last executing test programs:

10m55.792587866s ago: executing program 32 (id=415):
ioperm(0xff, 0x9, 0x100000001)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x58}}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x38080862, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = memfd_secret(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r2, r1, 0x2e, 0x4608, @void}, 0x10)

10m19.7563245s ago: executing program 0 (id=512):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00'})
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
setfsuid(0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_START_REQ(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x1c, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x30040844}, 0x4000018)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x3, 0xb, &(0x7f0000000a80)=@framed={{0x18, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, [@printk={@u, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000600)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r6 = socket$unix(0x1, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x10, &(0x7f0000000240)=0x8000, 0x4)
connect$unix(r6, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)

10m16.993272969s ago: executing program 0 (id=515):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000139209f422ca2f1d3568c599f830b1f821bc25fa46eaf53917fbae01ac86e06a0af31a9167ac93666cbfce317f4d89438ada20492c7e787769ae367b057e255f9fc7fcd367"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$kcm(0x2a, 0x2, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, 0x0, 0x0)
sendmsg$tipc(r4, &(0x7f0000000200)={&(0x7f0000000c00)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, 0x0}, 0x4000)
gettid()
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0))
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x1401, 0x311}, 0x10}}, 0x0)

10m15.999474973s ago: executing program 0 (id=516):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
syz_open_dev$midi(&(0x7f0000000100), 0x3ff, 0x2000)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x42041)
syz_usb_disconnect(r0)
r1 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
gettid()
close_range(r3, 0xffffffffffffffff, 0x0)

10m10.213460106s ago: executing program 0 (id=528):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)

10m9.337098356s ago: executing program 0 (id=533):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$packet(0x11, 0x3, 0x300)
r2 = syz_io_uring_setup(0x2a20, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x0, 0x10000}, 0x0, &(0x7f00000002c0))
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(r3, 0xc0905664, &(0x7f00000002c0)={0x0, 0x0, '\x00', @bt={0x1, 0x5, 0x3, 0x7, 0x4, 0x7, 0xd, 0x5}})
creat(&(0x7f00000000c0)='./file0\x00', 0x80)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0x1, 0x3, 0x9, 0xffffffca, 0x5, 0xffffff2b, 0x6})
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/profiling', 0xc10800, 0xc8)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r5, 0x541c, &(0x7f0000000000))
ioctl$TIOCL_UNBLANKSCREEN(r5, 0x541c, &(0x7f00000000c0))
ioctl$SIOCAX25DELUID(r4, 0x89e2, &(0x7f0000000180)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r2, 0x19, 0x0, 0x1)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, 0x0)
io_uring_setup(0x39e5, &(0x7f0000000300)={0x0, 0x1d6, 0x80, 0x3, 0x2ab})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

10m7.490453971s ago: executing program 0 (id=536):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)

9m52.050080426s ago: executing program 33 (id=536):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)

9m41.14197527s ago: executing program 1 (id=583):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000139209f422ca2f1d3568c599f830b1f821bc25fa46eaf53917fbae01ac86e06a0af31a9167ac93666cbfce317f4d89438ada20492c7e787769ae367b057e255f9fc7fcd367"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$kcm(0x2a, 0x2, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, 0x0, 0x0)
sendmsg$tipc(r4, &(0x7f0000000200)={&(0x7f0000000c00)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, 0x0}, 0x4000)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x1401, 0x311}, 0x10}}, 0x0)

9m39.600023314s ago: executing program 1 (id=586):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002480)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0x3)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x1030002, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x40}}, 0x50)
mount$fuse(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000640), 0x38421, &(0x7f0000000800)={{}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other}, {@allow_other}, {@max_read={'max_read', 0x3d, 0xfffffffffffffff0}}, {@default_permissions}, {@blksize}, {@max_read={'max_read', 0x3d, 0x1}}, {@blksize={'blksize', 0x3d, 0x1200}}, {@blksize={'blksize', 0x3d, 0x5d39fd23ccf49aa2}}], [{@appraise_type}, {@dont_hash}]}})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe3, &(0x7f0000000240)=""/227, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
close(r4)

9m37.151857729s ago: executing program 1 (id=590):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0xffffffffffffffa7}}], 0xf00, 0x4c42bb4f92, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x6c, 0x43, 0xa6, 0x8, 0x5d1, 0x9003, 0x200, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x42, 0xcc, 0x98}}]}}]}}, 0x0)
shutdown(r2, 0x0)

9m32.810468988s ago: executing program 5 (id=601):
ioprio_set$uid(0x3, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
socket$nl_generic(0x11, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f0000000000), 0x2, 0x2)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0x80, 0x0, 0x0, 0x0, @multicast}, 0x10)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000003240)=[0x0], 0x0, 0x0, 0x0, 0x1})
sendmmsg(r4, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)

9m31.221644846s ago: executing program 5 (id=602):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r3}]}, 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x28000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_UIE_ON(r8, 0x7003)
ioctl$RTC_ALM_SET(r8, 0x40247007, &(0x7f00000003c0))
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2200}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0)

9m31.177727s ago: executing program 1 (id=603):
r0 = socket$inet6(0xa, 0x80002, 0x0)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='esdfs\x00', 0x0, &(0x7f0000000300)='usrquota')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40001}, 0x400c090)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
r8 = socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_pktinfo(r8, 0x0, 0x8, &(0x7f0000000240)={0x0, @local, @local}, &(0x7f0000000140)=0xc)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)

9m26.461451854s ago: executing program 5 (id=609):
r0 = syz_open_dev$usbfs(&(0x7f0000000280), 0x77, 0x101a01)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, 0x0, 0x0}, 0x20)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
getpriority(0x0, r1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x2000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0\x00')
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230318000aff6000000002000020d3"])

9m26.312521253s ago: executing program 1 (id=611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
flock(0xffffffffffffffff, 0x5)
flock(0xffffffffffffffff, 0x2)

9m24.432297143s ago: executing program 5 (id=613):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240), &(0x7f0000000280))
mmap$IORING_OFF_SQ_RING(&(0x7f0000994000/0x2000)=nil, 0x2000, 0x0, 0x8010, r3, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
mount$9p_unix(&(0x7f0000000000)='\x00', &(0x7f0000000040)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="7472616e733d756e69782c0053cae5a9010ee3f5ab"])
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r5 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f0000f1d000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0xfffffffffffffffd, 0x0, 0x0, 0x96f, 0x32, 0x20, 0x1, 0x21})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000000)={0x8, 0x0, 0x3017, 0x1, 0x7, 0x2, 0xc, 0x1})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7], 0x44}}, 0x0)

9m23.805387182s ago: executing program 1 (id=616):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
flock(0xffffffffffffffff, 0x5)
flock(0xffffffffffffffff, 0x2)

9m22.495817006s ago: executing program 5 (id=618):
socket(0x200000100000011, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
listen(r1, 0x20000005)
r2 = socket$inet6(0xa, 0x6, 0x0)
r3 = landlock_create_ruleset(&(0x7f00000000c0)={0x0, 0x2, 0x3}, 0x11, 0x0)
landlock_restrict_self(r3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
getpgrp(0x0)
r4 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r4, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r4, &(0x7f0000000100)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r4, 0x1)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000001c0)={0x0, 0xf7, 0xc, 0x8}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x34, 0xfffffffe}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x9c)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @empty}, 0x1c)
accept4(r1, 0x0, 0x0, 0x800)

9m21.002919915s ago: executing program 5 (id=620):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r3, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)

9m7.865909565s ago: executing program 34 (id=616):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
flock(0xffffffffffffffff, 0x5)
flock(0xffffffffffffffff, 0x2)

9m5.863353507s ago: executing program 35 (id=620):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
connect$unix(r2, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r3, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)

6m56.692824258s ago: executing program 2 (id=862):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000928d43ee35c4ecfaec8e0a4edbfe80b2049df06d92f449975ed4c071a8d83d92d02496800184398a001f908f078622c9e31607ff929b62bded4c0bb2cbadddffc4b74ebb4a8ad17674010000003d4c90a1c01a18ad67aa8a9580fc789b7222f3e2ff1a5390e2b9137088898087a41e7a5a67c6a41c436f7db0369c846055c8b28fbbc22e10d413087db065f918e2cc600ff19311524f9a2cbe32c3cfacb4fce3d83ff3d8637aa961f0d2ec74d6b69541c6ae69fb84ca109b02a85491704a96addc183b9568fc3c2d3f3b7cee104619a8"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b40)=@raw={'raw\x00', 0x3c1, 0x3, 0x520, 0x340, 0x9403, 0x0, 0x0, 0x2c0, 0x450, 0x3d8, 0x3d8, 0x450, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@hashlimit3={{0x158}, {'syz_tun\x00', {0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0, 0x1, 0x6}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x580)

6m55.154344911s ago: executing program 2 (id=865):
socket(0x200000100000011, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
listen(r1, 0x20000005)
r2 = socket$inet6(0xa, 0x6, 0x0)
r3 = landlock_create_ruleset(&(0x7f00000000c0)={0x0, 0x2, 0x3}, 0x11, 0x0)
landlock_restrict_self(r3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
getpgrp(0x0)
r4 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r4, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r4, &(0x7f0000000100)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000001c0)={0x0, 0xf7, 0xc, 0x8}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x34, 0xfffffffe}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x9c)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @empty}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x9b4c, 0x0}}], 0x500, 0x0)

6m53.27422777s ago: executing program 2 (id=869):
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000026000100f3ff000000000000020099921b0000"], 0x14}}, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000480)="fb", 0x1, 0x4048081, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000180)={0x0, 0xe26, 0x4, 0x3, 0x6, 0xa0, 0xfffffffffffffffe, 0x9}, 0x0, &(0x7f0000000200)={0x9, 0x78, 0x100000000, 0x6, 0x1, 0x8001, 0x100000001, 0xa}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
ioprio_get$pid(0x0, r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_dccp(0xa, 0x6, 0x0)
bind$inet6(r5, 0x0, 0x0)
ioperm(0x80, 0x1, 0x1)
link(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
setfsuid(0x0)
ioctl$IOMMU_GET_HW_INFO(r0, 0x3b8a, &(0x7f0000000340)={0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

6m47.121775712s ago: executing program 2 (id=883):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030000008000001c0012800b00010067656e65766500350067656e6776653100"/56], 0x50}}, 0x400c091)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'wg2\x00', @local})
writev(r0, &(0x7f0000000d00)=[{&(0x7f0000000c00)="89e7ee9ad6c4ad054ab2e24488ca", 0xe}], 0x1)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvmsg(r5, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x20)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
ioperm(0x4, 0x2, 0x100000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ec0000002100390d000000000000ac14140000000000000000000000e00007000000000000000000000000ffffffed00"/61, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100ff010000000000000000000000000001ffffffff00000000000000000000000020010000000000000000000000000001ac141400000000000000000000000000000000000100000000000200ff010000000000000000000000000001ffffffff000000000000000000000000fe800000000000000000000000000000ac1414bb00"/164], 0xec}}, 0x0)

6m44.615698929s ago: executing program 2 (id=886):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000040)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)

6m41.45662493s ago: executing program 2 (id=894):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[], 0x0, 0x2d, 0x0, 0x1, 0x3, 0x10000, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000540)={r3, 0x20, &(0x7f00000004c0)={&(0x7f0000001000)=""/107, 0x6b, 0x0, &(0x7f0000001080)=""/79, 0x4f}}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0)

6m24.930547646s ago: executing program 36 (id=894):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[], 0x0, 0x2d, 0x0, 0x1, 0x3, 0x10000, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000540)={r3, 0x20, &(0x7f00000004c0)={&(0x7f0000001000)=""/107, 0x6b, 0x0, &(0x7f0000001080)=""/79, 0x4f}}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0)

5m10.279436709s ago: executing program 8 (id=1057):
r0 = syz_open_dev$usbfs(&(0x7f0000000280), 0x77, 0x101a01)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, 0x0, 0x0}, 0x20)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
getpriority(0x0, r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x2000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0\x00')
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200230318000aff6000000002000020d3"])

5m8.705015741s ago: executing program 8 (id=1061):
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
fsopen(0x0, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x520, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x0, 0x178, 0xc, 0x0, 0x178, 0x2c8, 0x258, 0x258, 0x2c8, 0x258, 0x3, 0x0, {[{{@ipv6={@loopback={0x1f0}, @mcast2, [], [], 'team_slave_0\x00', 'netpci0\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "fc6b061134c5d5c8465af5f5caa5bd6c0dde77ff83daa984c0d76167e0608dcaa2caff7bd9c5923cccd5b483df8124249f91b8c3c2cea9bed64dc935a975401a68e34a04c1f15e50050729ba985e8c1576994e350d93a782668d4d51a1bc76bba1fde09794922ae65a804c56f092e430ebb8fa892d671c8c8035cae06810f8c6", 0x20}}, @common=@unspec=@addrtype1={{0x28}, {0x0, 0x0, 0x8}}]}, @common=@inet=@SET2={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'wg2\x00', 'hsr0\x00'}, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "08db"}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
r6 = dup(r5)
write$FUSE_INIT(r6, &(0x7f0000002100)={0x50, 0xffffffffffffffda}, 0x50)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000100)=0x6)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={0x28, r7, 0x7, 0x0, 0x0, {{0x2}, {@val={0x8, 0x2}, @void, @val={0xc, 0x99, {0x1}}}}}, 0x28}}, 0x0)

5m5.858017572s ago: executing program 8 (id=1067):
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000180), 0x4)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}}, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000180)=""/144, 0x90}, {&(0x7f00000036c0)=""/4106, 0x100a}, {&(0x7f0000002540)=""/4096, 0x1000}, {&(0x7f0000000400)=""/153, 0x99}], 0x4}}, {{0x0, 0x0, 0x0}}], 0x2, 0x10000, 0x0)

5m4.302547376s ago: executing program 8 (id=1068):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r0, 0x0, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f00000000c0)={0x28, 0x4}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
write$FUSE_OPEN(r0, &(0x7f00000002c0)={0x20}, 0x20)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000040)={[{@userxattr}, {@nfs_export_on}, {@redirect_dir_nofollow}]})

5m2.286343773s ago: executing program 8 (id=1075):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
socket$alg(0x26, 0x5, 0x0)
socket$key(0xf, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/fib_triestat\x00')
ioctl$SNDRV_PCM_IOCTL_STATUS64(r1, 0x80984120, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setxattr$system_posix_acl(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000680), 0x24, 0x0)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={'nicvf0\x00', 0x0})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000280)={0x1})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
ioctl$TCFLSH(r2, 0x404c4701, 0x20000000)
ioctl$TIOCSTI(r2, 0x5412, 0x0)

5m0.305966843s ago: executing program 8 (id=1078):
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

4m44.377909764s ago: executing program 37 (id=1078):
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000b, 0x42031, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000002940)={0x18, 0x3}, 0x18)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

11.255039438s ago: executing program 9 (id=1791):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000080)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x34, 0x74]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
creat(0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x64142, 0x180)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x46042, 0x288)
write$FUSE_OPEN(r2, &(0x7f0000000080)={0x20, 0xfffffffffffffffe}, 0x20)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
recvmmsg(r3, &(0x7f0000000ac0), 0x0, 0x60, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@map=r0, 0x1a055f2dbc21967b, 0x1, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
unlink(&(0x7f0000000180)='./file1\x00')
sendfile(r2, r1, 0x0, 0x2c62)

8.797838703s ago: executing program 4 (id=1798):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.072384858s ago: executing program 9 (id=1802):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x10001, 0x0)
socket(0x40000000015, 0x805, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2600, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r1=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000740)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r1, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000001400)={0x28, 0x2, r1, 0x0, &(0x7f00006a2000/0x2000)=nil, 0x2000, 0x1000000002})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000180)={0x28, 0x6, r1, r1, 0xa93, 0x0, 0x3fff})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2)

8.070097018s ago: executing program 4 (id=1803):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00')
pread64(r1, &(0x7f0000001500)=""/4059, 0xfdb, 0x7fff)

8.011215193s ago: executing program 7 (id=1804):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c00000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c001280090001007866726d000000000c0002800800"], 0x3c}}, 0x0)

7.888116408s ago: executing program 4 (id=1806):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x110000, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0xf2, '\x00', 0x0, r0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x2e}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

7.298954673s ago: executing program 7 (id=1807):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b708000000020000"], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000ab"], 0x125)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1})
r6 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x7, @mcast1, 0x6}, 0x1c)
sendto$inet6(r6, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000006280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000300)={0xffffffffffffffff, 0x9, 0x8}, 0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000380)={'ip6gre0\x00', 0x0})
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={<r7=>0x0, 0x1}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={r7, 0x0, 0x0}, &(0x7f0000000240)=0xc)
timerfd_create(0x0, 0x0)

6.10428643s ago: executing program 3 (id=1808):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000b00)=ANY=[], 0xe, 0x2b3, &(0x7f0000000200)="$eJzs3UFrI3UUAPA3yTQb9ZAgXhTBAT14KluvXhplBbEnJYJ60ODugiRhYRcCVjDbUz+BR7+HH8GLF7+B4FXw1iKVkcnMNAlN2lJjCvX3Oz3mP+/Nm/mH5JQ3X70+Hj58ksTRyW/RbifR2I/9OE2iG42oPY80AIC74zTP48/8JplpY/PdAADbUP7+l267FwBgOz757POPegcHDz7Osna82jme9JOIGB9P+uV673F8E6N4FPejE2cR+bky/uDDgweRZoVuvDWeTvpF5vjLX6r6vT8iZvl70Ynu6vy9rLSQP530d+LFyKL3eKdutROvrM5/Z0V+9Fvx9psL/e9GJ379Op7EKB5GkTvP/34vy97Pfzj57oviMkV+0oj+vdl5c3lzm/sCAAAAAAAAAAAAAAAAAAAAAMDdtptlSTm+Zza/pzhUzd9pns3Wd7Nad3k+T5mf1IXK+UB5VCN6pnn8WM7X+Su/n2VZXp04z0/jtdSLBQAAAAAAAAAAAAAAAAAAAKDw7NvD4WA0evR0I0E9DaD+W/8N6qQxHIz2F468EYfDQXNdweR8AME1LrE4baDodd3JUQSRprGhx3JV8ELRTxHE8yrYROV78839NMqg3piN3sXL75VFD4eDrFqqH/JwkFx1rXa9cT8tLrXi3zaWzz4SZ/nSUrTPW13Oam3oabReWrn0d57n16vz7u/lHlVHktmIjetdfaf+9K66wSJoX9yLn9cXXPuV0dzE9w4AAAAAAAAAAAAAAAAAAHDR/E+/KxaPLk1t/GdNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWzd//XwftiFg+ciGYVsmXnVMFrXj67JZvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BfwIAAP//j89OGA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
write$cgroup_pid(r0, &(0x7f0000000000)=r1, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$binfmt_script(r0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x200000400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = semget$private(0x0, 0x4000000009, 0x0)
semtimedop(r2, &(0x7f0000000040)=[{0x3, 0x9, 0x1000}], 0x1, &(0x7f0000000080)={0x0, 0x3938700})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40448c0)

5.637885068s ago: executing program 6 (id=1809):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
chdir(&(0x7f0000000000)='./bus\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x84)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
creat(&(0x7f0000000f80)='./bus\x00', 0x189)
chdir(&(0x7f00000000c0)='./bus\x00')
getpid()
r0 = socket$inet6(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
preadv(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000008c0)=""/98, 0x62}], 0x1, 0x47, 0x20000000)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x0, &(0x7f0000000200)={[{@stripe={'stripe', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}, {@dioread_nolock}, {@mblk_io_submit}, {@test_dummy_encryption}, {@nogrpid}]}, 0x1, 0x3dd, &(0x7f00000008c0)="$eJzs3M1uG0UcAPD/bj5K0g8HiQMqHCyBIAiI60CAIiQKVz4uwANYSVoq3KZqjERLDgVx4sQBcePQF+DAA1QVQkLiFXgBVKlCaQ5wC1p713FjO8SKHdPk95NGnlmPO/Pf3a5mNrsTwLFVjogLETEREYsRUcq3p3mKW62U1XuwubG8tbmxnMT29kd/JZHk24p/K8k/T+aF+TQi/SbiqVvd7a7fuPlZrV5fvZ6XK40r1yrrN26+fPlK7dLqpdWr1dfPV6tLi29UXx1arD88+8L5iXcvnP3xj9Ldpenpmay/p/LvOuMYlnKU2/tkt6VhNzZm0+PuAAAA+5LmY//J5vi/FBPNXEspKhtj7RwAAAAwFNtv558AAADAEZaY+wMAAMARVzwH8GBzY7lIY3wc4dDdfyci5nbebd5qxz8Zj+V1pkb4fms5Iq49l5SyFCN6DxkAoNPdbPxzrtf4L40nO+qdiGiOh2aG3H55V7l7/JPeG3KTD8nGf29FxFbX+C8tqsxN5KXTzaHiVHLxcn31XESciYj5mDqRlat7tPHe3z992O+7LP5fk9NnipS1n33u1EjvTZ54+DcrtUbtIDF3uv9VxNnJXvEn7fFvEhGzB2hj4svbb/b77r/jH63t2xHP9zz+Oyv3JHuvT1Rpng+V4qzo9s/XP3/Qr/1xx58d/9m9459LOtdrWh+8jTuf/v50M9Mjqs75zyDn/3TycTNfzMu+qDUa16sR08n73dsXd35blIv6Wfzzz/T+/19c/5J8TatT+TVgUN9+98tLe9doxZ+lrP1iLngYsvhXBjr+g2deu/PbJ/3a7zz+vePPjn9rDbD5fMt+rn/77eBB9h0AAAA8KtLmfY0kXWjn03RhoXW/44mYTetr640XL659fnWldf9jLqbS4k5XqeN+aLX1Z/R2eXFX+ZWIeDwivi/NNMsLy2v1lXEHDwAAAMfEyT7z/8yfh/YUAgAAADByc+PuAAAAADBy5v8AAABwpB1kXb/jm8n23P+gGzIyI8uM+8oEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwaPs3AAD//9oMtCQ=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)

5.637422888s ago: executing program 4 (id=1810):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x10000, &(0x7f0000000c00), 0x1, 0xb8e, &(0x7f00000017c0)="$eJzs3M9vVNUeAPDvvZ2WQgstLy/vPchLbGIQo3EolGjCClwbNdEFS8Z2SpoOP+yUxDYsCu7VhTEuSAx/gol7ceHKxAUuDP4FxEgM0Q24qLnzo0zoTFthhoP4+SRn7jlzhvl+v3PD3HOSuQ3gH2uqeMgjDkTEmSxiovV8HhEjjd5oxFrzdffvXp4tWhbr6+/8mkUWEffuXp5tv1fWOo61BqMRcfP1LP714ea49ZXVxUqtVl1qjY8sn7t4pL6y+srCucrZ6tnq+eMzrx2feXVmpo+13r743uf//+HNF65e/2j6rc/2fZfFyRhvzXXW0S9TMbXxmXQqRUSl38ESGWrV01lnVkqYEAAAW8o71nD/iYkYigeLt4n49sekyQEAAAB9sT4UsQ4AAAA84zL7fwAAAHjGtX8HcO/u5dl2S/uLhCfrzqmImGzW376/uTlTirXGcTSGI2LPb1l03taaNf/ZY5sqIn31fbVoMaD7kLeydiUi/tft/GeN+icbd3Fvrj+PiOk+xJ96aNy9/m53UffH49R/sg/xd1Y/APTXjVPNC9nm61++sf6JLte/Updr16NIff1rr//ub1r/Pah/qMf67+0dxjj4x0s3e811rv9Of/zTXBG/OD5WUX/BnSsRB0vd6s826s961H9mhzHGZm9fa/bWNy3kivqLetvtSde/fj3iUHSvvy3b6u8THZlfqFWnm489Yhz65vThXvE7z3/RivjtvcCTUJz/PT3q3+78X9xhjMn//nKg19z29ec/j2TvNnojrWc+qCwvLx2NGMne2Pz8sa1zab+m/R5F/S8+v/X//271F98Ja63PodgLXGkdi/HVh2KOHTr25aPXP1hF/XOPeP4/2WGML76+9n6vudT1AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD3kEfEeGR5eaOf5+VyxFhE/Dv25LUL9eWX5y9cOj9XzEVMxnA+v1CrTkfERHOcFeOjjf6D8bGHxjMRsT8iPp3Y3RiXZy/U5lIXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIaxiBiPLC9HRB4Rv0/kebmcOisAAACg7yZTJwAAAAAMnP0/AAAAPPvs/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiw/c/duJVFxNqJ3Y1WGGnNDSfNDBi0PHUCQDJDqRMAkimlTgBIxh4fyLaZH+05s6vvuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw9Dp84MatLCLWTuxutMJIa244aWbAoOWpEwCSGUqdAJBMKXUCQDL2+EC2zfxoz5ldfc8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKfXeKNleTki8kY/z8vliL0RMRnD2fxCrTodEfsi4tLeiGJ8NHXSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9F19ZXWxUqtVl3R0dHQ2Oqm/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASKG+srpYqdWqS/XUmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACp1VdWFyu1WnVpgJ3UNQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkM6fAQAA//9A0Qap")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, 0x0)

5.300561449s ago: executing program 9 (id=1811):
syz_mount_image$squashfs(&(0x7f00000006c0), &(0x7f0000000000)='./file0\x00', 0x80445a, &(0x7f00000021c0)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRESHEX, @ANYBLOB="297b08552ffecc66ccc654a7f9abd1cd16bbbe9c736449ec4980c4e8daf657fa5236a7696675a915e8efcfc557c16df300255d45c757252f4925bca689485b4b07598a1c03498834f9a5ab31c2db8e95c325cc1e9d20c209a2b2c8773ffebeaec4fff3238b34b1eaeed09cdbaa72837489f8e3157df42e148664b11fa4d028499618938e87273f6bbbf00478a19052c830b85f971974beb2b2cdde598e0a57797069529282dba41f28ea4932d6208267a56a94cf", @ANYBLOB="048ce18736f0fffffffffffffffc98362e0b856a8b439c1e9369b5789e3532cd68", @ANYRES64, @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea284b892438cdddda3da4c78d940655fbd68a286059c5766f98f85fb413503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27ab80ff9afa5000443de8c748e1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd516a68d881e7fc7289826d49e35134a94e27f115c8195a0f152cbd840ffdb008356c72319cceb43ccb1280556efdf0fdf582fd3cfc830dff1787f000000b7400f5aef57b6dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabcee22347bdb78b72b400d080a044ebde5d39ad91ff0ef75aa244381cf00cd6fe9b9a92a9968104bf02481022af426853287e521a4e3cfe480f984efcea1359ff932ebd3bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d59bc12f637c36690f5ca91ee999ec138f6ce66522e652939a37435edb78f9ae18489f9d2b73c81609399f0d123f1721171bd72c012623f04d8965d3e5785d057c15798ab36af821c9b308731422ba3858b9895ace14068ea58f8cb6060c205caf209a73628eff5b9270a4a55c2d7fc59a4fe6e023bd424d8b010e2232d1b2e6ca603b466b2c82afff4a8cc469e8664d54769fc97df122b3ff8c34354dad46f900eaf6e72e538c0595caa056984ab8974af7cdae5bde6a12f412fe2a876aa191e78e91fbf780e2f4a20f57d41376b29f990ce63aa6edf622d2203fee37df269abf869d13b175852b775fff70491d1e5d1311b7eef954a101ddb98c5ba2b312528485ece7aff23cc6fee599daea0fca71a5970cf0fc82b49640cc3fabbc401dead4f83aa0c4072a9e98ab5afb790be17961fc073e2f8f800000000000000005089d6db5ad893ee9b22b9250d01980952d0a3e0076c877556fa43f90cb574fd6ad67398ac4d9f8ff4e3ef09f99220928602523adc2289b51328ac152bd7edc66d4e962cbc2d2b0c5f8e48384eff563a10787b0199642385e811504e7168804114842d51f42dd6937515fa64b2fd14ef427072c6556b99171bd00165a9aada7173f001679ac791ee67188c670f583f7b1f8df68b97f4dcb5652f2b13aa941b7ff56c48fb7162e91ef53c70938a92e4bf55d65319f74766a309722f767fc8f3db2a194a2f098336601be2edcbcc9b562f2fc64e2deff9a16e84f1e8bc5fb82c91f4d10e34f5a093fc4fcbdb89342274857c8e6aa8864b3214f51b9e515bf645235007cede80ff5931bff340780a3b43bc0466340c195a515f779d0333dd467bb665508d9c89e18e86d1975e273f937e3bd1", @ANYRES32, @ANYRES32=0x0], 0x1, 0x1ef, &(0x7f0000000b80)="$eJzslU1rE0EYx3+zO0kazaFnTwWL7UXbbEE8erMfwA9gSNda3PjSDWhCweilFw/ilyj4KTwIevcgInipBwU9VDxVJDI7z4wTEoiVRCjsH8LzPP95XrPzciu/n9eAX0d7bRYpoGjwQSk0sKIsd1y18rvIoeCztnZT+BciP4nMe/23T63av93KsnQ3701RlIJpPtkQq0h5Rp30hGLOc2rqN09GGcVE5wj4q3lmophqY0vd2I40HvVshKlN8pFY/kPz/64snWDf2Emt8qMxuiW+zLqxCvOeHTzzszH9M71/bj/nRJ9YwutjJ2XOSm/WCaMTReXI9ZVfexzxrTDeHe21jXJDbjHDbdmfOxKFjzFeBT7nNAxAxQx9Hg1XjbECrHU799byXv/iTqe1nW6nd5Jk4/L667NyRIePYCdL11XQhjnUuHsJMOe0HqxXgI9/1gcEUEFrBmdAVbG9uRB3Oa+eDwLrEAWxYQ6b96WvXxMupsN1LrAAPBioJUiw/9YyJpvmphltE0UsRlMHfcIxEQvFwqX23WxrH4VyYQdon6N5SMUbCdYwhdKNK378fZHLIjdFHog8FOneLvcm6SLDV7FWB1DlYavb3S0eL6t5LvFcsugrR1LVvYbKdVKjRIkSJUqUKFHilOB3AAAA//9pS0H2")
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x75)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000480)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x11, &(0x7f0000000840)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x75}, @snprintf]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r2}, 0x10)
syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000600)=""/81})
madvise(&(0x7f0000444000/0x1000)=nil, 0x1000, 0xe)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r4, 0x0)
mkdirat$cgroup(r3, &(0x7f0000000080)='syz1\x00', 0x1ff)

5.227536583s ago: executing program 4 (id=1812):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000080)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x34, 0x74]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
creat(0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x64142, 0x180)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x46042, 0x288)
write$FUSE_OPEN(r2, &(0x7f0000000080)={0x20, 0xfffffffffffffffe}, 0x20)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
recvmmsg(r3, &(0x7f0000000ac0), 0x0, 0x60, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@map=r0, 0x1a055f2dbc21967b, 0x1, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
unlink(&(0x7f0000000180)='./file1\x00')
sendfile(r2, r1, 0x0, 0x2c62)

5.09774363s ago: executing program 7 (id=1813):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000200de030000000000000001040000000e0000f1850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f00000010c0)='mm_page_free\x00', r0}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a300000000005000400004000000500050002000000050001000600000014000780080006400000000008001340"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

5.038130535s ago: executing program 7 (id=1814):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)

4.979531113s ago: executing program 3 (id=1815):
r0 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
iopl(0x3)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x4)

4.65637792s ago: executing program 3 (id=1816):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.594576439s ago: executing program 6 (id=1817):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r0, 0xc0884113, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x80, 0x0, 0xffffffffc2680a4f})
write$snddsp(r0, 0x0, 0x0)

4.593902895s ago: executing program 3 (id=1818):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x2, &(0x7f0000000500)=[{0x1d, 0x0, 0x3, 0xfffffffd}, {0x7, 0x0, 0x0, 0x7ffffeb8}]})

4.493511196s ago: executing program 7 (id=1819):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r2, 0xc1004110, &(0x7f0000000040)={0x0, [0x2, 0x8, 0x5], [{0x0, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x0, 0x0, 0x1}, {0x0, 0x3fffffe}], 0x20})
bpf$ITER_CREATE(0x1d, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
r3 = inotify_init()
inotify_rm_watch(r3, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000001c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}]}, 0x3, 0x4de, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nUma9Ot1Xl9f32utmlrFYDFp02q7EKSi4EJBrKAuQ5KW2rSRJgVbqkxB6lIK7sWlWxdu1U0RV4LbuhSkUKSbtoI4cmfunZlMZ5ImmWSM+f1gMufcr3POPffcOfeczASwYQ2lf5Ja+GZE7IiIQusGQ7W3e3euTNy/c2UiypXKyd+S6m5303gmO0xszSLDhYjCx0ljRZPZS5fPjk9PT13I4qNz594fnb10+dkzg9mS48ePHjl87Pmx55ZeqDbppeW6u/ejmX17Xn33+usTffnyPLXmcnTLUAy1y0rVU91OrMe2N4WTvh5mhCUpRURaXf3V9r8jirFQ5ZXXMGfAaqtUKpWBzqvLlVZXH1gCrFtJ9DoHQG/kH/Tp82/+atcR2LQ63Y+eu32i9gCUlvte9op4vLowHwfpb3m+7aahiHin/Pvn6StWaRwCAKDZtyfynmBL/69Umxn54+KNF9P3f2VzKKWI+HdE7IyI/0TEroj4b0Tsjoj/RcT/W45fjIjKAukPtcTr6dcnoQq3ulTUttL+3wvZ3Faj/zcvA6ViFtsekXeYpw5l52Q4+gdOnZmeOrxAGt+9/NOnndY19//SV5p+3hfM8nGrr2WAbnJ8bnzZBW5x+2rE3r7W8id9EUl9JiCJiD0RsXcJxy01hc888+W+eqR//naLl7+q0nYerQvzTJUvIp6u1X855tV/I8Vk3vzkufHTU6enzo/V5ydHB2N66tBoehUcapvGDz9ee6NT+ouW/+tfWnd55dg3J7OWtXJp/W9puv4jn79tlL+URCT1+drZpadx7edPOj7TLPf635S8VQ3nz6UfjM/NXTgcsSl57cHlY41983j6HuVa+YcPtG//O7N90jPxSESkF/GjEfFY1J4Q07zvj4gnIuLAAuX//qUn31t++VdXWv7Jlvtfrebn1X9jvr5TIMnmBtusKp7df/N+h5vHw9X/0WpoOFvS/v6XzLtFdMpp/mmXLvlzxWcPAAAA1odCRGxrGkvaFoXCyEhtDGhXbClMz8zOHTw1c/H8ZLouohT9hXykqzYe3J/k45+lpvhYS/xINm78WXFzNT4yMTM92dOSA1urbT4pjES8XWxq/6lfuzPEDPyd+b4WbFwLtf+0E7/7+hpmBlhTD//5f+PDVc0IsOaa2n+nb/iXl/F/X8A64PkfaFj8h37cM2D9q2jLsKEtqf0f9COA8E/SF2/Ww4We5gRYa/r/sCEt+r3+FQUqA+1XDcaDG8fgwgcsxvKysblNWj0JpD2rnqS+eTl75b+m0HGbKCztgAPRnTo9tcKzUb4we3p31y/+Sva/8t2uwa/WpJ22C/TkdgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANB1fwUAAP//KyHgnQ==")
socket$inet6_tcp(0xa, 0x1, 0x0)

4.37818896s ago: executing program 6 (id=1820):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_dev$dmmidi(&(0x7f00000000c0), 0xb20, 0x0)
r0 = getpid()
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c00", @ANYRES16=r1, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES64=r1, @ANYBLOB], 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x8010)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r4, 0xc4c85513, &(0x7f0000000040)={0xb})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000080), 0x4)

4.377793048s ago: executing program 3 (id=1821):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x200008}, 0x1c)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1000000, &(0x7f0000000300)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')

2.304267639s ago: executing program 6 (id=1822):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x10000, &(0x7f0000000c00), 0x1, 0xb8e, &(0x7f00000017c0)="$eJzs3M9vVNUeAPDvvZ2WQgstLy/vPchLbGIQo3EolGjCClwbNdEFS8Z2SpoOP+yUxDYsCu7VhTEuSAx/gol7ceHKxAUuDP4FxEgM0Q24qLnzo0zoTFthhoP4+SRn7jlzhvl+v3PD3HOSuQ3gH2uqeMgjDkTEmSxiovV8HhEjjd5oxFrzdffvXp4tWhbr6+/8mkUWEffuXp5tv1fWOo61BqMRcfP1LP714ea49ZXVxUqtVl1qjY8sn7t4pL6y+srCucrZ6tnq+eMzrx2feXVmpo+13r743uf//+HNF65e/2j6rc/2fZfFyRhvzXXW0S9TMbXxmXQqRUSl38ESGWrV01lnVkqYEAAAW8o71nD/iYkYigeLt4n49sekyQEAAAB9sT4UsQ4AAAA84zL7fwAAAHjGtX8HcO/u5dl2S/uLhCfrzqmImGzW376/uTlTirXGcTSGI2LPb1l03taaNf/ZY5sqIn31fbVoMaD7kLeydiUi/tft/GeN+icbd3Fvrj+PiOk+xJ96aNy9/m53UffH49R/sg/xd1Y/APTXjVPNC9nm61++sf6JLte/Updr16NIff1rr//ub1r/Pah/qMf67+0dxjj4x0s3e811rv9Of/zTXBG/OD5WUX/BnSsRB0vd6s826s961H9mhzHGZm9fa/bWNy3kivqLetvtSde/fj3iUHSvvy3b6u8THZlfqFWnm489Yhz65vThXvE7z3/RivjtvcCTUJz/PT3q3+78X9xhjMn//nKg19z29ec/j2TvNnojrWc+qCwvLx2NGMne2Pz8sa1zab+m/R5F/S8+v/X//271F98Ja63PodgLXGkdi/HVh2KOHTr25aPXP1hF/XOPeP4/2WGML76+9n6vudT1AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD3kEfEeGR5eaOf5+VyxFhE/Dv25LUL9eWX5y9cOj9XzEVMxnA+v1CrTkfERHOcFeOjjf6D8bGHxjMRsT8iPp3Y3RiXZy/U5lIXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIaxiBiPLC9HRB4Rv0/kebmcOisAAACg7yZTJwAAAAAMnP0/AAAAPPvs/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiw/c/duJVFxNqJ3Y1WGGnNDSfNDBi0PHUCQDJDqRMAkimlTgBIxh4fyLaZH+05s6vvuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw9Dp84MatLCLWTuxutMJIa244aWbAoOWpEwCSGUqdAJBMKXUCQDL2+EC2zfxoz5ldfc8FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKfXeKNleTki8kY/z8vliL0RMRnD2fxCrTodEfsi4tLeiGJ8NHXSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9F19ZXWxUqtVl3R0dHQ2Oqm/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASKG+srpYqdWqS/XUmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACp1VdWFyu1WnVpgJ3UNQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkM6fAQAA//9A0Qap")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, 0x0)

2.152316837s ago: executing program 9 (id=1823):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f0000000040)=0x9, 0x4)

2.085418559s ago: executing program 7 (id=1824):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000200de030000000000000001040000000e0000f1850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f00000010c0)='mm_page_free\x00', r0}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a300000000005000400004000000500050002000000050001000600000014000780080006400000000008001340"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

2.03763944s ago: executing program 6 (id=1825):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000b00)=ANY=[], 0xe, 0x2b3, &(0x7f0000000200)="$eJzs3UFrI3UUAPA3yTQb9ZAgXhTBAT14KluvXhplBbEnJYJ60ODugiRhYRcCVjDbUz+BR7+HH8GLF7+B4FXw1iKVkcnMNAlN2lJjCvX3Oz3mP+/Nm/mH5JQ3X70+Hj58ksTRyW/RbifR2I/9OE2iG42oPY80AIC74zTP48/8JplpY/PdAADbUP7+l267FwBgOz757POPegcHDz7Osna82jme9JOIGB9P+uV673F8E6N4FPejE2cR+bky/uDDgweRZoVuvDWeTvpF5vjLX6r6vT8iZvl70Ynu6vy9rLSQP530d+LFyKL3eKdutROvrM5/Z0V+9Fvx9psL/e9GJ379Op7EKB5GkTvP/34vy97Pfzj57oviMkV+0oj+vdl5c3lzm/sCAAAAAAAAAAAAAAAAAAAAAMDdtptlSTm+Zza/pzhUzd9pns3Wd7Nad3k+T5mf1IXK+UB5VCN6pnn8WM7X+Su/n2VZXp04z0/jtdSLBQAAAAAAAAAAAAAAAAAAAKDw7NvD4WA0evR0I0E9DaD+W/8N6qQxHIz2F468EYfDQXNdweR8AME1LrE4baDodd3JUQSRprGhx3JV8ELRTxHE8yrYROV78839NMqg3piN3sXL75VFD4eDrFqqH/JwkFx1rXa9cT8tLrXi3zaWzz4SZ/nSUrTPW13Oam3oabReWrn0d57n16vz7u/lHlVHktmIjetdfaf+9K66wSJoX9yLn9cXXPuV0dzE9w4AAAAAAAAAAAAAAAAAAHDR/E+/KxaPLk1t/GdNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWzd//XwftiFg+ciGYVsmXnVMFrXj67JZvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BfwIAAP//j89OGA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
write$cgroup_pid(r0, &(0x7f0000000000)=r1, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$binfmt_script(r0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x200000400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = semget$private(0x0, 0x4000000009, 0x0)
semtimedop(r2, &(0x7f0000000040)=[{0x3, 0x9, 0x1000}], 0x1, &(0x7f0000000080)={0x0, 0x3938700})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x40448c0)

1.302654104s ago: executing program 4 (id=1826):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='contention_end\x00', r0}, 0x18)
r1 = epoll_create(0x10000e9)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r3 = memfd_create(&(0x7f0000000380)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xa9\x1fg\xf1\x85z{\x1d<\xe2\x1c7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xedn\x8c<5\xcf\x92;\x85)\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\x05\x831\xd3\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xf6\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xc6(\x19\xf8\xb4?Fv\xac\xc7m\xe1\xf68W\x19\x0f\x87\x84\xafK\x91v\xb5\xe7Cf\xe0L\b9\xe2\x15d~R4\xdf\xbb\xfeiH', 0x3)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
r4 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000100)={r3, 0x0, 0x0, 0x1000})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r4, &(0x7f0000000080)={0x2025})

1.298947406s ago: executing program 3 (id=1827):
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xff2e)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cd9ae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f00000001c0)={0xec, 0x9, 0xfffffff7, 0x3, 0x4, "0ecc91cb623e498ea496c7be5eaa01eba196ed"})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
dup(0xffffffffffffffff)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)

995.578939ms ago: executing program 9 (id=1828):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_set$uid(0x3, 0xee00, 0x0)

826.063171ms ago: executing program 6 (id=1829):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x7, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = dup2(r0, r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r2, &(0x7f0000005580), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndctrl(0x0, 0x1, 0x6c40)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
futex(0x0, 0x80, 0x0, 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x7, 0xffc, 0xe})
ioctl$BLKTRACESETUP(r1, 0x1276, 0x0)

0s ago: executing program 9 (id=1830):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
write$snddsp(r2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

criptor??
[  599.835174][ T5885] cp210x 8-1:0.0: cp210x converter detected
[  600.035508][ T5885] usb 8-1: cp210x converter now attached to ttyUSB0
[  600.246215][   T53] pwc: recv_control_msg error -32 req 02 val 2b00
[  600.266106][   T53] pwc: recv_control_msg error -32 req 02 val 2700
[  600.276570][   T53] pwc: recv_control_msg error -32 req 02 val 2c00
[  600.296453][   T53] pwc: recv_control_msg error -32 req 04 val 1000
[  600.316154][   T53] pwc: recv_control_msg error -32 req 04 val 1300
[  600.362418][   T53] pwc: recv_control_msg error -32 req 04 val 1400
[  600.386873][   T53] pwc: recv_control_msg error -32 req 02 val 2000
[  600.406243][   T53] pwc: recv_control_msg error -32 req 02 val 2100
[  600.436173][   T53] pwc: recv_control_msg error -32 req 04 val 1500
[  600.464919][   T53] pwc: recv_control_msg error -32 req 02 val 2500
[  600.532175][T10653] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  601.316725][ T5931] usb 8-1: USB disconnect, device number 3
[  601.328600][ T5931] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  601.336575][   T53] pwc: recv_control_msg error -71 req 02 val 2600
[  601.343699][   T53] pwc: recv_control_msg error -71 req 02 val 2900
[  601.351970][   T53] pwc: recv_control_msg error -71 req 02 val 2800
[  601.366471][ T5931] cp210x 8-1:0.0: device disconnected
[  601.386902][   T53] pwc: recv_control_msg error -71 req 04 val 1100
[  601.395396][   T53] pwc: recv_control_msg error -71 req 04 val 1200
[  601.420036][   T53] pwc: Registered as video103.
[  601.471777][   T53] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input18
[  601.604716][   T53] usb 7-1: USB disconnect, device number 2
[  602.731428][T10683] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1030'.
[  603.406171][    T8] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  603.778873][    T8] usb 8-1: Using ep0 maxpacket: 32
[  603.803248][    T8] usb 8-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=95.5e
[  604.596154][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.604205][    T8] usb 8-1: Product: syz
[  604.608737][    T8] usb 8-1: Manufacturer: syz
[  604.620830][    T8] usb 8-1: SerialNumber: syz
[  604.798174][    T8] usb 8-1: config 0 descriptor??
[  605.636250][    T8] gs_usb 8-1:0.0: Couldn't send data format (err=-71)
[  605.643093][    T8] gs_usb 8-1:0.0: probe with driver gs_usb failed with error -71
[  605.665001][    T8] usb 8-1: USB disconnect, device number 4
[  606.014690][T10707] xt_hashlimit: overflow, try lower: 18446744073709551615/7
[  606.165161][    T8] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  606.201889][    T8] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  606.348146][T10711] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  606.448007][    T8] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  607.517914][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  608.040935][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.974193][T10762] xt_hashlimit: overflow, try lower: 18446744073709551615/7
[  614.648157][T10780] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1056'.
[  616.196904][T10790] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  616.304667][T10793] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1058'.
[  616.354569][T10793] bridge1: port 1(bridge_slave_1) entered blocking state
[  616.361924][T10793] bridge1: port 1(bridge_slave_1) entered disabled state
[  616.369836][T10793] bridge_slave_1: entered allmulticast mode
[  616.376828][T10793] bridge_slave_1: entered promiscuous mode
[  616.451323][T10798] input: syz0 as /devices/virtual/input/input19
[  619.214988][T10826] program syz.7.1066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  619.235617][T10828] xt_hashlimit: overflow, try lower: 18446744073709551615/7
[  620.376160][ T8910] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  622.490034][T10863] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1073'.
[  622.506902][T10863] bridge_slave_1: left allmulticast mode
[  622.512728][T10863] bridge_slave_1: left promiscuous mode
[  622.518680][T10863] bridge1: port 1(bridge_slave_1) entered disabled state
[  622.559872][T10863] bridge2: port 1(bridge_slave_1) entered blocking state
[  622.579539][T10863] bridge2: port 1(bridge_slave_1) entered disabled state
[  622.597279][T10863] bridge_slave_1: entered allmulticast mode
[  622.605334][T10863] bridge_slave_1: entered promiscuous mode
[  622.983965][ T8910] usb 8-1: unable to read config index 0 descriptor/all
[  623.006278][ T8910] usb 8-1: can't read configurations, error -71
[  624.695527][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  624.959356][T10894] xt_nfacct: accounting object `syz0' does not exists
[  626.900527][T10923] fuse: Bad value for 'fd'
[  627.630807][ T8314] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  627.638300][ T8314] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  627.668811][ T8314] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  630.022786][T10953] loop7: detected capacity change from 0 to 1024
[  631.261665][T10953] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  633.689160][T10953] EXT4-fs: error -4 creating inode table initialization thread
[  633.697039][T10953] EXT4-fs (loop7): mount failed
[  636.342957][T10981] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  637.074908][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  637.263637][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  637.296874][T10987] fuse: Bad value for 'fd'
[  639.176563][T11015] loop7: detected capacity change from 0 to 40427
[  639.188495][T11015] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  639.196293][T11015] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  639.219924][T11015] F2FS-fs (loop7): invalid crc value
[  639.237563][T11015] F2FS-fs (loop7): Found nat_bits in checkpoint
[  639.566474][T11015] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  639.573596][T11015] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  640.844526][T11039] syz.7.1099: attempt to access beyond end of device
[  640.844526][T11039] loop7: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  641.684582][T11042] loop3: detected capacity change from 0 to 40427
[  641.696216][T11042] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  641.704020][T11042] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  641.736761][T11042] F2FS-fs (loop3): invalid crc value
[  641.809978][T11042] F2FS-fs (loop3): Found nat_bits in checkpoint
[  641.903570][T11042] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  641.910732][T11042] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  642.223149][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  642.312174][T11056] syz.3.1103: attempt to access beyond end of device
[  642.312174][T11056] loop3: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  642.696745][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  642.706557][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  642.715701][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  642.724854][ T5834] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  642.733288][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  644.535093][T11083] loop6: detected capacity change from 0 to 40427
[  644.583379][T11083] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  644.583426][T11083] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  644.603727][T11083] F2FS-fs (loop6): invalid crc value
[  644.684984][T11083] F2FS-fs (loop6): Found nat_bits in checkpoint
[  644.781091][T11083] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  644.781124][T11083] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  644.991296][ T5834] Bluetooth: hci2: command tx timeout
[  645.513443][T11098] syz.6.1110: attempt to access beyond end of device
[  645.513443][T11098] loop6: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  646.008226][T11053] chnl_net:caif_netlink_parms(): no params data found
[  646.176250][ T2983] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  646.953540][ T2983] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.591623][ T5834] Bluetooth: hci2: command tx timeout
[  649.567953][ T2983] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.636962][ T5834] Bluetooth: hci2: command tx timeout
[  649.932439][T11143] xt_nfacct: accounting object `syz0' does not exists
[  649.981446][ T2983] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.010194][T11053] bridge0: port 1(bridge_slave_0) entered blocking state
[  650.025722][T11053] bridge0: port 1(bridge_slave_0) entered disabled state
[  650.065045][T11053] bridge_slave_0: entered allmulticast mode
[  650.092331][T11053] bridge_slave_0: entered promiscuous mode
[  650.854809][T11053] bridge0: port 2(bridge_slave_1) entered blocking state
[  650.878918][   T29] audit: type=1326 audit(1733226927.842:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  650.916661][T11053] bridge0: port 2(bridge_slave_1) entered disabled state
[  650.951894][T11053] bridge_slave_1: entered allmulticast mode
[  650.979647][T11053] bridge_slave_1: entered promiscuous mode
[  651.002741][   T29] audit: type=1326 audit(1733226927.842:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.058261][T11163] loop3: detected capacity change from 0 to 1024
[  651.120074][   T29] audit: type=1326 audit(1733226927.852:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.183457][T11172] loop9: detected capacity change from 0 to 512
[  651.189484][   T29] audit: type=1326 audit(1733226927.852:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.278605][   T29] audit: type=1326 audit(1733226927.852:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.380313][   T29] audit: type=1326 audit(1733226927.852:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.412131][T11172] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  651.440066][   T29] audit: type=1326 audit(1733226927.852:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.463331][ T2983] bridge_slave_0: left allmulticast mode
[  651.475657][T11172] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  651.511195][ T2983] bridge_slave_0: left promiscuous mode
[  651.536368][   T29] audit: type=1326 audit(1733226927.852:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.560671][ T2983] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.596349][   T29] audit: type=1326 audit(1733226927.852:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.626483][   T29] audit: type=1326 audit(1733226927.852:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11153 comm="syz.9.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5e37ff19 code=0x7ffc0000
[  651.684582][ T2983] bridge_slave_1: left allmulticast mode
[  651.690504][ T2983] bridge_slave_1: left promiscuous mode
[  651.696323][ T2983] bridge3: port 1(bridge_slave_1) entered disabled state
[  651.716276][ T5834] Bluetooth: hci2: command tx timeout
[  651.805736][T11189] loop6: detected capacity change from 0 to 256
[  651.844759][T11189] =======================================================
[  651.844759][T11189] WARNING: The mand mount option has been deprecated and
[  651.844759][T11189]          and is ignored by this kernel. Remove the mand
[  651.844759][T11189]          option from the mount to silence this warning.
[  651.844759][T11189] =======================================================
[  651.879717][    C0] vkms_vblank_simulate: vblank timer overrun
[  651.896978][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  652.151838][T11189] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  652.209629][ T2983] batman_adv: batadv0: Removing interface: gretap1
[  652.335288][T11205] loop7: detected capacity change from 0 to 512
[  652.335301][T11206] loop9: detected capacity change from 0 to 8
[  652.465807][T11205] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  652.535868][T11205] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  652.562960][T11206] 9pnet: p9_errstr2errno: server reported unknown error ‡ŽëX•3þË”#¨pÝÀçµ ¬§
<PÎ"’0åj´ÎÔÚŒ2ÃòZ²ÖPjcex•µYÄïœ`9
[  653.443791][T11205] EXT4-fs (loop7): 1 truncate cleaned up
[  653.450956][T11205] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  655.042825][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.904160][ T2983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  655.915288][ T2983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  655.931217][ T2983] bond0 (unregistering): Released all slaves
[  655.955079][T11053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  655.986256][ T5917] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  656.041993][T11231] loop9: detected capacity change from 0 to 128
[  656.068854][T11053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  656.167678][ T5917] usb 8-1: Using ep0 maxpacket: 16
[  656.194730][ T5917] usb 8-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  656.211907][T11235] loop6: detected capacity change from 0 to 128
[  656.226796][ T5917] usb 8-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  656.238154][ T5917] usb 8-1: Product: syz
[  656.242450][ T5917] usb 8-1: Manufacturer: syz
[  656.248878][ T5917] usb 8-1: SerialNumber: syz
[  656.283391][ T5917] usb 8-1: config 0 descriptor??
[  656.294252][T11053] team0: Port device team_slave_0 added
[  656.308324][ T5917] usb 8-1: selecting invalid altsetting 1
[  656.335115][T11053] team0: Port device team_slave_1 added
[  656.384915][ T5917] snd-usb-audio 8-1:0.0: probe with driver snd-usb-audio failed with error -22
[  656.453937][T10820] udevd[10820]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  656.515390][ T5833] usb 8-1: USB disconnect, device number 7
[  656.594428][T11053] batman_adv: batadv0: Adding interface: batadv_slave_0
[  656.641920][T11053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  656.720757][T11053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  656.736063][ T5917] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  656.783234][ T2983] hsr_slave_0: left promiscuous mode
[  656.803005][ T2983] hsr_slave_1: left promiscuous mode
[  656.832379][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  656.849098][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  656.892456][ T2983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  656.906285][ T5917] usb 7-1: Using ep0 maxpacket: 32
[  656.920436][ T2983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  656.943178][ T5917] usb 7-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  656.971328][ T5917] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.006425][ T5917] usb 7-1: Product: syz
[  657.010662][ T5917] usb 7-1: Manufacturer: syz
[  657.031426][ T2983] veth1_macvtap: left promiscuous mode
[  657.037211][ T5917] usb 7-1: SerialNumber: syz
[  657.083805][ T2983] veth0_macvtap: left promiscuous mode
[  657.091020][ T5917] usb 7-1: config 0 descriptor??
[  657.106455][ T2983] veth1_vlan: left promiscuous mode
[  657.111805][ T2983] veth0_vlan: left promiscuous mode
[  657.175317][T11248] loop7: detected capacity change from 0 to 8
[  657.289436][T11248] SQUASHFS error: Failed to read block 0x4de: -5
[  657.299882][T11248] SQUASHFS error: Failed to read block 0x4de: -5
[  657.344161][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  657.344180][   T29] audit: type=1800 audit(1733226934.312:28): pid=11248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1144" name="file1" dev="loop7" ino=5 res=0 errno=0
[  657.740168][ T5917] (unnamed net_device) (uninitialized): Assigned a random MAC address: 42:d3:2d:ed:1c:11
[  658.105270][ T2983] team0 (unregistering): Port device team_slave_1 removed
[  658.163066][ T2983] team0 (unregistering): Port device team_slave_0 removed
[  659.528306][T11269] loop3: detected capacity change from 0 to 128
[  660.351184][T11053] batman_adv: batadv0: Adding interface: batadv_slave_1
[  660.359107][T11053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  660.420564][T11053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  660.443675][T11258] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.450876][T11258] bridge0: port 1(bridge_slave_0) entered forwarding state
[  660.466912][ T5917] rtl8150 7-1:0.0: eth25: rtl8150 is detected
[  660.473065][T11260] warning: `syz.6.1147' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  660.497640][ T5917] usb 7-1: USB disconnect, device number 3
[  660.546837][   T25] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  660.716385][   T25] usb 4-1: Using ep0 maxpacket: 32
[  660.808917][   T25] usb 4-1: unable to get BOS descriptor or descriptor too short
[  660.827167][   T25] usb 4-1: unable to read config index 0 descriptor/start: -71
[  660.852823][T11053] hsr_slave_0: entered promiscuous mode
[  660.890184][   T25] usb 4-1: can't read configurations, error -71
[  660.933552][T11053] hsr_slave_1: entered promiscuous mode
[  660.999247][T11053] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  661.009506][T11053] Cannot create hsr debugfs directory
[  662.421848][T11295] loop6: detected capacity change from 0 to 8192
[  662.516570][T11302] loop7: detected capacity change from 0 to 8
[  663.279124][T11302] SQUASHFS error: Failed to read block 0x4de: -5
[  663.287278][T11302] SQUASHFS error: Failed to read block 0x4de: -5
[  663.293829][   T29] audit: type=1800 audit(1733226940.262:29): pid=11302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1158" name="file1" dev="loop7" ino=5 res=0 errno=0
[  663.440999][T11302] SQUASHFS error: Failed to read block 0x4de: -5
[  663.470686][T11302] SQUASHFS error: Failed to read block 0x4de: -5
[  663.517146][T11302] SQUASHFS error: Failed to read block 0x4de: -5
[  663.545313][T11302] SQUASHFS error: Failed to read block 0x4de: -5
[  665.331814][T11333] loop7: detected capacity change from 0 to 512
[  665.753989][T11343] loop9: detected capacity change from 0 to 128
[  665.773322][T11343] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  665.836660][T11343] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  665.985332][   T29] audit: type=1800 audit(1733226942.942:30): pid=11343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1167" name="file1" dev="loop9" ino=1048622 res=0 errno=0
[  666.447431][T11333] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  666.452584][T11352] loop9: detected capacity change from 0 to 512
[  666.468057][T11352] EXT4-fs: Ignoring removed bh option
[  666.484604][T11333] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  666.499762][T11352] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  666.528895][T11352] EXT4-fs (loop9): invalid journal inode
[  666.552853][T11352] EXT4-fs (loop9): can't get journal size
[  666.572719][T11353] loop6: detected capacity change from 0 to 256
[  666.593854][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.604654][T11352] EXT4-fs (loop9): 1 truncate cleaned up
[  666.646741][T11352] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  666.656906][T11353] udf: Unknown parameter '¬'
[  666.922476][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  667.958139][ T5844] Bluetooth: hci4: command 0x0406 tx timeout
[  667.993330][T11372] loop3: detected capacity change from 0 to 256
[  668.232281][T11379] loop6: detected capacity change from 0 to 256
[  668.325591][T11384] loop3: detected capacity change from 0 to 128
[  668.345447][T11379] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  668.492920][T11053] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  668.544307][T11053] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  668.589836][T11053] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  668.611578][T11053] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  668.782758][T11053] 8021q: adding VLAN 0 to HW filter on device bond0
[  668.823210][T11053] 8021q: adding VLAN 0 to HW filter on device team0
[  668.853159][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.860430][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  668.899459][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.906728][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  669.112576][T11401] loop9: detected capacity change from 0 to 16
[  669.162546][T11401] erofs (device loop9): mounted with root inode @ nid 36.
[  670.098015][T11423] loop9: detected capacity change from 0 to 512
[  670.104945][T11423] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  670.330248][T11053] 8021q: adding VLAN 0 to HW filter on device batadv0
[  670.452940][ T5834] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  670.463129][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: kworker/u9:2 Not tainted 6.12.0-next-20241128-syzkaller #0
[  670.473159][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  670.483263][ T5834] Workqueue: hci3 hci_rx_work
[  670.488002][ T5834] Call Trace:
[  670.491296][ T5834]  <TASK>
[  670.494244][ T5834]  dump_stack_lvl+0x241/0x360
[  670.498941][ T5834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  670.504152][ T5834]  ? __pfx__printk+0x10/0x10
[  670.508758][ T5834]  ? __kmalloc_cache_noprof+0x243/0x390
[  670.514309][ T5834]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  670.519608][ T5834]  sysfs_create_dir_ns+0x2ce/0x3a0
[  670.524726][ T5834]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  670.530383][ T5834]  kobject_add_internal+0x435/0x8d0
[  670.535589][ T5834]  kobject_add+0x152/0x220
[  670.540006][ T5834]  ? do_raw_spin_unlock+0x13c/0x8b0
[  670.545208][ T5834]  ? device_add+0x3e7/0xbf0
[  670.549715][ T5834]  ? __pfx_kobject_add+0x10/0x10
[  670.554672][ T5834]  ? _raw_spin_unlock+0x28/0x50
[  670.559548][ T5834]  ? get_device_parent+0x165/0x410
[  670.564688][ T5834]  device_add+0x4e5/0xbf0
[  670.569042][ T5834]  hci_conn_add_sysfs+0xe8/0x200
[  670.573999][ T5834]  le_conn_complete_evt+0xc9f/0x12e0
[  670.579302][ T5834]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  670.585029][ T5834]  ? __mutex_unlock_slowpath+0x21e/0x790
[  670.590670][ T5834]  ? __pfx___mutex_lock+0x10/0x10
[  670.595691][ T5834]  ? skb_pull_data+0x112/0x230
[  670.600459][ T5834]  hci_le_conn_complete_evt+0x18c/0x420
[  670.606018][ T5834]  hci_event_packet+0xa55/0x1540
[  670.610967][ T5834]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  670.616261][ T5834]  ? __pfx_hci_event_packet+0x10/0x10
[  670.621632][ T5834]  ? do_raw_spin_unlock+0x13c/0x8b0
[  670.626834][ T5834]  ? hci_send_to_monitor+0xd8/0x7f0
[  670.632040][ T5834]  ? kcov_remote_start+0x97/0x7d0
[  670.637064][ T5834]  hci_rx_work+0x3f3/0xdb0
[  670.641490][ T5834]  ? process_scheduled_works+0x976/0x1840
[  670.647209][ T5834]  process_scheduled_works+0xa66/0x1840
[  670.652797][ T5834]  ? __pfx_process_scheduled_works+0x10/0x10
[  670.658808][ T5834]  ? assign_work+0x364/0x3d0
[  670.663419][ T5834]  worker_thread+0x870/0xd30
[  670.668033][ T5834]  ? __kthread_parkme+0x169/0x1d0
[  670.673063][ T5834]  ? __pfx_worker_thread+0x10/0x10
[  670.678175][ T5834]  kthread+0x2f0/0x390
[  670.682250][ T5834]  ? __pfx_worker_thread+0x10/0x10
[  670.687386][ T5834]  ? __pfx_kthread+0x10/0x10
[  670.691978][ T5834]  ret_from_fork+0x4b/0x80
[  670.696395][ T5834]  ? __pfx_kthread+0x10/0x10
[  670.701006][ T5834]  ret_from_fork_asm+0x1a/0x30
[  670.705796][ T5834]  </TASK>
[  670.716073][ T5834] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  670.730269][ T5834] Bluetooth: hci3: failed to register connection device
[  670.877876][T11444] loop9: detected capacity change from 0 to 512
[  671.005496][T11442] loop3: detected capacity change from 0 to 256
[  671.013258][T11444] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  672.041780][T11444] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  672.134140][ T5844] Bluetooth: hci1: Malformed HCI Event
[  673.493314][T11053] veth0_vlan: entered promiscuous mode
[  673.513894][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  673.571856][T11053] veth1_vlan: entered promiscuous mode
[  673.709713][T11053] veth0_macvtap: entered promiscuous mode
[  673.757663][T11474] loop9: detected capacity change from 0 to 512
[  673.763429][T11053] veth1_macvtap: entered promiscuous mode
[  673.806109][T11474] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  673.963309][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  674.058980][T11474] EXT4-fs (loop9): 1 orphan inode deleted
[  674.064884][T11474] EXT4-fs (loop9): 1 truncate cleaned up
[  674.071880][T11474] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  674.079497][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.124803][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  674.152542][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.178011][T11474] EXT4-fs (loop9): shut down requested (2)
[  674.220816][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  674.265056][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.279817][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  674.306637][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.322169][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.344453][T11053] batman_adv: batadv0: Interface activated: batadv_slave_0
[  674.396409][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.480729][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.531641][T11483] capability: warning: `syz.9.1195' uses deprecated v2 capabilities in a way that may be insecure
[  674.541534][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.570357][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.614995][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.647935][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.685456][T11053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.708017][T11053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.721536][T11053] batman_adv: batadv0: Interface activated: batadv_slave_1
[  674.751883][T11053] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  674.762660][T11053] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  674.782122][T11053] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  674.801505][T11053] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.207037][T11502] loop6: detected capacity change from 0 to 512
[  675.215614][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  675.224389][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  675.299737][T11502] EXT4-fs: inline encryption not supported
[  675.376331][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  675.946653][T11510] loop7: detected capacity change from 0 to 256
[  675.953634][T11510] exfat: Unknown parameter 'um0×P½a000000000'
[  676.407878][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  676.829567][T11502] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  676.920560][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  676.966496][T11502] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  677.686177][ T5917] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  677.971212][ T5917] usb 8-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  678.196263][ T5917] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  678.220901][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  678.238548][ T5917] usb 8-1: Product: syz
[  678.252201][ T5917] usb 8-1: Manufacturer: syz
[  678.271711][ T5917] usb 8-1: SerialNumber: syz
[  678.287865][ T5917] usb 8-1: config 0 descriptor??
[  678.304288][ T5917] ch341 8-1:0.0: ch341-uart converter detected
[  680.012880][T11540] loop9: detected capacity change from 0 to 16
[  680.089642][T11540] erofs (device loop9): mounted with root inode @ nid 36.
[  681.396717][ T5917] usb 8-1: failed to send control message: -110
[  681.403068][ T5917] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  681.880868][ T5917] usb 8-1: USB disconnect, device number 8
[  681.895292][ T5917] ch341 8-1:0.0: device disconnected
[  683.559331][T11559] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1212'.
[  684.249020][T11575] netlink: 'syz.9.1216': attribute type 16 has an invalid length.
[  684.310514][T11575] netlink: 'syz.9.1216': attribute type 17 has an invalid length.
[  684.369648][T11580] loop3: detected capacity change from 0 to 1024
[  684.416184][T11575] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  684.473096][T11580] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  684.834883][T11580] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.1215: missing EA_INODE flag
[  685.036935][T11580] EXT4-fs error (device loop3): ext4_xattr_inode_iget:445: comm syz.3.1215: error while reading EA inode 11 err=-117
[  685.105096][T11580] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  685.130249][T11575] xt_time: invalid argument - start or stop time greater than 23:59:59
[  685.234716][T11580] syz.3.1215 (11580) used greatest stack depth: 19000 bytes left
[  685.252878][T11595] loop6: detected capacity change from 0 to 2048
[  685.279232][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.401689][T11608] loop3: detected capacity change from 0 to 1024
[  685.489946][T11606] loop7: detected capacity change from 0 to 128
[  685.570676][T11606] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  685.588456][T11606] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  685.659555][T11608] EXT4-fs: Ignoring removed orlov option
[  685.735479][T11608] EXT4-fs (loop3): Test dummy encryption mode enabled
[  685.746518][T11608] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  685.897699][T11608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  686.043345][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  686.093681][   T29] audit: type=1326 audit(1733226963.062:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.616013][   T29] audit: type=1326 audit(1733226963.092:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.638389][   T29] audit: type=1326 audit(1733226963.092:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.660941][   T29] audit: type=1326 audit(1733226963.092:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.683580][   T29] audit: type=1326 audit(1733226963.092:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.706173][   T29] audit: type=1326 audit(1733226963.092:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.728484][   T29] audit: type=1326 audit(1733226963.092:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.750823][   T29] audit: type=1326 audit(1733226963.112:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.773262][   T29] audit: type=1326 audit(1733226963.122:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  686.795813][   T29] audit: type=1326 audit(1733226963.142:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11596 comm="syz.4.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7fc00000
[  687.037205][T11632] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1227'.
[  687.248870][ T8709] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  687.342105][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  689.018134][T11666] loop4: detected capacity change from 0 to 1024
[  689.774621][T11666] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  690.086120][ T8314] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  690.268430][ T8314] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  690.337732][ T8314] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  690.378871][ T8314] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.449928][ T8314] usb 8-1: Product: syz
[  690.454152][ T8314] usb 8-1: Manufacturer: syz
[  690.529557][T11676] loop6: detected capacity change from 0 to 8192
[  690.552096][ T8314] usb 8-1: SerialNumber: syz
[  690.669506][T11676] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  692.406591][T11688] loop3: detected capacity change from 0 to 1024
[  692.715281][T11688] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  692.919028][T11688] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  692.947162][T11688] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  692.962191][T11705] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 60 with max blocks 8 with error 28
[  692.974881][T11688] EXT4-fs (loop3): This should not happen!! Data will be lost
[  692.974881][T11688] 
[  692.987050][T11705] EXT4-fs (loop3): This should not happen!! Data will be lost
[  692.987050][T11705] 
[  692.997249][T11688] EXT4-fs (loop3): Total free blocks count 0
[  693.003263][T11688] EXT4-fs (loop3): Free/Dirty block details
[  693.009594][T11705] EXT4-fs (loop3): Total free blocks count 0
[  693.017189][T11688] EXT4-fs (loop3): free_blocks=68451041280
[  693.023204][T11705] EXT4-fs (loop3): Free/Dirty block details
[  693.067580][ T8314] cdc_ncm 8-1:1.0: bind() failure
[  693.076350][ T8314] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  693.083167][ T8314] cdc_ncm 8-1:1.1: bind() failure
[  693.098912][ T8314] usb 8-1: USB disconnect, device number 9
[  693.285059][T11717] loop4: detected capacity change from 0 to 512
[  693.303456][T11717] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  693.601720][T11728] loop4: detected capacity change from 0 to 2048
[  693.657062][T11728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  693.884442][T11741] loop9: detected capacity change from 0 to 8
[  693.923386][T11744] loop3: detected capacity change from 0 to 512
[  693.941387][T11741] SQUASHFS error: Failed to read block 0x4de: -5
[  693.945993][ T8910] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  693.958599][T11741] SQUASHFS error: Failed to read block 0x4de: -5
[  693.965707][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  693.965743][   T29] audit: type=1800 audit(1733226970.932:42): pid=11741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1253" name="file1" dev="loop9" ino=5 res=0 errno=0
[  694.060024][T11741] syz.9.1253 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  694.478427][T11744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  694.533036][T11744] ext4 filesystem being mounted at /267/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  694.641208][T11744] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #12: comm syz.3.1252: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  694.683558][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  694.776051][ T8910] usb 8-1: Using ep0 maxpacket: 16
[  694.796137][ T8910] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  694.838523][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  694.840402][T11757] loop9: detected capacity change from 0 to 164
[  694.903833][ T8910] usb 8-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  694.915346][ T8910] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.956340][ T8910] usb 8-1: Product: syz
[  694.967615][ T8910] usb 8-1: Manufacturer: syz
[  694.999461][ T8910] usb 8-1: SerialNumber: syz
[  695.013639][T11765] loop6: detected capacity change from 0 to 1024
[  695.023374][ T8910] usb 8-1: config 0 descriptor??
[  695.037677][ T8910] asix 8-1:0.0: probe with driver asix failed with error -22
[  695.102763][T11765] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  695.314414][ T8314] usb 8-1: USB disconnect, device number 10
[  695.371687][T11771] kvm: emulating exchange as write
[  695.415074][T11775] loop9: detected capacity change from 0 to 1024
[  695.459588][T11775] hfsplus: Unknown parameter 'ÿ0xffffffffffffffffÿ'
[  695.768121][T11791] loop6: detected capacity change from 0 to 512
[  695.784588][T11796] loop4: detected capacity change from 0 to 512
[  695.966692][T11791] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.1265: corrupted in-inode xattr: invalid ea_ino
[  696.001573][T11791] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1265: couldn't read orphan inode 15 (err -117)
[  696.185853][T11803] loop9: detected capacity change from 0 to 1024
[  696.771490][T11800] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  696.794093][T11791] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  696.817381][T11793] loop3: detected capacity change from 0 to 164
[  697.025265][T11796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  697.880705][T11821] Bluetooth: hci3: Opcode 0x0401 failed: -4
[  698.091622][T11796] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  698.124359][T11812] loop3: detected capacity change from 0 to 1024
[  698.519682][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  698.577238][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  698.775830][T11831] loop9: detected capacity change from 0 to 1024
[  698.862401][T11831] hfsplus: unable to find HFS+ superblock
[  699.232905][T11848] loop3: detected capacity change from 0 to 2048
[  699.866573][T11848] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  701.079685][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  702.082671][T11848] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  704.473261][T11874] loop3: detected capacity change from 0 to 2048
[  704.530513][T11876] loop4: detected capacity change from 0 to 512
[  704.597620][T11876] ext4: Invalid gid '0x00000000ffffffff'
[  705.478736][T11874] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  705.778229][T11874] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  705.955620][   T29] audit: type=1804 audit(1733226982.922:43): pid=11874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1283" name="/newroot/274/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop3" ino=1367 res=1 errno=0
[  706.220296][   T29] audit: type=1800 audit(1733226983.012:44): pid=11874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1283" name="bus" dev="loop3" ino=1367 res=0 errno=0
[  706.360387][ T5826] UDF-fs: warning (device loop3): udf_evict_inode: Inode 1367 (mode 100000) has inode size 360 different from extent length 512. Filesystem need not be standards compliant.
[  708.181305][ T5833] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  708.959633][T11926] binder_alloc: binder_alloc_mmap_handler: 11920 20ffd000-21000000 already mapped failed -16
[  709.206015][ T5833] usb 7-1: Using ep0 maxpacket: 16
[  709.380078][T11936] loop4: detected capacity change from 0 to 8
[  709.469620][T11936] SQUASHFS error: Failed to read block 0x4de: -5
[  709.498985][T11936] SQUASHFS error: Failed to read block 0x4de: -5
[  709.535025][   T29] audit: type=1800 audit(1733226986.502:45): pid=11936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1297" name="file1" dev="loop4" ino=5 res=0 errno=0
[  709.585605][T11936] SQUASHFS error: Failed to read block 0x4de: -5
[  709.621997][T11936] SQUASHFS error: Failed to read block 0x4de: -5
[  709.651016][T11936] SQUASHFS error: Failed to read block 0x4de: -5
[  709.666177][ T5834] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  709.668342][ T5833] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  709.711032][ T5833] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.872464][T11936] SQUASHFS error: Failed to read block 0x4de: -5
[  710.441630][ T5833] usb 7-1: Product: syz
[  710.445848][ T5833] usb 7-1: Manufacturer: syz
[  710.450555][ T5833] usb 7-1: SerialNumber: syz
[  710.466071][ T5833] usb 7-1: config 0 descriptor??
[  710.472726][ T5833] usb 7-1: can't set config #0, error -71
[  710.480294][ T5833] usb 7-1: USB disconnect, device number 4
[  711.112394][T11957] input: syz1 as /devices/virtual/input/input20
[  711.170671][T11953] ptrace attach of "./syz-executor exec"[11960] was attempted by "./syz-executor exec"[11953]
[  711.497097][T11970] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1306'.
[  711.729123][T11979] loop4: detected capacity change from 0 to 512
[  711.753491][T11979] EXT4-fs: Ignoring removed i_version option
[  712.267727][T11986] loop6: detected capacity change from 0 to 16
[  712.277674][T11979] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  712.406935][T11986] erofs (device loop6): mounted with root inode @ nid 36.
[  713.684053][T11979] EXT4-fs (loop4): 1 truncate cleaned up
[  713.703998][T11979] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  713.748584][ T8910] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  713.823852][ T8910] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  714.342520][   T29] audit: type=1326 audit(1733226991.312:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12005 comm="syz.3.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  714.346139][ T8910] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  714.401432][   T29] audit: type=1326 audit(1733226991.312:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12005 comm="syz.3.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  714.423985][   T29] audit: type=1326 audit(1733226991.352:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12005 comm="syz.3.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  714.446813][   T29] audit: type=1326 audit(1733226991.352:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12005 comm="syz.3.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  714.469491][   T29] audit: type=1326 audit(1733226991.352:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12005 comm="syz.3.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  714.514701][T11979] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1308'.
[  714.525089][T11979] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1308'.
[  714.660708][T12012] loop3: detected capacity change from 0 to 256
[  714.850340][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.123750][ T8910] usb 10-1: unable to get BOS descriptor or descriptor too short
[  715.143307][ T8910] usb 10-1: too many configurations: 239, using maximum allowed: 8
[  715.197697][ T8910] usb 10-1: unable to read config index 0 descriptor/start: -71
[  715.245995][ T8910] usb 10-1: can't read configurations, error -71
[  717.006106][T12038] loop4: detected capacity change from 0 to 128
[  717.022342][T12038] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  717.036357][T12038] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  717.402072][   T29] audit: type=1800 audit(1733226994.072:51): pid=12038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1319" name="file1" dev="loop4" ino=1048635 res=0 errno=0
[  717.646560][T12042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1321'.
[  717.927229][ T5834] Bluetooth: hci2: Malformed HCI Event
[  719.766229][   T25] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  719.797491][T12055] loop6: detected capacity change from 0 to 512
[  720.037797][   T25] usb 10-1: config 0 has no interfaces?
[  720.043431][   T25] usb 10-1: New USB device found, idVendor=056a, idProduct=0309, bcdDevice= 0.00
[  720.070622][T12055] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  720.108573][T12055] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  720.128375][   T25] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.166309][T12055] System zones: 1-12
[  720.171252][T12055] EXT4-fs (loop6): orphan cleanup on readonly fs
[  720.208599][T12055] EXT4-fs error (device loop6): ext4_read_inode_bitmap:167: comm syz.6.1323: Inode bitmap for bg 0 marked uninitialized
[  720.242914][   T25] usb 10-1: config 0 descriptor??
[  720.476860][T12055] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  720.477930][ T7448] usb 10-1: USB disconnect, device number 4
[  720.559621][T12068] loop7: detected capacity change from 0 to 2048
[  720.567449][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.576852][   T25] usb 4-1: new low-speed USB device number 23 using dummy_hcd
[  720.780020][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  720.804784][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 32200, setting to 8
[  720.846170][T12068] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  720.855316][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  720.908482][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  720.941955][T12076] loop6: detected capacity change from 0 to 512
[  720.970743][T12076] EXT4-fs: Ignoring removed oldalloc option
[  721.014441][   T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58
[  721.053577][T12076] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[  721.065430][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.104264][   T25] usb 4-1: config 0 descriptor??
[  721.167538][T12066] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  721.188021][T12076] capability: warning: `syz.6.1327' uses 32-bit capabilities (legacy support in use)
[  721.297998][   T29] audit: type=1800 audit(1733226998.272:52): pid=12068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1314" name="file1" dev="loop7" ino=1346 res=0 errno=0
[  721.414868][   T25] usb 4-1: USB disconnect, device number 23
[  721.488844][T12089] IPVS: set_ctl: invalid protocol: 59 172.20.20.34:20003
[  721.536192][T12086] loop9: detected capacity change from 0 to 1024
[  721.777815][T12086] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  722.619420][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.094404][T12133] loop3: detected capacity change from 0 to 2048
[  724.623348][T12143] loop7: detected capacity change from 0 to 16384
[  724.769730][T12141] loop9: detected capacity change from 0 to 512
[  724.775882][T12150] loop4: detected capacity change from 0 to 1024
[  724.805871][T12133] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  724.842045][T12150] EXT4-fs: Ignoring removed orlov option
[  725.399666][T12141] EXT4-fs: inline encryption not supported
[  725.452761][T12158] loop6: detected capacity change from 0 to 256
[  725.492946][T12150] EXT4-fs (loop4): Test dummy encryption mode enabled
[  725.502988][T12133] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  725.676249][T12158] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  725.699811][T12146] loop7: detected capacity change from 16384 to 16383
[  725.803617][T12150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  725.826851][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  725.856223][T12158] FAT-fs (loop6): Filesystem has been set read-only
[  725.889288][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  725.948019][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  726.053525][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  726.089067][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  726.236054][   T29] audit: type=1326 audit(1733227003.202:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12174 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  726.266269][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  727.270222][   T29] audit: type=1326 audit(1733227003.202:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12174 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  727.696180][   T29] audit: type=1326 audit(1733227003.232:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12174 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  727.718875][   T29] audit: type=1326 audit(1733227003.232:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12174 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  727.746505][   T29] audit: type=1326 audit(1733227003.232:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12174 comm="syz.3.1342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  727.746641][T12150] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  727.794527][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  727.804885][T12185] loop3: detected capacity change from 0 to 16
[  727.837258][T12185] erofs (device loop3): mounted with root inode @ nid 36.
[  727.865749][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  727.904051][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  727.934265][ T8972] Buffer I/O error on dev loop7, logical block 2047, async page read
[  727.953983][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.013960][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.021423][T10820] Buffer I/O error on dev loop7, logical block 2047, async page read
[  728.037389][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.060001][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  728.146321][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.213788][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.256132][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.296757][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.310273][ T8914] Buffer I/O error on dev loop7, logical block 2047, async page read
[  728.327031][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.353255][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.383555][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.393273][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.400408][T12202] bridge0: port 1(bridge_slave_0) entered blocking state
[  728.402018][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.408919][T12202] bridge0: port 1(bridge_slave_0) entered forwarding state
[  728.436325][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.445067][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.502451][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.530299][T12158] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  728.554828][T10820] Buffer I/O error on dev loop7, logical block 2047, async page read
[  728.566838][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  728.582204][   T29] audit: type=1800 audit(1733227005.552:58): pid=12158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1336" name="file1" dev="loop6" ino=1048636 res=0 errno=0
[  729.721951][T12210] loop3: detected capacity change from 0 to 512
[  729.739825][T12158] syz.6.1336 (12158) used greatest stack depth: 18928 bytes left
[  729.949395][    T9] usb 5-1: Using ep0 maxpacket: 8
[  729.957479][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  729.999942][    T9] usb 5-1: config 4 has an invalid interface number: 147 but max is 0
[  730.036165][    T9] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  730.056047][    T9] usb 5-1: config 4 has no interface number 0
[  730.098149][    T9] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  730.107384][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  730.115409][    T9] usb 5-1: Product: syz
[  730.120157][    T9] usb 5-1: Manufacturer: syz
[  730.124800][    T9] usb 5-1: SerialNumber: syz
[  730.202790][T12210] EXT4-fs error (device loop3): __ext4_iget:4984: inode #11: block 16: comm syz.3.1350: invalid block
[  730.231524][T12210] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1350: couldn't read orphan inode 11 (err -117)
[  730.254367][T12210] EXT4-fs (loop3): 1 truncate cleaned up
[  730.261425][T12210] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  730.351857][    T9] usb 5-1: Found UVC 0.02 device syz (04f2:b746)
[  730.365434][    T9] uvcvideo 5-1:4.147: Entity type for entity Output 1 was not initialized!
[  730.375436][    T9] usb 5-1: Failed to create links for entity 1
[  730.381839][    T9] usb 5-1: Failed to register entities (-22).
[  730.501538][    T9] usb 5-1: USB disconnect, device number 7
[  730.515351][T12223] loop6: detected capacity change from 0 to 2048
[  730.584183][T12226] loop9: detected capacity change from 0 to 512
[  730.940290][T12223] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  730.953736][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.014839][T12223] ext4 filesystem being mounted at /173/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  731.119034][T12241] Illegal XDP return value 4294967274 on prog  (id 298) dev N/A, expect packet loss!
[  731.278862][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.497918][T12269] loop7: detected capacity change from 0 to 128
[  732.572045][T12269] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  732.648973][T12274] fuse: Bad value for 'rootmode'
[  733.663103][T12269] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  733.685598][T12269] ext2 filesystem being mounted at /150/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  734.351355][ T8709] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  734.598098][T12300] loop6: detected capacity change from 0 to 128
[  734.605563][T12300] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  734.706145][T12300] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  734.773341][   T29] audit: type=1800 audit(1733227011.722:59): pid=12300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1368" name="file1" dev="loop6" ino=1048638 res=0 errno=0
[  736.268116][T12329] ipt_REJECT: TCP_RESET invalid for non-tcp
[  736.539467][T12329] loop3: detected capacity change from 0 to 256
[  736.601471][T12333] loop7: detected capacity change from 0 to 1024
[  736.668089][T12329] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  736.897553][T12333] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.203525][T12349] loop9: detected capacity change from 0 to 128
[  737.204650][T12346] loop6: detected capacity change from 0 to 512
[  737.307511][T12346] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #13: comm syz.6.1382: attempt to clear invalid blocks 1 len 1
[  737.360982][T12346] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1382: bg 0: block 343: padding at end of block bitmap is not set
[  737.424231][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.428555][ T5834] Bluetooth: hci0: unexpected event for opcode 0x2040
[  737.441461][T12346] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  737.475184][T12346] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1382: invalid indirect mapped block 1819239214 (level 0)
[  737.500245][T12346] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1382: invalid indirect mapped block 1819239214 (level 1)
[  737.558276][T12346] EXT4-fs (loop6): 1 truncate cleaned up
[  737.565152][T12346] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.883158][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  738.203546][T12384] loop4: detected capacity change from 0 to 128
[  738.220349][T12384] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  738.296837][T12384] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  738.329418][T12377] loop6: detected capacity change from 0 to 128
[  738.376087][   T29] audit: type=1800 audit(1733227015.322:60): pid=12384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1390" name="file1" dev="loop4" ino=1048639 res=0 errno=0
[  738.789523][T12389] loop7: detected capacity change from 0 to 512
[  738.937068][T12389] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  739.004214][T12401] loop4: detected capacity change from 0 to 128
[  739.013692][T12389] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  739.106085][   T29] audit: type=1800 audit(1733227016.072:61): pid=12389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1393" name="bus" dev="loop7" ino=18 res=0 errno=0
[  739.973179][T12412] loop6: detected capacity change from 0 to 512
[  740.012938][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  740.084322][T12412] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  740.317161][T12412] EXT4-fs (loop6): 1 truncate cleaned up
[  740.323720][T12412] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  740.483289][ T5834] Bluetooth: hci1: unexpected event for opcode 0x202f
[  740.644663][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  743.418003][T12434] loop4: detected capacity change from 0 to 512
[  743.479198][   T29] audit: type=1804 audit(1733227020.452:62): pid=12435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1402" name="/newroot/182/file1" dev="fuse" ino=1 res=1 errno=0
[  743.758060][T12434] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1403: corrupted in-inode xattr: invalid ea_ino
[  744.788310][   T29] audit: type=1800 audit(1733227021.752:63): pid=12435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1402" name="/" dev="fuse" ino=1 res=0 errno=0
[  745.161672][ T5834] Bluetooth: hci0: Malformed HCI Event
[  745.212526][T12434] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1403: couldn't read orphan inode 15 (err -117)
[  745.327694][T12434] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  745.577061][   T29] audit: type=1326 audit(1733227022.552:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723585][   T29] audit: type=1326 audit(1733227022.572:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723626][   T29] audit: type=1326 audit(1733227022.572:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723659][   T29] audit: type=1326 audit(1733227022.572:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723691][   T29] audit: type=1326 audit(1733227022.572:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723723][   T29] audit: type=1326 audit(1733227022.572:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723756][   T29] audit: type=1326 audit(1733227022.572:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.723788][   T29] audit: type=1326 audit(1733227022.572:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12433 comm="syz.4.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  745.791238][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  746.348153][T12459] netlink: 'syz.6.1407': attribute type 4 has an invalid length.
[  746.436368][T12466] netlink: 'syz.6.1407': attribute type 4 has an invalid length.
[  746.643969][T12456] tty tty35: ldisc open failed (-12), clearing slot 34
[  746.667739][T12461] tty tty1: ldisc open failed (-12), clearing slot 0
[  747.493750][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  752.936086][ T9258] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  753.106079][ T9258] usb 10-1: Using ep0 maxpacket: 8
[  753.126969][ T9258] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  753.156301][ T9258] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  753.195970][ T9258] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  753.240046][ T9258] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  753.278422][ T9258] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  753.326618][ T9258] usb 10-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  753.374295][ T9258] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.438301][ T9258] usb 10-1: config 0 descriptor??
[  753.505618][ T5834] Bluetooth: hci5: urb ffff888027e85300 submission failed (90)
[  753.733757][    T8] usb 10-1: USB disconnect, device number 5
[  753.985695][T12520] loop3: detected capacity change from 0 to 256
[  754.219401][T12520] exfat: Deprecated parameter 'utf8'
[  754.523215][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  754.524441][   T29] audit: type=1326 audit(1733227031.492:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  754.652647][T12520] exfat: Deprecated parameter 'namecase'
[  754.681351][T12520] exfat: Deprecated parameter 'utf8'
[  755.984293][   T29] audit: type=1326 audit(1733227031.492:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.007311][   T29] audit: type=1326 audit(1733227031.612:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.030185][   T29] audit: type=1326 audit(1733227031.612:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.056856][   T29] audit: type=1326 audit(1733227031.612:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.079314][T12520] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  756.132299][   T29] audit: type=1326 audit(1733227031.612:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.154735][   T29] audit: type=1326 audit(1733227031.612:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.177071][   T29] audit: type=1326 audit(1733227031.612:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.199377][   T29] audit: type=1326 audit(1733227031.612:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  756.222047][   T29] audit: type=1326 audit(1733227031.612:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.4.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  758.010672][T12551] loop7: detected capacity change from 0 to 256
[  758.083278][T12551] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  762.743356][T12595] loop7: detected capacity change from 0 to 4096
[  762.844797][T12611] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  763.090660][T12611] overlayfs: failed to set xattr on upper
[  763.140697][T12611] overlayfs: ...falling back to redirect_dir=nofollow.
[  763.796513][T12611] overlayfs: ...falling back to index=off.
[  763.847805][T12611] overlayfs: ...falling back to uuid=null.
[  763.853633][T12611] overlayfs: maximum fs stacking depth exceeded
[  766.170165][ T5844] Bluetooth: hci2: command 0x0406 tx timeout
[  766.337691][T12638] bond0: entered promiscuous mode
[  766.348981][T12638] bond_slave_0: entered promiscuous mode
[  766.355221][T12638] bond_slave_1: entered promiscuous mode
[  768.714374][T12658] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1456'.
[  768.747253][T12660] loop4: detected capacity change from 0 to 256
[  770.122990][T12660] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  770.478609][T12675] loop9: detected capacity change from 0 to 512
[  771.114167][T12675] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.1461: corrupted in-inode xattr: invalid ea_ino
[  771.133743][T12675] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.1461: couldn't read orphan inode 15 (err -117)
[  771.147147][T12675] EXT4-fs (loop9): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  773.623199][T10188] EXT4-fs (loop9): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  774.105343][T12697] loop6: detected capacity change from 0 to 2048
[  774.384852][T12712] loop3: detected capacity change from 0 to 512
[  774.413735][T12697] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  774.687964][T12697] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  775.082207][T12712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  775.186379][T12712] ext4 filesystem being mounted at /317/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  776.032497][T12733] overlayfs: failed to resolve './bus/file0': -2
[  776.124820][T12728] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  776.137479][T12728] EXT4-fs (loop6): This should not happen!! Data will be lost
[  776.137479][T12728] 
[  776.151117][T12728] EXT4-fs (loop6): Total free blocks count 0
[  776.157341][T12728] EXT4-fs (loop6): Free/Dirty block details
[  776.163396][T12728] EXT4-fs (loop6): free_blocks=2415919104
[  776.169344][T12728] EXT4-fs (loop6): dirty_blocks=16
[  776.174606][T12728] EXT4-fs (loop6): Block reservation details
[  776.181482][T12728] EXT4-fs (loop6): i_reserved_data_blocks=1
[  777.200798][T12697] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  777.212236][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  777.212254][   T29] audit: type=1800 audit(1733227054.162:88): pid=12712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1462" name="bus" dev="loop3" ino=18 res=0 errno=0
[  777.339394][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  777.694338][   T29] audit: type=1326 audit(1733227054.662:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  777.736494][    T8] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  777.755995][   T29] audit: type=1326 audit(1733227054.692:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  777.840018][   T29] audit: type=1326 audit(1733227054.692:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  777.984651][   T29] audit: type=1326 audit(1733227054.692:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  778.865987][   T29] audit: type=1326 audit(1733227054.692:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  778.892859][T12766] loop9: detected capacity change from 0 to 4096
[  779.026714][   T29] audit: type=1326 audit(1733227054.702:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  779.409956][T12766] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  779.470584][   T29] audit: type=1326 audit(1733227054.702:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  779.849957][ T9258] IPVS: starting estimator thread 0...
[  779.872683][T12758] loop7: detected capacity change from 0 to 8192
[  780.501757][T12779] loop6: detected capacity change from 0 to 64
[  780.684299][T12771] IPVS: using max 26 ests per chain, 62400 per kthread
[  780.702351][   T29] audit: type=1326 audit(1733227054.702:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  781.040712][   T29] audit: type=1326 audit(1733227054.702:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.7.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9f90f7ff19 code=0x7ffc0000
[  781.040976][T12777] loop4: detected capacity change from 0 to 256
[  781.070207][T12777] exfat: Deprecated parameter 'utf8'
[  781.115875][T12777] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  781.169951][    T8] usb 4-1: unable to read config index 0 descriptor/start: -71
[  781.179955][    T8] usb 4-1: can't read configurations, error -71
[  781.286149][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  781.735622][T12792] netlink: 120 bytes leftover after parsing attributes in process `syz.4.1482'.
[  782.691060][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  782.691079][   T29] audit: type=1800 audit(1733227059.662:116): pid=12793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1482" name="file1" dev="loop4" ino=1048643 res=0 errno=0
[  784.162657][T12817] loop6: detected capacity change from 0 to 256
[  786.270834][T12834] loop7: detected capacity change from 0 to 32768
[  786.309061][T12834] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1494 (12834)
[  786.446119][T12834] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  786.456407][T12834] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm
[  786.565572][T12834] BTRFS info (device loop7): rebuilding free space tree
[  786.654798][T12834] BTRFS info (device loop7): disabling free space tree
[  786.661788][T12834] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  786.671655][T12834] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  786.768710][   T29] audit: type=1800 audit(1733227063.742:117): pid=12834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1494" name="bus" dev="loop7" ino=263 res=0 errno=0
[  787.099983][T12869] loop3: detected capacity change from 0 to 256
[  787.135286][T12834] syz.7.1494 (12834) used greatest stack depth: 18320 bytes left
[  787.212644][T12869] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  787.292612][ T8709] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  788.488036][T12867] loop9: detected capacity change from 0 to 32768
[  789.985168][T12867] JBD2: Ignoring recovery information on journal
[  790.082420][T12892] loop3: detected capacity change from 0 to 512
[  790.396115][T12892] EXT4-fs (loop3): Test dummy encryption mode enabled
[  790.415989][T12892] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  790.431902][T12867] JBD2: journal reset failed
[  790.445307][T12867] (syz.9.1497,12867,1):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  790.486528][   T29] audit: type=1326 audit(1733227067.432:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12906 comm="syz.4.1505" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f065ad7ff19 code=0x0
[  790.539931][T12867] (syz.9.1497,12867,0):ocfs2_check_volume:2428 ERROR: ocfs2 journal load failed! -4
[  790.551846][T12892] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  790.560190][T12892] System zones: 1-12
[  790.703650][T12892] EXT4-fs (loop3): 1 truncate cleaned up
[  790.730401][T12892] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  791.372125][T12892] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  792.133846][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  792.715936][T12939] loop4: detected capacity change from 0 to 512
[  793.816575][T12939] EXT4-fs error (device loop4): __ext4_iget:4984: inode #11: block 16: comm syz.4.1507: invalid block
[  793.829854][T12939] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1507: couldn't read orphan inode 11 (err -117)
[  793.843025][T12939] EXT4-fs (loop4): 1 truncate cleaned up
[  793.849199][T12939] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  796.215475][T12943] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 16: invalid block bitmap
[  796.945432][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  798.146307][T12991] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  800.091740][T13015] loop3: detected capacity change from 0 to 512
[  800.099130][T13015] ext4: Unknown parameter '"'
[  800.140395][ T5834] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  800.451447][T13021] 9pnet_fd: p9_fd_create_tcp (13021): problem connecting socket to 127.0.0.1
[  802.953410][T13038] loop9: detected capacity change from 0 to 128
[  803.391397][   T29] audit: type=1800 audit(1733227080.312:119): pid=13047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1536" name="file0" dev="loop9" ino=1048647 res=0 errno=0
[  804.006038][   T29] audit: type=1804 audit(1733227080.332:120): pid=13047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1536" name="/newroot/105/file0/file0" dev="loop9" ino=1048647 res=1 errno=0
[  804.936651][T13057] loop7: detected capacity change from 0 to 16384
[  805.106189][T13063] loop7: detected capacity change from 16384 to 16383
[  805.448767][T13073] loop4: detected capacity change from 0 to 2048
[  805.549141][T13073] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  805.576603][T13073] UDF-fs: Scanning with blocksize 512 failed
[  805.662538][T13079] loop7: detected capacity change from 0 to 256
[  805.689106][T13073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  805.698993][T13079] exfat: Deprecated parameter 'utf8'
[  805.751571][T13079] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  807.041363][   T29] audit: type=1800 audit(1733227084.002:121): pid=13088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1545" name="file1" dev="loop7" ino=1048648 res=0 errno=0
[  807.289549][T13070] loop6: detected capacity change from 0 to 32768
[  807.366418][T13070] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1543 (13070)
[  807.588677][T13083] loop9: detected capacity change from 0 to 40427
[  807.611046][T13083] F2FS-fs (loop9): build fault injection attr: rate: 771, type: 0x1fffff
[  807.622297][T13083] F2FS-fs (loop9): invalid crc value
[  807.684542][T13101] loop3: detected capacity change from 0 to 512
[  807.808308][T13070] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  807.866230][T13070] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  808.200700][T13083] F2FS-fs (loop9): Found nat_bits in checkpoint
[  808.274801][T13101] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  808.486429][T13070] BTRFS info (device loop6): using free-space-tree
[  808.493197][T13101] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  808.508668][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  808.531870][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  808.599811][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  808.691407][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  808.701511][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  808.710754][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  808.721898][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  808.737765][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  808.752887][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  808.779491][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  808.826629][T13083] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  808.830579][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  808.930788][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  808.955618][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  808.958978][T13070] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  809.318708][T13070] BTRFS error (device loop6): open_ctree failed
[  809.486874][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  810.751262][T13160] loop4: detected capacity change from 0 to 4096
[  812.182450][ T5834] Bluetooth: min 0 < 6
[  812.389127][T13160] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  813.433171][T13158] loop3: detected capacity change from 0 to 40427
[  813.446972][T13158] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1fffff
[  813.731505][T13195] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1565'.
[  813.757322][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  813.816183][T13158] F2FS-fs (loop3): invalid crc value
[  813.821836][T13158] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-4)
[  813.919166][T13187] loop6: detected capacity change from 0 to 40427
[  813.929577][T13187] F2FS-fs (loop6): Wrong NAT boundary, start(2560) end(462336) blocks(1024)
[  813.946464][T13187] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  814.182601][T13187] F2FS-fs (loop6): Found nat_bits in checkpoint
[  814.196436][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[  814.431208][T13187] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  814.517235][ T9258] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  814.533911][T13187] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  815.931673][T13218] loop9: detected capacity change from 0 to 128
[  815.938818][T13218] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  816.058473][T13218] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  816.074174][   T29] audit: type=1800 audit(1733227093.042:122): pid=13218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1568" name="file1" dev="loop9" ino=1048649 res=0 errno=0
[  816.125979][T11308] IPVS: starting estimator thread 0...
[  816.250127][T13220] IPVS: using max 24 ests per chain, 57600 per kthread
[  816.361524][ T9258] usb 8-1: too many configurations: 13, using maximum allowed: 8
[  816.579389][T13226] loop4: detected capacity change from 0 to 32768
[  816.597832][ T9258] usb 8-1: config 0 has no interfaces?
[  816.603543][T13226] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1570 (13226)
[  816.622941][ T9258] usb 8-1: config 0 has no interfaces?
[  816.633360][ T9258] usb 8-1: config 0 has no interfaces?
[  816.638952][T13226] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  816.649129][T13226] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  816.663228][ T9258] usb 8-1: config 0 has no interfaces?
[  816.671228][ T9258] usb 8-1: config 0 has no interfaces?
[  816.687122][ T9258] usb 8-1: config 0 has no interfaces?
[  816.697182][ T9258] usb 8-1: config 0 has no interfaces?
[  816.716180][ T9258] usb 8-1: config 0 has no interfaces?
[  816.756596][ T9258] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  816.774842][ T9258] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.794146][ T9258] usb 8-1: Product: syz
[  816.800818][ T9258] usb 8-1: Manufacturer: syz
[  816.805459][ T9258] usb 8-1: SerialNumber: syz
[  816.812677][ T9258] usb 8-1: config 0 descriptor??
[  816.995099][ T9258] usb 8-1: can't set config #0, error -71
[  817.003604][ T9258] usb 8-1: USB disconnect, device number 11
[  818.476180][T13226] BTRFS info (device loop4): rebuilding free space tree
[  818.491026][T13226] BTRFS info (device loop4): disabling free space tree
[  818.500486][T13226] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  818.511505][T13226] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  818.622602][   T29] audit: type=1800 audit(1733227095.592:123): pid=13226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1570" name="bus" dev="loop4" ino=263 res=0 errno=0
[  818.816111][ T5917] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  818.974123][T11053] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  818.988107][ T5917] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  819.011513][ T5917] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  819.053784][ T5917] usb 10-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  819.096170][ T5917] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.120785][ T5917] usb 10-1: config 0 descriptor??
[  819.998606][ T5917] dragonrise 0003:0079:0006.0010: item fetching failed at offset 3/5
[  820.174522][ T5917] dragonrise 0003:0079:0006.0010: parse failed
[  820.196539][ T5917] dragonrise 0003:0079:0006.0010: probe with driver dragonrise failed with error -22
[  820.297227][T13298] loop4: detected capacity change from 0 to 128
[  820.298209][ T5917] usb 10-1: USB disconnect, device number 6
[  820.304362][T13298] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  820.341111][T13267] loop6: detected capacity change from 0 to 32768
[  820.358333][T13267] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1571 (13267)
[  820.387218][T13298] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  820.629534][   T29] audit: type=1800 audit(1733227097.402:124): pid=13298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1579" name="file1" dev="loop4" ino=1048650 res=0 errno=0
[  821.179558][T13267] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  821.256152][T13267] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  821.264921][T13267] BTRFS info (device loop6): using free-space-tree
[  821.787761][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  821.788557][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  821.876206][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  821.900446][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  821.912127][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  821.928381][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  822.055716][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  822.080713][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  822.137292][   T29] audit: type=1326 audit(1733227099.092:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13308 comm="syz.3.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7fc00000
[  822.159286][T13339] loop9: detected capacity change from 0 to 4096
[  822.183318][T13267] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  822.310988][T13267] BTRFS error (device loop6): open_ctree failed
[  822.447037][T13339] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  822.638209][T13356] loop3: detected capacity change from 0 to 2048
[  822.700705][T13356] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  823.941304][   T29] audit: type=1326 audit(1733227100.872:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.3.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  823.962119][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  823.970609][   T29] audit: type=1326 audit(1733227100.872:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.3.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  823.995205][   T29] audit: type=1326 audit(1733227100.872:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13367 comm="syz.3.1592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff86f37ff19 code=0x7ffc0000
[  824.061556][T13372] netlink: 696 bytes leftover after parsing attributes in process `syz.3.1596'.
[  824.411257][T13388] loop9: detected capacity change from 0 to 128
[  824.418568][T13388] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  824.456625][T13388] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  824.478355][   T29] audit: type=1800 audit(1733227101.452:129): pid=13387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1595" name="file1" dev="loop9" ino=1048651 res=0 errno=0
[  825.376392][T13403] process 'syz.9.1600' launched './file0' with NULL argv: empty string added
[  825.806891][T13390] sctp: failed to load transform for md5: -4
[  827.836952][T13417] loop9: detected capacity change from 0 to 4096
[  827.871300][T13417] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  828.907660][T13430] loop3: detected capacity change from 0 to 512
[  828.925208][T13430] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1606: corrupted in-inode xattr: invalid ea_ino
[  829.042417][T13430] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1606: couldn't read orphan inode 15 (err -117)
[  829.061640][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.097790][T13430] EXT4-fs (loop3): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  829.601194][T13451] loop6: detected capacity change from 0 to 128
[  829.753474][T13451] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  829.825783][T13451] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  830.037910][   T29] audit: type=1800 audit(1733227107.012:130): pid=13436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1610" name="file1" dev="loop6" ino=1048652 res=0 errno=0
[  831.467517][ T5826] EXT4-fs (loop3): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  833.914171][T13490] loop9: detected capacity change from 0 to 4096
[  834.005732][T13490] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  835.534141][T13503] loop6: detected capacity change from 0 to 32768
[  835.564325][T13503] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1618 (13503)
[  835.648127][T10188] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  836.328505][T13511] loop3: detected capacity change from 0 to 128
[  836.336010][T13511] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  837.095141][T13511] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  837.095814][T13503] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  837.239840][T13503] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  837.595663][   T29] audit: type=1800 audit(1733227114.562:131): pid=13511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1625" name="file1" dev="loop3" ino=1048653 res=0 errno=0
[  838.000255][T13503] BTRFS info (device loop6): rebuilding free space tree
[  840.596227][T13503] BTRFS info (device loop6): disabling free space tree
[  840.603191][T13503] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  840.675977][T13503] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  841.103725][ T8180] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  843.685645][T13589] loop4: detected capacity change from 0 to 128
[  843.692520][T13589] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  843.709484][T13589] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  843.729824][   T29] audit: type=1800 audit(1733227120.702:132): pid=13589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1638" name="file1" dev="loop4" ino=1048654 res=0 errno=0
[  843.733620][T13595] loop6: detected capacity change from 0 to 512
[  843.899993][T13595] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  843.950601][T13595] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  844.272575][T13604] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  844.755281][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  844.974177][T13576] loop9: detected capacity change from 0 to 32768
[  845.068137][   T29] audit: type=1800 audit(1733227122.032:133): pid=13619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1642" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  845.213374][T13576] read_mapping_page failed!
[  845.224659][   T29] audit: type=1326 audit(1733227122.192:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.4.1646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  845.256081][T13576] diRead: diIAGRead returned -5
[  845.323329][   T29] audit: type=1326 audit(1733227122.192:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.4.1646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  845.489183][   T29] audit: type=1326 audit(1733227122.192:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.4.1646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  845.532346][T13627] loop6: detected capacity change from 0 to 32768
[  845.581741][T13627] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1645 (13627)
[  845.630312][T13630] block device autoloading is deprecated and will be removed.
[  845.631570][T13625] loop3: detected capacity change from 0 to 4096
[  845.641681][T13630] syz.4.1647: attempt to access beyond end of device
[  845.641681][T13630] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  845.654914][   T29] audit: type=1326 audit(1733227122.192:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.4.1646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  845.683541][T13627] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  845.746105][   T29] audit: type=1326 audit(1733227122.192:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13621 comm="syz.4.1646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f065ad7ff19 code=0x7ffc0000
[  845.766025][T13627] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  846.188243][ T5834] Bluetooth: min 0 < 6
[  848.345065][T13627] BTRFS info (device loop6): rebuilding free space tree
[  848.366065][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  848.376341][T13627] BTRFS info (device loop6): disabling free space tree
[  848.383348][T13627] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  848.453522][T13627] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  851.110747][T13701] loop7: detected capacity change from 0 to 512
[  851.794690][ T8180] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  851.844454][T13701] EXT4-fs error (device loop7): __ext4_iget:4984: inode #11: block 16: comm syz.7.1658: invalid block
[  851.910080][T13701] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.1658: couldn't read orphan inode 11 (err -117)
[  851.924624][T13701] EXT4-fs (loop7): 1 truncate cleaned up
[  851.930907][T13701] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  853.136841][T13723] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 16: invalid block bitmap
[  854.762553][T13750] loop4: detected capacity change from 0 to 4096
[  854.804840][T13750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  855.006477][T13757] loop9: detected capacity change from 0 to 32768
[  855.027030][T13757] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1670 (13757)
[  855.149885][T13757] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  855.160653][T13757] BTRFS info (device loop9): using sha256 (sha256-avx2) checksum algorithm
[  855.350610][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  855.535549][T13757] BTRFS info (device loop9): rebuilding free space tree
[  855.614150][T13757] BTRFS info (device loop9): disabling free space tree
[  855.621265][T13757] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  855.631003][T13757] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  855.681043][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  855.690110][   T29] audit: type=1800 audit(1733227132.662:139): pid=13757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1670" name="bus" dev="loop9" ino=263 res=0 errno=0
[  855.876182][ T5834] Bluetooth: hci2: command 0x0406 tx timeout
[  857.363312][T13796] loop4: detected capacity change from 0 to 512
[  858.030284][T10188] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  858.168776][T13796] EXT4-fs error (device loop4): __ext4_iget:4984: inode #11: block 16: comm syz.4.1673: invalid block
[  858.226680][T13796] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1673: couldn't read orphan inode 11 (err -117)
[  858.277110][T13796] EXT4-fs (loop4): 1 truncate cleaned up
[  858.283270][T13796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  858.487818][T13811] syz.6.1676 (13811): /proc/13806/oom_adj is deprecated, please use /proc/13806/oom_score_adj instead.
[  861.327206][T13825] loop3: detected capacity change from 0 to 512
[  861.522687][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  862.514076][T13827] loop9: detected capacity change from 0 to 8192
[  862.521279][T13827] vfat: Unknown parameter 'ÿÿÿÿ00000000000000000003ÿÿÿÿÿÿ'
[  863.456097][T13825] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  864.616816][T13825] ext4 filesystem being mounted at /360/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  864.691529][T13842] loop6: detected capacity change from 0 to 4096
[  864.866126][ T5931] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  865.166098][ T5931] usb 5-1: Using ep0 maxpacket: 32
[  866.224959][ T5931] usb 5-1: string descriptor 0 read error: -71
[  866.233591][ T5931] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13
[  866.242950][ T5931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  866.282641][T13842] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  866.289107][ T5931] usb 5-1: config 0 descriptor??
[  866.300636][ T5931] usb 5-1: can't set config #0, error -71
[  866.308757][ T5931] usb 5-1: USB disconnect, device number 8
[  866.558826][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  866.712777][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.780778][   T29] audit: type=1326 audit(1733227143.752:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13867 comm="syz.7.1689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f90f7ff19 code=0x7fc00000
[  867.453457][T13881] loop3: detected capacity change from 0 to 512
[  868.065984][ T5917] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  868.086782][   T29] audit: type=1326 audit(1733227145.062:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13867 comm="syz.7.1689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9f90f7ff19 code=0x7fc00000
[  868.298021][T13881] EXT4-fs error (device loop3): __ext4_iget:4984: inode #11: block 16: comm syz.3.1688: invalid block
[  868.309577][T13881] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1688: couldn't read orphan inode 11 (err -117)
[  868.322536][ T5917] usb 7-1: too many configurations: 13, using maximum allowed: 8
[  868.330570][T13881] EXT4-fs (loop3): 1 truncate cleaned up
[  868.337480][T13881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.410024][ T5917] usb 7-1: config 0 has no interfaces?
[  868.417009][ T5917] usb 7-1: config 0 has no interfaces?
[  868.466939][ T5917] usb 7-1: config 0 has no interfaces?
[  868.477031][ T5917] usb 7-1: config 0 has no interfaces?
[  868.483389][ T5917] usb 7-1: config 0 has no interfaces?
[  868.496737][ T5917] usb 7-1: config 0 has no interfaces?
[  868.503295][ T5917] usb 7-1: config 0 has no interfaces?
[  868.517002][ T5917] usb 7-1: config 0 has no interfaces?
[  868.524534][ T5917] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  868.533888][ T5917] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  868.542388][ T5917] usb 7-1: Product: syz
[  868.547156][ T5917] usb 7-1: Manufacturer: syz
[  868.551777][ T5917] usb 7-1: SerialNumber: syz
[  868.558877][ T5917] usb 7-1: config 0 descriptor??
[  868.674902][T13861] loop4: detected capacity change from 0 to 32768
[  868.734695][T13861] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  868.770333][ T5917] usb 7-1: USB disconnect, device number 5
[  869.534958][T13887] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 16: invalid block bitmap
[  870.358368][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  870.533099][ T5917] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  871.842790][T11053] ocfs2: Unmounting device (7,4) on (node local)
[  872.448558][T13919] loop9: detected capacity change from 0 to 4096
[  873.002830][T13932] loop7: detected capacity change from 0 to 512
[  873.854259][T13919] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  873.854327][T13919] EXT4-fs: failed to create workqueue
[  873.888812][T13932] EXT4-fs error (device loop7): __ext4_iget:4984: inode #11: block 16: comm syz.7.1705: invalid block
[  873.926107][T13919] EXT4-fs (loop9): mount failed
[  874.026637][T13932] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.1705: couldn't read orphan inode 11 (err -117)
[  874.043056][T13932] EXT4-fs (loop7): 1 truncate cleaned up
[  874.049358][T13932] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  875.316613][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  875.348371][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  876.407315][T13961] loop3: detected capacity change from 0 to 512
[  876.525699][T13961] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  876.663586][T13961] EXT4-fs (loop3): 1 truncate cleaned up
[  876.738425][T13961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  877.998737][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  878.413161][T13988] tipc: Started in network mode
[  878.418718][T13988] tipc: Node identity ac1414aa, cluster identity 4711
[  878.428826][T13988] tipc: Enabled bearer <udp:s>, priority 10
[  879.438821][ T7448] tipc: Node number set to 2886997162
[  880.228400][T14001] loop9: detected capacity change from 0 to 256
[  880.271794][T14003] loop6: detected capacity change from 0 to 4096
[  880.337351][T14003] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  881.865464][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  882.087090][T14032] overlayfs: failed to resolve './file0': -2
[  882.209941][T14039] 9pnet_fd: Insufficient options for proto=fd
[  884.166102][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  884.567376][T14070] loop4: detected capacity change from 0 to 4096
[  884.881742][T14070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  886.858397][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  888.604412][    T8] hid-generic 0040:06C3:0002.0011: item fetching failed at offset 0/1
[  888.616763][    T8] hid-generic 0040:06C3:0002.0011: probe with driver hid-generic failed with error -22
[  890.645269][T14115] loop6: detected capacity change from 0 to 512
[  891.898956][T14115] EXT4-fs error (device loop6): __ext4_iget:4984: inode #11: block 16: comm syz.6.1741: invalid block
[  892.009450][T14115] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1741: couldn't read orphan inode 11 (err -117)
[  892.024047][T14115] EXT4-fs (loop6): 1 truncate cleaned up
[  892.030445][T14115] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  895.197017][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  896.267172][T14158] loop6: detected capacity change from 0 to 4096
[  896.274255][T14161] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1752'.
[  896.370625][T14161] gretap0: entered promiscuous mode
[  896.427710][T14158] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  899.553581][T14185] loop3: detected capacity change from 0 to 512
[  900.420860][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  900.662602][T14185] EXT4-fs error (device loop3): __ext4_iget:4984: inode #11: block 16: comm syz.3.1755: invalid block
[  900.686508][T14185] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1755: couldn't read orphan inode 11 (err -117)
[  900.701639][T14185] EXT4-fs (loop3): 1 truncate cleaned up
[  900.707818][T14185] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  901.432207][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  901.470266][T14211] loop9: detected capacity change from 0 to 8192
[  904.450530][T14237] loop4: detected capacity change from 0 to 256
[  905.598061][T14253] loop4: detected capacity change from 0 to 4096
[  905.718336][    T9] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  906.414083][T14253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  906.536483][    T9] usb 4-1: Using ep0 maxpacket: 16
[  906.554648][    T9] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  906.564080][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  906.609896][    T9] usb 4-1: Product: syz
[  906.614096][    T9] usb 4-1: Manufacturer: syz
[  906.623148][    T9] usb 4-1: SerialNumber: syz
[  906.897430][    T9] usb 4-1: config 0 descriptor??
[  906.904851][    T9] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  906.924445][    T9] usb 4-1: Detected FT-X
[  906.937188][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  907.052688][ T5834] Bluetooth: hci2: unexpected event for opcode 0x0413
[  907.117571][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  908.920516][    T9] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  908.963103][    T9] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  909.018151][    T9] usb 4-1: USB disconnect, device number 26
[  909.041742][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  909.088599][T14300] loop9: detected capacity change from 0 to 256
[  909.098534][    T9] ftdi_sio 4-1:0.0: device disconnected
[  909.152059][T14297] loop3: detected capacity change from 0 to 1024
[  910.602097][T14315] loop4: detected capacity change from 0 to 4096
[  910.687547][T14315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  910.784213][T14325] loop7: detected capacity change from 0 to 1024
[  910.846770][T14325] UDF-fs: warning (device loop7): udf_fill_super: No partition found (2)
[  911.295562][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  913.945731][T14351] loop9: detected capacity change from 0 to 32768
[  913.991777][T14351] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1791 (14351)
[  914.271856][T14360] loop4: detected capacity change from 0 to 256
[  915.224398][T14351] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  915.247212][T14351] BTRFS info (device loop9): using sha256 (sha256-avx2) checksum algorithm
[  915.455631][   T29] audit: type=1326 audit(1733227192.142:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  915.715923][   T29] audit: type=1326 audit(1733227192.142:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  915.765938][   T29] audit: type=1326 audit(1733227192.152:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  915.804014][   T29] audit: type=1326 audit(1733227192.152:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  915.848030][   T29] audit: type=1326 audit(1733227192.152:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  915.895957][ T5884] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  915.913931][   T29] audit: type=1326 audit(1733227192.152:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  915.966144][   T29] audit: type=1326 audit(1733227192.152:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  916.006058][   T29] audit: type=1326 audit(1733227192.152:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  916.014427][T14373] loop7: detected capacity change from 0 to 2048
[  916.051492][T14373] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found
[  916.055901][   T29] audit: type=1326 audit(1733227192.152:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  916.062501][T14373] UDF-fs: Scanning with blocksize 512 failed
[  916.097086][T14373] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  916.114752][   T29] audit: type=1326 audit(1733227192.152:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14348 comm="syz.6.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaad77ff19 code=0x7ffc0000
[  916.249539][T14379] loop3: detected capacity change from 0 to 4096
[  916.414578][T14379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  916.778067][T14351] BTRFS error (device loop9): open_ctree failed
[  916.793666][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  919.341570][T14443] loop4: detected capacity change from 0 to 4096
[  919.417972][T14449] loop6: detected capacity change from 0 to 256
[  919.473529][T14449] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  919.575081][T14443] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  919.717353][T14455] loop3: detected capacity change from 0 to 256
[  919.718112][T14457] loop9: detected capacity change from 0 to 8
[  919.872442][T11053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  920.290598][T14472] loop4: detected capacity change from 0 to 32768
[  920.302291][T14472] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1812 (14472)
[  920.339405][T14472] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  920.350251][T14472] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  920.382352][T14464] SQUASHFS error: Failed to read block 0x4e8: -5
[  920.413387][T14464] SQUASHFS error: Failed to read block 0x4de: -5
[  920.490393][T14464] SQUASHFS error: Failed to read block 0x4de: -5
[  920.526618][T14464] SQUASHFS error: Failed to read block 0x4de: -5
[  921.960511][T14508] loop7: detected capacity change from 0 to 512
[  922.594323][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  922.594341][   T29] audit: type=1800 audit(1733227199.552:156): pid=14464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1811" name="file1" dev="loop9" ino=5 res=0 errno=0
[  922.675426][T14514] loop6: detected capacity change from 0 to 4096
[  922.718508][T14472] BTRFS info (device loop4): rebuilding free space tree
[  922.731106][T14508] EXT4-fs error (device loop7): __ext4_iget:4984: inode #11: block 16: comm syz.7.1819: invalid block
[  922.743328][T14508] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.1819: couldn't read orphan inode 11 (err -117)
[  922.755892][T14508] EXT4-fs (loop7): 1 truncate cleaned up
[  922.762236][T14508] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  922.831040][T14514] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  922.923291][T14472] BTRFS info (device loop4): disabling free space tree
[  922.930425][T14472] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  922.940182][T14472] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  923.116502][ T8180] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  923.531243][T14531] loop6: detected capacity change from 0 to 256
[  923.600853][T11053] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  923.689063][T14533] loop3: detected capacity change from 0 to 128
[  924.294810][ T8709] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  925.110167][T14549] binder: 14545:14549 ioctl 4018620d 0 returned -22
[  925.176482][T14549] 
[  925.178844][T14549] ======================================================
[  925.185866][T14549] WARNING: possible circular locking dependency detected
[  925.192882][T14549] 6.12.0-next-20241128-syzkaller #0 Not tainted
[  925.199107][T14549] ------------------------------------------------------
[  925.206158][T14549] syz.6.1829/14549 is trying to acquire lock:
[  925.212207][T14549] ffff88807add5be0 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0xaa/0x120
[  925.221080][T14549] 
[  925.221080][T14549] but task is already holding lock:
[  925.228432][T14549] ffff88802514ba00 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_ioctl+0xdd/0x9a0
[  925.237739][T14549] 
[  925.237739][T14549] which lock already depends on the new lock.
[  925.237739][T14549] 
[  925.248126][T14549] 
[  925.248126][T14549] the existing dependency chain (in reverse order) is:
[  925.257132][T14549] 
[  925.257132][T14549] -> #8 (&q->debugfs_mutex){+.+.}-{4:4}:
[  925.264941][T14549]        lock_acquire+0x1ed/0x550
[  925.269962][T14549]        __mutex_lock+0x1ac/0xee0
[  925.274974][T14549]        blk_mq_init_sched+0x3fa/0x830
[  925.280432][T14549]        elevator_init_mq+0x20e/0x320
[  925.285800][T14549]        add_disk_fwnode+0x10d/0xf80
[  925.291083][T14549]        sd_probe+0xba6/0x1100
[  925.295858][T14549]        really_probe+0x2b8/0xad0
[  925.300878][T14549]        __driver_probe_device+0x1a2/0x390
[  925.306674][T14549]        driver_probe_device+0x50/0x430
[  925.312210][T14549]        __device_attach_driver+0x2d6/0x530
[  925.318097][T14549]        bus_for_each_drv+0x24e/0x2e0
[  925.323461][T14549]        __device_attach_async_helper+0x22d/0x300
[  925.329868][T14549]        async_run_entry_fn+0xa8/0x420
[  925.335316][T14549]        process_scheduled_works+0xa66/0x1840
[  925.341374][T14549]        worker_thread+0x870/0xd30
[  925.346472][T14549]        kthread+0x2f0/0x390
[  925.351060][T14549]        ret_from_fork+0x4b/0x80
[  925.355996][T14549]        ret_from_fork_asm+0x1a/0x30
[  925.361268][T14549] 
[  925.361268][T14549] -> #7 (&q->q_usage_counter(queue)#50){++++}-{0:0}:
[  925.370129][T14549]        lock_acquire+0x1ed/0x550
[  925.375146][T14549]        blk_queue_enter+0xe1/0x600
[  925.380342][T14549]        blk_mq_alloc_request+0x4fa/0xaa0
[  925.386061][T14549]        scsi_execute_cmd+0x177/0x1090
[  925.391513][T14549]        read_capacity_16+0x2b4/0x1450
[  925.396962][T14549]        sd_revalidate_disk+0x1013/0xbce0
[  925.402689][T14549]        sd_probe+0x9fa/0x1100
[  925.407444][T14549]        really_probe+0x2b8/0xad0
[  925.412473][T14549]        __driver_probe_device+0x1a2/0x390
[  925.418270][T14549]        driver_probe_device+0x50/0x430
[  925.423807][T14549]        __device_attach_driver+0x2d6/0x530
[  925.429692][T14549]        bus_for_each_drv+0x24e/0x2e0
[  925.435054][T14549]        __device_attach_async_helper+0x22d/0x300
[  925.441464][T14549]        async_run_entry_fn+0xa8/0x420
[  925.446912][T14549]        process_scheduled_works+0xa66/0x1840
[  925.452964][T14549]        worker_thread+0x870/0xd30
[  925.458095][T14549]        kthread+0x2f0/0x390
[  925.462678][T14549]        ret_from_fork+0x4b/0x80
[  925.467603][T14549]        ret_from_fork_asm+0x1a/0x30
[  925.472875][T14549] 
[  925.472875][T14549] -> #6 (&q->limits_lock){+.+.}-{4:4}:
[  925.480519][T14549]        lock_acquire+0x1ed/0x550
[  925.485541][T14549]        __mutex_lock+0x1ac/0xee0
[  925.490557][T14549]        loop_reconfigure_limits+0x43f/0x900
[  925.496532][T14549]        lo_ioctl+0x1351/0x1f50
[  925.501403][T14549]        blkdev_ioctl+0x57d/0x6a0
[  925.506420][T14549]        __se_sys_ioctl+0xf5/0x170
[  925.511523][T14549]        do_syscall_64+0xf3/0x230
[  925.516538][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.522941][T14549] 
[  925.522941][T14549] -> #5 (&q->q_usage_counter(io)#24){++++}-{0:0}:
[  925.531541][T14549]        lock_acquire+0x1ed/0x550
[  925.536558][T14549]        blk_mq_submit_bio+0x1536/0x2390
[  925.542190][T14549]        __submit_bio+0x2c6/0x560
[  925.547224][T14549]        submit_bio_noacct_nocheck+0x4d3/0xe30
[  925.553415][T14549]        ext4_read_bh+0x1d7/0x290
[  925.558428][T14549]        ext4_bread+0x135/0x180
[  925.563271][T14549]        ext4_quota_read+0x1b8/0x2d0
[  925.568557][T14549]        find_tree_dqentry+0x1e3/0xfb0
[  925.574005][T14549]        find_tree_dqentry+0x6cd/0xfb0
[  925.579461][T14549]        find_tree_dqentry+0x6cd/0xfb0
[  925.584907][T14549]        find_tree_dqentry+0x6cd/0xfb0
[  925.590359][T14549]        qtree_read_dquot+0x53e/0x7e0
[  925.595721][T14549]        v2_read_dquot+0x11e/0x200
[  925.600820][T14549]        dquot_acquire+0x192/0x680
[  925.605922][T14549]        ext4_acquire_dquot+0x301/0x4c0
[  925.611459][T14549]        dqget+0x770/0xeb0
[  925.615867][T14549]        __dquot_initialize+0x468/0xec0
[  925.621401][T14549]        ext4_rmdir+0x14b/0xac0
[  925.626244][T14549]        vfs_rmdir+0x3a3/0x510
[  925.631028][T14549]        do_rmdir+0x3b5/0x580
[  925.635704][T14549]        __x64_sys_unlinkat+0xde/0xf0
[  925.641067][T14549]        do_syscall_64+0xf3/0x230
[  925.646081][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.652486][T14549] 
[  925.652486][T14549] -> #4 (&s->s_dquot.dqio_sem){++++}-{4:4}:
[  925.660560][T14549]        lock_acquire+0x1ed/0x550
[  925.665574][T14549]        down_read+0xb1/0xa40
[  925.670240][T14549]        v2_read_dquot+0x57/0x200
[  925.675253][T14549]        dquot_acquire+0x192/0x680
[  925.680359][T14549]        ext4_acquire_dquot+0x301/0x4c0
[  925.685904][T14549]        dqget+0x770/0xeb0
[  925.690319][T14549]        __dquot_initialize+0x2e3/0xec0
[  925.695861][T14549]        ext4_create+0xb5/0x550
[  925.700702][T14549]        path_openat+0x1c03/0x3590
[  925.705831][T14549]        do_filp_open+0x27f/0x4e0
[  925.710848][T14549]        do_sys_openat2+0x13e/0x1d0
[  925.716030][T14549]        __x64_sys_creat+0x123/0x170
[  925.721305][T14549]        do_syscall_64+0xf3/0x230
[  925.726324][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.732731][T14549] 
[  925.732731][T14549] -> #3 (&dquot->dq_lock){+.+.}-{4:4}:
[  925.740368][T14549]        lock_acquire+0x1ed/0x550
[  925.745390][T14549]        __mutex_lock+0x1ac/0xee0
[  925.750400][T14549]        dqget+0x6e6/0xeb0
[  925.754806][T14549]        dquot_transfer+0x2c2/0x6d0
[  925.759995][T14549]        ext4_setattr+0xb49/0x1da0
[  925.765092][T14549]        notify_change+0xbca/0xe90
[  925.770191][T14549]        chown_common+0x501/0x850
[  925.775205][T14549]        do_fchownat+0x16a/0x240
[  925.780136][T14549]        __x64_sys_lchown+0x85/0xa0
[  925.785332][T14549]        do_syscall_64+0xf3/0x230
[  925.790350][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.796756][T14549] 
[  925.796756][T14549] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[  925.804305][T14549]        lock_acquire+0x1ed/0x550
[  925.809330][T14549]        down_read+0xb1/0xa40
[  925.813995][T14549]        ext4_readpage_inline+0x36/0x6b0
[  925.819615][T14549]        ext4_read_folio+0x174/0x340
[  925.824891][T14549]        filemap_read_folio+0x14b/0x630
[  925.830426][T14549]        filemap_get_pages+0x100a/0x2540
[  925.836049][T14549]        filemap_read+0x45c/0xf50
[  925.841060][T14549]        __kernel_read+0x513/0x9d0
[  925.846164][T14549]        integrity_kernel_read+0xb0/0x100
[  925.851874][T14549]        ima_calc_file_hash+0xae6/0x1b30
[  925.857501][T14549]        ima_collect_measurement+0x520/0xb10
[  925.863472][T14549]        process_measurement+0x1351/0x1fb0
[  925.869271][T14549]        ima_file_check+0xd9/0x120
[  925.874373][T14549]        security_file_post_open+0xb9/0x280
[  925.880259][T14549]        path_openat+0x2ccd/0x3590
[  925.885363][T14549]        do_filp_open+0x27f/0x4e0
[  925.890378][T14549]        do_sys_openat2+0x13e/0x1d0
[  925.895574][T14549]        __x64_sys_openat+0x247/0x2a0
[  925.900960][T14549]        do_syscall_64+0xf3/0x230
[  925.905975][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.912380][T14549] 
[  925.912380][T14549] -> #1 (mapping.invalidate_lock){++++}-{4:4}:
[  925.920710][T14549]        lock_acquire+0x1ed/0x550
[  925.925729][T14549]        down_read+0xb1/0xa40
[  925.930396][T14549]        page_cache_ra_unbounded+0x143/0x8c0
[  925.936386][T14549]        filemap_fault+0x82a/0x1950
[  925.941587][T14549]        __do_fault+0x135/0x460
[  925.946435][T14549]        handle_pte_fault+0x3c01/0x66b0
[  925.951980][T14549]        handle_mm_fault+0x1106/0x1bb0
[  925.957436][T14549]        __get_user_pages+0x1c82/0x49e0
[  925.962980][T14549]        get_dump_page+0x155/0x2f0
[  925.968092][T14549]        dump_user_range+0x14d/0x970
[  925.973373][T14549]        elf_core_dump+0x3e9f/0x4790
[  925.978654][T14549]        do_coredump+0x214b/0x2e60
[  925.983759][T14549]        get_signal+0x140b/0x1750
[  925.988778][T14549]        arch_do_signal_or_restart+0x96/0x860
[  925.994842][T14549]        irqentry_exit_to_user_mode+0x7e/0x250
[  926.000987][T14549]        exc_page_fault+0x590/0x8b0
[  926.006185][T14549]        asm_exc_page_fault+0x26/0x30
[  926.011546][T14549] 
[  926.011546][T14549] -> #0 (&mm->mmap_lock){++++}-{4:4}:
[  926.019098][T14549]        validate_chain+0x18ef/0x5920
[  926.024461][T14549]        __lock_acquire+0x1397/0x2100
[  926.029825][T14549]        lock_acquire+0x1ed/0x550
[  926.034845][T14549]        __might_fault+0xc6/0x120
[  926.039859][T14549]        _copy_from_user+0x2a/0xc0
[  926.044958][T14549]        blk_trace_ioctl+0x1ad/0x9a0
[  926.050234][T14549]        blkdev_ioctl+0x40c/0x6a0
[  926.055252][T14549]        __se_sys_ioctl+0xf5/0x170
[  926.060355][T14549]        do_syscall_64+0xf3/0x230
[  926.065383][T14549]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.071798][T14549] 
[  926.071798][T14549] other info that might help us debug this:
[  926.071798][T14549] 
[  926.082040][T14549] Chain exists of:
[  926.082040][T14549]   &mm->mmap_lock --> &q->q_usage_counter(queue)#50 --> &q->debugfs_mutex
[  926.082040][T14549] 
[  926.096397][T14549]  Possible unsafe locking scenario:
[  926.096397][T14549] 
[  926.103833][T14549]        CPU0                    CPU1
[  926.109186][T14549]        ----                    ----
[  926.114539][T14549]   lock(&q->debugfs_mutex);
[  926.119122][T14549]                                lock(&q->q_usage_counter(queue)#50);
[  926.127272][T14549]                                lock(&q->debugfs_mutex);
[  926.134373][T14549]   rlock(&mm->mmap_lock);
[  926.138782][T14549] 
[  926.138782][T14549]  *** DEADLOCK ***
[  926.138782][T14549] 
[  926.146920][T14549] 1 lock held by syz.6.1829/14549:
[  926.152029][T14549]  #0: ffff88802514ba00 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_ioctl+0xdd/0x9a0
[  926.161815][T14549] 
[  926.161815][T14549] stack backtrace:
[  926.167691][T14549] CPU: 0 UID: 0 PID: 14549 Comm: syz.6.1829 Not tainted 6.12.0-next-20241128-syzkaller #0
[  926.177573][T14549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  926.187618][T14549] Call Trace:
[  926.190885][T14549]  <TASK>
[  926.193807][T14549]  dump_stack_lvl+0x241/0x360
[  926.198490][T14549]  ? __pfx_dump_stack_lvl+0x10/0x10
[  926.203681][T14549]  ? __pfx__printk+0x10/0x10
[  926.208308][T14549]  print_circular_bug+0x13a/0x1b0
[  926.213328][T14549]  check_noncircular+0x36a/0x4a0
[  926.218261][T14549]  ? __pfx_check_noncircular+0x10/0x10
[  926.223713][T14549]  ? lockdep_lock+0x123/0x2b0
[  926.228382][T14549]  validate_chain+0x18ef/0x5920
[  926.233225][T14549]  ? is_bpf_text_address+0x26/0x2a0
[  926.238419][T14549]  ? 0xffffffffa00076c0
[  926.242569][T14549]  ? 0xffffffffa00076c0
[  926.246711][T14549]  ? __pfx_validate_chain+0x10/0x10
[  926.251898][T14549]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  926.258041][T14549]  ? kernel_text_address+0xa7/0xe0
[  926.263149][T14549]  ? mark_lock+0x9a/0x360
[  926.267470][T14549]  ? __lock_acquire+0x1397/0x2100
[  926.272483][T14549]  ? string+0x26a/0x2b0
[  926.276635][T14549]  ? widen_string+0x3a/0x310
[  926.281215][T14549]  ? string+0x26a/0x2b0
[  926.285362][T14549]  ? bdev_name+0x2b1/0x3c0
[  926.289773][T14549]  ? mark_lock+0x9a/0x360
[  926.294095][T14549]  __lock_acquire+0x1397/0x2100
[  926.298942][T14549]  lock_acquire+0x1ed/0x550
[  926.303447][T14549]  ? __might_fault+0xaa/0x120
[  926.308114][T14549]  ? __pfx_lock_acquire+0x10/0x10
[  926.313126][T14549]  ? __pfx___might_resched+0x10/0x10
[  926.318423][T14549]  ? snprintf+0xda/0x120
[  926.322678][T14549]  ? __pfx___mutex_lock+0x10/0x10
[  926.327709][T14549]  ? blk_trace_ioctl+0xec/0x9a0
[  926.332564][T14549]  ? __pfx_snprintf+0x10/0x10
[  926.337243][T14549]  ? __might_fault+0xaa/0x120
[  926.341915][T14549]  __might_fault+0xc6/0x120
[  926.346441][T14549]  ? __might_fault+0xaa/0x120
[  926.351108][T14549]  _copy_from_user+0x2a/0xc0
[  926.355691][T14549]  blk_trace_ioctl+0x1ad/0x9a0
[  926.360449][T14549]  ? tomoyo_path_number_perm+0x6f9/0x860
[  926.366074][T14549]  ? tomoyo_path_number_perm+0x206/0x860
[  926.371700][T14549]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  926.376978][T14549]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  926.382965][T14549]  ? file_to_blk_mode+0xcc/0x140
[  926.387898][T14549]  blkdev_ioctl+0x40c/0x6a0
[  926.392395][T14549]  ? __pfx_blkdev_ioctl+0x10/0x10
[  926.397432][T14549]  ? __pfx_blkdev_ioctl+0x10/0x10
[  926.402465][T14549]  __se_sys_ioctl+0xf5/0x170
[  926.407075][T14549]  do_syscall_64+0xf3/0x230
[  926.411607][T14549]  ? clear_bhb_loop+0x35/0x90
[  926.416283][T14549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.422187][T14549] RIP: 0033:0x7fdaad77ff19
[  926.426598][T14549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  926.446201][T14549] RSP: 002b:00007fdaae5a5058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  926.454612][T14549] RAX: ffffffffffffffda RBX: 00007fdaad946080 RCX: 00007fdaad77ff19
[  926.462573][T14549] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000003
[  926.470534][T14549] RBP: 00007fdaad7f3986 R08: 0000000000000000 R09: 0000000000000000
[  926.478497][T14549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  926.486460][T14549] R13: 0000000000000000 R14: 00007fdaad946080 R15: 00007fff38e50098
[  926.494429][T14549]  </TASK>
[  926.748469][T10240] kworker/u8:16: attempt to access beyond end of device
[  926.748469][T10240] loop3: rw=1, sector=145, nr_sectors = 56 limit=128
[  931.799006][ T1296] ieee802154 phy0 wpan0: encryption failed: -22