L878Qz/TMCAAAAAAAAAAAAwAdFd0/Hrlk14w7NGrtz0M7+ke2KN3ov+95dwxsq2/Ldp05wynGf8z88PDzctmtl5bPYZ1d9XnZj9XBx/qG6N54s77ZXf/5g/cjR+nDRJRsH+pcWf9Wq+rCl2GkpzttVH+4udpYVO2vqw/eLneUjO01hR7Gz+OIrBzYUB06OfMY+WLp7hsKsccXCuFfD2P5D9Qt2VLaTnLJytrpQ7r/vvudsrrqvYuL+b52/450+l5z3xtT6L95S2U5yyret/wNeXfvLie575/6j5+/UP60Jrv/jGlVf96uu//MnOOXo/Lznn7ys6P/I43esLR+qezfX/zHnX1Xdf+Tko9f/4lQnVa7/xXvL6mk9Gbuh7p5bd022/ifvX1d5X68dMzt6ttNOeLat6L/Xou1/Lh+qn2L/kyZb/zXz33Y9YYq6e+4frlr/U+gfDpvglKNNvvbCKU8X/X/y5NrmMfdNpf/q6v5LBjddteSardcfvXFT36X9l/Zf0bp0xXHHtrSuaFkyckUofZ3ec7I7md76H/n8/7EzNSEsHJ1feOyb5xX95327q7d8qHGK/bsmXf8XjX+sjLGgNjQ0hC19g4ObW0pfK7vLSl9L3zZB/ym8/3/siPK3NZW3NSHsPzrful/z/kX/5lmrP1I+1DDF/msm7T80+vcSaZrrf0PVzLj+Q8/c/7Oi/4Ifnlv5N4Wpvv+fPFn/2m9Z/9PV3VP1Dz7vsaL/3+oWHR853u2//9LK0f9X+y48O3L8FP3TytH/ug8fMhg5fqr+aeXo37TixFsjx0/TP60c/Xec0PbdyPHT9U8rR/9vHHXMHyPHe/RPK0f/sw5teTVy/JP6p5Wj/98/tPX8yPEz9E8rR/8lB910Y+T4mfqnlaP/4JyrmyPHz9I/rRz9H6u9dlnk+Nn6p5Wj/2+O3vj7yPG1+qeVo/+eCza9FDl+jv5p5eh/xrK+OyPHz9U/rRz97zux/8HI8U/pn1aO/hce+PAlkeO9+qeVo/9Xm3/aETm+Tv+0cvTfWf/YEZHj5+mfVo7+dXs8unfk+Pn6p5Wj/w0Lv/PfyPEL9E8rR/+Hjrz/xcjx9fqnlaP/a8f/eHvk+Kf1TytH//nH/ODLkeMX6p9Wjv5XHfKnFyLHL9I/rRz9H1383L8ix/v0TytH/5c/8Zf7Isc/o39aOfof1fLi45HjF+ufVo7+az/664l+T9C7sUH/tHL037bPEwOR4/36p5Wj/+9qnqqPHL9E/7Ry9N97r50LIscv1T+tHP2fWnTQPyLHL9M/rRz9w2EH7Iwc36h/Wjn6n39s8wOR45/VP60c/e9t2+e2yPHL9U8rR/9d8+ZcFzk+oH9aOfofekDTmZHjm/RPK0f/W5rqj4scv0L/tHL0f6Sh5uDI8Sv1TytH/9ql3T+KHL9K/7Ry9H9m5elfiBy/Wv+0cvS/e0nHy5Hjm/VPK0f/dfNXPxE5fo3+aeXof9je62J/I/ug/mnl6P/PsH6/yPFr9U8rR//tc8+8OXL8Ov3TytH/poPPWRc5/rnnX982O+ifTI7+vzju9nsix7dY/2nl6L+59dZHIse36p9Wjv6LDr/rr5Hj1+ufVo7+Lx1x578jx2/QP60c/b85+ytzIsdv1D+tHP3PbbznyMjxm/RPK0f/OftvWxU5frP+aeXo/9v97tsQOX6L/gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHcncJfOhf//7xkz9iRlLZK9ZJclhUGD0mJNsu+yhrIWokK2pCgpa0RJlpKQdkuWyr7v+77v/o8xM2K8x1c9/H/K+/l8POa+73POdZ+5zud1Xdc5c3/ucw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDGW3X4iksMDAwZdWnXV91++eOHnbXPGsPPPn2/A885cc+LTh557eLjj7p58RfGMPDinS0+4rbBIxcZcsipxwwecWHwy+93wgkmGDTJwKD18lrttOb/sdrTj/5i8EsXB+098s9LJnrxb590nZMGBgYm/T/ur9aqw5YePmLwRv55qds4o24edf1LXw8Z+WeRtQYGFll9YKzbx5vvuZWHL/9mr8P/glWHLb3sGP0HRnV+sfuY+3erMbfzcfZYfdCbGu4Nsuqw4cuNaD22/Xj77fZ7cRsYGBhy+MDAkCMGBoYcOTAw5Kg3uwdvjGFLzLfEiGP+6Msjq+86+gVBOr4PevqTp454zhg68nliyNGjnwuA/y3DlphvybD/jzv69rT/3/rsLavY/+F/37LDlphv4GWv80deu+vof9/H/X/Rac+87s1bYwAAAODf9fx9Z5w9aq5v8MDAdANjzPe+aNTPBQaddM4ll7xpK/rfIcyTvfp3Jv7HjOg8/vHTDwxssfKbvSq8Cd4S89j8x/Tvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/2Jjmf+fdPTnncc5balRi8586UGbrjTm94+4bvz/52v9pnmrzv8PbDJoZMsRzTcZGBj41LAVVpptYGBgpU0PunSGgZduW2jEbYtMNs6oEwTM9uLHj43ljke/m/zFkzVM+NJ9nPTi/S/7whHjDBpjJV5m/Rf2PXbjVZ+Yf8zPs4z9cbx0fonzP37FwaPfyzJ4jIXGtq2Ovv/Rj2XMzqPWfbYR6z7XtptvNdc2O+w4xyabr7PRBhttsMWCc8+/0ALzLDj/PHNtuMlmG8w98uPYxmzkqSuWfD1jNu6YY3bfsJeP2ZiPbWxjNv1rj9mL97jxuZdPMXrMhvybY7bka4/Z9JuMXtfFhw6s/eLYjPgrlxo6sP2IC/OMN2ITGrXsVCOW/chkgwcGDvjXAx3x1XgvbYODdt3kDThvyajPw0Z9XiKet+S0sZ23ZGC9Me5n4ZGftj1r9HJjvs961NWv+7wliw7ffdYR++IY3///h//o+f9VvRYa9NJAjT5pyKhlRvb613kmRg/b4i87z8SC6Vwyb6RXre/0g1/artP6jnpf3KAxxv+13hc3MNuta58w8nEtvuDI73r+P46Sjx3L/Wv0glccOwZe+9gxzr++/Ne1G1w47ZjHjk+MfRVfsV+MHqPxxlhobMeOc58YsuuI+x+9zmM5diy3yag3Gv/r2DHir11y9LFjxLoPHzpwwIgL8464sPTQgeNGXJjvxQsTDJwz4sKc62252fojrljm1dvtbINe8QuPYbsdPsZ2+zrOj7PY+QMDi52THtfYhzNL2+24r7G++f3cA6/5fu5Z93p2xYGBgSlGPkuPeJAj1/0/kdZ3yGuvbzj/xMBrnX9iYOGFTljyDV7fl/azF7e1UaeLWmYs3/OK/WzSV+1nu43zsj3j9b6uWT8sP/LrqV66t1OOuGDX0WM0dIz7/b+eo0c/ltR/9Gu+lxt8+MCg1xqbpV/P2Ezy2mPzel+/zDbjyNsneI2xmWryKRccPTbj/ptjs/RYxublr4dfbtCuAxO8cmyGvPgaeKZRYzP89YzNxG/MdjNhWH7k1zO/dNVqzy8w8+ixCWMRn/9H3//wf3ds1n5pu5npxdtmGDww7rgD26+z7bZbzzPy4+iL8478+Nr74FKvZyzHf2PGcppRR53Brx6cl65a+KJFlvtP98Gl/t2xnH5g8Oh/c28y5s7yxvHzn276d9O/m/7d9O+mfzf9u+lfbCzz/9OP/rng7BfOdsmoH8YMPe+EVdZ/s9f3TfaWnv8f1fcV8//rr3LCeYMHXrrtNednRy7zXzk/u+DITzvNM3q5MecHR139uudnz9z/9NX/H83P/kdG76uv4+eGjv/d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/YmOZ/5979O8BPH/vtjeOmggduu6wqf/j91m9Rbyl5/9H9X3F/P85Uw9bd/DAS7e95vz/yGU65v+3vub23f+b5/9H76vm//k/6N9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+xcYy/7/46N8D2Oz5yx4Y/fsAFx+6xJZv9vq+yd6q8//+//9ejv/d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/YqPm/wfG+G8PP2O7iML8//+2sfRfXv+opf8K+kct/VfUP2rpv5L+UUv/lfWPWvqvon/U0v+z+kct/VfVP2rp/zn9o5b+q+kftfT/vP5RS//V9Y9a+q+hf9TSf039o5b+a+kftfRfW/+opf86+kct/dfVP2rpv57+UUv/9fWPWvpvoH/0yv5vgREaS/8N9Y9a9v+N9I9a+m+sf9TSfxP9o5b+X9A/aum/qf5RS//N9I9a+m+uf9TSfwv9o5b+W+oftfTfSv+opf8X9Y9a+m+tf9TSfxv9o5b+2+oftfT/kv5RS/8v6x+19N9O/6il//b6Ry39d9A/aum/o/5RS/+d9I9a+u+sf9TS/yv6Ry39v6p/1NJ/F/2jlv676h+19N9N/6il/9f0j1r6765/1NJ/D/2jlv5f1z9q6f8N/aOW/t/UP2rpv6f+UUv/vfSPWvrvrX/U0v9b+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v+AV/Wf4P/pav23aun/bft/1NL/QP2jlv7f0T9q6X+Q/lFL/+/qH7X0/57+UUv/g/WPWvofon/U0v/7+kct/X+gf9TS/1D9o5b+P9Q/aul/mP5RS/8f6R+19P+x/lFL/8P1j1r6H6F/1NL/SP2jlv5H6R+19D9a/6il/zH6Ry39f6J/1NL/WP2jlv7H6R+19P+p/lFL/+P1j1r6n6B/1NL/Z/pHLf1/rn/U0v9E/aOW/r/QP2rpf5L+UUv/X+oftfQ/Wf+opf8p+kct/U/VP2rpf5r+UUv/X+kftfT/tf5RS//T9Y9a+v9G/6il/xn6Ry39f6t/1NL/TP2jlv5n6R+19D9b/6il/+/0j1r6n6N/1NL/9/pHLf3/oH/U0v+P+kct/f+kf9TS/8/6Ry39/6J/1NL/r/pHLf3P1T9q6X+e/lFL//P1j1r6X6B/1NL/b/pHLf0v1D9q6X+R/lFL/4v1j1r6X6J/1NL/7/pHLf3/oX/U0v+f+kct/S/VP2rpf5n+UUv/y/WPWvpfoX/U0v9K/aOW/lfpH7X0v1r/qKX/NfpHLf2v1T9q6X+d/lFL/+v1j1r636B/1NL/Rv2jlv436R+19L9Z/6il/y36Ry39b9U/aul/m/5RS//b9Y9a+t+hf9TS/079o5b+d+kftfS/W/+opf89+kct/e/VP2rpf5/+UUv/+/WPWvo/oH/U0v9B/aOW/g/pH7X0f1j/qKX/I/pHLf0f1T9q6f+Y/lFL/8f1j1r6P6F/1NL/Sf2jlv5P6R+19H9a/6il/zP6Ry39n9U/aun/nP5RS//n9Y9a+r+gf1TSf9CA/lFL/0H6Ry39B+sftfQfR/+opf8Q/aOW/kP1j1r6j6t/1NJ/PP2jlv7j6x+19J9A/6il/4T6Ry39J9I/auk/sf5RS/+36R+19J9E/6il/9v1j1r6T6p/1NL/HfpHLf0n0z9q6f9O/aOW/u/SP2rpP7n+UUv/KfSPWvpPqX/U0n8q/aOW/lPrH7X0n0b/qKX/u/WPWvq/R/+opf+0+kct/afTP2rp/179o5b+0+sftfR/n/5RS/8Z9I9a+s+of9TSfyb9o5b+M+sftfSfRf+opf+s+kct/WfTP2rp/379o5b+H9A/auk/u/5RS/8P6h+19J9D/6il/5z6Ry3959I/auk/t/5RS/959I9a+s+rf9TSfz79o5b+8+sftfT/kP5RS/8F9I9a+i+of9TSfyH9o5b+C+sftfT/sP5RS/9F9I9a+n9E/6il/0f1j1r6L6p/1NJ/Mf2jlv6L6x+19B+mf9TSfwn9o5b+S+oftfRfSv+opf/H9I9a+g/XP2rpv7T+UUv/ZfSPWvovq3/U0v/j+kct/T+hf9TSfzn9o5b+n9Q/aun/Kf2jlv6f1j9q6f8Z/aOW/svrH7X0X0H/qKX/ivpHLf1X0j9q6b+y/lFL/1X0j1r6f1b/qKX/qvpHLf0/p3/U0n81/aOW/p/XP2rpv7r+UUv/NfSPWvqvqX/U0n8t/aOW/mvrH7X0X0f/qKX/uvpHLf3X0z9q6b++/lFL/w30j1r6b6h/1NJ/I/2jlv4b6x+19N9E/6il/xf0j1r6b6p/1NJ/M/2jlv6b6x+19N9C/6il/5b6Ry39t9I/aun/Rf2jlv5b6x+19N9G/6il/7b6Ry39v6R/1NL/y/pHLf230z9q6b+9/lFL/x30j1r676h/1NJ/J/2jlv476x+19P+K/lFL/6/qH7X030X/qKX/rvpHLf130z9q6f81/aOW/rvrH7X036Om/wsj7fL6lm7p//Wa/v+elv7f0D9q6f9N/aOW/nvqH7X030v/qKX/3vpHLf2/pX/U0n8f/aOW/vvqH7X030//qKX//vpHLf0P0D9q6f9t/aOW/gfqH7X0/47+UUv/g/SPWvp/V/+opf/39I9a+h+sf/TW7T/45dcOOkT/6K3b/5X7//f1j1r6/0D/qKX/ofpHLf1/qH/U0v8w/aOW/j/SP2rp/2P9o5b+h+sftfQ/Qv+opf+R+kct/Y/SP2rpf7T+UUv/Y/SPWvr/RP+opf+x+kct/Y/TP2rp/1P9o5b+x+sftfQ/Qf+opf/P9I9a+v9c/6il/4n6Ry39f6F/1NL/JP2jlv6/1D9q6X+y/lFL/1P0j1r6n6p/1NL/NP2jlv6/0j9q6f9r/aOW/qfrH7X0/43+UUv/M/SPWvr/Vv+opf+Z+kct/c/SP2rpf7b+UUv/3+kftfQ/R/+opf/v9Y9a+v9B/6il/x/1j1r6/0n/qKX/n/WPWvr/Rf+opf9f9Y9a+p+rf9TS/zz9o5b+5+sftfS/QP+opf/f9I9a+l+of9TS/yL9o5b+F+sftfS/RP+opf/f9Y9a+v9D/6il/z/1j1r6X6p/1NL/Mv2jlv6X6x+19L9C/6il/5X6Ry39r9I/aul/tf5RS/9r9I9a+l+rf9TS/zr9o5b+1+sftfS/Qf+opf+N+kct/W/SP2rpf7P+UUv/W/SPWvrfqn/U0v82/aOW/rfrH7X0v0P/qKX/nfpHLf3v0j9q6X+3/lFL/3v0j1r636t/1NL/Pv2jlv736x+19H9A/6il/4P6Ry39H9I/aun/sP5RS/9H9I9a+j+qf9TS/zH9o5b+j+sftfR/Qv+opf+T+kct/Z/SP2rp/7T+UUv/Z/SPWvo/q3/U0v85/aOW/s/rH7X0f0H/qKT/i1/q/2ot/QfpH7X0H6x/1NJ/HP2jlv5D9I9a+g/VP2rpP67+UUv/8fSPWvqPr3/U0n8C/aOW/hPqH7X0n0j/qKX/xPpHLf3fpn/U0n8S/aOW/m/XP2rpP6n+UUv/d+gftfSfTP+opf879Y9a+r9L/6il/+T6Ry39p9A/auk/pf5RS/+p9I9a+k+tf9TSfxr9o5b+79Y/aun/Hv2jlv7T6h+19J9O/6il/3v1j1r6T69/1NL/ffpHLf1n0D9q6T+j/lFL/5n0j1r6z6x/1NJ/Fv2jlv6z6h+19J9N/6il//v1j1r6f0D/qKX/7PpHLf0/qH/U0n8O/aOW/nPqH7X0n0v/qKX/3PpHLf3n0T9q6T+v/lFL//n0j1r6z69/1NL/Q/pHLf0X0D9q6b+g/lFL/4X0j1r6L9zef3C+uqX/h9v7j0VL/0X0j1r6f0T/qKX/R/WPWvovqn/U0n8x/aOW/ovrH7X0H6Z/1NJ/Cf2jlv5L6h+19F9K/6il/8f0j1r6D9c/aum/tP5RS/9l9I9a+i+rf9TS/+P6Ry39P6F/1NJ/Of2jlv6f1D9q6f8p/aOW/p/WP2rp/xn9o5b+y+sftfRfQf+opf+K+kct/VfSP2rpv7L+UUv/VfSPWvp/Vv+opf+q+kct/T+nf9TSfzX9o5b+n9c/aum/uv5RS/819I9a+q+pf9TSfy39o5b+a+sftfRfR/+opf+6+kct/dfTP2rpv77+UUv/DfSPWvpvqH/U0n8j/aOW/hvrH7X030T/qKX/F/SPWvpvqn/U0n8z/aOW/pvrH7X030L/qKX/lvpHLf230j9q6f9F/aOW/lvrH7X030b/qKX/tvpHLf2/pH/U0v/L+kct/bfTP2rpv73+UUv/HfSPWvrvqH/U0n8n/aOW/jvrH7X0/4r+UUv/r+oftfTfRf+opf+u+kct/XfTP2rp/zX9o5b+u+sftfTfQ/+opf/X9Y9a+n9D/6il/zf1j1r676l/1NJ/L/2jlv576x+19P+W/lFL/330j1r676t/1NJ/P/2jlv776x+19D9A/6il/7f1j1r6H6h/1NL/O/pHLf0P0j9q6f9d/aOW/t/TP2rpf7D+UUv/Q/SPWvp/X/+opf8P9I9a+h+qf9TS/4f6Ry39D9M/aun/I/2jlv4/1j9q6X+4/lFL/yP0j1r6H6l/1NL/KP2jlv5H6x+19D9G/6il/0/0j1r6H6t/1NL/OP2jlv4/1T9q6X+8/lFL/xP0j1r6/0z/qKX/z/WPWvqfqH/U0v8X+kct/U/SP2rp/0v9o5b+J+sftfQ/Rf+opf+p+kct/U/TP2rp/yv9o5b+v9Y/aul/uv5RS//f6B+19D9D/6il/2/1j1r6n6l/1NL/LP2jlv5n6x+19P+d/lFL/3P0j1r6/17/qKX/H/SPWvr/Uf+opf+f9I9a+v9Z/6il/1/0j1r6/1X/qKX/ufpHLf3P0z9q6X++/lFL/wv0j1r6/03/qKX/hfpHLf0v0j9q6X+x/lFL/0v0j1r6/13/qKX/P/SPWvr/U/+opf+l+kct/S/TP2rpf7n+UUv/K/SPWvpfqX/U0v8q/aOW/lfrH7X0v0b/qKX/tfpHLf2v0z9q6X+9/lFL/xv0j1r636h/1NL/Jv2jlv436x+19L9F/6il/636Ry39b9M/aul/u/5RS/879I9a+t+pf9TS/y79o5b+d+sftfS/R/+opf+9+kct/e/TP2rpf7/+UUv/B/SPWvo/qH/U0v8h/aOW/g/rH7X0f0T/qKX/o/pHLf0f0z9q6f+4/lFL/yf0j1r6P6l/1NL/Kf2jlv5P6x+19H9G/6il/7P6Ry39n9M/aun/vP5RS/8X9I9K+o8zoH/U0n+Q/lFL/8H6Ry39x9E/auk/RP+opf9Q/aOW/uPqH7X0H0//qKX/+PpHLf0n0D9q6T+h/lFL/4n0j1r6T6x/1NL/bfpHLf0n0T9q6f92/aOW/pPqH7X0f4f+UUv/yfSPWvq/U/+opf+79I9a+k+uf9TSfwr9o5b+U+oftfSfSv+opf/U+kct/afRP2rp/279o5b+79E/auk/rf5RS//p9I9a+r9X/6il//T6Ry3936d/1NJ/Bv2jlv4z6h+19J9J/6il/8z6Ry39Z9E/auk/q/5RS//Z9I9a+r9f/6il/wf0j1r6z65/1NL/g/pHLf3n0D9q6T+n/lFL/7n0j1r6z61/1NJ/npH9x3uzVuu/VUv/ee3/UUv/+fSPWvrPr3/U0v9D+kct/RfQP2rpv6D+UUv/hfSPWvovrH/U0v/D+kct/RfRP2rp/xH9o5b+H9U/aum/qP5RS//F9I9a+i+uf9TSf5j+UUv/JfSPWvovqX/U0n8p/aOW/h/TP2rpP1z/qKX/0vpHLf2X0T9q6b+s/lFL/4/rH7X0/4T+UUv/5fSPWvp/Uv+opf+n9I9a+n9a/6il/2f0j1r6L69/1NJ/Bf2jlv4r6h+19F9J/6il/8r6Ry39V9E/aun/Wf2jlv6r6h+19P+c/lFL/9X0j1r6f17/qKX/6vpHLf3X0D9q6b+m/lFL/7X0j1r6r61/1NJ/Hf2jlv7r6h+19F9P/6il//r6Ry39N9A/aum/of5RS/+N9I9a+m+sf9TSfxP9o5b+X9A/aum/qf5RS//N9I9a+m+uf9TSfwv9o5b+W+oftfTfSv+opf8X9Y9a+m+tf9TSfxv9o5b+2+oftfT/kv5RS/8v6x+19N9O/6il//b6Ry39d9A/aum/o/5RS/+d9I9a+u+sf9TS/yv6Ry39v6p/1NJ/F/2jlv676h+19N9N/6il/9f0j1r6765/1NJ/D/2jlv5f1z9q6f8N/aOW/t/UP2rpv6f+UUv/vfSPWvrvrX/U0v9b+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v8A/aOW/t/WP2rpf6D+UUv/7+gftfQ/SP+opf939Y9a+n9P/6il/8H6Ry39D9E/aun/ff2jlv4/0D9q6X+o/lFL/x/qH7X0P0z/qKX/j/SPWvr/WP+opf/h+kct/Y/QP2rpf6T+UUv/o/SPWvofrX/U0v8Y/aOW/j/RP2rpf6z+UUv/4/SPWvr/VP+opf/x+kct/U/QP2rp/zP9o5b+P9c/aul/ov5RS/9f6B+19D9J/6il/y/1j1r6n6x/1NL/FP2jlv6n6h+19D9N/6il/6/0j1r6/1r/qKX/6fpHLf1/o3/U0v8M/aOW/r/VP2rpf6b+UUv/s/SPWvqfrX/U0v93+kct/c/RP2rp/3v9o5b+f9A/aun/R/2jlv5/0j9q6f9n/aOW/n/RP2rp/1f9o5b+5+oftfQ/T/+opf/5+r/KuEX9L9A/aun/N/2jlv4X6h+19L9I/6il/8X6Ry39L9E/aun/d/2jlv7/0D9q6f9P/aOW/pfqH7X0v0z/qKX/5fpHLf2v0D9q6X+l/lFL/6v0j1r6X61/1NL/Gv2jlv7X6h+19L9O/6il//X6Ry39b9A/aul/o/5RS/+b9I9a+t+sf9TS/xb9o5b+t+oftfS/Tf+opf/t+kct/e/QP2rpf6f+UUv/u/SPWvrfrX/U0v8e/aOW/vfqH7X0v0//qKX//fpHLf0f0D9q6f+g/lFL/4f0j1r6P6x/1NL/Ef2jlv6P6h+19H9M/6il/+P6Ry39n9A/aun/pP5RS/+n9I9a+j+tf9TS/xn9o5b+z+oftfR/Tv+opf/z+kct/V/QPyrpP2RA/6il/yD9o5b+g/WPWvqPo3/U0n+I/lFL/6H6Ry39x9U/auk/nv5RS//x9Y9a+k+gf9TSf0L9o5b+E+kftfSfWP+opf/b9I9a+k+if9TS/+36Ry39J9U/aun/Dv2jlv6T6R+19H+n/lFL/3fpH7X0n1z/qKX/FPpHLf2n1D9q6T+V/lFL/6n1j1r6T6N/1NL/3fpHLf3fo3/U0n9a/aOW/tPpH7X0f6/+UUv/6fWPWvq/T/+opf8M+kct/WfUP2rpP5P+UUv/mfWPWvrPon/U0n9W/aOW/rPpH7X0f7/+UUv/D+gftfSfXf+opf8H9Y9a+s+hf9TSf079o5b+c+kftfSfW/+opf88+kct/efVP2rpP5/+UUv/+fWPWvp/SP+opf8C+kct/RfUP2rpv5D+UUv/hfWPWvp/WP+opf8i+kct/T+if9TS/6P6Ry39F9U/aum/mP5RS//F9Y9a+g/TP2rpv4T+UUv/JfWPWvovpX/U0v9j+kct/YfrH7X0X1r/qKX/MvpHLf2X1T9q6f9x/aOW/p/QP2rpv5z+UUv/T+oftfT/lP5RS/9P6x+19P+M/lFL/+X1j1r6r6B/1NJ/Rf2jlv4r6R+19F9Z/6il/yr6Ry39P6t/1NJ/Vf2jlv6f0z9q6b+a/lFL/8/rH7X0X13/qKX/GvpHLf3X1D9q6b+W/lFL/7X1j1r6r6N/1NJ/Xf2jlv7r6R+19F9f/6il/wb6Ry39N9Q/aum/kf5RS/+N9Y9a+m+if9TS/wv6Ry39N9U/aum/mf5RS//N9Y9a+m+hf9TSf0v9o5b+W+kftfT/ov5RS/+t9Y9a+m+jf9TSf1v9o5b+X9I/aun/Zf2jlv7b6R+19N9e/6il/w76Ry39d9Q/aum/k/5RS/+d9Y9a+n9F/6il/1f1j1r676J/1NJ/V/2jlv676R+19P+a/lFL/931j1r676F/1NL/6/pHLf2/oX/U0v+b+kct/ffUP2rpv5f+UUv/vfWPWvp/S/+opf8++kct/ffVP2rpv5/+UUv//fWPWvofoH/U0v/b+kct/Q/UP2rp/x39o5b+B+kftfT/rv5RS//v6R+19D9Y/6il/yH6Ry39v69/1NL/B/pHLf0P1T9q6f9D/aOW/ofpH7X0/5H+UUv/H+sftfQ/XP+opf8R+kct/Y/UP2rpf5T+UUv/o/WPWvofo3/U0v8n+kct/Y/VP2rpf5z+UUv/n+oftfQ/Xv+opf8J+kct/X+mf9TS/+f6Ry39T9Q/aun/C/2jlv4n6R+19P+l/lFL/5P1j1r6n6J/1NL/VP2jlv6n6R+19P+V/lFL/1/rH7X0P13/qKX/b/SPWvqfoX/U0v+3+kct/c/UP2rpf5b+UUv/s/WPWvr/Tv+opf85+kct/X+vf9TS/w/6Ry39/6h/1NL/T/pHLf3/rH/U0v8v+kct/f+qf9TS/1z9o5b+5+kftfQ/X/+opf8F+kct/f+mf9TS/0L9o5b+F+kftfS/WP+opf8l+kct/f+uf9TS/x/6Ry39/6l/1NL/Uv2jlv6X6R+19L9c/6il/xX6Ry39r9Q/aul/lf5RS/+r9Y9a+l+jf9TS/1r9o5b+1+kftfS/Xv+opf8N+kct/W/UP2rpf5P+UUv/m/WPWvrfon/U0v9W/aOW/rfpH7X0v13/qKX/HfpHLf3v1D9q6X+X/lFL/7v1j1r636N/1NL/Xv2jlv736R+19L9f/6il/wP6Ry39H9Q/aun/kP5RS/+H9Y9a+j+if9TS/1H9o5b+j+kftfR/XP+opf8T+kct/Z/UP2rp/5T+UUv/p/WPWvo/o3/U0v9Z/aOW/s/pH7X0f17/qKX/C/pHJf2HDugftfQfpH/U0n+w/lFL/3H0j1r6D9E/auk/VP+opf+4+kct/cfTP2rpP77+UUv/CfSPWvpPqH/U0n8i/aOW/hPrH7X0f5v+UUv/SfSPWvq/Xf+opf+k+kct/d+hf9TSfzL9o5b+79Q/aun/Lv2jlv6T6x+19J9C/6il/5T6Ry39p9I/auk/tf5RS/9p9I9a+r9b/6il/3v0j1r6T6t/1NJ/Ov2jlv7v1T9q6T+9/lFL//fpH7X0n0H/qKX/jPpHLf1n0j9q6T+z/lFL/1n0j1r6z6p/1NJ/Nv2jlv7v1z9q6f8B/aOW/rPrH7X0/6D+UUv/OfSPWvrPqX/U0n8u/aOW/nPrH7X0n0f/qKX/vPpHLf3n0z9q6T+//lFL/w/pH7X0X0D/qKX/gvpHLf0X0j9q6b+w/lFL/w/rH7X0X0T/qKX/R/SPWvp/VP+opf+i+kct/RfTP2rpv7j+UUv/YfpHLf2X0D9q6b+k/lFL/6X0j1r6f0z/qKX/cP2jlv5L6x+19F9G/6il/7L6Ry39P65/1NL/E/pHLf2X0z9q6f9J/aOW/p/SP2rp/2n9o5b+n9E/aum/vP5RS/8V9I9a+q+of9TSfyX9o5b+K+sftfRfRf+opf9n9Y9a+q+qf9TS/3P6Ry39V9M/aun/ef2jlv6r6x+19F9D/6il/5r6Ry3919I/aum/tv5RS/919I9a+q+rf9TSfz39o5b+6+sftfTfQP+opf+G+kct/TfSP2rpv7H+UUv/TfSPWvp/Qf+opf+m+kct/TfTP2rpv7n+UUv/LfSPWvpvqX/U0n8r/aOW/l/UP2rpv7X+UUv/bfSPWvpvq3/U0v9L+kct/b+sf9TSfzv9o5b+2+sftfTfQf+opf+O+kct/XfSP2rpv7P+UUv/r+gftfT/qv5RS/9d9I9a+u+qf9TSfzf9o5b+X9M/aum/u/5RS/899I9a+n9d/6il/zf0j1r6f1P/qKX/nvpHLf330j9q6b+3/lFL/2/pH7X030f/qKX/vvpHLf330z9q6b+//lFL/wP0j1r6f1v/qKX/gfpHLf2/o3/U0v8g/aOW/t/VP2rp/z39o5b+B+sftfQ/RP+opf/39Y9a+v9A/6il/6H6Ry39f6h/1NL/MP2jlv4/0j9q6f9j/aOW/ofrH7X0P0L/qKX/kfpHLf2P0j9q6X+0/lFL/2P0j1r6/0T/qKX/sfpHLf2P0z9q6f9T/aOW/sfrH7X0P0H/qKX/z/SPWvr/XP+opf+J+kct/X+hf9TS/yT9o5b+v9Q/aul/sv5RS/9T9I9a+p+qf9TS/zT9o5b+v9I/aun/a/2jlv6n6x+19P+N/lFL/zP0j1r6/1b/qKX/mfpHLf3P0j9q6X+2/lFL/9/pH7X0P0f/qKX/7/WPWvr/Qf+opf8f9Y9a+v9J/6il/5/1j1r6/0X/qKX/X/WPWvqfq3/U0v88/aOW/ufrH7X0v0D/qKX/3/SPWvpfqH/U0v8i/aOW/hfrH7X0v0T/qKX/3/WPWvr/Q/+opf8/9Y9a+l+qf9TS/zL9o5b+l+sftfS/Qv+opf+V+kct/a/SP2rpf7X+UUv/a/SPWvpfq3/U0v86/aOW/tfrH7X0v0H/qKX/jfpHLf1v0j9q6X+z/lFL/1v0j1r636p/1NL/Nv2jlv636x+19L9D/6il/536Ry3979I/aul/t/5RS/979I9a+t+rf9TS/z79o5b+9+sftfR/QP+opf+D+kct/R/SP2rp/7D+UUv/R/SPWvo/qn/U0v8x/aOW/o/rH7X0f0L/qKX/k/pHLf2f0j9q6f+0/lFL/2f0j1r6P6t/1NL/Of2jlv7P6x+19H9B/6ik/7gD+kct/QfpH7X0H6x/1NJ/HP2jlv5D9I9a+g/VP2rpP67+UUv/8fSPWvqPr3/U0n8C/aOW/hPqH7X0n0j/qKX/xPpHLf3fpn/U0n8S/aOW/m/XP2rpP6n+UUv/d+gftfSfTP+opf879Y9a+r9L/6il/+T6Ry39p9A/auk/pf5RS/+p9I9a+k+tf9TSfxr9o5b+79Y/aun/Hv2jlv7T6h+19J9O/6il/3v1j1r6T69/1NL/ffpHLf1n0D9q6T+j/lFL/5n0j1r6z6x/1NJ/Fv2jlv6z6h+19J9N/6il//v1j1r6f0D/qKX/7PpHLf0/qH/U0n8O/aOW/nPqH7X0n0v/qKX/3PpHLf3n0T9q6T+v/lFL//n0j1r6z69/1NL/Q/pHLf0X0D9q6b+g/lFL/4X0j1r6L6x/1NL/w/pHLf0X0T9q6f8R/aOW/h/VP2rpv6j+UUv/xfSPWvovrn/U0n+Y/lFL/yX0j1r6L6l/1NJ/Kf2jlv4f0z9q6T9c/6il/9L6Ry39l9E/aum/rP5RS/+P6x+19P+E/lFL/+X0j1r6f1L/qKX/p/SPWvp/Wv+opf9n9I9a+i+vf9TSfwX9o5b+K+oftfRfSf+opf/K+kct/VfRP2rp/1n9o5b+q+oftfT/nP5RS//V9I9a+n9e/6il/+r6Ry3919A/aum/pv5RS/+19I9a+q+tf9TSfx39o5b+6+oftfRfT/+opf/6+kct/TfQP2rpv6H+UUv/jfSPWvpvrH/U0n8T/aOW/l/QP2rpv6n+UUv/zfSPWvpvrn/U0n8L/aOW/lvqH7X030r/qKX/F/WPWvpvrX/U0n8b/aOW/tvqH7X0/5L+UUv/L+sftfTfTv+opf/2+kct/XfQP2rpv6P+UUv/nfSPWvrvrH/U0v8r+kct/b+qf9TSfxf9o5b+u+oftfTfTf+opf/X9I9a+u+uf9TSfw/9o5b+X9c/aun/Df2jlv7f1D9q6b+n/lFL/730j1r6761/1NL/W/pHLf330T9q6b+v/lFL//30j1r6769/1NL/AP2jlv7f1j9q6X+g/lFL/+/oH7X0P0j/qKX/d/WPWvp/T/+opf/B+kct/Q/RP2rp/339o5b+P9A/aul/qP5RS/8f6h+19D9M/6il/4/0j1r6/1j/qKX/4fpHLf2P0D9q6X+k/lFL/6P0j1r6H61/1NL/GP2jlv4/0T9q6X+s/lFL/+P0j1r6/1T/qKX/8fpHLf1P0D9q6f8z/aOW/j/XP2rpf6L+UUv/X+gftfQ/Sf+opf8v9Y9a+p+sf9TS/xT9o5b+p+oftfQ/Tf+opf+v9I9a+v9a/6il/+n6Ry39f6N/1NL/DP2jlv6/1T9q6X+m/lFL/7P0j1r6n61/1NL/d/pHLf3P0T9q6f97/aOW/n/QP2rp/0f9o5b+f9I/aun/Z/2jlv5/0T9q6f9X/aOW/ufqH7X0P0//qKX/+fpHLf0v0D9q6f83/aOW/hfqH7X0v0j/qKX/xfpHLf0v0T9q6f93/aOW/v/QP2rp/0/9o5b+l+oftfS/TP+opf/l+kct/a/QP2rpf6X+UUv/q/SPWvpfrX/U0v8a/aOW/tfqH7X0v07/qKX/9fpHLf1v0D9q6X+j/lFL/5v0j1r636x/1NL/Fv2jlv636h+19L9N/6il/+36Ry3979A/aul/p/5RS/+79I9a+t+tf9TS/x79o5b+9+oftfS/T/+opf/9+kct/R/QP2rp/6D+UUv/h/SPWvo/rH/U0v8R/aOW/o/qH7X0f0z/qKX/4/pHLf2f0D9q6f+k/lFL/6f0j1r6P61/1NL/Gf2jlv7P6h+19H9O/6il//P6Ry39X9A/Kuk/3oD+UUv/QfpHLf0H6x+19B9H/6il/xD9o5b+Q/WPWvqPq3/U0n88/aOW/uPrH7X0n0D/qKX/hPpHLf0n0j9q6T+x/lFL/7fpH7X0n0T/qKX/2/WPWvpPqn/U0v8d+kct/SfTP2rp/079o5b+79I/auk/uf5RS/8p9I9a+k+pf9TSfyr9o5b+U+sftfSfRv+opf+79Y9a+r9H/6il/7T6Ry39p9M/aun/Xv2jlv7T6x+19H+f/lFL/xn0j1r6z6h/1NJ/Jv2jlv4z6x+19J9F/6il/6z6Ry39Z9M/aun/fv2jlv4f0D9q6T+7/lFL/w/qH7X0n0P/qKX/nPpHLf3n0j9q6T+3/lFL/3n0j1r6z6t/1NJ/Pv2jlv7z6x+19P+Q/lFL/wX0j1r6L6h/1NJ/If2jlv4L6x+19P+w/tFbuf/Leo+3iP7RW7n/y/f/j+gftfT/qP5RS/9F9Y9a+i+mf9TSf3H9o5b+w/SPWvovoX/U0n9J/aOW/kvpH7X0/5j+UUv/4fpHLf2X1j9q6b+M/lFL/2X1j1r6f1z/qKX/J/SPWvovp3/U0v+T+kct/T+lf9TS/9P6Ry39P6N/1NJ/ef2jlv4r6B+19F9R/6il/0r6Ry39V9Y/aum/iv5RS//P6h+19F9V/6il/+f0j1r6r6Z/1NL/8/pHLf1X1z9q6b+G/lFL/zX1j1r6r6V/1NJ/bf2jlv7r6B+19F9X/6il/3r6Ry3919c/aum/gf5RS/8N9Y9a+m+kf9TSf2P9o5b+m+gftfT/gv5RS/9N9Y9a+m+mf9TSf3P9o5b+W+gftfTfUv+opf9W+kct/b+of9TSf2v9o5b+2+gftfTfVv+opf+X9I9a+n9Z/6il/3b6Ry39t9c/aum/g/5RS/8d9Y9a+u+kf9TSf2f9o5b+X9E/aun/Vf2jlv676B+19N9V/6il/276Ry39v6Z/1NJ/d/2jlv576B+19P+6/lFL/2/oH7X0/6b+UUv/PfWPWvrvpX/U0n9v/aOW/t/SP2rpv4/+UUv/ffWPWvrvp3/U0n9//aOW/gfoH7X0/7b+UUv/A/WPWvp/R/+opf9B+kct/b+rf9TS/3v6Ry39D9Y/aul/iP5RS//v6x+19P+B/lFL/0P1j1r6/1D/qKX/YfpHLf1/pH/U0v/H+kct/Q/XP2rpf4T+UUv/I/WPWvofpX/U0v9o/aOW/sfoH7X0/4n+UUv/Y/WPWvofp3/U0v+n+kct/Y/XP2rpf4L+UUv/n+kftfT/uf5RS/8T9Y9a+v9C/6il/0n6Ry39f6l/1NL/ZP2jlv6n6B+19D9V/6il/2n6Ry39f6V/1NL/1/pHLf1P1z9q6f8b/aOW/mfoH7X0/63+UUv/M/WPWvqfpX/U0v9s/aOW/r/TP2rpf47+UUv/3+sftfT/g/5RS/8/6h+19P+T/lFL/z/rH7X0/4v+UUv/v+oftfQ/V/+opf95+kct/c/XP2rpf4H+UUv/v+kftfS/UP+opf9F+kct/S/WP2rpf4n+UUv/v+sftfT/h/5RS/9/6h+19L9U/6il/2X6Ry39L9c/aul/hf5RS/8r9Y9a+l+lf9TS/2r9o5b+1+gftfS/Vv+opf91+kct/a/XP2rpf4P+UUv/G/WPWvrfpH/U0v9m/aOW/rfoH7X0v1X/qKX/bfpHLf1v1z9q6X+H/lFL/zv1j1r636V/1NL/bv2jlv736B+19L9X/6il/336Ry3979c/aun/gP5RS/8H9Y9a+j+kf9TS/2H9o5b+j+gftfR/VP+opf9j+kct/R/XP2rp/4T+UUv/J/WPWvo/pX/U0v9p/aOW/s/oH7X0f1b/qKX/c/pHLf2f1z9q6f+C/lFJ//EH9I9a+g/SP2rpP1j/qKX/OPpHLf2H6B+19B+qf9TSf1z9o5b+4+kftfQfX/+opf8E+kct/SfUP2rpP5H+UUv/ifWPWvq/Tf+opf8k+kct/d+uf9TSf1L9o5b+79A/auk/mf5RS/936h+19H+X/lFL/8n1j1r6T6F/1NJ/Sv2jlv5T6R+19J9a/6il/zT6Ry39361/1NL/PfpHLf2n1T9q6T+d/lFL//fqH7X0n17/qKX/+/SPWvrPoH/U0n9G/aOW/jPpH7X0n1n/qKX/LPpHLf1n1T9q6T+b/lFL//frH7X0/4D+UUv/2fWPWvp/UP+opf8c+kct/efUP2rpP5f+UUv/ufWPWvrPo3/U0n9e/aOW/vPpH7X0n1//qKX/h/SPWvovoH/U0n9B/aOW/gvpH7X0X1j/qKX/h/WPWvovon/U0v8j+kct/T+qf9TSf1H9o5b+i+kftfRfXP+opf8w/aOW/kvoH7X0X1L/qKX/UvpHLf0/pn/U0n+4/lFL/6X1j1r6L6N/1NJ/Wf2jlv4f1z9q6f8J/aOW/svpH7X0/6T+UUv/T+kftfT/tP5RS//P6B+19F9e/6il/wr6Ry39V9Q/aum/kv5RS/+V9Y9a+q+if9TS/7P6Ry39V9U/aun/Of2jlv6r6R+19P+8/lFL/9X1j1r6r6F/1NJ/Tf2jlv5r6R+19F9b/6il/zr6Ry3919U/aum/nv5RS//19Y9a+m+gf9TSf0P9o5b+G+kftfTfWP+opf8m+kct/b+gf9TSf1P9o5b+m+kftfTfXP+opf8W+kct/bfUP2rpv5X+UUv/L+oftfTfWv+opf82+kct/bfVP2rp/yX9o5b+X9Y/aum/nf5RS//t9Y9a+u+gf9TSf0f9o5b+O+kftfTfWf+opf9X9I9a+n9V/6il/y76Ry39d9U/aum/m/5RS/+v6R+19N9d/6il/x76Ry39v65/1NL/G/pHLf2/qX/U0n9P/aOW/nvpH7X031v/qKX/t/SPWvrvo3/U0n9f/aOW/vvpH7X031//qKX/AfpHLf2/rX/U0v9A/aOW/t/RP2rpf5D+UUv/7+oftfT/nv5RS/+D9Y9a+h+if9TS//v6Ry39f6B/1NL/UP2jlv4/1D9q6X+Y/lFL/x/pH7X0/7H+UUv/w/WPWvofoX/U0v9I/aOW/kfpH7X0P1r/qKX/MfpHLf1/on/U0v9Y/aOW/sfpH7X0/6n+UUv/4/WPWvqfoH/U0v9n+kct/X+uf9TS/0T9o5b+v9A/aul/kv5RS/9f6h+19D9Z/6il/yn6Ry39T9U/aul/mv5RS/9f6R+19P+1/lFL/9P1j1r6/0b/qKX/GfpHLf1/q3/U0v9M/aOW/mfpH7X0P1v/qKX/7/SPWvqfo3/U0v/3+kct/f+gf9TS/4/6Ry39/6R/1NL/z/pHLf3/on/U0v+v+kct/c/VP2rpf57+UUv/8/WPWvpfoH/U0v9v+kct/S/UP2rpf5H+UUv/i/WPWvpfon/U0v/v+kct/f+hf9TS/5/6Ry39L9U/aul/mf5RS//L9Y9a+l+hf9TS/0r9o5b+V+kftfS/Wv+opf81+kct/a/VP2rpf53+UUv/6/WPWvrfoH/U0v9G/aOW/jfpH7X0v1n/qKX/LfpHLf1v1T9q6X+b/lFL/9v1j1r636F/1NL/Tv2jlv536R+19L9b/6il/z36Ry3979U/aul/n/5RS//79Y9a+j+gf9TS/0H9o5b+D+kftfR/WP+opf8j+kct/R/VP2rp/5j+UUv/x/WPWvo/oX/U0v9J/aOW/k/pH7X0f1r/qKX/M/pHLf2f1T9q6f+c/lFL/+f1j1r6v6B/VNJ/ggH9o5b+g/SPWvoP1j9q6T+O/lFL/yH6Ry39h+oftfQfV/+opf94+kct/cfXP2rpP4H+UUv/CfWPWvpPpH/U0n9i/aOW/m/TP2rpP4n+UUv/t+sftfSfVP+opf879I9a+k+mf9TS/536Ry3936V/1NJ/cv2jlv5T6B+19J9S/6il/1T6Ry39p9Y/auk/jf5RS/936x+19H+P/lFL/2n1j1r6T6d/1NL/vfpHLf2n1z9q6f8+/aOW/jPoH7X0n1H/qKX/TPpHLf1n1j9q6T+L/lFL/1n1j1r6z6Z/1NL//fpHLf0/oH/U0n92/aOW/h/UP2rpP4f+UUv/OfWPWvrPpX/0lusPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPx/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAxIAAAAAQf9ftyNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuCgAA//91NCn7")
rename(0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)

714.428µs ago: executing program 9 (id=1827):
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x7fff0000}]})
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsopen(&(0x7f0000000040)='gfs2meta\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000280), 0x2001, 0x0)
writev(r3, &(0x7f0000000180)=[{&(0x7f00000001c0)='j', 0x1}], 0x1)

0s ago: executing program 0 (id=1828):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
capset(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00'}, 0x2c)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r4, 0x4b3a, 0x1)
ioctl$TCXONC(r4, 0x4b3a, 0x2)
stat(&(0x7f00000009c0)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

5882] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  471.687756][ T5882] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.010895][ T5882] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  472.022341][ T5882] usb 10-1: invalid MIDI out EP 0
[  472.090158][T10721] loop2: detected capacity change from 0 to 512
[  473.395175][ T5882] snd-usb-audio 10-1:27.0: probe with driver snd-usb-audio failed with error -22
[  473.454476][T10721] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  473.468104][T10721] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  473.690959][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  473.690976][   T29] audit: type=1326 audit(1732168209.908:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10731 comm="syz.3.935" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff08fd7e819 code=0x0
[  474.322968][ T7401] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.689777][T10747] ebt_among: src integrity fail: 300
[  474.912140][ T5831] udevd[5831]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  475.342222][ T7486] usb 10-1: USB disconnect, device number 8
[  475.650973][T10759] loop1: detected capacity change from 0 to 1024
[  477.428964][T10774] QAT: failed to copy from user.
[  478.246386][T10774] loop4: detected capacity change from 0 to 4096
[  478.411061][T10778] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  479.947986][   T29] audit: type=1804 audit(1732168216.168:148): pid=10774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.943" name="/newroot/78/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  480.011085][   T29] audit: type=1804 audit(1732168216.168:149): pid=10774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.943" name="/newroot/78/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  480.092171][   T29] audit: type=1804 audit(1732168216.168:150): pid=10774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.943" name="/newroot/78/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  480.337355][T10806] loop1: detected capacity change from 0 to 64
[  481.690190][ T5882] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  481.840518][T10826] loop9: detected capacity change from 0 to 1024
[  481.849183][T10826] EXT4-fs: Ignoring removed orlov option
[  481.855244][T10826] EXT4-fs: Ignoring removed nomblk_io_submit option
[  481.883146][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.900189][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  481.923549][ T5882] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  481.945970][ T5882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.964398][T10826] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  481.986286][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  481.998773][ T5882] usb 5-1: config 0 descriptor??
[  481.998941][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  482.017105][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  482.026119][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  482.034940][ T5845] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  482.042452][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  482.652654][ T5882] usb 5-1: language id specifier not provided by device, defaulting to English
[  483.385351][T10855] loop2: detected capacity change from 0 to 128
[  483.602212][ T7281] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.414032][ T5839] Bluetooth: hci4: command tx timeout
[  484.563577][T10855] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  484.580680][ T5882] uclogic 0003:256C:006D.0004: v1 frame probing failed: -71
[  484.588156][T10855] ext4 filesystem being mounted at /139/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  484.621547][ T5882] uclogic 0003:256C:006D.0004: failed probing parameters: -71
[  484.629112][ T5882] uclogic 0003:256C:006D.0004: probe with driver uclogic failed with error -71
[  484.640694][ T5882] usb 5-1: USB disconnect, device number 5
[  484.795421][T10837] chnl_net:caif_netlink_parms(): no params data found
[  484.821318][T10875] loop4: detected capacity change from 0 to 512
[  484.847372][T10875] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.964: corrupted in-inode xattr: e_name out of bounds
[  484.863950][ T7401] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  484.875509][T10875] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.964: couldn't read orphan inode 15 (err -117)
[  485.127279][T10880] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  485.179619][T10875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.680764][T10875] EXT4-fs error (device loop4): ext4_add_entry:2444: inode #2: comm syz.4.964: Directory hole found for htree leaf block 0
[  485.705962][T10871] picdev_read: 60 callbacks suppressed
[  485.705984][T10871] kvm: pic: non byte read
[  485.794797][T10871] kvm: pic: non byte read
[  485.841065][T10871] kvm: pic: non byte read
[  485.845977][T10871] kvm: pic: non byte read
[  485.851613][T10871] kvm: pic: single mode not supported
[  485.851735][T10871] kvm: pic: non byte read
[  485.865397][T10871] kvm: pic: non byte read
[  486.060640][T10871] kvm: pic: non byte read
[  486.065508][T10871] pic_ioport_write: 60 callbacks suppressed
[  486.065521][T10871] kvm: pic: level sensitive irq not supported
[  486.087694][T10871] kvm: pic: non byte read
[  486.905340][ T5839] Bluetooth: hci4: command tx timeout
[  486.914078][T10871] kvm: pic: level sensitive irq not supported
[  486.914153][T10871] kvm: pic: non byte read
[  486.964329][ T8417] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.983609][T10871] kvm: pic: level sensitive irq not supported
[  486.983687][T10871] kvm: pic: non byte read
[  486.989095][T10837] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.002897][T10871] kvm: pic: level sensitive irq not supported
[  487.003104][T10871] kvm: pic: level sensitive irq not supported
[  487.009630][T10871] kvm: pic: level sensitive irq not supported
[  487.032715][T10871] kvm: pic: level sensitive irq not supported
[  487.039035][T10871] kvm: pic: level sensitive irq not supported
[  487.053899][T10871] kvm: pic: level sensitive irq not supported
[  487.079354][T10837] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.093071][T10837] bridge_slave_0: entered allmulticast mode
[  487.100371][T10837] bridge_slave_0: entered promiscuous mode
[  487.108577][T10837] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.115744][T10837] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.122989][T10837] bridge_slave_1: entered allmulticast mode
[  487.130002][T10837] bridge_slave_1: entered promiscuous mode
[  487.255149][T10837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  487.293553][T10837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  488.982633][ T5839] Bluetooth: hci4: command tx timeout
[  490.881484][T10837] team0: Port device team_slave_0 added
[  491.070959][ T5839] Bluetooth: hci4: command tx timeout
[  491.105722][T10837] team0: Port device team_slave_1 added
[  491.210605][T10930] loop1: detected capacity change from 0 to 128
[  491.223824][T10930] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  491.287282][T10930] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  491.758198][T10837] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.832685][T10837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.130253][T10837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  492.151970][T10837] batman_adv: batadv0: Adding interface: batadv_slave_1
[  492.158961][T10837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.198985][T10837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  492.333342][T10837] hsr_slave_0: entered promiscuous mode
[  492.340310][T10837] hsr_slave_1: entered promiscuous mode
[  492.346565][T10837] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  492.355446][T10837] Cannot create hsr debugfs directory
[  495.026091][ T8630] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  495.690318][  T764] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  495.850467][  T764] usb 10-1: Using ep0 maxpacket: 32
[  497.418736][T11007] netlink: 36 bytes leftover after parsing attributes in process `syz.4.986'.
[  497.472464][T11007] netlink: 16 bytes leftover after parsing attributes in process `syz.4.986'.
[  497.487979][  T764] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  497.499093][  T764] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  497.509012][  T764] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  497.518286][  T764] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.575764][  T764] usb 10-1: config 0 descriptor??
[  497.581136][T11007] netlink: 36 bytes leftover after parsing attributes in process `syz.4.986'.
[  497.591408][T11007] netlink: 36 bytes leftover after parsing attributes in process `syz.4.986'.
[  497.682031][T10837] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  497.701302][T10837] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  497.764703][T10837] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  497.863388][T10837] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  498.149005][  T764] lua 0003:1E7D:2C2E.0005: item fetching failed at offset 5/9
[  498.158381][  T764] lua 0003:1E7D:2C2E.0005: parse failed
[  498.175138][  T764] lua 0003:1E7D:2C2E.0005: probe with driver lua failed with error -22
[  498.256625][T10837] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.274741][   T29] audit: type=1800 audit(1732168234.488:151): pid=11022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.989" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  498.280358][    T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  498.365830][T10837] 8021q: adding VLAN 0 to HW filter on device team0
[  498.403534][ T6621] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.410713][ T6621] bridge0: port 1(bridge_slave_0) entered forwarding state
[  498.474328][ T6621] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.481541][ T6621] bridge0: port 2(bridge_slave_1) entered forwarding state
[  498.489176][    T9] usb 3-1: Using ep0 maxpacket: 8
[  498.522678][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.533766][    T9] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  498.560328][    T9] usb 3-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  498.579659][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.594911][    T9] usb 3-1: config 0 descriptor??
[  498.619229][    T9] usb 10-1: USB disconnect, device number 9
[  498.712288][T11040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.992'.
[  499.512001][T10837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  501.921516][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  503.833902][T10837] 8021q: adding VLAN 0 to HW filter on device batadv0
[  504.659157][   T25] usb 3-1: USB disconnect, device number 7
[  505.013872][T11074] loop9: detected capacity change from 0 to 4096
[  505.043761][T11074] ntfs3(loop9): Different NTFS sector size (2048) and media sector size (512).
[  506.857675][T11074] ntfs3(loop9): Failed to read $UpCase (-4).
[  507.365950][T10837] veth0_vlan: entered promiscuous mode
[  507.378282][T10837] veth1_vlan: entered promiscuous mode
[  508.272181][T11105] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  508.721869][T10837] veth0_macvtap: entered promiscuous mode
[  508.802754][T10837] veth1_macvtap: entered promiscuous mode
[  509.173112][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.183780][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.193732][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.204499][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.214551][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.225446][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.242297][T11118] Bluetooth: MGMT ver 1.23
[  509.248218][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.258805][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.268792][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  509.279406][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.294890][T10837] batman_adv: batadv0: Interface activated: batadv_slave_0
[  509.314355][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.325287][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.335656][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.346228][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.356207][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.366826][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.376853][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.387867][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.397883][T10837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  509.408495][T10837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  509.423373][T10837] batman_adv: batadv0: Interface activated: batadv_slave_1
[  509.445810][T10837] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  509.454739][T10837] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  509.463675][T10837] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  509.472564][T10837] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  509.726514][T11119] loop1: detected capacity change from 0 to 4096
[  509.737800][T11113] loop2: detected capacity change from 0 to 1024
[  509.786470][T11113] EXT4-fs (loop2): blocks per group (131072) and clusters per group (8192) inconsistent
[  509.921528][T11125] loop4: detected capacity change from 0 to 8
[  509.979404][T11113] loop2: detected capacity change from 0 to 256
[  509.988920][T11113] vfat: Unknown parameter 'shoru~ame'
[  511.082211][ T6172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  511.105128][   T72] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  511.350333][ T6172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  511.360219][ T5911] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  511.390118][   T72] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  512.943490][ T5911] usb 2-1: Using ep0 maxpacket: 16
[  513.175258][ T5911] usb 2-1: device descriptor read/all, error -71
[  517.680470][ T5883] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  518.000190][ T5883] usb 10-1: Using ep0 maxpacket: 16
[  518.108106][ T5883] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  519.325386][ T5883] usb 10-1: New USB device found, idVendor=056a, idProduct=0035, bcdDevice= 0.40
[  519.334963][ T5883] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  519.449968][T11211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1028'.
[  519.510594][ T5883] usb 10-1: Product: syz
[  519.617436][ T5883] usb 10-1: Manufacturer: syz
[  519.754566][ T5883] usb 10-1: SerialNumber: syz
[  520.165080][ T5883] usb 10-1: can't set config #1, error -71
[  520.180674][ T5883] usb 10-1: USB disconnect, device number 10
[  520.295090][T11241] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1035'.
[  520.415218][T11239] sp0: Synchronizing with TNC
[  520.549889][T11241] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1035'.
[  520.553452][T11247] sp0: Found TNC
[  520.752579][T11253] loop9: detected capacity change from 0 to 256
[  520.946068][T11253] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  521.387981][T11256] loop4: detected capacity change from 0 to 2048
[  521.465478][T11256] UDF-fs: warning (device loop4): udf_fill_super: No fileset found
[  521.508286][T11238] [U] è`
[  523.551781][T11278] usb usb8: usbfs: process 11278 (syz.1.1040) did not claim interface 0 before use
[  526.420678][T11301] loop4: detected capacity change from 0 to 1024
[  529.012813][T11301] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  529.544426][T11336] ALSA: seq fatal error: cannot create timer (-22)
[  532.004318][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  532.194196][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  532.263644][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  532.319503][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  532.340316][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  532.721213][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  533.149250][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  533.257668][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  533.280173][T11371] ipvlan2: entered promiscuous mode
[  533.287176][T11371] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  533.297589][T11371] team0: Device ipvlan2 is already an upper device of the team interface
[  533.316800][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  533.503299][ T8417] EXT4-fs error (device loop4): ext4_empty_dir:3094: inode #11: comm syz-executor: invalid size
[  536.049827][ T5911] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  536.242032][ T5911] usb 10-1: Using ep0 maxpacket: 8
[  536.266425][ T5911] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  536.282853][ T5911] usb 10-1: config 0 has no interfaces?
[  536.288797][ T5911] usb 10-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  536.332480][T11408] vivid-000: disconnect
[  536.370644][ T5911] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.881404][T11402] vivid-000: reconnect
[  536.942334][ T8417] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.984105][ T5911] usb 10-1: config 0 descriptor??
[  538.098290][ T5911] usb 10-1: USB disconnect, device number 11
[  539.329691][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  540.491098][ T5141] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  540.575210][   T29] audit: type=1326 audit(1732168276.738:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  540.795611][ T5141] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  540.877828][ T5141] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  540.896395][ T5141] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  540.911342][ T5141] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  541.394953][T11459] loop1: detected capacity change from 0 to 16
[  541.457594][T11459] erofs (device loop1): mounted with root inode @ nid 36.
[  542.316923][T11422] chnl_net:caif_netlink_parms(): no params data found
[  542.442519][   T29] audit: type=1326 audit(1732168278.668:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.498696][   T29] audit: type=1326 audit(1732168278.698:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.588065][   T29] audit: type=1326 audit(1732168278.698:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.611438][   T29] audit: type=1326 audit(1732168278.698:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.634004][   T29] audit: type=1326 audit(1732168278.698:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.656789][   T29] audit: type=1326 audit(1732168278.698:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.740280][   T29] audit: type=1326 audit(1732168278.698:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  542.817764][T11489] loop2: detected capacity change from 0 to 512
[  542.890825][T11490] loop7: detected capacity change from 0 to 8
[  542.900201][T11490] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  542.940716][T11490] cramfs: Error -5 while decompressing!
[  542.946693][T11490] cramfs: ffffffff9a4c8368(8)->ffff88805b982000(4096)
[  542.953649][T11490] cramfs: Error -3 while decompressing!
[  542.959258][T11490] cramfs: ffffffff9a4c8370(44)->ffff888056282000(4096)
[  542.966420][T11490] cramfs: Error -3 while decompressing!
[  542.972083][T11490] cramfs: ffffffff9a4c839c(16)->ffff888052d99000(4096)
[  542.979136][T11490] cramfs: Error -5 while decompressing!
[  542.984979][T11490] cramfs: ffffffff9a4c8368(8)->ffff88805b982000(4096)
[  543.047595][   T29] audit: type=1326 audit(1732168278.698:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  543.100565][ T5141] Bluetooth: hci1: command tx timeout
[  543.169590][T11489] EXT4-fs: journaled quota format not specified
[  543.394340][   T29] audit: type=1326 audit(1732168278.698:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.2.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f253b17e819 code=0x7fc00000
[  543.514282][T11422] bridge0: port 1(bridge_slave_0) entered blocking state
[  543.540430][T11422] bridge0: port 1(bridge_slave_0) entered disabled state
[  543.560292][T11422] bridge_slave_0: entered allmulticast mode
[  543.567322][T11422] bridge_slave_0: entered promiscuous mode
[  543.732240][T11494] loop7: detected capacity change from 0 to 1024
[  543.796707][T11422] bridge0: port 2(bridge_slave_1) entered blocking state
[  543.805678][T11422] bridge0: port 2(bridge_slave_1) entered disabled state
[  543.824289][T11494] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  544.270386][T11422] bridge_slave_1: entered allmulticast mode
[  544.290307][T11422] bridge_slave_1: entered promiscuous mode
[  544.706933][T11422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  544.794063][T10837] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.842864][T11422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  545.564018][ T5141] Bluetooth: hci1: command tx timeout
[  546.483698][T11422] team0: Port device team_slave_0 added
[  546.547409][T11422] team0: Port device team_slave_1 added
[  546.631532][T11528] loop2: detected capacity change from 0 to 1024
[  546.638563][T11528] EXT4-fs: Ignoring removed nomblk_io_submit option
[  546.645575][T11528] ext4: Unknown parameter 'mask'
[  546.656314][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  546.656331][   T29] audit: type=1800 audit(1732168282.878:180): pid=11524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1089" name="/" dev="9p" ino=2 res=0 errno=0
[  547.934140][ T5839] Bluetooth: hci1: command tx timeout
[  548.004944][T11529] loop9: detected capacity change from 0 to 2048
[  548.203424][T11544] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1095'.
[  548.337869][T11529] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  548.495550][T11422] batman_adv: batadv0: Adding interface: batadv_slave_0
[  548.596557][T11422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  548.922318][T11422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.911535][T11422] batman_adv: batadv0: Adding interface: batadv_slave_1
[  549.918516][T11422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.126455][T11422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  550.153577][ T5141] Bluetooth: hci1: command tx timeout
[  550.502479][ T7281] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.535798][T11422] hsr_slave_0: entered promiscuous mode
[  550.544569][T11422] hsr_slave_1: entered promiscuous mode
[  550.586838][T11422] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  550.599047][T11561] xt_l2tp: v2 doesn't support IP mode
[  550.632771][T11560] loop1: detected capacity change from 0 to 256
[  550.669618][T11422] Cannot create hsr debugfs directory
[  551.513512][ T8630] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  551.530847][T11570] loop7: detected capacity change from 0 to 512
[  551.551462][ T8630] FAT-fs (loop1): Filesystem has been set read-only
[  551.559113][ T8630] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  551.568385][T11570] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  551.580986][T11570] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  551.843796][T11565] loop9: detected capacity change from 0 to 8192
[  553.914315][T11587] syz.2.1112 (11587): drop_caches: 2
[  553.931290][T10837] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.058609][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  558.102983][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  558.112200][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  558.127936][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  558.136081][ T5839] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  558.143863][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  558.404809][T11422] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  559.091875][T11422] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  559.168473][T11642] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1117'.
[  559.173865][T11422] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  559.177709][T11642] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1117'.
[  559.272488][T11422] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  560.372771][T11422] 8021q: adding VLAN 0 to HW filter on device bond0
[  560.388125][T11422] 8021q: adding VLAN 0 to HW filter on device team0
[  560.418688][T11422] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  560.429582][T11422] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  560.445320][ T5839] Bluetooth: hci2: command tx timeout
[  560.455269][ T8327] bridge0: port 1(bridge_slave_0) entered blocking state
[  560.462506][ T8327] bridge0: port 1(bridge_slave_0) entered forwarding state
[  560.552308][ T8327] bridge0: port 2(bridge_slave_1) entered blocking state
[  560.559491][ T8327] bridge0: port 2(bridge_slave_1) entered forwarding state
[  560.945338][T11662] loop7: detected capacity change from 0 to 1024
[  561.640220][T11662] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  561.756047][T11662] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  561.767106][T11662] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  561.777105][T11662] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  561.813465][T11662] journal_load_superblock: Cannot read journal superblock
[  561.820792][T11662] EXT4-fs (loop7): Could not load journal inode
[  562.245576][T11422] 8021q: adding VLAN 0 to HW filter on device batadv0
[  562.296310][T11630] chnl_net:caif_netlink_parms(): no params data found
[  562.347148][T11672] syzkaller0: entered allmulticast mode
[  562.403274][T11675] loop7: detected capacity change from 0 to 1024
[  562.421178][T11675] hfsplus: Unknown parameter 'hugetlb.2MB.usage_in_bytes'
[  562.518507][ T5839] Bluetooth: hci2: command tx timeout
[  563.151270][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  563.772390][T11630] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.779895][T11630] bridge0: port 1(bridge_slave_0) entered disabled state
[  563.789229][T11630] bridge_slave_0: entered allmulticast mode
[  563.821567][T11630] bridge_slave_0: entered promiscuous mode
[  564.967026][ T5839] Bluetooth: hci2: command tx timeout
[  565.218025][T11630] bridge0: port 2(bridge_slave_1) entered blocking state
[  565.226112][T11630] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.241464][T11710] loop2: detected capacity change from 0 to 256
[  565.288835][T11630] bridge_slave_1: entered allmulticast mode
[  565.308655][T11630] bridge_slave_1: entered promiscuous mode
[  565.503870][T11630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  565.545432][T11721] loop7: detected capacity change from 0 to 256
[  565.552587][T11630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  565.625444][T11721] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  565.677997][T11717] loop2: detected capacity change from 0 to 512
[  565.707448][T11717] EXT4-fs: Ignoring removed i_version option
[  565.737390][T11717] journal_path: Non-blockdev passed as './file0'
[  565.774930][T11717] EXT4-fs: error: could not find journal device path
[  565.827873][T11630] team0: Port device team_slave_0 added
[  566.810884][T11630] team0: Port device team_slave_1 added
[  566.980679][ T5839] Bluetooth: hci2: command tx timeout
[  567.472594][T11630] batman_adv: batadv0: Adding interface: batadv_slave_0
[  567.499989][T11630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.549260][T11630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  567.598133][T11422] veth0_vlan: entered promiscuous mode
[  567.619403][T11630] batman_adv: batadv0: Adding interface: batadv_slave_1
[  567.628591][T11630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  567.655793][T11630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.476191][T11422] veth1_vlan: entered promiscuous mode
[  568.826709][T11741] loop9: detected capacity change from 0 to 2048
[  568.837714][T11741] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  568.963157][T11741] EXT4-fs (loop9): group descriptors corrupted!
[  569.159068][T11748] loop2: detected capacity change from 0 to 512
[  569.193417][T11630] hsr_slave_0: entered promiscuous mode
[  569.242548][T11630] hsr_slave_1: entered promiscuous mode
[  569.317083][T11630] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  569.360927][T11748] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  569.376778][T11748] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  569.431560][T11630] Cannot create hsr debugfs directory
[  569.620285][T11422] veth0_macvtap: entered promiscuous mode
[  569.640198][   T25] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  569.676856][T11422] veth1_macvtap: entered promiscuous mode
[  569.694811][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.705719][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.715909][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.726457][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.736386][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.747640][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.758117][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.768708][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.778773][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.789327][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.799279][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  569.809774][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.820925][T11422] batman_adv: batadv0: Interface activated: batadv_slave_0
[  569.903970][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  569.920553][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.928234][T11765] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  569.945305][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  569.975695][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  569.991787][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.993998][T11763] picdev_read: 5 callbacks suppressed
[  569.994014][T11763] kvm: pic: non byte read
[  570.002764][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  570.002815][   T25] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  570.002839][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.005248][   T25] usb 3-1: config 0 descriptor??
[  570.039361][T11763] kvm: pic: level sensitive irq not supported
[  570.046204][T11763] kvm: pic: non byte read
[  570.052396][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.052418][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.052436][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.052451][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.052467][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.052481][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.052499][T11422] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  570.052544][T11422] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.053968][T11422] batman_adv: batadv0: Interface activated: batadv_slave_1
[  570.071819][T11763] kvm: pic: level sensitive irq not supported
[  570.388599][   T25] usbhid 3-1:0.0: can't add hid device: -22
[  570.391881][T11422] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  570.409258][   T25] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  570.410649][T11763] kvm: pic: non byte read
[  570.601261][T11422] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  570.710804][T11422] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  570.742210][T11763] kvm: pic: level sensitive irq not supported
[  570.742739][T11763] kvm: pic: non byte read
[  570.752623][T11422] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  571.096090][T11783] loop7: detected capacity change from 0 to 64
[  571.234644][T11789] netlink: 'syz.7.1135': attribute type 10 has an invalid length.
[  571.332199][ T2969] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.340345][ T2969] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.352209][T11783] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[  571.420916][T11789] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.430691][T11789] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.520400][T11789] bridge0: port 2(bridge_slave_1) entered blocking state
[  571.527589][T11789] bridge0: port 2(bridge_slave_1) entered forwarding state
[  571.535059][T11789] bridge0: port 1(bridge_slave_0) entered blocking state
[  571.542217][T11789] bridge0: port 1(bridge_slave_0) entered forwarding state
[  571.564667][T11789] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  571.599765][ T2969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  571.611061][ T2969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  571.613107][  T980] bond0: (slave bridge0): link status definitely up, 0 Mbps full duplex
[  572.441507][ T7486] usb 3-1: USB disconnect, device number 8
[  572.536238][ T7401] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.790380][T11809] loop2: detected capacity change from 0 to 128
[  572.826761][T11809] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  572.893205][T11814] xt_TCPMSS: Only works on TCP SYN packets
[  572.925399][T11814] netlink: 'syz.5.1073': attribute type 10 has an invalid length.
[  573.213771][T11814] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  573.862371][ T5141] Bluetooth: hci2: command 0x0405 tx timeout
[  574.348744][T11804] loop9: detected capacity change from 0 to 32768
[  574.545725][T11844] fuse: Unknown parameter 'f[ž0x0000000000000007'
[  574.604384][T11844] loop5: detected capacity change from 0 to 764
[  574.696743][T11844] ISOFS: unable to read i-node block
[  574.815248][T11850] mkiss: ax0: crc mode is auto.
[  575.129097][T11844] isofs_fill_super: get root inode failed
[  575.454393][   T29] audit: type=1800 audit(1732168311.678:181): pid=11804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1138" name=6673B45D236B2391CE322E30FB9C69FE0D514DC1F8B6E3979C1205FD5224B07D18A44FEC4F6F1A6F65158BB6ADCC295BF2DD7DEA107F59D7E03C61FE5822292E45968956B931BDC4D6445FF1631E0B98E4B4448774DD4B9CD53A45896FDB3F03702778741AE2B45A25BF9A23FC02FB97A630F132BF9DEF6C6D4A7BAEB62972F1A814F6F2377BCFC78E2E86368C138510A04CEDF7175AF8C2034FAE7413E3ACE8C71AB9A0AF1CA7042011A6ED028E205648535DABF3B2F85196AE18D36B839E3CD54AE4933AD529888FDAC7BB8A70C72BC0FC81BA06506F2D5BC7686E219BBE5283959CBEF9950E071CB6D9F341FC624A5110341F26CEBD71 dev="loop9" ino=13 res=0 errno=0
[  575.554784][T11630] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  575.565088][T11630] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  575.583327][T11630] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  575.622666][T11630] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  576.035203][T11868] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1145'.
[  576.719560][T11630] 8021q: adding VLAN 0 to HW filter on device bond0
[  576.834660][T11630] 8021q: adding VLAN 0 to HW filter on device team0
[  576.980781][T11630] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  576.998019][T11630] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  577.151415][ T2969] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.159675][ T2969] bridge0: port 1(bridge_slave_0) entered forwarding state
[  577.246282][ T2969] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.253466][ T2969] bridge0: port 2(bridge_slave_1) entered forwarding state
[  578.023256][T11630] 8021q: adding VLAN 0 to HW filter on device batadv0
[  578.291019][T11900] loop9: detected capacity change from 0 to 128
[  578.422869][T11900] affs: No valid root block on device loop9
[  579.422526][T11905] loop7: detected capacity change from 0 to 1024
[  579.803640][T11905] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  579.949844][T11630] veth0_vlan: entered promiscuous mode
[  579.971130][ T6621] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  579.983842][T11630] veth1_vlan: entered promiscuous mode
[  580.002513][ T6621] EXT4-fs (loop7): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1 with error 28
[  580.028601][ T6621] EXT4-fs (loop7): This should not happen!! Data will be lost
[  580.028601][ T6621] 
[  580.040932][ T6621] EXT4-fs (loop7): Total free blocks count 0
[  580.054605][ T6621] EXT4-fs (loop7): Free/Dirty block details
[  580.063749][ T6621] EXT4-fs (loop7): free_blocks=68451041280
[  580.069684][ T6621] EXT4-fs (loop7): dirty_blocks=16
[  580.075773][ T6621] EXT4-fs (loop7): Block reservation details
[  580.083311][ T6621] EXT4-fs (loop7): i_reserved_data_blocks=1
[  580.125811][T11630] veth0_macvtap: entered promiscuous mode
[  580.135676][T11630] veth1_macvtap: entered promiscuous mode
[  580.235904][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.277422][T10837] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.320188][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  580.352252][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.419177][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  580.472612][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.532371][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  580.577549][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.642727][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  580.689404][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.750931][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  580.801596][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.863974][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  580.919790][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  580.979257][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  581.065722][T11630] batman_adv: batadv0: Interface activated: batadv_slave_0
[  581.168962][T11922] loop9: detected capacity change from 0 to 131072
[  581.189137][T11922] F2FS-fs (loop9): invalid crc value
[  581.233858][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  581.285837][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  581.314219][T11922] F2FS-fs (loop9): Found nat_bits in checkpoint
[  581.342197][T11922] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4
[  581.440387][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  581.541942][T11948] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  582.495544][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.942176][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.967167][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.989914][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.007630][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.018754][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.046804][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.072664][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.112517][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.283443][T11630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  583.582216][T11630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  583.633181][ T5141] Bluetooth: hci0: command tx timeout
[  583.639060][T11630] batman_adv: batadv0: Interface activated: batadv_slave_1
[  583.941124][T11630] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  583.970415][T11630] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  584.755919][T11630] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  584.832528][T11630] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  585.311557][ T8327] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  585.319425][ T8327] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  585.458113][  T980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  585.491019][  T980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  585.658395][T12002] netlink: 'syz.7.1167': attribute type 8 has an invalid length.
[  588.735235][T12028] loop5: detected capacity change from 0 to 2048
[  589.777458][T12037] syz.2.1171 (12037): drop_caches: 2
[  589.882390][T12028] EXT4-fs error (device loop5): ext4_orphan_get:1415: comm syz.5.1172: bad orphan inode 8192
[  589.900984][T12028] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  590.887000][T11422] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.827696][T12062] loop5: detected capacity change from 0 to 1024
[  591.907505][T12062] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  592.103457][T12071] loop8: detected capacity change from 0 to 164
[  592.514219][T11422] EXT4-fs error (device loop5): ext4_lookup:1817: inode #2: comm syz-executor: deleted inode referenced: 11
[  592.575874][T11422] EXT4-fs error (device loop5): ext4_lookup:1817: inode #2: comm syz-executor: deleted inode referenced: 11
[  592.886595][T11422] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.120483][ T5828] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  593.287502][ T6340] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.349124][T12098] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  593.569241][ T5828] usb 8-1: unable to get BOS descriptor or descriptor too short
[  593.582172][T12121] random: crng reseeded on system resumption
[  593.601113][ T6340] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.813115][ T5828] usb 8-1: no configurations
[  593.826730][ T5828] usb 8-1: can't read configurations, error -22
[  594.846520][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  594.941161][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  594.949560][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  594.959440][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  595.062058][ T6340] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  595.074979][ T5839] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  595.082747][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  595.929517][ T6340] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  597.039222][T12163] loop2: detected capacity change from 0 to 256
[  597.188168][T12163] FAT-fs (loop2): Directory bread(block 64) failed
[  597.221174][T12163] FAT-fs (loop2): Directory bread(block 65) failed
[  597.227838][T12163] FAT-fs (loop2): Directory bread(block 66) failed
[  597.292899][T12131] chnl_net:caif_netlink_parms(): no params data found
[  597.337000][T12163] FAT-fs (loop2): Directory bread(block 67) failed
[  597.359231][T12163] FAT-fs (loop2): Directory bread(block 68) failed
[  597.433511][T12163] FAT-fs (loop2): Directory bread(block 69) failed
[  597.440753][T12163] FAT-fs (loop2): Directory bread(block 70) failed
[  597.449575][T12163] FAT-fs (loop2): Directory bread(block 71) failed
[  597.759480][ T5839] Bluetooth: hci1: command tx timeout
[  598.185979][T12163] FAT-fs (loop2): Directory bread(block 72) failed
[  598.196706][T12163] FAT-fs (loop2): Directory bread(block 73) failed
[  598.339011][T12177] net veth1_virt_wifi : renamed from virt_wifi0
[  598.584469][ T6340] bridge_slave_1: left allmulticast mode
[  598.590363][ T6340] bridge_slave_1: left promiscuous mode
[  598.601630][T12192] ip6t_srh: unknown srh match flags  FDC7
[  598.626424][ T6340] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.840246][ T6340] bridge_slave_0: left allmulticast mode
[  598.912036][ T6340] bridge_slave_0: left promiscuous mode
[  599.250436][ T6340] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.478705][T12163] syz.2.1197: attempt to access beyond end of device
[  599.478705][T12163] loop2: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  599.530754][T12163] syz.2.1197: attempt to access beyond end of device
[  599.530754][T12163] loop2: rw=0, sector=1160, nr_sectors = 4 limit=256
[  599.579904][   T29] audit: type=1800 audit(1732168335.768:182): pid=12163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1197" name="file0" dev="loop2" ino=1048707 res=0 errno=0
[  599.780972][ T5141] Bluetooth: hci1: command tx timeout
[  600.898255][T12213] loop9: detected capacity change from 0 to 1024
[  600.991029][T12213] EXT4-fs: Ignoring removed oldalloc option
[  601.038753][T12213] EXT4-fs (loop9): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  601.160262][T12213] EXT4-fs (loop9): can't mount with commit=24659, fs mounted w/o journal
[  602.060335][ T5141] Bluetooth: hci1: command tx timeout
[  603.016483][T12228] 9pnet_fd: p9_fd_create_tcp (12228): problem connecting socket to 127.0.0.1
[  603.709344][T12210] kvm: kvm [12208]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x5500000800
[  603.727234][T12210] kvm: kvm [12208]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x7100000800
[  603.752346][T12210] kvm: kvm [12208]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xa600000000
[  603.776311][T12210] kvm: kvm [12208]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xb200000000
[  604.113179][ T5141] Bluetooth: hci1: command tx timeout
[  611.341665][ T6340] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  611.342461][T12262] loop2: detected capacity change from 0 to 32768
[  611.358712][T12274] loop7: detected capacity change from 0 to 256
[  611.980305][   T29] audit: type=1800 audit(1732168348.198:183): pid=12262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1218" name="file1" dev="loop2" ino=4 res=0 errno=0
[  612.113502][T12274] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  612.181955][ T6340] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  612.199726][ T6340] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  612.389686][ T6340] bond0 (unregistering): Released all slaves
[  614.490557][T12131] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.497687][T12131] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.562074][T12131] bridge_slave_0: entered allmulticast mode
[  614.569163][T12131] bridge_slave_0: entered promiscuous mode
[  614.627842][T12131] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.729243][T12131] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.736678][T12131] bridge_slave_1: entered allmulticast mode
[  614.750570][T12131] bridge_slave_1: entered promiscuous mode
[  614.882532][T12306] loop8: detected capacity change from 0 to 4096
[  614.939431][T12306] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  615.049061][T12306] ntfs3(loop8): Inode r=19 is not in use!
[  615.055024][T12306] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  615.455457][T12131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  615.623439][T12131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  616.599406][T12131] team0: Port device team_slave_0 added
[  617.609405][ T6340] hsr_slave_0: left promiscuous mode
[  618.601121][ T6340] hsr_slave_1: left promiscuous mode
[  618.630446][T12355] loop9: detected capacity change from 0 to 512
[  618.651187][T12359] loop2: detected capacity change from 0 to 512
[  618.657836][T12359] EXT4-fs: Ignoring removed nomblk_io_submit option
[  618.665375][T12355] EXT4-fs: quotafile must be on filesystem root
[  618.945063][ T6340] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  619.027981][ T6340] batman_adv: batadv0: Removing interface: batadv_slave_0
[  619.775838][T12359] EXT4-fs: group quota file already specified
[  619.814386][ T6340] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  619.839720][ T6340] batman_adv: batadv0: Removing interface: batadv_slave_1
[  620.010431][ T6340] veth1_macvtap: left promiscuous mode
[  620.054916][ T6340] veth0_macvtap: left promiscuous mode
[  620.103389][ T6340] veth1_vlan: left promiscuous mode
[  620.108743][ T6340] veth0_vlan: left promiscuous mode
[  621.205249][T12377] loop2: detected capacity change from 0 to 8
[  621.734356][ T5839] Bluetooth: hci1: command 0x0405 tx timeout
[  621.838296][ T7486] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  622.144297][ T7486] usb 10-1: Using ep0 maxpacket: 32
[  623.030251][ T7486] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  623.043699][ T7486] usb 10-1: config 0 has no interfaces?
[  623.557316][ T7486] usb 10-1: string descriptor 0 read error: -71
[  623.564107][ T7486] usb 10-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  623.574028][ T7486] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.593361][ T7486] usb 10-1: config 0 descriptor??
[  623.598870][ T7486] usb 10-1: can't set config #0, error -71
[  623.607930][ T7486] usb 10-1: USB disconnect, device number 12
[  624.257079][T12394] syz.8.1240 (12394): drop_caches: 2
[  624.265473][T12394] syz.8.1240 (12394): drop_caches: 2
[  624.585162][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  626.694439][    T9] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  627.000427][    T9] usb 9-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  627.009526][    T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.051711][    T9] usb 9-1: config 0 descriptor??
[  627.108203][ T6340] team0 (unregistering): Port device team_slave_1 removed
[  627.274493][ T6340] team0 (unregistering): Port device team_slave_0 removed
[  627.285258][    T9] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  627.306743][    T9] asix 9-1:0.0: probe with driver asix failed with error -71
[  627.368291][    T9] usb 9-1: USB disconnect, device number 2
[  627.727649][T12432] loop2: detected capacity change from 0 to 128
[  627.738305][T12432] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (48670!=0)
[  627.748713][T12432] EXT4-fs (loop2): group descriptors corrupted!
[  629.118256][T12440] loop2: detected capacity change from 0 to 2048
[  630.309960][T12131] team0: Port device team_slave_1 added
[  630.455514][T12131] batman_adv: batadv0: Adding interface: batadv_slave_0
[  630.500326][T12131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.691571][T12131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  630.799354][T12131] batman_adv: batadv0: Adding interface: batadv_slave_1
[  630.954706][T12131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.169916][T12131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.227884][T12455] loop7: detected capacity change from 0 to 256
[  631.338879][T12455] exFAT-fs (loop7): bogus number of FAT structure
[  631.355347][T12455] exFAT-fs (loop7): failed to read boot sector
[  631.371678][T12455] exFAT-fs (loop7): failed to recognize exfat type
[  633.963933][T12468] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(6)
[  633.971253][T12468] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  633.980917][T12468] vhci_hcd vhci_hcd.0: Device attached
[  634.217673][T12470] vhci_hcd: connection closed
[  635.132586][ T7622] vhci_hcd: stop threads
[  635.143628][ T7622] vhci_hcd: release socket
[  635.148114][ T7622] vhci_hcd: disconnect device
[  635.215986][T12475] loop9: detected capacity change from 0 to 256
[  635.312737][T12475] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  635.520643][T12484] exFAT-fs (loop9): valid_size(150994954) is greater than size(10)
[  635.639587][T12131] hsr_slave_0: entered promiscuous mode
[  635.822788][T12131] hsr_slave_1: entered promiscuous mode
[  635.896232][T12131] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  635.915748][T12131] Cannot create hsr debugfs directory
[  636.147056][T12501] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[  636.183394][T12501] loop7: detected capacity change from 0 to 512
[  636.256004][T12501] EXT4-fs (loop7): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  636.266970][T12501] EXT4-fs (loop7): ext4_check_descriptors: Inode table for group 0 not in group (block 2)!
[  636.277156][T12501] EXT4-fs (loop7): group descriptors corrupted!
[  636.939873][T12503] loop9: detected capacity change from 0 to 2048
[  637.938739][T12511] loop7: detected capacity change from 0 to 1764
[  637.996511][T12511] iso9660: Corrupted directory entry in block 2 of inode 1920
[  638.322805][T12516] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  643.255183][ T5141] Bluetooth: hci4: command 0x0406 tx timeout
[  644.725587][T12530] macvlan2: entered allmulticast mode
[  644.746769][T12530] mac80211_hwsim hwsim24 wlan0: entered promiscuous mode
[  644.785394][T12530] mac80211_hwsim hwsim24 wlan0: entered allmulticast mode
[  644.838360][T12530] macvlan2: entered promiscuous mode
[  644.873197][T12530] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  647.428742][T12598] loop8: detected capacity change from 0 to 64
[  648.286049][T12598] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  648.422382][T12594] CIFS: Unable to determine destination address
[  648.444686][T12594] sctp: [Deprecated]: syz.8.1282 (pid 12594) Use of int in maxseg socket option.
[  648.444686][T12594] Use struct sctp_assoc_value instead
[  649.012691][T12131] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  649.026152][T12131] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  649.299477][T12131] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  649.490641][T12131] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  650.871294][T12131] 8021q: adding VLAN 0 to HW filter on device bond0
[  651.136763][T12131] 8021q: adding VLAN 0 to HW filter on device team0
[  651.173667][T12131] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  651.184306][T12131] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  651.205613][   T72] bridge0: port 1(bridge_slave_0) entered blocking state
[  651.212763][   T72] bridge0: port 1(bridge_slave_0) entered forwarding state
[  651.222887][   T72] bridge0: port 2(bridge_slave_1) entered blocking state
[  651.230090][   T72] bridge0: port 2(bridge_slave_1) entered forwarding state
[  654.460185][T12653] virtio-fs: tag <(null)> not found
[  655.006723][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1295'.
[  655.847274][ T5141] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  655.861098][ T5141] Bluetooth: hci2: unexpected cc 0x2039 length: 4 > 1
[  655.867946][ T5141] Bluetooth: hci2: unexpected event for opcode 0x2039
[  655.877734][ T5141] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  655.888832][ T5141] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  655.902722][ T5141] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  655.920701][ T5141] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  655.949452][ T5845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  656.045248][T12664] batadv0: entered promiscuous mode
[  656.277465][T12668] vlan2: entered promiscuous mode
[  656.318423][T12672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  656.696502][T12672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.957381][T12672] vlan3: entered promiscuous mode
[  656.973169][T12672] dummy0: entered promiscuous mode
[  657.103920][T12672] dummy0: left promiscuous mode
[  658.020674][ T5845] Bluetooth: hci5: command tx timeout
[  659.663722][T12690] loop8: detected capacity change from 0 to 512
[  659.705972][T12696] loop7: detected capacity change from 0 to 128
[  659.770617][T12690] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  659.840600][T12690] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  659.876566][T12696] VFS: Found a Xenix FS (block size = 512) on device loop7
[  659.884687][T12690] EXT4-fs (loop8): orphan cleanup on readonly fs
[  659.901287][T12690] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.1313: bg 0: block 361: padding at end of block bitmap is not set
[  660.024317][T12690] EXT4-fs (loop8): Remounting filesystem read-only
[  660.074212][T12656] chnl_net:caif_netlink_parms(): no params data found
[  660.114172][ T5845] Bluetooth: hci5: command tx timeout
[  660.140419][T12690] EXT4-fs (loop8): 1 truncate cleaned up
[  660.175036][T12690] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  660.978053][T11630] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  661.472355][T12716] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[  661.658150][T12656] bridge0: port 1(bridge_slave_0) entered blocking state
[  661.681984][T12656] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.699150][T12716] sysv_count_free_inodes: unable to read inode table
[  661.707952][T12656] bridge_slave_0: entered allmulticast mode
[  661.720733][T12722] sysv_free_block: trying to free block not in datazone
[  661.732249][T12656] bridge_slave_0: entered promiscuous mode
[  661.768247][T12656] bridge0: port 2(bridge_slave_1) entered blocking state
[  661.819758][T12656] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.839964][T12656] bridge_slave_1: entered allmulticast mode
[  661.867556][T12656] bridge_slave_1: entered promiscuous mode
[  662.183512][T12656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  662.192933][ T5845] Bluetooth: hci5: command tx timeout
[  663.075652][T12656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  663.253992][T12656] team0: Port device team_slave_0 added
[  663.284241][T12656] team0: Port device team_slave_1 added
[  663.407674][T12656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  663.447402][T12656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  663.504474][T12741] loop9: detected capacity change from 0 to 16
[  663.674888][T12656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  663.707547][T12741] erofs (device loop9): mounted with root inode @ nid 36.
[  664.264097][T12656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  664.271285][T12656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  664.297409][T12656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  664.346784][ T5845] Bluetooth: hci5: command tx timeout
[  664.466257][T10837] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  666.960455][ T6621] bridge_slave_1: left allmulticast mode
[  666.966162][ T6621] bridge_slave_1: left promiscuous mode
[  666.981296][ T6621] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.991477][ T6621] bridge_slave_0: left allmulticast mode
[  666.997149][ T6621] bridge_slave_0: left promiscuous mode
[  667.316553][ T6621] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.065699][T12778] loop8: detected capacity change from 0 to 256
[  668.212452][T12781] loop7: detected capacity change from 0 to 16
[  668.291719][T12781] erofs (device loop7): mounted with root inode @ nid 36.
[  668.401404][T12783] fuse: root generation should be zero
[  668.806331][T12795] dlm: no locking on control device
[  669.676303][T12797] xt_HMARK: spi-set and port-set can't be combined
[  669.926514][T12799] loop2: detected capacity change from 0 to 64
[  671.409134][T12802] kvm: kvm [12801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x86
[  671.441837][T12802] kvm: kvm [12801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xe8
[  671.542427][ T6621] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  671.553768][ T6621] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  671.564053][ T6621] bond0 (unregistering): Released all slaves
[  671.586756][T12656] hsr_slave_0: entered promiscuous mode
[  671.593135][T12656] hsr_slave_1: entered promiscuous mode
[  671.599242][T12656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  671.609597][T12656] Cannot create hsr debugfs directory
[  671.630562][T12787] bridge0: entered promiscuous mode
[  671.636616][T12787] macsec1: entered promiscuous mode
[  671.645561][T12787] bridge0: left promiscuous mode
[  671.804737][T12815] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  671.817687][T12815] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  671.967649][ T6621] hsr_slave_0: left promiscuous mode
[  672.055259][ T6621] hsr_slave_1: left promiscuous mode
[  672.366000][ T6621] batman_adv: batadv0: Removing interface: batadv_slave_0
[  674.067241][ T6621] batman_adv: batadv0: Removing interface: batadv_slave_1
[  674.348319][T12841] loop9: detected capacity change from 0 to 512
[  676.333941][T12841] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  676.411480][T12841] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  678.452943][ T7281] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  681.593736][ T5839] Bluetooth: hci3: unexpected event for opcode 0x0c58
[  683.069764][ T6621] team0 (unregistering): Port device team_slave_1 removed
[  683.146990][T12904] loop2: detected capacity change from 0 to 8
[  683.166348][T12904] SQUASHFS error: zlib decompression failed, data probably corrupt
[  683.180233][T12904] SQUASHFS error: Failed to read block 0x9b: -5
[  683.186625][T12904] SQUASHFS error: Unable to read metadata cache entry [99]
[  683.230651][T12904] SQUASHFS error: Unable to read inode 0x127
[  683.238999][ T6621] team0 (unregistering): Port device team_slave_0 removed
[  683.637515][ T5845] Bluetooth: hci2: command 0x0405 tx timeout
[  684.719153][T12901] lo speed is unknown, defaulting to 1000
[  684.729637][T12901] lo speed is unknown, defaulting to 1000
[  684.737627][T12901] lo speed is unknown, defaulting to 1000
[  685.418096][T12916] loop2: detected capacity change from 0 to 256
[  685.514331][T12901] infiniband syz0: set active
[  685.519528][T12901] infiniband syz0: added lo
[  685.525631][T12901] syz0: rxe_create_cq: returned err = -12
[  685.531875][T12901] infiniband syz0: Couldn't create ib_mad CQ
[  685.540128][T12901] infiniband syz0: Couldn't open port 1
[  685.558778][T12901] RDS/IB: syz0: added
[  685.564892][T12901] smc: adding ib device syz0 with port count 1
[  685.571400][T12901] smc:    ib device syz0 port 1 has pnetid 
[  685.671084][ T5141] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  685.795356][ T5141] Bluetooth: hci3: Injecting HCI hardware error event
[  685.809244][ T5141] Bluetooth: hci3: hardware error 0x00
[  685.902946][T12901] lo speed is unknown, defaulting to 1000
[  686.849860][ T5883] lo speed is unknown, defaulting to 1000
[  686.876558][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  687.159604][ T5881] lo speed is unknown, defaulting to 1000
[  688.201723][ T5141] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  688.208692][T12901] lo speed is unknown, defaulting to 1000
[  688.315695][T12901] lo speed is unknown, defaulting to 1000
[  689.114597][T12901] lo speed is unknown, defaulting to 1000
[  689.487850][T12901] lo speed is unknown, defaulting to 1000
[  689.666718][T12901] lo speed is unknown, defaulting to 1000
[  689.773365][T12901] lo speed is unknown, defaulting to 1000
[  690.006159][T12901] lo speed is unknown, defaulting to 1000
[  693.568189][T12980] loop7: detected capacity change from 0 to 2048
[  693.601861][T12980] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  694.491747][T12984] loop8: detected capacity change from 0 to 256
[  696.130714][T13005] loop7: detected capacity change from 0 to 764
[  696.160027][T13005] Symlink component flag not implemented
[  696.167263][T13005] Symlink component flag not implemented (129)
[  696.287250][T12984] loop8: detected capacity change from 0 to 512
[  696.294103][T12984] EXT4-fs: Ignoring removed i_version option
[  696.300308][T12984] journal_path: Non-blockdev passed as './file0'
[  696.307397][T12984] EXT4-fs: error: could not find journal device path
[  697.287369][T13018] loop7: detected capacity change from 0 to 512
[  697.433794][T12656] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  697.482136][T13018] EXT4-fs warning (device loop7): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  697.499515][T13018] EXT4-fs warning (device loop7): dx_probe:881: Enable large directory feature to access it
[  697.511052][T13018] EXT4-fs warning (device loop7): dx_probe:966: inode #2: comm syz.7.1376: Corrupt directory, running e2fsck is recommended
[  697.514768][T12656] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  697.766103][T13018] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[  697.806607][T13018] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.1376: corrupted in-inode xattr: invalid ea_ino
[  698.772579][T13032] Non-string source
[  698.914442][T12656] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  698.952813][T12656] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  699.061029][T13018] EXT4-fs (loop7): Remounting filesystem read-only
[  699.083716][T13018] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  699.165474][T13018] EXT4-fs warning (device loop7): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  699.206979][T13039] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1381'.
[  699.263828][T13018] EXT4-fs warning (device loop7): dx_probe:881: Enable large directory feature to access it
[  699.275023][T12656] 8021q: adding VLAN 0 to HW filter on device bond0
[  699.292067][T13018] EXT4-fs warning (device loop7): dx_probe:966: inode #2: comm syz.7.1376: Corrupt directory, running e2fsck is recommended
[  699.299117][T12656] 8021q: adding VLAN 0 to HW filter on device team0
[  699.374193][ T6172] bridge0: port 1(bridge_slave_0) entered blocking state
[  699.381366][ T6172] bridge0: port 1(bridge_slave_0) entered forwarding state
[  699.434950][ T6172] bridge0: port 2(bridge_slave_1) entered blocking state
[  699.442126][ T6172] bridge0: port 2(bridge_slave_1) entered forwarding state
[  699.633134][T10837] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.413051][T12656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  701.805464][T12656] veth0_vlan: entered promiscuous mode
[  701.815891][T12656] veth1_vlan: entered promiscuous mode
[  701.837701][T12656] veth0_macvtap: entered promiscuous mode
[  701.846757][T12656] veth1_macvtap: entered promiscuous mode
[  701.862946][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.873741][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.883643][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.894172][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.904142][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.914637][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.924532][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.935075][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.945848][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.957144][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.967159][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.977681][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.987570][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.998086][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.009185][T12656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  702.018757][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.029366][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.039695][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.050873][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.060867][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.071870][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.081793][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.092820][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.102822][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.113700][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.123691][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.134201][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.144944][T12656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.156360][T12656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.167638][T12656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  702.182462][T12656] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  702.191248][T12656] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  702.199953][T12656] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  702.208780][T12656] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  702.257913][T13065] loop7: detected capacity change from 0 to 8192
[  702.486215][T13085] loop9: detected capacity change from 0 to 512
[  703.479096][T13085] EXT4-fs: Ignoring removed mblk_io_submit option
[  704.884380][ T6621] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  704.921061][T13085] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #12: comm syz.9.1390: corrupted in-inode xattr: invalid ea_ino
[  704.965057][ T6621] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  704.974536][T13085] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.1390: couldn't read orphan inode 12 (err -117)
[  705.090315][ T6621] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  705.098176][ T6621] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  705.116727][T13085] EXT4-fs (loop9): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  705.165951][T13085] EXT4-fs error (device loop9): ext4_add_entry:2444: inode #2: comm syz.9.1390: Directory hole found for htree leaf block 0
[  705.182302][T13085] EXT4-fs error (device loop9): ext4_add_entry:2444: inode #2: comm syz.9.1390: Directory hole found for htree leaf block 0
[  705.206207][T13085] EXT4-fs error (device loop9): ext4_add_entry:2444: inode #2: comm syz.9.1390: Directory hole found for htree leaf block 0
[  705.247342][T13085] EXT4-fs error (device loop9): ext4_add_entry:2444: inode #2: comm syz.9.1390: Directory hole found for htree leaf block 0
[  705.272243][T13085] EXT4-fs error (device loop9): ext4_add_entry:2444: inode #2: comm syz.9.1390: Directory hole found for htree leaf block 0
[  705.290858][T13102] loop8: detected capacity change from 0 to 8192
[  705.407933][ T7281] EXT4-fs (loop9): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  706.481637][T13114] loop8: detected capacity change from 0 to 1024
[  706.978740][T13114] hfsplus: bad catalog entry type
[  707.009930][T13119] loop0: detected capacity change from 0 to 1024
[  707.451019][T13119] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  707.499029][ T2975] hfsplus: b-tree write err: -5, ino 4
[  707.511216][    T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  707.676240][   T25] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  707.690356][    T9] usb 8-1: Using ep0 maxpacket: 16
[  707.703482][    T9] usb 8-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be
[  707.734882][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.754463][    T9] usb 8-1: Product: syz
[  708.095739][T13138] iou-wrk-13137 (13138): drop_caches: 2
[  708.131365][   T25] usb 3-1: Using ep0 maxpacket: 32
[  708.481307][    T9] usb 8-1: Manufacturer: syz
[  708.485965][    T9] usb 8-1: SerialNumber: syz
[  708.559558][   T25] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  708.568731][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.576881][   T25] usb 3-1: Product: syz
[  708.581282][   T25] usb 3-1: Manufacturer: syz
[  708.585899][   T25] usb 3-1: SerialNumber: syz
[  708.636058][   T25] usb 3-1: config 0 descriptor??
[  708.641118][    T9] usb 8-1: config 0 descriptor??
[  708.978852][T12656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.600225][    T9] usb 8-1: can't set config #0, error -71
[  709.613304][    T9] usb 8-1: USB disconnect, device number 4
[  710.694759][T13150] input: syz0 as /devices/virtual/input/input16
[  711.247641][   T25] rtl8150 3-1:0.0: couldn't reset the device
[  711.255226][   T25] rtl8150 3-1:0.0: probe with driver rtl8150 failed with error -5
[  711.500328][T13153] loop0: detected capacity change from 0 to 8192
[  711.704203][   T25] usb 3-1: USB disconnect, device number 9
[  713.830307][   T29] audit: type=1326 audit(1732168450.052:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13177 comm="syz.0.1406" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x0
[  715.343254][ T5141] Bluetooth: hci2: unexpected event for opcode 0x204e
[  715.974822][T13201] loop9: detected capacity change from 0 to 512
[  716.031244][T13201] EXT4-fs: Ignoring removed i_version option
[  716.080917][T13201] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  716.184144][T13201] EXT4-fs (loop9): 1 truncate cleaned up
[  716.191540][T13201] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  717.085876][ T7281] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  717.247460][T13212] loop8: detected capacity change from 0 to 4096
[  717.264392][T13212] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[  717.306041][T13220] netlink: 'syz.9.1414': attribute type 4 has an invalid length.
[  717.365858][T13220] netlink: 'syz.9.1414': attribute type 4 has an invalid length.
[  718.418704][   T29] audit: type=1804 audit(1732168454.632:185): pid=13212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.1412" name="/newroot/64/file1/bus" dev="loop8" ino=34 res=1 errno=0
[  718.708192][   T29] audit: type=1400 audit(1732168454.912:186): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=22 pid=13238 comm="syz.0.1418"
[  720.740349][   T29] audit: type=1800 audit(1732168455.732:187): pid=13231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1412" name="file1" dev="loop8" ino=30 res=0 errno=0
[  722.413728][T13285] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  723.188021][T13293] loop0: detected capacity change from 0 to 16
[  723.956351][T13293] erofs (device loop0): mounted with root inode @ nid 36.
[  724.006840][ T5141] erofs (device loop0): failed to decompress -26 in[46, 0] out[9000]
[  724.031073][T13292] erofs (device loop0): failed to decompress -26 in[46, 4050] out[8192]
[  724.039920][T13292] erofs (device loop0): read error -117 @ 0 of nid 89
[  724.047862][   T29] audit: type=1800 audit(1732168460.272:188): pid=13292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1428" name="file3" dev="loop0" ino=89 res=0 errno=0
[  724.387841][   T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  725.668945][   T25] usb 3-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=f3.0f
[  725.678416][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  725.967053][   T25] usb 3-1: Product: syz
[  725.971343][   T25] usb 3-1: Manufacturer: syz
[  725.975968][   T25] usb 3-1: SerialNumber: syz
[  725.984811][   T25] usb 3-1: config 0 descriptor??
[  725.997796][   T25] gspca_main: jeilinj-2.14.0 probing 0979:0270
[  727.110475][   T25] usb 3-1: USB disconnect, device number 10
[  727.917724][T13326] loop9: detected capacity change from 0 to 4096
[  727.973012][T13326] NILFS (loop9): invalid segment: Checksum error in segment payload
[  728.077683][T13326] NILFS (loop9): trying rollback from an earlier position
[  729.056219][T13326] NILFS (loop9): recovery complete
[  729.181061][T13346] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  732.779523][T13382] smc: net device bond0 applied user defined pnetid SYZ0
[  732.869160][T13382] smc: net device bond0 erased user defined pnetid SYZ0
[  734.363709][T13352] kexec: Could not allocate control_code_buffer
[  735.807934][T13414] delete_channel: no stack
[  736.795524][T13407] loop8: detected capacity change from 0 to 1024
[  737.354140][T13428] loop7: detected capacity change from 0 to 16
[  737.363613][T13428] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  737.416226][T13428] 9pnet_fd: Insufficient options for proto=fd
[  738.290758][  T980] hfsplus: b-tree write err: -5, ino 4
[  741.631138][T13458] team_slave_0: entered promiscuous mode
[  741.636996][T13458] team_slave_1: entered promiscuous mode
[  741.682258][T13458] team0: Device macsec1 is already an upper device of the team interface
[  741.718573][T13462] loop0: detected capacity change from 0 to 1024
[  741.951055][T13458] team_slave_0: left promiscuous mode
[  741.956630][T13458] team_slave_1: left promiscuous mode
[  742.021417][T13462] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  742.743595][T13479] syzkaller0: entered allmulticast mode
[  744.052090][T13481] loop8: detected capacity change from 0 to 131072
[  744.251483][  T980] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  744.294415][T13481] F2FS-fs (loop8): invalid crc value
[  744.373922][  T980] EXT4-fs (loop0): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1 with error 28
[  744.394268][  T980] EXT4-fs (loop0): This should not happen!! Data will be lost
[  744.394268][  T980] 
[  744.416784][T13481] F2FS-fs (loop8): Found nat_bits in checkpoint
[  744.480229][T13481] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  744.524116][T13498] loop7: detected capacity change from 0 to 1024
[  744.531563][T13498] hfsplus: Unknown parameter 'nodecomp'
[  744.615233][  T980] EXT4-fs (loop0): Total free blocks count 0
[  744.628174][  T980] EXT4-fs (loop0): Free/Dirty block details
[  744.656728][  T980] EXT4-fs (loop0): free_blocks=68451041280
[  744.770421][  T980] EXT4-fs (loop0): dirty_blocks=16
[  745.258597][  T980] EXT4-fs (loop0): Block reservation details
[  745.339963][  T980] EXT4-fs (loop0): i_reserved_data_blocks=1
[  745.684795][T12656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  747.469106][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  748.097415][T13543] trusted_key: syz.2.1476 sent an empty control message without MSG_MORE.
[  748.857942][T13550] kvm: kvm [13549]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x0
[  750.706112][T13577] overlayfs: missing 'workdir'
[  750.779746][T13571] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1484'.
[  751.056984][T13587] loop7: detected capacity change from 0 to 512
[  751.983668][T13587] EXT4-fs: quotafile must be on filesystem root
[  754.080283][T13616] block device autoloading is deprecated and will be removed.
[  754.333762][T13613] loop9: detected capacity change from 0 to 128
[  754.463274][T13613] loop9: detected capacity change from 0 to 512
[  754.582154][T13591] loop8: detected capacity change from 0 to 2048
[  754.893663][T13613] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[  754.918405][T13613] EXT4-fs (loop9): 1 truncate cleaned up
[  754.937559][T13613] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  754.970817][T13591] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  755.433789][ T7281] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  756.453452][T11630] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.187812][T13680] loop9: detected capacity change from 0 to 1024
[  759.240652][T13677] random: crng reseeded on system resumption
[  759.307122][T13686] ieee802154 phy1 wpan1: encryption failed: -22
[  761.305121][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  761.313571][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  761.352398][T13703] hfsplus: request for non-existent node 33423360 in B*Tree
[  761.457126][T13703] hfsplus: request for non-existent node 33423360 in B*Tree
[  761.604614][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.289684][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.366775][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.404751][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.437267][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.464919][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.522989][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.549289][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.618723][T13699] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.668642][T13722] netlink: 'syz.8.1512': attribute type 10 has an invalid length.
[  762.695681][T13699] hfsplus: request for non-existent node 33423360 in B*Tree
[  762.708586][T13722] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.716087][T13722] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.789055][T13728] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1512'.
[  762.925908][T13722] bridge0: port 2(bridge_slave_1) entered blocking state
[  762.933132][T13722] bridge0: port 2(bridge_slave_1) entered forwarding state
[  762.940615][T13722] bridge0: port 1(bridge_slave_0) entered blocking state
[  762.947730][T13722] bridge0: port 1(bridge_slave_0) entered forwarding state
[  763.068016][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.286680][T13722] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  763.340431][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.356806][T13728] bridge_slave_1: left allmulticast mode
[  763.420290][T13728] bridge_slave_1: left promiscuous mode
[  763.437670][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.447818][T13728] bridge0: port 2(bridge_slave_1) entered disabled state
[  763.457772][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.479577][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.496564][T13698] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.534797][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.564087][T13680] hfsplus: request for non-existent node 33423360 in B*Tree
[  763.585930][T13728] bridge_slave_0: left allmulticast mode
[  763.600540][T13728] bridge_slave_0: left promiscuous mode
[  763.656070][T13728] bridge0: port 1(bridge_slave_0) entered disabled state
[  763.796212][T13736] nbd: must specify a device to reconfigure
[  764.438391][T13728] bond0: (slave bridge0): Releasing backup interface
[  765.614372][T13722] syz.8.1512 (13722) used greatest stack depth: 18192 bytes left
[  769.453776][T13810] loop9: detected capacity change from 0 to 1024
[  769.514152][T13810] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1527'.
[  770.518530][   T29] audit: type=1804 audit(1732168506.742:189): pid=13810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1527" name="/newroot/273/file0/bus" dev="loop9" ino=26 res=1 errno=0
[  770.540086][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.651091][ T8751] hfsplus: b-tree write err: -5, ino 4
[  772.014043][T13840] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  772.023619][T13840] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  772.032438][T13840] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  772.041400][T13840] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  772.213546][T13849] loop7: detected capacity change from 0 to 512
[  772.227086][T13849] EXT4-fs: Mount option(s) incompatible with ext2
[  772.424520][T13849] loop7: detected capacity change from 0 to 128
[  772.558034][T13849] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  772.621303][T13849] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  774.296684][T13886] loop0: detected capacity change from 0 to 64
[  775.195298][T13885] overlayfs: upper fs needs to support d_type.
[  775.209101][T13885] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  775.216351][T13885] overlayfs: failed to set xattr on upper
[  775.222129][T13885] overlayfs: ...falling back to redirect_dir=nofollow.
[  775.228992][T13885] overlayfs: ...falling back to index=off.
[  775.238107][T13885] overlayfs: ...falling back to uuid=null.
[  776.623856][T12656] Trying to free block not in datazone
[  776.653066][T12656] Trying to free block not in datazone
[  776.825312][T12656] Trying to free block not in datazone
[  778.321607][T13902] loop8: detected capacity change from 0 to 4096
[  778.403955][T13914] team0: entered promiscuous mode
[  778.409047][T13914] team_slave_0: entered promiscuous mode
[  778.461763][T13914] team_slave_1: entered promiscuous mode
[  778.546091][T13902] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[  778.950516][T13914] dummy0: entered promiscuous mode
[  779.165628][T13918] loop7: detected capacity change from 0 to 256
[  779.198193][T13918] exfat: Deprecated parameter 'codepage'
[  779.257893][T13918] exfat: Bad value for 'codepage'
[  780.479471][ T5141] Bluetooth: hci5: command 0x0406 tx timeout
[  783.237605][T13965] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.244834][T13965] bridge0: port 1(bridge_slave_0) entered forwarding state
[  783.512108][T13966] loop7: detected capacity change from 0 to 8
[  785.585501][T13961] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  786.846171][T13995] loop2: detected capacity change from 0 to 16
[  787.412088][T13998] loop0: detected capacity change from 0 to 512
[  787.805005][T13995] erofs (device loop2): mounted with root inode @ nid 36.
[  787.915916][ T5845] erofs (device loop2): failed to decompress -41 in[4096, 0] out[9000]
[  787.938569][T13995] erofs (device loop2): failed to decompress -41 in[4096, 0] out[8192]
[  787.947293][T13995] erofs (device loop2): read error -117 @ 0 of nid 89
[  787.964605][   T29] audit: type=1800 audit(1732168524.182:190): pid=13995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1566" name="file3" dev="loop2" ino=89 res=0 errno=0
[  788.126800][T13998] EXT4-fs (loop0): 1 truncate cleaned up
[  788.183772][T14005] netlink: 'syz.9.1571': attribute type 12 has an invalid length.
[  788.249410][T13998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  788.451967][T13998] EXT4-fs error (device loop0): ext4_add_entry:2444: inode #2: comm syz.0.1567: Directory hole found for htree leaf block 0
[  788.522648][T14021] EXT4-fs error (device loop0): ext4_add_entry:2444: inode #2: comm syz.0.1567: Directory hole found for htree leaf block 0
[  788.744436][   T29] audit: type=1326 audit(1732168524.882:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.358486][   T29] audit: type=1326 audit(1732168525.042:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.397400][   T29] audit: type=1326 audit(1732168525.052:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.419931][   T29] audit: type=1326 audit(1732168525.052:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.442405][   T29] audit: type=1326 audit(1732168525.052:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.465114][   T29] audit: type=1326 audit(1732168525.072:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.487612][   T29] audit: type=1326 audit(1732168525.072:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.512400][   T29] audit: type=1326 audit(1732168525.072:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.535461][   T29] audit: type=1326 audit(1732168525.092:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13991 comm="syz.0.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd734d7e819 code=0x7ffc0000
[  789.634776][T12656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  791.150000][T14048] loop8: detected capacity change from 0 to 16
[  791.221965][T14048] erofs (device loop8): mounted with root inode @ nid 36.
[  792.351761][T14060] loop9: detected capacity change from 0 to 1024
[  794.087187][T14071] loop7: detected capacity change from 0 to 512
[  794.170914][T14071] EXT4-fs (loop7): Invalid default hash set in the superblock
[  794.318543][T14083] netlink: 'syz.2.1586': attribute type 9 has an invalid length.
[  794.326762][T14083] netlink: 'syz.2.1586': attribute type 7 has an invalid length.
[  794.419591][T14083] netlink: 'syz.2.1586': attribute type 8 has an invalid length.
[  794.810345][ T5881] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  794.825296][    C0] raw-gadget.0 gadget.2: ignoring, device is not running
[  794.990718][ T5881] usb 3-1: device descriptor read/64, error -32
[  795.340445][ T5881] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  796.444046][T14117] loop7: detected capacity change from 0 to 256
[  796.463181][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  796.474298][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  796.484169][ T5881] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  796.493282][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.644315][ T5881] usb 3-1: config 0 descriptor??
[  797.055088][T14130] input: syz0 as /devices/virtual/input/input17
[  797.741903][T14134] loop8: detected capacity change from 0 to 1024
[  797.748986][T14134] hfsplus: Unknown parameter 'nodecomp'
[  797.755517][ T5881] usbhid 3-1:0.0: can't add hid device: -71
[  797.763567][ T5881] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  797.776136][ T5881] usb 3-1: USB disconnect, device number 12
[  798.457821][T14144] loop8: detected capacity change from 0 to 512
[  800.010317][T14144] EXT4-fs error (device loop8): ext4_read_inode_bitmap:139: comm syz.8.1592: Invalid inode bitmap blk 4 in block_group 0
[  800.045081][T14144] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  800.072687][T14142] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  800.317911][T11630] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.785778][T14164] loop7: detected capacity change from 0 to 4096
[  804.021119][T14164] NILFS (loop7): error -4 creating segctord thread
[  804.225485][T14179] loop8: detected capacity change from 0 to 512
[  804.257028][T14179] loop8: detected capacity change from 0 to 512
[  804.662543][T14184] loop0: detected capacity change from 0 to 32768
[  804.669627][T14184] XFS: attr2 mount option is deprecated.
[  804.675520][T14184] XFS: noikeep mount option is deprecated.
[  805.062346][T14184] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  805.227683][T14207] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1607'.
[  805.288280][T14184] XFS (loop0): Ending clean mount
[  805.298403][T14184] XFS (loop0): Quotacheck needed: Please wait.
[  805.324282][T14206] loop8: detected capacity change from 0 to 2048
[  805.394821][T14184] XFS (loop0): Quotacheck: Done.
[  805.421589][T14206] UDF-fs: error (device loop8): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  806.701708][T14206] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  806.709425][T14206] UDF-fs: Scanning with blocksize 512 failed
[  807.679856][T14206] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  809.010422][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  809.539313][T12656] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  811.914443][T14258] smc: net device bond0 applied user defined pnetid SYZ0
[  811.950808][T14258] smc: net device bond0 erased user defined pnetid SYZ0
[  811.958341][T14250] loop9: detected capacity change from 0 to 8192
[  812.159070][T14262] netlink: 'syz.0.1612': attribute type 1 has an invalid length.
[  812.186546][T14262] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.1612'.
[  812.972421][T14273] loop0: detected capacity change from 0 to 2048
[  813.013687][T14273] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  814.073071][T14289] netlink: 'syz.8.1622': attribute type 4 has an invalid length.
[  817.213709][T14319] binder: BINDER_SET_CONTEXT_MGR already set
[  817.220789][T14319] binder: 14318:14319 ioctl 4018620d 20000300 returned -16
[  817.232062][T14319] binder: BINDER_SET_CONTEXT_MGR already set
[  817.239490][T14319] binder: 14318:14319 ioctl 4018620d 20000040 returned -16
[  820.805308][T14350] loop0: detected capacity change from 0 to 128
[  820.958559][T14350] VFS: Found a Xenix FS (block size = 1024) on device loop0
[  820.991811][T14350] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  822.952637][T14361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1638'.
[  823.635181][T14360] loop9: detected capacity change from 0 to 512
[  823.639959][T14363] loop0: detected capacity change from 0 to 128
[  823.737601][T14360] EXT4-fs (loop9): blocks per group (64) and clusters per group (20800) inconsistent
[  823.822707][T14360] loop9: detected capacity change from 0 to 512
[  823.877003][T14363] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  823.933796][T14360] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  823.946748][T14360] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  823.990281][T14363] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  824.065557][T14360] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  824.103344][T14360] __quota_error: 7 callbacks suppressed
[  824.103364][T14360] Quota error (device loop9): write_blk: dquota write failed
[  824.154886][T14360] Quota error (device loop9): qtree_write_dquot: Error -28 occurred while creating quota
[  824.199782][T14360] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.1639: Failed to acquire dquot type 0
[  824.329578][T12656] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  824.400704][ T7281] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  824.480289][T14390] netlink: 144 bytes leftover after parsing attributes in process `syz.7.1643'.
[  825.789127][T14406] netlink: 20 bytes leftover after parsing attributes in process `syz.9.1645'.
[  825.800882][T14406] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1645'.
[  825.814363][T14406] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1645'.
[  827.052482][T14421] o2cb: This node has not been configured.
[  827.058787][T14421] o2cb: Cluster check failed. Fix errors before retrying.
[  827.066106][T14421] (syz.2.1650,14421,0):user_dlm_register:674 ERROR: status = -22
[  827.075076][T14421] (syz.2.1650,14421,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[  827.228338][T14428] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  833.573492][T14494] veth0_vlan: entered allmulticast mode
[  833.980268][ T5845] Bluetooth: hci2: command 0x0405 tx timeout
[  835.176164][T14506] loop8: detected capacity change from 0 to 16
[  835.183104][T14506] erofs: Unknown parameter ''
[  835.436933][T14514] loop9: detected capacity change from 0 to 4096
[  835.699589][T14523] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  838.357045][T14540] loop0: detected capacity change from 0 to 512
[  838.567682][T14540] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  838.595934][T14540] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  839.242913][T14558] overlay: Unknown parameter '/'
[  842.212134][T14571] loop8: detected capacity change from 0 to 64
[  842.219061][T14571] hfs: unable to change iocharset
[  842.252521][ T5911] IPVS: starting estimator thread 0...
[  842.306609][T14571] loop8: detected capacity change from 0 to 4096
[  842.339512][T14571] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512).
[  842.356960][T14573] IPVS: using max 26 ests per chain, 62400 per kthread
[  842.370417][T12656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  842.447456][T14583] loop2: detected capacity change from 0 to 64
[  842.456175][T14583] minix: Unknown parameter ''
[  842.480324][T14583] loop2: detected capacity change from 0 to 16
[  842.504666][T14583] erofs (device loop2): mounted with root inode @ nid 36.
[  842.539510][T14583] syz.2.1683: attempt to access beyond end of device
[  842.539510][T14583] loop2: rw=524288, sector=16, nr_sectors = 16 limit=16
[  842.553651][T14583] syz.2.1683: attempt to access beyond end of device
[  842.553651][T14583] loop2: rw=524288, sector=8, nr_sectors = 16 limit=16
[  842.587079][T14583] syz.2.1683: attempt to access beyond end of device
[  842.587079][T14583] loop2: rw=0, sector=8, nr_sectors = 16 limit=16
[  842.602980][T14583] erofs (device loop2): read error -5 @ 8200 of nid 36
[  843.284368][T14571] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  843.362430][T14571] ntfs3(loop8): ino=21, The size of extended attributes must not exceed 64KiB
[  843.375562][T14571] ntfs3(loop8): ino=21, The size of extended attributes must not exceed 64KiB
[  843.394633][T14571] ntfs3(loop8): ino=21, The size of extended attributes must not exceed 64KiB
[  844.505540][T14593] loop7: detected capacity change from 0 to 164
[  844.517974][T14593] iso9660: Unknown parameter '184467440737095516150x0000000000000000'
[  844.625759][T14593] loop7: detected capacity change from 0 to 8
[  844.637482][T14593] SQUASHFS error: Failed to read block 0x4de: -5
[  844.645181][T14593] SQUASHFS error: Failed to read block 0x4de: -5
[  844.652687][   T29] audit: type=1800 audit(1732168580.882:207): pid=14593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1685" name="file1" dev="loop7" ino=5 res=0 errno=0
[  844.736117][T14603] SQUASHFS error: Failed to read block 0x4de: -5
[  844.752223][T14603] SQUASHFS error: Failed to read block 0x4de: -5
[  844.761003][T14603] SQUASHFS error: Failed to read block 0x4de: -5
[  844.771072][T14603] SQUASHFS error: Failed to read block 0x4de: -5
[  848.172836][T14663] loop9: detected capacity change from 0 to 16
[  848.626840][T14663] erofs (device loop9): mounted with root inode @ nid 36.
[  848.685201][T14661] smc: net device bond0 applied user defined pnetid SYZ0
[  848.693057][T14661] smc: net device bond0 erased user defined pnetid SYZ0
[  850.193004][T14684] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1701'.
[  851.992498][T14687] wg2: entered promiscuous mode
[  851.997415][T14687] wg2: entered allmulticast mode
[  852.490759][T14697] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1703'.
[  852.573341][T14697] netlink: zone id is out of range
[  852.664431][T14701] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1703'.
[  852.664747][T14697] netlink: zone id is out of range
[  852.664788][T14697] netlink: zone id is out of range
[  852.664798][T14697] netlink: zone id is out of range
[  852.664807][T14697] netlink: zone id is out of range
[  852.664817][T14697] netlink: zone id is out of range
[  852.664825][T14697] netlink: zone id is out of range
[  852.664835][T14697] netlink: zone id is out of range
[  852.664844][T14697] netlink: zone id is out of range
[  852.664853][T14697] netlink: zone id is out of range
[  854.086503][T14717] bridge_slave_0: left allmulticast mode
[  854.203606][T14717] bridge_slave_0: left promiscuous mode
[  854.315675][T14717] bridge0: port 1(bridge_slave_0) entered disabled state
[  854.358906][T14717] bridge_slave_1: left allmulticast mode
[  854.378000][T14717] bridge_slave_1: left promiscuous mode
[  855.660103][T14717] bridge0: port 2(bridge_slave_1) entered disabled state
[  855.775205][T14717] bond0: (slave bond_slave_0): Releasing backup interface
[  855.885536][T14717] bond0: (slave bond_slave_1): Releasing backup interface
[  856.043670][T14717] team0: Port device team_slave_0 removed
[  856.091827][T14717] team0: Port device team_slave_1 removed
[  856.098346][T14717] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  856.109185][T14717] batman_adv: batadv0: Removing interface: batadv_slave_0
[  856.126597][T14717] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  856.134506][T14717] batman_adv: batadv0: Removing interface: batadv_slave_1
[  859.274216][T14784] loop9: detected capacity change from 0 to 32768
[  859.281319][T14784] XFS: attr2 mount option is deprecated.
[  859.286999][T14784] XFS: noikeep mount option is deprecated.
[  859.370216][T14784] XFS (loop9): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  859.748739][T14808] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  860.448873][T14809] loop2: detected capacity change from 0 to 2048
[  861.267124][T14812] loop7: detected capacity change from 0 to 1024
[  861.327115][T14784] XFS (loop9): Ending clean mount
[  861.341770][T14784] XFS (loop9): Quotacheck needed: Please wait.
[  861.526391][T14784] XFS (loop9): Quotacheck: Done.
[  864.733990][ T7281] XFS (loop9): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  865.256008][T14846] loop7: detected capacity change from 0 to 1024
[  866.186042][T14846] hfsplus: failed to load extents file
[  866.714048][T14854] loop2: detected capacity change from 0 to 1024
[  867.070978][T14854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  867.994783][ T5920] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  868.015307][ T7401] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  868.550776][ T5920] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  868.561449][ T5920] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  868.574001][ T5920] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.610950][ T5920] usb 10-1: config 0 descriptor??
[  868.632445][ T5920] pwc: Askey VC010 type 2 USB webcam detected.
[  869.484328][ T5920] pwc: send_video_command error -71
[  869.489592][ T5920] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  869.499787][ T5920] Philips webcam 10-1:0.0: probe with driver Philips webcam failed with error -71
[  869.511142][ T5920] usb 10-1: USB disconnect, device number 13
[  869.920290][ T5920] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  870.108339][ T5920] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  870.135512][ T5920] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  870.223074][ T5920] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  870.275549][ T5920] usb 10-1: config 0 descriptor??
[  870.473299][ T5920] pwc: Askey VC010 type 2 USB webcam detected.
[  871.311863][ T5920] pwc: send_video_command error -71
[  871.317125][ T5920] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  871.325890][ T5920] Philips webcam 10-1:0.0: probe with driver Philips webcam failed with error -71
[  871.351901][ T5920] usb 10-1: USB disconnect, device number 14
[  871.425613][T14916] loop7: detected capacity change from 0 to 512
[  871.459492][T14913] loop2: detected capacity change from 0 to 4096
[  871.468789][T14916] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[  871.736524][T14913] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  873.011738][T14913] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  876.252861][T14956] loop0: detected capacity change from 0 to 512
[  876.405862][T14956] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  876.729976][T14956] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #15: comm syz.0.1753: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  876.798650][T14956] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.1753: couldn't read orphan inode 15 (err -117)
[  876.831910][T14956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  876.897406][T14956] ext2 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  877.525356][T14956] EXT4-fs error (device loop0): ext4_add_entry:2444: inode #2: comm syz.0.1753: Directory hole found for htree leaf block 0
[  877.849089][T12656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  877.982552][T14984] smc: net device bond0 applied user defined pnetid SYZ0
[  879.028392][T14995] smc: net device bond0 erased user defined pnetid SYZ0
[  881.089816][T15022] random: crng reseeded on system resumption
[  882.388930][T15034] loop7: detected capacity change from 0 to 512
[  882.397141][T15034] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  882.406417][T15034] EXT4-fs (loop7): blocks per group (64) and clusters per group (32768) inconsistent
[  883.156674][T15037] loop2: detected capacity change from 0 to 2048
[  883.170929][T15037] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  883.289982][T15037] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  885.146223][T15068] smc: net device bond0 applied user defined pnetid SYZ0
[  885.286984][T15049] kvm: pic: non byte write
[  885.312100][T15068] smc: net device bond0 erased user defined pnetid SYZ0
[  889.809322][T15090] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  890.023399][T15119] loop9: detected capacity change from 0 to 256
[  890.455995][T15119] FAT-fs (loop9): Directory bread(block 64) failed
[  890.462806][T15119] FAT-fs (loop9): Directory bread(block 65) failed
[  890.469751][T15119] FAT-fs (loop9): Directory bread(block 66) failed
[  890.476530][T15119] FAT-fs (loop9): Directory bread(block 67) failed
[  890.483563][T15119] FAT-fs (loop9): Directory bread(block 68) failed
[  890.490312][T15119] FAT-fs (loop9): Directory bread(block 69) failed
[  890.497204][T15119] FAT-fs (loop9): Directory bread(block 70) failed
[  890.504083][T15119] FAT-fs (loop9): Directory bread(block 71) failed
[  890.511494][T15119] FAT-fs (loop9): Directory bread(block 72) failed
[  890.518164][T15119] FAT-fs (loop9): Directory bread(block 73) failed
[  890.636742][T15119] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000616b)
[  890.914097][   T29] audit: type=1800 audit(1732168626.862:208): pid=15119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1780" name="cgroup.stat" dev="loop9" ino=1048731 res=0 errno=0
[  891.258086][T15126] loop0: detected capacity change from 0 to 1024
[  891.273157][T15126] hfsplus: Bad value for 'session'
[  894.678190][T15145] smc: net device bond0 applied user defined pnetid SYZ0
[  894.725293][T15148] smc: net device bond0 erased user defined pnetid SYZ0
[  896.984220][T15182] orangefs_mount: mount request failed with -4
[  897.556709][T15196] netlink: 'syz.8.1799': attribute type 2 has an invalid length.
[  898.767329][T15212] loop2: detected capacity change from 0 to 1024
[  898.833905][T15212] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  899.115945][ T7622] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  899.868885][ T7401] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  900.159579][T15230] loop2: detected capacity change from 0 to 128
[  900.608836][T15234] netlink: 'syz.9.1808': attribute type 10 has an invalid length.
[  900.643211][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  900.656361][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  900.665172][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  900.674730][ T5845] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  900.682516][ T5845] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  900.691943][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  900.732606][T15230] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  900.754496][T15230] ext4 filesystem being mounted at /334/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  900.906080][ T7622] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  901.000325][T15234] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  901.708808][T15241] netdevsim netdevsim9 : renamed from netdevsim0 (while UP)
[  902.367780][T15232] lo speed is unknown, defaulting to 1000
[  902.750724][ T5845] Bluetooth: hci1: command tx timeout
[  902.777244][ T7622] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  902.985179][ T7401] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  903.736328][ T7622] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.819388][T15232] chnl_net:caif_netlink_parms(): no params data found
[  905.039333][ T5845] Bluetooth: hci1: command tx timeout
[  905.817749][ T5911] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  906.345873][T15292] loop0: detected capacity change from 0 to 128
[  906.356632][T15292] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  906.380168][ T5911] usb 3-1: Using ep0 maxpacket: 16
[  906.386944][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  906.401098][ T5911] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  906.439022][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  906.682986][ T5911] usb 3-1: config 0 descriptor??
[  906.692350][ T5911] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  907.505967][ T5845] Bluetooth: hci1: command tx timeout
[  907.592871][T15232] bridge0: port 1(bridge_slave_0) entered blocking state
[  907.600009][T15232] bridge0: port 1(bridge_slave_0) entered disabled state
[  907.695822][T15232] bridge_slave_0: entered allmulticast mode
[  907.847579][    T8] usb 3-1: USB disconnect, device number 13
[  908.694697][T15232] bridge_slave_0: entered promiscuous mode
[  908.737640][T15232] bridge0: port 2(bridge_slave_1) entered blocking state
[  908.737716][T15232] bridge0: port 2(bridge_slave_1) entered disabled state
[  908.737875][T15232] bridge_slave_1: entered allmulticast mode
[  908.738901][T15232] bridge_slave_1: entered promiscuous mode
[  909.946878][ T5845] Bluetooth: hci1: command tx timeout
[  910.015277][T15232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  910.130877][ T7622] bridge_slave_1: left allmulticast mode
[  910.136687][ T7622] bridge_slave_1: left promiscuous mode
[  910.777113][T15329] No buffer was provided with the request
[  911.423795][ T7622] bridge0: port 2(bridge_slave_1) entered disabled state
[  911.861594][ T7622] bridge_slave_0: left allmulticast mode
[  912.323963][T15337] loop8: detected capacity change from 0 to 65536
[  912.418760][ T7622] bridge_slave_0: left promiscuous mode
[  912.554423][ T7622] bridge0: port 1(bridge_slave_0) entered disabled state
[  912.565428][ T6172] 
[  912.568224][ T6172] =============================
[  912.573981][ T6172] WARNING: suspicious RCU usage
[  912.578853][ T6172] 6.12.0-next-20241120-syzkaller #0 Not tainted
[  912.586366][ T6172] -----------------------------
[  912.591369][ T6172] net/sched/sch_generic.c:1290 suspicious rcu_dereference_protected() usage!
[  912.600193][ T6172] 
[  912.600193][ T6172] other info that might help us debug this:
[  912.600193][ T6172] 
[  912.610532][ T6172] 
[  912.610532][ T6172] rcu_scheduler_active = 2, debug_locks = 1
[  912.618766][ T6172] 3 locks held by kworker/u8:9/6172:
[  912.624154][ T6172]  #0: ffff88806baa3948 ((wq_completion)bond0#16){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  912.635450][ T6172]  #1: ffffc9000b8d7d00 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  912.652013][ T6172]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  912.662076][ T6172] 
[  912.662076][ T6172] stack backtrace:
[  912.667998][ T6172] CPU: 1 UID: 0 PID: 6172 Comm: kworker/u8:9 Not tainted 6.12.0-next-20241120-syzkaller #0
[  912.677993][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  912.688067][ T6172] Workqueue: bond0 bond_mii_monitor
[  912.693280][ T6172] Call Trace:
[  912.696558][ T6172]  <TASK>
[  912.699748][ T6172]  dump_stack_lvl+0x241/0x360
[  912.704434][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  912.709634][ T6172]  ? __pfx__printk+0x10/0x10
[  912.714238][ T6172]  lockdep_rcu_suspicious+0x226/0x340
[  912.719620][ T6172]  dev_deactivate_queue+0x8f/0x160
[  912.724766][ T6172]  dev_deactivate_many+0xc8/0xb10
[  912.729800][ T6172]  dev_deactivate+0x184/0x280
[  912.734498][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  912.739710][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  912.745640][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  912.751981][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  912.756835][ T6172]  linkwatch_do_dev+0x10a/0x170
[  912.761688][ T6172]  ethtool_op_get_link+0x15/0x60
[  912.766628][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  912.772259][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  912.777383][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  912.783040][ T6172]  bond_mii_monitor+0x49a/0x3170
[  912.787982][ T6172]  ? __lock_acquire+0x1397/0x2100
[  912.793000][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  912.798113][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  912.803314][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  912.808690][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  912.813733][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  912.819728][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  912.826080][ T6172]  ? process_scheduled_works+0x976/0x1850
[  912.831806][ T6172]  process_scheduled_works+0xa63/0x1850
[  912.837376][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  912.843363][ T6172]  ? assign_work+0x364/0x3d0
[  912.847959][ T6172]  worker_thread+0x870/0xd30
[  912.852554][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  912.857574][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  912.862683][ T6172]  kthread+0x2f0/0x390
[  912.866744][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  912.871857][ T6172]  ? __pfx_kthread+0x10/0x10
[  912.876441][ T6172]  ret_from_fork+0x4b/0x80
[  912.880855][ T6172]  ? __pfx_kthread+0x10/0x10
[  912.885442][ T6172]  ret_from_fork_asm+0x1a/0x30
[  912.890217][ T6172]  </TASK>
[  913.000141][ T6172] 
[  913.002557][ T6172] =============================
[  913.007426][ T6172] WARNING: suspicious RCU usage
[  913.012383][ T6172] 6.12.0-next-20241120-syzkaller #0 Not tainted
[  913.018650][ T6172] -----------------------------
[  913.023730][ T6172] ./include/linux/rtnetlink.h:156 suspicious rcu_dereference_protected() usage!
[  913.032840][ T6172] 
[  913.032840][ T6172] other info that might help us debug this:
[  913.032840][ T6172] 
[  913.043195][ T6172] 
[  913.043195][ T6172] rcu_scheduler_active = 2, debug_locks = 1
[  913.051363][ T6172] 3 locks held by kworker/u8:9/6172:
[  913.056711][ T6172]  #0: ffff88806baa3948 ((wq_completion)bond0#16){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  913.068006][ T6172]  #1: ffffc9000b8d7d00 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  913.081300][ T6172]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  913.091527][ T6172] 
[  913.091527][ T6172] stack backtrace:
[  913.097453][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: kworker/u8:9 Not tainted 6.12.0-next-20241120-syzkaller #0
[  913.107462][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  913.117548][ T6172] Workqueue: bond0 bond_mii_monitor
[  913.122789][ T6172] Call Trace:
[  913.126094][ T6172]  <TASK>
[  913.129050][ T6172]  dump_stack_lvl+0x241/0x360
[  913.133763][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  913.138999][ T6172]  ? __pfx__printk+0x10/0x10
[  913.143635][ T6172]  lockdep_rcu_suspicious+0x226/0x340
[  913.149222][ T6172]  dev_deactivate_many+0x18f/0xb10
[  913.154368][ T6172]  dev_deactivate+0x184/0x280
[  913.159074][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  913.164282][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  913.170187][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  913.176522][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  913.181387][ T6172]  linkwatch_do_dev+0x10a/0x170
[  913.186238][ T6172]  ethtool_op_get_link+0x15/0x60
[  913.191183][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  913.196823][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  913.201938][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  913.207586][ T6172]  bond_mii_monitor+0x49a/0x3170
[  913.212529][ T6172]  ? __lock_acquire+0x1397/0x2100
[  913.217548][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  913.222749][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  913.227954][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  913.233338][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  913.238358][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  913.244340][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  913.250672][ T6172]  ? process_scheduled_works+0x976/0x1850
[  913.256392][ T6172]  process_scheduled_works+0xa63/0x1850
[  913.261967][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  913.267962][ T6172]  ? assign_work+0x364/0x3d0
[  913.272558][ T6172]  worker_thread+0x870/0xd30
[  913.277151][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  913.282174][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  913.287285][ T6172]  kthread+0x2f0/0x390
[  913.291353][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  913.296471][ T6172]  ? __pfx_kthread+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  913.301061][ T6172]  ret_from_fork+0x4b/0x80
[  913.305479][ T6172]  ? __pfx_kthread+0x10/0x10
[  913.310066][ T6172]  ret_from_fork_asm+0x1a/0x30
[  913.314848][ T6172]  </TASK>
[  913.317928][    C0] vkms_vblank_simulate: vblank timer overrun
[  913.368123][ T6172] BUG: sleeping function called from invalid context at net/core/dev.c:11397
[  913.377359][ T6172] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 6172, name: kworker/u8:9
[  913.387092][ T6172] preempt_count: 0, expected: 0
[  913.392491][ T6172] RCU nest depth: 1, expected: 0
[  913.397451][ T6172] 3 locks held by kworker/u8:9/6172:
[  913.403233][ T6172]  #0: ffff88806baa3948 ((wq_completion)bond0#16){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  913.414506][ T6172]  #1: ffffc9000b8d7d00 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  913.428433][ T6172]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  913.460341][ T6172] CPU: 1 UID: 0 PID: 6172 Comm: kworker/u8:9 Not tainted 6.12.0-next-20241120-syzkaller #0
[  913.470380][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  913.480458][ T6172] Workqueue: bond0 bond_mii_monitor
[  913.485687][ T6172] Call Trace:
[  913.488979][ T6172]  <TASK>
[  913.491929][ T6172]  dump_stack_lvl+0x241/0x360
[  913.496640][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  913.501874][ T6172]  ? __pfx__printk+0x10/0x10
[  913.506587][ T6172]  __might_resched+0x5d4/0x780
[  913.511382][ T6172]  ? dev_deactivate_many+0x25f/0xb10
[  913.516688][ T6172]  ? __pfx___might_resched+0x10/0x10
[  913.522007][ T6172]  ? __local_bh_enable_ip+0x168/0x200
[  913.527402][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  913.532720][ T6172]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  913.538468][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  913.543719][ T6172]  synchronize_net+0x1b/0x50
[  913.548347][ T6172]  dev_deactivate_many+0x4a7/0xb10
[  913.553487][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  913.558796][ T6172]  dev_deactivate+0x184/0x280
[  913.563495][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  913.568708][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  913.574627][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  913.581106][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  913.585980][ T6172]  linkwatch_do_dev+0x10a/0x170
[  913.590849][ T6172]  ethtool_op_get_link+0x15/0x60
[  913.595818][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  913.601486][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  913.606625][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  913.612288][ T6172]  bond_mii_monitor+0x49a/0x3170
[  913.617251][ T6172]  ? __lock_acquire+0x1397/0x2100
[  913.622295][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  913.627424][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  913.632653][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  913.638062][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  913.643103][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  913.649114][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  913.655476][ T6172]  ? process_scheduled_works+0x976/0x1850
[  913.661311][ T6172]  process_scheduled_works+0xa63/0x1850
[  913.666917][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  913.672936][ T6172]  ? assign_work+0x364/0x3d0
[  913.677553][ T6172]  worker_thread+0x870/0xd30
[  913.682178][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  913.687234][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  913.692377][ T6172]  kthread+0x2f0/0x390
[  913.696461][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  913.701595][ T6172]  ? __pfx_kthread+0x10/0x10
[  913.706208][ T6172]  ret_from_fork+0x4b/0x80
[  913.710638][ T6172]  ? __pfx_kthread+0x10/0x10
[  913.715248][ T6172]  ret_from_fork_asm+0x1a/0x30
[  913.720046][ T6172]  </TASK>
[  913.916880][T15337] XFS (loop8): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  913.930130][ T6172] 
[  913.932501][ T6172] =============================
[  913.937390][ T6172] WARNING: suspicious RCU usage
[  913.942344][ T6172] 6.12.0-next-20241120-syzkaller #0 Tainted: G        W         
[  913.953351][ T6172] -----------------------------
[  913.958261][ T6172] kernel/rcu/tree_exp.h:949 Illegal synchronize_rcu_expedited() in RCU read-side critical section!
[  913.969187][ T6172] 
[  913.969187][ T6172] other info that might help us debug this:
[  913.969187][ T6172] 
[  913.977893][T15350] usb usb8: usbfs: process 15350 (syz.9.1829) did not claim interface 0 before use
[  913.979487][ T6172] 
[  913.979487][ T6172] rcu_scheduler_active = 2, debug_locks = 1
[  913.996837][ T6172] 3 locks held by kworker/u8:9/6172:
[  913.996854][ T6172]  #0: ffff88806baa3948 ((wq_completion)bond0#16){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  913.996937][ T6172]  #1: ffffc9000b8d7d00 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  913.997001][ T6172]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  914.037050][ T6172] 
[  914.037050][ T6172] stack backtrace:
[  914.043172][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: kworker/u8:9 Tainted: G        W          6.12.0-next-20241120-syzkaller #0
[  914.054658][ T6172] Tainted: [W]=WARN
[  914.058472][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  914.068543][ T6172] Workqueue: bond0 bond_mii_monitor
[  914.073766][ T6172] Call Trace:
[  914.077043][ T6172]  <TASK>
[  914.079971][ T6172]  dump_stack_lvl+0x241/0x360
[  914.084651][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  914.089847][ T6172]  ? __pfx__printk+0x10/0x10
[  914.094451][ T6172]  lockdep_rcu_suspicious+0x226/0x340
[  914.099824][ T6172]  synchronize_rcu_expedited+0x12e/0x830
[  914.105459][ T6172]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  914.111623][ T6172]  ? add_taint+0x99/0xe0
[  914.115867][ T6172]  ? __might_resched+0x5e0/0x780
[  914.120818][ T6172]  ? __local_bh_enable_ip+0x168/0x200
[  914.126190][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  914.131476][ T6172]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  914.137192][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  914.142396][ T6172]  dev_deactivate_many+0x4a7/0xb10
[  914.147506][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  914.152793][ T6172]  dev_deactivate+0x184/0x280
[  914.157476][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  914.162673][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  914.168564][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  914.174899][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  914.179842][ T6172]  linkwatch_do_dev+0x10a/0x170
[  914.184695][ T6172]  ethtool_op_get_link+0x15/0x60
[  914.189633][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  914.195266][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  914.200380][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  914.206021][ T6172]  bond_mii_monitor+0x49a/0x3170
[  914.210974][ T6172]  ? __lock_acquire+0x1397/0x2100
[  914.216015][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  914.221132][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  914.226340][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  914.231718][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  914.236741][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  914.242721][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  914.249059][ T6172]  ? process_scheduled_works+0x976/0x1850
[  914.254781][ T6172]  process_scheduled_works+0xa63/0x1850
[  914.260348][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  914.266336][ T6172]  ? assign_work+0x364/0x3d0
[  914.270935][ T6172]  worker_thread+0x870/0xd30
[  914.275529][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  914.280552][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  914.285662][ T6172]  kthread+0x2f0/0x390
[  914.289725][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  914.294837][ T6172]  ? __pfx_kthread+0x10/0x10
[  914.299431][ T6172]  ret_from_fork+0x4b/0x80
[  914.303843][ T6172]  ? __pfx_kthread+0x10/0x10
[  914.308434][ T6172]  ret_from_fork_asm+0x1a/0x30
[  914.313210][ T6172]  </TASK>
[  914.316272][    C0] vkms_vblank_simulate: vblank timer overrun
[  914.323262][T15337] workqueue: Failed to create a rescuer kthread for wq "xfs-cil/loop8": -EINTR
[  914.361229][ T6172] BUG: sleeping function called from invalid context at kernel/rcu/tree.c:4013
[  914.382387][ T6172] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 6172, name: kworker/u8:9
[  914.391683][ T6172] preempt_count: 0, expected: 0
[  914.396543][ T6172] RCU nest depth: 1, expected: 0
[  914.401558][ T6172] 3 locks held by kworker/u8:9/6172:
[  914.406888][ T6172]  #0: ffff88806baa3948 ((wq_completion)bond0#16){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  914.418706][ T6172]  #1: ffffc9000b8d7d00 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  914.432060][ T6172]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  914.441877][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: kworker/u8:9 Tainted: G        W          6.12.0-next-20241120-syzkaller #0
[  914.453356][ T6172] Tainted: [W]=WARN
[  914.457172][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  914.467248][ T6172] Workqueue: bond0 bond_mii_monitor
[  914.472470][ T6172] Call Trace:
[  914.475744][ T6172]  <TASK>
[  914.478678][ T6172]  dump_stack_lvl+0x241/0x360
[  914.483362][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  914.488559][ T6172]  ? __pfx__printk+0x10/0x10
[  914.493158][ T6172]  __might_resched+0x5d4/0x780
[  914.497924][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  914.503122][ T6172]  ? preempt_schedule_notrace+0xf6/0x140
[  914.508753][ T6172]  ? __pfx___might_resched+0x10/0x10
[  914.514043][ T6172]  ? nbcon_cpu_emergency_exit+0x6e/0xd0
[  914.519588][ T6172]  ? nbcon_cpu_emergency_exit+0x77/0xd0
[  914.525137][ T6172]  ? lockdep_rcu_suspicious+0x299/0x340
[  914.530686][ T6172]  synchronize_rcu_expedited+0x148/0x830
[  914.536330][ T6172]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  914.542489][ T6172]  ? add_taint+0x99/0xe0
[  914.546728][ T6172]  ? __might_resched+0x5e0/0x780
[  914.551673][ T6172]  ? __local_bh_enable_ip+0x168/0x200
[  914.557051][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  914.562336][ T6172]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  914.568054][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  914.573258][ T6172]  dev_deactivate_many+0x4a7/0xb10
[  914.578370][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  914.583698][ T6172]  dev_deactivate+0x184/0x280
[  914.588374][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  914.593573][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  914.599465][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  914.605794][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  914.610651][ T6172]  linkwatch_do_dev+0x10a/0x170
[  914.615499][ T6172]  ethtool_op_get_link+0x15/0x60
[  914.620451][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  914.626103][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  914.631224][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  914.636873][ T6172]  bond_mii_monitor+0x49a/0x3170
[  914.641822][ T6172]  ? __lock_acquire+0x1397/0x2100
[  914.646847][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  914.651962][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  914.657175][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  914.662555][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  914.667576][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  914.673557][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  914.679888][ T6172]  ? process_scheduled_works+0x976/0x1850
[  914.685610][ T6172]  process_scheduled_works+0xa63/0x1850
[  914.691180][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  914.697171][ T6172]  ? assign_work+0x364/0x3d0
[  914.701852][ T6172]  worker_thread+0x870/0xd30
[  914.706445][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  914.711464][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  914.716574][ T6172]  kthread+0x2f0/0x390
[  914.720639][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  914.725753][ T6172]  ? __pfx_kthread+0x10/0x10
[  914.730349][ T6172]  ret_from_fork+0x4b/0x80
[  914.734788][ T6172]  ? __pfx_kthread+0x10/0x10
[  914.739377][ T6172]  ret_from_fork_asm+0x1a/0x30
[  914.744158][ T6172]  </TASK>
[  914.747216][    C0] vkms_vblank_simulate: vblank timer overrun
[  914.754055][ T6172] 
[  914.756400][ T6172] =============================
[  914.761250][ T6172] [ BUG: Invalid wait context ]
[  914.766100][ T6172] 6.12.0-next-20241120-syzkaller #0 Tainted: G        W         
[  914.773819][ T6172] -----------------------------
[  914.778651][ T6172] kworker/u8:9/6172 is trying to lock:
[  914.784093][ T6172] ffffffff8e93cff8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830
[  914.794538][ T6172] other info that might help us debug this:
[  914.800432][ T6172] context-{5:5}
[  914.803896][ T6172] 3 locks held by kworker/u8:9/6172:
[  914.809180][ T6172]  #0: ffff88806baa3948 ((wq_completion)bond0#16){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  914.820336][ T6172]  #1: ffffc9000b8d7d00 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  914.833225][ T6172]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x174/0x3170
[  914.842890][ T6172] stack backtrace:
[  914.846598][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: kworker/u8:9 Tainted: G        W          6.12.0-next-20241120-syzkaller #0
[  914.858047][ T6172] Tainted: [W]=WARN
[  914.861859][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  914.872109][ T6172] Workqueue: bond0 bond_mii_monitor
[  914.877317][ T6172] Call Trace:
[  914.880591][ T6172]  <TASK>
[  914.883516][ T6172]  dump_stack_lvl+0x241/0x360
[  914.888190][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  914.893384][ T6172]  ? __pfx__printk+0x10/0x10
[  914.897969][ T6172]  __lock_acquire+0x15a8/0x2100
[  914.902831][ T6172]  lock_acquire+0x1ed/0x550
[  914.907325][ T6172]  ? synchronize_rcu_expedited+0x451/0x830
[  914.913126][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  914.918138][ T6172]  ? __pfx___might_resched+0x10/0x10
[  914.923424][ T6172]  __mutex_lock+0x1ac/0xee0
[  914.927925][ T6172]  ? synchronize_rcu_expedited+0x451/0x830
[  914.933757][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  914.938786][ T6172]  ? synchronize_rcu_expedited+0x451/0x830
[  914.944605][ T6172]  ? __pfx___mutex_lock+0x10/0x10
[  914.949634][ T6172]  ? do_raw_spin_lock+0x14f/0x370
[  914.954667][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  914.959871][ T6172]  synchronize_rcu_expedited+0x451/0x830
[  914.965510][ T6172]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  914.971667][ T6172]  ? add_taint+0x99/0xe0
[  914.975910][ T6172]  ? __might_resched+0x5e0/0x780
[  914.980855][ T6172]  ? __local_bh_enable_ip+0x168/0x200
[  914.986228][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  914.991512][ T6172]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  914.997230][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  915.002431][ T6172]  dev_deactivate_many+0x4a7/0xb10
[  915.007540][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  915.012827][ T6172]  dev_deactivate+0x184/0x280
[  915.017496][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  915.022684][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  915.028584][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  915.034929][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  915.039781][ T6172]  linkwatch_do_dev+0x10a/0x170
[  915.044911][ T6172]  ethtool_op_get_link+0x15/0x60
[  915.049853][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  915.055485][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  915.060598][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  915.066256][ T6172]  bond_mii_monitor+0x49a/0x3170
[  915.071277][ T6172]  ? __lock_acquire+0x1397/0x2100
[  915.076296][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  915.081399][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  915.086687][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  915.092062][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  915.097086][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  915.103064][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  915.109391][ T6172]  ? process_scheduled_works+0x976/0x1850
[  915.115112][ T6172]  process_scheduled_works+0xa63/0x1850
[  915.120667][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  915.126648][ T6172]  ? assign_work+0x364/0x3d0
[  915.131238][ T6172]  worker_thread+0x870/0xd30
[  915.135833][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  915.140855][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  915.145967][ T6172]  kthread+0x2f0/0x390
[  915.150030][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  915.155230][ T6172]  ? __pfx_kthread+0x10/0x10
[  915.159816][ T6172]  ret_from_fork+0x4b/0x80
[  915.164223][ T6172]  ? __pfx_kthread+0x10/0x10
[  915.168818][ T6172]  ret_from_fork_asm+0x1a/0x30
[  915.173586][ T6172]  </TASK>
[  915.176648][    C0] vkms_vblank_simulate: vblank timer overrun
[  915.183017][ T6172] ------------[ cut here ]------------
[  915.188481][ T6172] Voluntary context switch within RCU read-side critical section!
[  915.188570][ T6172] WARNING: CPU: 0 PID: 6172 at kernel/rcu/tree_plugin.h:331 rcu_note_context_switch+0xcf4/0xff0
[  915.206761][ T6172] Modules linked in:
[  915.210681][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: kworker/u8:9 Tainted: G        W          6.12.0-next-20241120-syzkaller #0
[  915.222219][ T6172] Tainted: [W]=WARN
[  915.226017][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  915.236152][ T6172] Workqueue: bond0 bond_mii_monitor
[  915.241354][ T6172] RIP: 0010:rcu_note_context_switch+0xcf4/0xff0
[  915.247593][ T6172] Code: 00 ba 02 00 00 00 e8 7b 13 fe ff 4c 8b b4 24 80 00 00 00 eb 91 c6 05 3d a2 7c 0e 01 90 48 c7 c7 e0 eb 0b 8c e8 0d 30 da ff 90 <0f> 0b 90 90 e9 3b f4 ff ff 90 0f 0b 90 45 84 ed 0f 84 00 f4 ff ff
[  915.267193][ T6172] RSP: 0018:ffffc9000b8d6f60 EFLAGS: 00010046
[  915.273253][ T6172] RAX: 0c59d3d5d0395400 RBX: ffff8880213ade44 RCX: ffff8880213ada00
[  915.281215][ T6172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  915.289261][ T6172] RBP: ffffc9000b8d70b0 R08: ffffffff81601b32 R09: fffffbfff1cfa218
[  915.297221][ T6172] R10: dffffc0000000000 R11: fffffbfff1cfa218 R12: ffff8880213ada00
[  915.305181][ T6172] R13: 0000000000000000 R14: 1ffff9200171ae04 R15: dffffc0000000000
[  915.313143][ T6172] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  915.322061][ T6172] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  915.328630][ T6172] CR2: 00007fd735bc2f98 CR3: 000000000e736000 CR4: 00000000003526f0
[  915.336590][ T6172] Call Trace:
[  915.339862][ T6172]  <TASK>
[  915.342794][ T6172]  ? __warn+0x168/0x4e0
[  915.346940][ T6172]  ? rcu_note_context_switch+0xcf4/0xff0
[  915.352565][ T6172]  ? report_bug+0x2b3/0x500
[  915.357059][ T6172]  ? rcu_note_context_switch+0xcf4/0xff0
[  915.362680][ T6172]  ? handle_bug+0x60/0x90
[  915.366995][ T6172]  ? exc_invalid_op+0x1a/0x50
[  915.371661][ T6172]  ? asm_exc_invalid_op+0x1a/0x20
[  915.376769][ T6172]  ? __warn_printk+0x292/0x360
[  915.381525][ T6172]  ? rcu_note_context_switch+0xcf4/0xff0
[  915.387145][ T6172]  ? ret_from_fork_asm+0x1a/0x30
[  915.392076][ T6172]  ? __printk_cpu_sync_put+0x67/0x80
[  915.397346][ T6172]  ? dump_stack_lvl+0x301/0x360
[  915.402188][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  915.407375][ T6172]  ? __pfx__printk+0x10/0x10
[  915.411952][ T6172]  ? __pfx_rcu_note_context_switch+0x10/0x10
[  915.417923][ T6172]  ? rcu_is_watching+0x15/0xb0
[  915.422677][ T6172]  __schedule+0x34b/0x4c30
[  915.427085][ T6172]  ? rcu_is_watching+0x15/0xb0
[  915.431845][ T6172]  ? lock_acquire+0x264/0x550
[  915.436514][ T6172]  ? __pfx___schedule+0x10/0x10
[  915.441363][ T6172]  ? __mutex_trylock_common+0x92/0x2e0
[  915.446816][ T6172]  ? __pfx___mutex_trylock_common+0x10/0x10
[  915.452704][ T6172]  schedule+0x14b/0x320
[  915.456853][ T6172]  schedule_preempt_disabled+0x13/0x30
[  915.462304][ T6172]  __mutex_lock+0x425/0xee0
[  915.466802][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  915.471816][ T6172]  ? synchronize_rcu_expedited+0x451/0x830
[  915.477615][ T6172]  ? __pfx___mutex_lock+0x10/0x10
[  915.482625][ T6172]  ? do_raw_spin_lock+0x14f/0x370
[  915.487642][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  915.492834][ T6172]  synchronize_rcu_expedited+0x451/0x830
[  915.498457][ T6172]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  915.504602][ T6172]  ? add_taint+0x99/0xe0
[  915.508833][ T6172]  ? __might_resched+0x5e0/0x780
[  915.513770][ T6172]  ? __local_bh_enable_ip+0x168/0x200
[  915.519133][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  915.524413][ T6172]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  915.530124][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  915.535318][ T6172]  dev_deactivate_many+0x4a7/0xb10
[  915.540421][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  915.545698][ T6172]  dev_deactivate+0x184/0x280
[  915.550378][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  915.555579][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  915.561471][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  915.567791][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  915.572632][ T6172]  linkwatch_do_dev+0x10a/0x170
[  915.577475][ T6172]  ethtool_op_get_link+0x15/0x60
[  915.582404][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  915.588025][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  915.593126][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  915.598757][ T6172]  bond_mii_monitor+0x49a/0x3170
[  915.603686][ T6172]  ? __lock_acquire+0x1397/0x2100
[  915.608700][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  915.613802][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  915.618995][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  915.624358][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  915.629371][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  915.635357][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  915.641683][ T6172]  ? process_scheduled_works+0x976/0x1850
[  915.647399][ T6172]  process_scheduled_works+0xa63/0x1850
[  915.652961][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  915.658968][ T6172]  ? assign_work+0x364/0x3d0
[  915.663573][ T6172]  worker_thread+0x870/0xd30
[  915.668158][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  915.673189][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  915.678313][ T6172]  kthread+0x2f0/0x390
[  915.682381][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  915.687486][ T6172]  ? __pfx_kthread+0x10/0x10
[  915.692070][ T6172]  ret_from_fork+0x4b/0x80
[  915.696481][ T6172]  ? __pfx_kthread+0x10/0x10
[  915.701066][ T6172]  ret_from_fork_asm+0x1a/0x30
[  915.705845][ T6172]  </TASK>
[  915.708870][ T6172] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  915.716141][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: kworker/u8:9 Tainted: G        W          6.12.0-next-20241120-syzkaller #0
[  915.727598][ T6172] Tainted: [W]=WARN
[  915.731393][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  915.741441][ T6172] Workqueue: bond0 bond_mii_monitor
[  915.746641][ T6172] Call Trace:
[  915.749921][ T6172]  <TASK>
[  915.752849][ T6172]  dump_stack_lvl+0x241/0x360
[  915.757528][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  915.762758][ T6172]  ? __pfx__printk+0x10/0x10
[  915.767343][ T6172]  ? vscnprintf+0x5d/0x90
[  915.771666][ T6172]  panic+0x349/0x880
[  915.775556][ T6172]  ? __warn+0x177/0x4e0
[  915.779709][ T6172]  ? __pfx_panic+0x10/0x10
[  915.784160][ T6172]  ? ret_from_fork_asm+0x1a/0x30
[  915.789098][ T6172]  __warn+0x34b/0x4e0
[  915.793074][ T6172]  ? rcu_note_context_switch+0xcf4/0xff0
[  915.798755][ T6172]  report_bug+0x2b3/0x500
[  915.803099][ T6172]  ? rcu_note_context_switch+0xcf4/0xff0
[  915.808728][ T6172]  handle_bug+0x60/0x90
[  915.812876][ T6172]  exc_invalid_op+0x1a/0x50
[  915.817368][ T6172]  asm_exc_invalid_op+0x1a/0x20
[  915.822223][ T6172] RIP: 0010:rcu_note_context_switch+0xcf4/0xff0
[  915.828465][ T6172] Code: 00 ba 02 00 00 00 e8 7b 13 fe ff 4c 8b b4 24 80 00 00 00 eb 91 c6 05 3d a2 7c 0e 01 90 48 c7 c7 e0 eb 0b 8c e8 0d 30 da ff 90 <0f> 0b 90 90 e9 3b f4 ff ff 90 0f 0b 90 45 84 ed 0f 84 00 f4 ff ff
[  915.848072][ T6172] RSP: 0018:ffffc9000b8d6f60 EFLAGS: 00010046
[  915.854141][ T6172] RAX: 0c59d3d5d0395400 RBX: ffff8880213ade44 RCX: ffff8880213ada00
[  915.862134][ T6172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  915.870097][ T6172] RBP: ffffc9000b8d70b0 R08: ffffffff81601b32 R09: fffffbfff1cfa218
[  915.878061][ T6172] R10: dffffc0000000000 R11: fffffbfff1cfa218 R12: ffff8880213ada00
[  915.886025][ T6172] R13: 0000000000000000 R14: 1ffff9200171ae04 R15: dffffc0000000000
[  915.893990][ T6172]  ? __warn_printk+0x292/0x360
[  915.898752][ T6172]  ? ret_from_fork_asm+0x1a/0x30
[  915.903682][ T6172]  ? __printk_cpu_sync_put+0x67/0x80
[  915.908956][ T6172]  ? dump_stack_lvl+0x301/0x360
[  915.913806][ T6172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  915.918994][ T6172]  ? __pfx__printk+0x10/0x10
[  915.923572][ T6172]  ? __pfx_rcu_note_context_switch+0x10/0x10
[  915.929542][ T6172]  ? rcu_is_watching+0x15/0xb0
[  915.934301][ T6172]  __schedule+0x34b/0x4c30
[  915.938710][ T6172]  ? rcu_is_watching+0x15/0xb0
[  915.943474][ T6172]  ? lock_acquire+0x264/0x550
[  915.948142][ T6172]  ? __pfx___schedule+0x10/0x10
[  915.952991][ T6172]  ? __mutex_trylock_common+0x92/0x2e0
[  915.958444][ T6172]  ? __pfx___mutex_trylock_common+0x10/0x10
[  915.964333][ T6172]  schedule+0x14b/0x320
[  915.968482][ T6172]  schedule_preempt_disabled+0x13/0x30
[  915.973932][ T6172]  __mutex_lock+0x425/0xee0
[  915.978427][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  915.983438][ T6172]  ? synchronize_rcu_expedited+0x451/0x830
[  915.989234][ T6172]  ? __pfx___mutex_lock+0x10/0x10
[  915.994242][ T6172]  ? do_raw_spin_lock+0x14f/0x370
[  915.999258][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  916.004452][ T6172]  synchronize_rcu_expedited+0x451/0x830
[  916.010084][ T6172]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  916.016233][ T6172]  ? add_taint+0x99/0xe0
[  916.020465][ T6172]  ? __might_resched+0x5e0/0x780
[  916.025401][ T6172]  ? __local_bh_enable_ip+0x168/0x200
[  916.030767][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  916.036045][ T6172]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  916.041758][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  916.046951][ T6172]  dev_deactivate_many+0x4a7/0xb10
[  916.052058][ T6172]  ? dev_deactivate_many+0x250/0xb10
[  916.057336][ T6172]  dev_deactivate+0x184/0x280
[  916.062009][ T6172]  ? __pfx_dev_deactivate+0x10/0x10
[  916.067200][ T6172]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  916.073084][ T6172]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  916.079407][ T6172]  ? rfc2863_policy+0x1d7/0x300
[  916.084249][ T6172]  linkwatch_do_dev+0x10a/0x170
[  916.089090][ T6172]  ethtool_op_get_link+0x15/0x60
[  916.094019][ T6172]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  916.099640][ T6172]  bond_check_dev_link+0x1f1/0x3f0
[  916.104744][ T6172]  ? __pfx_bond_check_dev_link+0x10/0x10
[  916.110369][ T6172]  bond_mii_monitor+0x49a/0x3170
[  916.115298][ T6172]  ? __lock_acquire+0x1397/0x2100
[  916.120313][ T6172]  ? bond_mii_monitor+0x174/0x3170
[  916.125414][ T6172]  ? do_raw_spin_unlock+0x13c/0x8b0
[  916.130606][ T6172]  ? __pfx_bond_mii_monitor+0x10/0x10
[  916.135972][ T6172]  ? __pfx_lock_acquire+0x10/0x10
[  916.140983][ T6172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  916.146958][ T6172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  916.153275][ T6172]  ? process_scheduled_works+0x976/0x1850
[  916.158992][ T6172]  process_scheduled_works+0xa63/0x1850
[  916.164544][ T6172]  ? __pfx_process_scheduled_works+0x10/0x10
[  916.170521][ T6172]  ? assign_work+0x364/0x3d0
[  916.175104][ T6172]  worker_thread+0x870/0xd30
[  916.179686][ T6172]  ? __kthread_parkme+0x169/0x1d0
[  916.184699][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  916.189806][ T6172]  kthread+0x2f0/0x390
[  916.193881][ T6172]  ? __pfx_worker_thread+0x10/0x10
[  916.198986][ T6172]  ? __pfx_kthread+0x10/0x10
[  916.203565][ T6172]  ret_from_fork+0x4b/0x80
[  916.207973][ T6172]  ? __pfx_kthread+0x10/0x10
[  916.212552][ T6172]  ret_from_fork_asm+0x1a/0x30
[  916.217401][ T6172]  </TASK>
[  916.220661][ T6172] Kernel Offset: disabled
[  916.224973][ T6172] Rebooting in 86400 seconds..