Warning: Permanently added '[localhost]:43573' (ED25519) to the list of known hosts.
2024/06/05 09:38:44 fuzzer started
2024/06/05 09:38:44 dialing manager at localhost:30001
[   44.222644][ T5204] cgroup: Unknown subsys name 'net'
[   44.449496][ T5204] cgroup: Unknown subsys name 'rlimit'
[   45.143705][ T5211] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2024/06/05 09:38:45 starting 4 executor processes
[   45.818108][ T5223] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.819689][ T5228] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.825210][ T5223] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.825571][ T5228] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.829717][ T5223] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.832435][ T5228] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.835911][ T5223] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.839035][ T5228] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.841158][ T5223] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   45.844100][ T5228] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   45.846540][ T5223] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.849416][ T5228] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.051114][ T5221] chnl_net:caif_netlink_parms(): no params data found
[   46.099407][ T5224] chnl_net:caif_netlink_parms(): no params data found
[   46.196489][ T5221] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.200435][ T5221] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.203842][ T5221] bridge_slave_0: entered allmulticast mode
[   46.207937][ T5221] bridge_slave_0: entered promiscuous mode
[   46.243870][ T5221] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.246710][ T5221] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.249628][ T5221] bridge_slave_1: entered allmulticast mode
[   46.252480][ T5221] bridge_slave_1: entered promiscuous mode
[   46.271337][ T5224] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.274449][ T5224] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.277728][ T5224] bridge_slave_0: entered allmulticast mode
[   46.281741][ T5224] bridge_slave_0: entered promiscuous mode
[   46.312885][ T5221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.316225][ T5224] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.319241][ T5224] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.322053][ T5224] bridge_slave_1: entered allmulticast mode
[   46.325639][ T5224] bridge_slave_1: entered promiscuous mode
[   46.359384][ T5221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.403416][ T5224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.410913][ T5224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.465387][ T5221] team0: Port device team_slave_0 added
[   46.492181][ T5224] team0: Port device team_slave_0 added
[   46.497104][ T5221] team0: Port device team_slave_1 added
[   46.502487][ T5224] team0: Port device team_slave_1 added
[   46.592118][ T5221] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.595150][ T5221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.608399][ T5221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.614658][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.617162][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.627710][ T5224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.632353][ T5221] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.635429][ T5221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.646975][ T5221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.656057][ T5224] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.659040][ T5224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.669348][ T5224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.767435][ T5221] hsr_slave_0: entered promiscuous mode
[   46.769974][ T5221] hsr_slave_1: entered promiscuous mode
[   46.776114][ T5224] hsr_slave_0: entered promiscuous mode
[   46.779706][ T5224] hsr_slave_1: entered promiscuous mode
[   46.782842][ T5224] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.786366][ T5224] Cannot create hsr debugfs directory
[   47.055792][ T5221] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.064894][ T5221] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.070239][ T5221] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.076395][ T5221] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.121710][ T5224] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.128753][ T5224] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.135925][ T5224] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.142230][ T5224] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.249365][ T5221] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.266722][ T5224] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.271111][ T5221] 8021q: adding VLAN 0 to HW filter on device team0
[   47.287618][ T5224] 8021q: adding VLAN 0 to HW filter on device team0
[   47.292291][ T4662] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.295269][ T4662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.301005][ T4662] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.304073][ T4662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.321934][  T968] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.324435][  T968] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.339420][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.343073][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.500090][ T5221] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.535397][ T5221] veth0_vlan: entered promiscuous mode
[   47.545803][ T5224] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.550742][ T5221] veth1_vlan: entered promiscuous mode
[   47.585367][ T5221] veth0_macvtap: entered promiscuous mode
[   47.595992][ T5221] veth1_macvtap: entered promiscuous mode
[   47.601037][ T5224] veth0_vlan: entered promiscuous mode
[   47.613093][ T5224] veth1_vlan: entered promiscuous mode
[   47.625025][ T5221] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.634933][ T5221] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.644434][ T5221] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.648262][ T5221] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.651891][ T5221] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.655397][ T5221] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.679066][ T5224] veth0_macvtap: entered promiscuous mode
[   47.685979][ T5224] veth1_macvtap: entered promiscuous mode
[   47.705345][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.710093][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.714377][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.737118][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.737533][ T5224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.739842][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.743246][ T5224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.744959][ T5224] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.761564][ T5224] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.764544][ T5224] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.768254][ T5224] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.771073][ T5224] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.783059][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.786200][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.823485][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.826181][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.848102][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.851003][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

[   47.881810][ T5254] syz-executor.2[5254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.881945][ T5254] syz-executor.2[5254] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   47.888073][ T5228] Bluetooth: hci0: command tx timeout
[   47.889062][   T65] Bluetooth: hci1: command tx timeout
[   47.902326][ T5254] loop2: detected capacity change from 0 to 256
[   47.919100][   T39] audit: type=1326 audit(1717580328.252:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.927179][   T39] audit: type=1326 audit(1717580328.252:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.937303][   T39] audit: type=1326 audit(1717580328.252:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.946328][   T39] audit: type=1326 audit(1717580328.252:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.955511][   T39] audit: type=1326 audit(1717580328.252:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.964882][   T39] audit: type=1326 audit(1717580328.252:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=133 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.976160][   T39] audit: type=1326 audit(1717580328.252:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
[   47.985219][   T39] audit: type=1326 audit(1717580328.252:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5255 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
[   48.523701][ T5228] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   48.529254][ T4642] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   48.530860][ T5223] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   48.532393][ T4642] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   48.536012][ T5223] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   48.538349][ T4642] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   48.542887][ T4642] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   48.543581][ T5223] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   48.545909][ T4642] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   48.548892][ T5223] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   48.551231][ T4642] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   48.561321][ T4642] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r6 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
openat$cgroup_subtree(r6, &(0x7f00000001c0), 0x2, 0x0)

executing program 2:
ftruncate(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
close(r7)

[   48.800415][ T5259] chnl_net:caif_netlink_parms(): no params data found
[   48.840176][ T5261] chnl_net:caif_netlink_parms(): no params data found
[   49.042643][ T5282] overlayfs: failed to resolve './file2': -2
[   49.075067][ T5259] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.084192][ T5259] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.087787][ T5259] bridge_slave_0: entered allmulticast mode
[   49.091715][ T5259] bridge_slave_0: entered promiscuous mode
[   49.098459][ T5259] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.101478][ T5259] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.104487][ T5259] bridge_slave_1: entered allmulticast mode
[   49.113480][ T5259] bridge_slave_1: entered promiscuous mode
[   49.264505][ T5259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   49.270171][ T5261] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.274058][ T5261] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.277250][ T5261] bridge_slave_0: entered allmulticast mode
[   49.280110][ T5261] bridge_slave_0: entered promiscuous mode
[   49.285492][ T5259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   49.312245][ T5261] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.314887][ T5261] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.317695][ T5261] bridge_slave_1: entered allmulticast mode
[   49.321071][ T5261] bridge_slave_1: entered promiscuous mode
[   49.350213][ T5259] team0: Port device team_slave_0 added
[   49.396099][ T5259] team0: Port device team_slave_1 added
[   49.434358][ T5261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   49.439748][ T5259] batman_adv: batadv0: Adding interface: batadv_slave_0
[   49.442724][ T5259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.452175][ T5259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   49.458810][ T5261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   49.478461][ T5259] batman_adv: batadv0: Adding interface: batadv_slave_1
[   49.481095][ T5259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.490140][ T5259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   49.514530][ T5261] team0: Port device team_slave_0 added
[   49.522785][ T5261] team0: Port device team_slave_1 added
[   49.600910][ T5261] batman_adv: batadv0: Adding interface: batadv_slave_0
[   49.603187][ T5261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.611608][ T5261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   49.650569][ T5259] hsr_slave_0: entered promiscuous mode
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00'})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="4d7e00000000000000002a00000008002f00000000000c0005000000000000000000050037000000000008000200", @ANYRES32, @ANYBLOB="050036"], 0x40}, 0x4, 0x700000000000000}, 0x0)

executing program 2:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x0, &(0x7f0000000000), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

[   49.657201][ T5259] hsr_slave_1: entered promiscuous mode
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x0, 0xbf22, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080)="15", &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)

[   49.667165][ T5259] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   49.669697][ T5259] Cannot create hsr debugfs directory
[   49.677950][ T5261] batman_adv: batadv0: Adding interface: batadv_slave_1
[   49.680666][ T5261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   49.690959][ T5261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
quotactl$Q_QUOTAOFF(0xffffffff80000301, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

executing program 2:
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'veth0_to_batadv\x00', &(0x7f0000000080)=@ethtool_sset_info})

[   49.739555][ T5295] Zero length message leads to an empty skb
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = getpgrp(0x0)
r3 = syz_pidfd_open(r2, 0x0)
r4 = pidfd_getfd(r3, r3, 0x0)
setns(r4, 0x14020000)

[   49.828229][ T5261] hsr_slave_0: entered promiscuous mode
[   49.830656][ T5261] hsr_slave_1: entered promiscuous mode
executing program 2:
ftruncate(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

[   49.835287][ T5261] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   49.837922][ T5261] Cannot create hsr debugfs directory
executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

[   49.860724][   T39] audit: type=1326 audit(1717580330.192:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5300 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
[   49.870894][   T39] audit: type=1326 audit(1717580330.192:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5300 comm="syz-executor.0" exe="/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7261579 code=0x7ffc0000
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

[   49.906156][ T5305] syz-executor.0[5305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.906240][ T5305] syz-executor.0[5305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.920170][ T5305] loop0: detected capacity change from 0 to 256
executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1010403, &(0x7f0000000080), 0x1, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvzdp17aatIMh8KghaGUvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5+dFla9KlXZMI/XzgNOfce5tzvjn3nnuSe0kC2LPG0z+ZiMMR8VESMVpfnomIpJobiDhZ2+7O2mo+TUmsr7/5R1Jdf3ttNd94rqT+eLBeeDYifnw/4khmc73l5ZW5XLFYWKyXJyvzFybLyytHz8/nZguzhYXjU9PTx068cOL47sX61y8rh258/Noz35z8570nrn34UxIn41B9XXMcu2W89upGxGD6Et7j1d2urM+SfjeAHcnUjvBqOhyjsa+aa2O4ly0DALrl3YhYBwD2mMT5HwD2mMbnALfXVvON1N9PJHrr5isRcaAWf+P6Zm3NQP2a3YEYjIiR28k9V0aSiBjbhfrHI+KL797+Kk3RpeuQAK1cvhIRZ8fGN4//yaZ7FrbruQ62Gb+vbPyD3vk+nf+82Gr+l9mY/0SL+c9Qi2N3Jx58/Geu70I1baXzv5eb7m270xR/3di+eumR6pxvMDl3vlhIx7ZHI2IiBofS8tQWdUzc+vdWu3XN878/P3nny7T+9PHuFpnrA0P3/s9MrpJ7mJib3bwS8eRAq/iTjf5P2sx/T3dYx+svffB5u3Vp/Gm8jbQ5/u5avxrxdMv+v3tHW7Ll/YmT1d1hsrFTtPDtr5+NtKu/uf/TlNbfeC/QC2n/j2wd/1jSfL9meft1/Hx19Id26x4cf+v9f3/yVjW/v77sUq5SWZyK2J+8sXn5sbv/2yg3tk/jn3iq9fG/1f6fvic822H8Azd+/3rn8XdXGv/Mtvp/+5lrd+b2tau/s/6fruYm6ks6Gf86beDDvHYAAAAAAAAAAAAAAAAAAAAAAAAA0KlMRByKJJPdyGcy2WztN7wfj5FMsVSuHDlXWlqYiepvZY/FYKbxVZejTd+HOlX/PvxG+dh95ecj4rGI+HRouFrO5kvFmX4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9v8/n/qt6F+tw4A6JoD/W4AANBzzv8AsPds7/w/3LV2AAC94/0/AOw9zv8AsPc4/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBlp0+dStP632ur+bQ8c3F5aa508ehMoTyXnV/KZ/OlxQvZ2VJptljI5kvzbZ/ocu2hWCpdmI6FpUuTlUK5MlleXjkzX1paqJw5P5+bLZwpDPYsMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZS5XLBYWZWRkZDYyzaPEcP8GKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uf8CAAD//53qKtg=")

[   49.957221][ T5228] Bluetooth: hci1: command tx timeout
[   49.959595][ T5228] Bluetooth: hci0: command tx timeout
[   49.980687][ T5308] loop2: detected capacity change from 0 to 2048
executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

[   49.991012][ T5308] EXT4-fs (loop2): cluster size (2048) smaller than block size (4096)
[   50.035992][ T5216] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
executing program 2:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r3, @ANYBLOB="050036"], 0x40}, 0x4, 0x700000000000000}, 0x0)

executing program 2:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x0, &(0x7f0000000000), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

executing program 2:
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'veth0_to_batadv\x00', &(0x7f0000000080)=@ethtool_sset_info})

executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080)="15", &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)

executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
quotactl$Q_QUOTAOFF(0xffffffff80000301, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

executing program 0:
ftruncate(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

executing program 2:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

[   50.370754][ T5259] netdevsim netdevsim1 netdevsim0: renamed from eth0
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

[   50.384618][ T5259] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   50.403330][ T5259] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   50.407797][ T5332] syz-executor.0[5332] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.407908][ T5332] syz-executor.0[5332] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.419518][ T5333] syz-executor.2[5333] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.420836][ T5259] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   50.424636][ T5333] syz-executor.2[5333] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.443836][ T5332] loop0: detected capacity change from 0 to 256
[   50.461520][ T5333] loop2: detected capacity change from 0 to 256
[   50.462099][ T5261] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   50.473184][ T5261] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   50.481708][ T5261] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   50.489991][ T5261] netdevsim netdevsim3 netdevsim3: renamed from eth3
executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = getpgrp(0x0)
r3 = syz_pidfd_open(r2, 0x0)
r4 = pidfd_getfd(r3, r3, 0x0)
setns(r4, 0x14020000)

[   50.595600][ T5259] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.597288][ T4642] Bluetooth: hci3: command tx timeout
[   50.607680][ T4642] Bluetooth: hci2: command tx timeout
[   50.609872][ T5261] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.640551][ T5261] 8021q: adding VLAN 0 to HW filter on device team0
[   50.652912][ T5259] 8021q: adding VLAN 0 to HW filter on device team0
executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r3, @ANYBLOB="050036"], 0x40}, 0x4, 0x700000000000000}, 0x0)

[   50.671535][ T5242] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.672793][ T5340] syz-executor.2[5340] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.674184][ T5242] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.674447][ T5340] syz-executor.2[5340] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   50.679533][ T5242] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.687948][ T5242] bridge0: port 2(bridge_slave_1) entered forwarding state
executing program 0:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x0, &(0x7f0000000000), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

[   50.697540][ T5340] loop2: detected capacity change from 0 to 256
[   50.706497][ T5242] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.709304][ T5242] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.714624][ T5242] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.717493][ T5242] bridge0: port 2(bridge_slave_1) entered forwarding state
executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

executing program 2:
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'veth0_to_batadv\x00', &(0x7f0000000080)=@ethtool_sset_info})

executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080)="15", &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)

executing program 2:
ftruncate(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
quotactl$Q_QUOTAOFF(0xffffffff80000301, &(0x7f0000000340)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

executing program 2:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

executing program 2:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

[   50.918752][ T5259] 8021q: adding VLAN 0 to HW filter on device batadv0
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r3, @ANYBLOB="050036"], 0x40}, 0x4, 0x700000000000000}, 0x0)

[   50.962211][ T5261] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.993313][ T5259] veth0_vlan: entered promiscuous mode
executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

[   51.021758][ T5259] veth1_vlan: entered promiscuous mode
executing program 0:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x0, &(0x7f0000000000), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

[   51.029348][ T5373] loop2: detected capacity change from 0 to 256
[   51.029717][ T5261] veth0_vlan: entered promiscuous mode
[   51.042077][ T5261] veth1_vlan: entered promiscuous mode
[   51.054026][ T5259] veth0_macvtap: entered promiscuous mode
executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

[   51.059641][ T5259] veth1_macvtap: entered promiscuous mode
[   51.076235][ T5259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = getpgrp(0x0)
r3 = syz_pidfd_open(r2, 0x0)
r4 = pidfd_getfd(r3, r3, 0x0)
setns(r4, 0x14020000)

[   51.083767][ T5259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.088565][ T5259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.093720][ T5259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.098713][ T5259] batman_adv: batadv0: Interface activated: batadv_slave_0
[   51.105037][ T5259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

[   51.109569][ T5259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.113295][ T5259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.117520][ T5259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.122670][ T5259] batman_adv: batadv0: Interface activated: batadv_slave_1
[   51.131642][ T5261] veth0_macvtap: entered promiscuous mode
[   51.136665][ T5259] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.141034][ T5259] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.145109][ T5259] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.149840][ T5259] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.161262][ T5261] veth1_macvtap: entered promiscuous mode
[   51.168628][ T5381] loop2: detected capacity change from 0 to 256
[   51.191775][ T5261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.195357][ T5261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.199178][ T5261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   51.203481][ T5261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080)="15", &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)

[   51.209044][ T5261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x1, 0x219, &(0x7f0000000a40)="$eJzs3bFrE1EcB/BfbaulIOkgFEXwxMUpNBX3FKkgBhQlg04Wm6I0sWAgoEPr5j+h/4KOroKDuPoPiCBVcLFbByFSLzY2JjZSkxPz+Sz5kfe+d+9dQo4M996tk7XV5bX6ytbWZkxNjcVEMYqxPRYzcSjGI/UoAID/yXazGV+aqazHAgAMh/s/AIyePu//V4c4JABgwPz/B4DRc/3GzcsLpdLitSSZiqg9bpQb5fQ1bV9YibtRjUrMRS6+RjR3pfXFS6XFuWTHx5ko1zZa+Y1GeXxvvhC5mOmeLySpvfnJmG7l301HJeYjF8e65+e75g/H2TM/nT8fuXh7O9aiGsuxk23n1wtJcuFKqSN/5Hs/AAAAAAAAAAAAAAAAAAAAAAAYhHyyq+v6Pfl8r/Y03//6QJ3r80zEiYls5w4AAAAAAAAAAAAAAAAAAAD/ivqDh6tL1Wrl/u+Ke2+evdqvT5/FWOu8Bz3OwYujpz886dVn/M+uz98tXp7K8rL0WbzevHP8XH32fGbDmIyIX9/p+dX6nIsY0HieZ/pZ/Jj1vp1nnxaXXqy//9TvkYf+UwQAAAAAAAAAAAAAAAAAACOv/dBvZ4vN+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHe39/wdXZD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FgAA///4/J3P")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000180)='./file0\x00')

[   51.214577][ T5261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.219558][ T5261] batman_adv: batadv0: Interface activated: batadv_slave_0
executing program 0:
ftruncate(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

[   51.251031][ T5261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.255438][ T5261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.259373][ T5261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.262792][ T5261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.266124][ T5261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   51.270211][ T5261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   51.274611][ T5261] batman_adv: batadv0: Interface activated: batadv_slave_1
[   51.292927][ T5261] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.294312][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.296133][ T5261] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.299802][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x90)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'syztnl1\x00', 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
get_robust_list(r0, &(0x7f00000003c0)=&(0x7f0000000380)={&(0x7f0000000100)={&(0x7f00000000c0)}, 0x0, &(0x7f0000000340)={&(0x7f0000000280)}}, &(0x7f0000000400)=0x18)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000440)='bfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
munlockall()

[   51.303437][ T5261] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.309448][ T5261] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.329395][ T5387] loop2: detected capacity change from 0 to 256
[   51.337537][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.340652][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   51.376946][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.388411][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 1:
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
open(&(0x7f0000002000)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc097fce47d85272036dc78388e3dc177e9b496", "b732676c181c2082669dd06388bd49bd03e6bbc2ebce21aa45a7fea6180766b9"})
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

executing program 2:
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1a0cc10, &(0x7f00000059c0)=ANY=[], 0x1, 0x559f, &(0x7f0000000400)="$eJzs3M2LG2UYAPBnkm6/rYt48NaBIuxCE5rtB3qyaosf2FL8OHjSbJKGtElm2aTp2lMPHsWD/4koePLo3+BBj3oTD4o3oZKZWWn6/ZFmtf39YPLMPHnzzPsOYeGZWRLAM2s5/euPJA7FvoioRsTBJPL9pNwirkecLsa+FBGHI6Jy05aU+X8TuyNif0QcmhYvaiblW18dnRw5+fu7f37/455dB77+7qcdXTiwo16OiMFGsX91UMSsm4cb1TLfnPTyODgxKePGTI1BVuSvdtbzCleb2+OaeTzeLcZnG1dG03ix32xNY7d3Mc9vDIsTjibd7TrTD6SXmpv5cbuznsfeKMtj91px3q1rxd+2a6NxUadd1vssLx/j8XYs8p2tTrGejct5bA3HZb6om7U7W9M4KWN5umhl/XY+j/VHvcr/fe/1hle20klnc9TLhunJeuOVeuNUrbGZtTvjzolac9A+dSJd6fanw2rjTnNwuptl3X6n3soGq+lKt9WqNRrpypnOeq85TBuN+vH6sdrJ1XLvaPrW+Y/SfjtdmcY3esMr415/lF7MNtPiE6vpWv34q6vpkUb6wbkL6YX3z549d+HDT858fP71c++8WQ66bVrpytqxtbVa41htrbH6DK3/83LSD7H+5M7pX35+vMsGADyi2/r/uLX/D/0/MHf36P/j0n36/8Hl8vjJ9P9xx/6/Mtv/xzz7/2lLpf+/f/9b2YH+dyn0/w+8/upjfhvgId3lBtN97J77PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWLhfl755O99ZLo4PlPnnytQL5XESEZWIuHEH1dg9U7Na1lm6y/ilW+bwQxJ5hek59pTb/og4XW5/P/+krwIAAAA8vb69fvjLolsvXpZ3ekIsUnHTpnLw0znVSyJiafm3OVWrTF9enFOx/Pu9K7bmVC2/gbV3TsWKW2675lXtgVRnwt6bQlKEykKnAwAALMRsJ7DYLgQAAIBF+uKe7762sHmwYElsP8rcfhac/+d9xL7ygeC+mfcAAACA/6FkpycAAAAAPHF5/+/3/wAAAODpVvz+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7NxdrtJAFADg0/YW/I3E+O5WfINluAQffRQW4CZYAq7AxA2wBkx8cAcqGDojSRUSYltQ7vclnd6ZC2dOgZczbQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCF9rlezD+9evu8Y5uOPXTd/N+32rmPeAAAAcC9s6tWs+WOS+o/z+NM89Dz3i4goI+JY7V7FqBWzynHqE6+vf8vhU0QTYT8+zsejiHiVj+/Phv4UAAAA4HatF8tpqtZTk5cAvpz37m8DZsYFpEWb8snrnuIVEVFPvvYUrdw3Lw7debdo+9/3XbztnFXSLGA96ClYWnI78SDLqK9J2qrW6deVzJsvsemVw8wLAABcU7sS8Dg9AADA7Xpz7QS4hD9L++LQHO4zjtMp3xB82OoBAAAA/6Hi2gkAAAAAfaqODTb1/7+0/19h/z8AAADoXdr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCFt6tVsvVhOT/1/fmac7a6b/q4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAn+/OOAiEQBmGwd31nMvc/rDRoaGxSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs27FvG1UYAPDPvthtCogQUCQCKEgdYKGpW1o6ghAoYuBPQIpSpwRSCm0GWkWULGwocxcEI0JIoLDlf+jcSF3K1iFDkJgYgu5855xjQ6MSnU39+0nP77vn67vvzlaV794ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjsvhMv1/M4SV+mOnExdm9vfSntdw71qe3N+7NpS+NaxXmPnonDA6+UN+ZmKk0GAACAMZUU9f3bB2P1qaz+b3S3I+L7ZzpxUc8frvt39tZP5m/NFvX/b78+fKE76VSSHSeddHlltX22P5W+QnlcPPvIPSayK5/de0myD6T+wcbzu43seta+vXv3vWYWnqgiWwDgcZwp+jwo/h5K+9YwEwNgbEyUCu8Hja2FtE+mhpsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBV2N+KpIq5FxOzEQZza2VtfGtR/vXl/djtvF+/c2SzPmU7RiIjlldX22QrPZXQVV/PWp4urq+3rN25WHcxFxIC3bh/tnyd5+v+4TzMiekZOvzhgno+OcKxD8/QF+dczqr2Gk+n5PXLnWs9Ire+Cv7vfMYwvwPEFc/knMHifev7uSKR6zEHx3Tv+mSv8rwgAgLHQyFtaiT5obC2kY7XpiP0feuv/10px9NT9+7c7I53t7VL9//Dji/fKxyrX/62Kzu//YH7t6ufzN27eemPl6uKV9pX2Z2+ea73VOn/pwoVL89m9kvnlqLtjAgAAwH/QzFu5/q9P96//nyrF8S/r/+X6/4vvWl+Vj5Wo/wc6WPQbdiYAAADjqNmNnnv1zz9qA/aoNZvx5eLa2vVW57W7fa7zWmm6j+lE3sr1fzI97KwAAACAKuxu1HrW/y+X4jji+v/TP770c3nOJCImI65FRPvM0rXVy9Wdzkir4ofK2YGawz5TAAAAhmUyb+X1/0b2/H+9+8hDPSJePx3xV/4b/jhi/Z+8/81P5WOVn/8/X+lZjp76TOd6ZP1MxMTMsDMCAADgSXYyb2mx/3tja+GTX0592PT8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDV/g4AAP//kF4wGA==")
sched_setscheduler(0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
fstat(r0, &(0x7f0000000040))

[   51.424585][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.431012][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 3:
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000200)="593682c495498bfb35e8767e7aca174b9dfe9378addcbd00850a1c5bfb8dbddef33d5d2d59d0be4d96244847995be244b377846a54217fbc49190ea80bb31bc70c944dc00afb4fc2", 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x2, 0x3, 0xff)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$key(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}}, 0x0)

[   51.477210][ T5391] loop1: detected capacity change from 0 to 4096
[   51.518292][ T5397] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
writev(r2, &(0x7f0000000800)=[{&(0x7f0000000a40)="c03601e08ce091c1cb9b6c870b5712c18dcf", 0x12}], 0x1)

executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='map_files\x00')
fchdir(r2)

executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
setpgid(0xffffffffffffffff, 0x0)

[   51.627051][ T5391] loop1: detected capacity change from 4096 to 0
[   51.628651][ T5397] segctord: attempt to access beyond end of device
[   51.628651][ T5397] loop1: rw=2049, sector=132, nr_sectors = 30 limit=0
[   51.634715][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=66, block-count=15) in segment 1
[   51.646594][ T5391] syz-executor.1: attempt to access beyond end of device
[   51.646594][ T5391] loop1: rw=0, sector=90, nr_sectors = 2 limit=0
[   51.651838][ T5391] NILFS (loop1): I/O error reading meta-data file (ino=3, block-offset=130)
executing program 3:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r3, @ANYBLOB="050036"], 0x40}, 0x4, 0x700000000000000}, 0x0)

executing program 1:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x0, &(0x7f0000000000), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0xf)

[   51.667406][ T5397] segctord: attempt to access beyond end of device
[   51.667406][ T5397] loop1: rw=2049, sector=256, nr_sectors = 32 limit=0
[   51.671832][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x4c, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

[   51.740659][ T5396] loop2: detected capacity change from 0 to 40427
[   51.749060][ T5396] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   51.751755][ T5396] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   51.758573][ T5396] F2FS-fs (loop2): invalid crc value
[   51.763530][ T5396] F2FS-fs (loop2): Found nat_bits in checkpoint
[   51.776129][  T111] 
[   51.776994][  T111] ======================================================
[   51.779746][  T111] WARNING: possible circular locking dependency detected
[   51.782641][  T111] 6.10.0-rc2-syzkaller-00022-g32f88d65f01b #0 Not tainted
[   51.787184][  T111] ------------------------------------------------------
[   51.789468][  T111] kswapd0/111 is trying to acquire lock:
[   51.789582][ T5396] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   51.791338][  T111] ffff88801dd16610
[   51.793594][ T5396] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   51.794866][  T111]  (sb_internal#2){.+.+}-{0:0}, at: nilfs_evict_inode+0x157/0x550
[   51.799859][  T111] 
[   51.799859][  T111] but task is already holding lock:
[   51.802285][  T111] ffffffff8dd3a9a0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0x166/0x1970
[   51.805474][  T111] 
[   51.805474][  T111] which lock already depends on the new lock.
[   51.805474][  T111] 
[   51.808774][  T111] 
[   51.808774][  T111] the existing dependency chain (in reverse order) is:
[   51.811644][  T111] 
[   51.811644][  T111] -> #2 (fs_reclaim){+.+.}-{0:0}:
[   51.814300][  T111]        fs_reclaim_acquire+0x102/0x160
[   51.816804][  T111]        prepare_alloc_pages.constprop.0+0x155/0x560
[   51.819577][  T111]        __alloc_pages_noprof+0x194/0x2460
[   51.822071][  T111]        alloc_pages_mpol_noprof+0x275/0x610
[   51.824320][  T111]        folio_alloc_noprof+0x1e/0xc0
[   51.826435][  T111]        filemap_alloc_folio_noprof+0x3ba/0x490
[   51.829055][  T111]        __filemap_get_folio+0x51e/0xa80
[   51.831413][  T111]        pagecache_get_page+0x2c/0x250
[   51.833678][  T111]        block_write_begin+0x38/0x4a0
[   51.835943][  T111]        nilfs_write_begin+0x9f/0x1a0
[   51.838188][  T111]        page_symlink+0x356/0x450
[   51.840277][  T111]        nilfs_symlink+0x23c/0x3c0
[   51.842413][  T111]        vfs_symlink+0x3e8/0x660
[   51.844450][  T111]        do_symlinkat+0x263/0x310
[   51.846531][  T111]        __ia32_sys_symlink+0x78/0xa0
[   51.848733][  T111]        __do_fast_syscall_32+0x73/0x120
[   51.851116][  T111]        do_fast_syscall_32+0x32/0x80
[   51.853317][  T111]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   51.856085][  T111] 
[   51.856085][  T111] -> #1 (&nilfs->ns_segctor_sem){++++}-{3:3}:
[   51.859361][  T111]        down_read+0x9a/0x330
[   51.861008][  T111]        nilfs_transaction_begin+0x326/0xa40
[   51.863017][  T111]        nilfs_create+0xb7/0x320
[   51.864723][  T111]        lookup_open.isra.0+0x10a1/0x13c0
[   51.866636][  T111]        path_openat+0x92f/0x29f0
[   51.868325][  T111]        do_filp_open+0x1dc/0x430
[   51.870094][  T111]        do_sys_openat2+0x17a/0x1e0
[   51.871821][  T111]        __ia32_compat_sys_open+0x147/0x1e0
[   51.873811][  T111]        __do_fast_syscall_32+0x73/0x120
[   51.875718][  T111]        do_fast_syscall_32+0x32/0x80
[   51.877517][  T111]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   51.879828][  T111] 
[   51.879828][  T111] -> #0 (sb_internal#2){.+.+}-{0:0}:
[   51.882407][  T111]        __lock_acquire+0x2478/0x3b30
[   51.884211][  T111]        lock_acquire+0x1b1/0x560
[   51.885977][  T111]        nilfs_transaction_begin+0x21b/0xa40
[   51.888026][  T111]        nilfs_evict_inode+0x157/0x550
[   51.889869][  T111]        evict+0x2ed/0x6c0
[   51.891434][  T111]        iput.part.0+0x5a8/0x7f0
[   51.893115][  T111]        iput+0x5c/0x80
[   51.894546][  T111]        dentry_unlink_inode+0x295/0x480
[   51.896437][  T111]        __dentry_kill+0x1d0/0x600
[   51.898189][  T111]        shrink_dentry_list+0x140/0x5d0
[   51.900053][  T111]        prune_dcache_sb+0xeb/0x150
[   51.901970][  T111]        super_cache_scan+0x32a/0x550
[   51.903810][  T111]        do_shrink_slab+0x44f/0x11c0
[   51.906118][  T111]        shrink_slab+0xa87/0x1310
[   51.908331][  T111]        shrink_one+0x493/0x7c0
[   51.910337][  T111]        lru_gen_shrink_node+0x89f/0x1750
[   51.912208][  T111]        balance_pgdat+0x1105/0x1970
[   51.914436][  T111]        kswapd+0x5ea/0xbf0
[   51.916408][  T111]        kthread+0x2c1/0x3a0
[   51.918422][  T111]        ret_from_fork+0x45/0x80
[   51.920469][  T111]        ret_from_fork_asm+0x1a/0x30
[   51.922204][  T111] 
[   51.922204][  T111] other info that might help us debug this:
[   51.922204][  T111] 
[   51.925950][  T111] Chain exists of:
[   51.925950][  T111]   sb_internal#2 --> &nilfs->ns_segctor_sem --> fs_reclaim
[   51.925950][  T111] 
[   51.931022][  T111]  Possible unsafe locking scenario:
[   51.931022][  T111] 
[   51.934215][  T111]        CPU0                    CPU1
[   51.936430][  T111]        ----                    ----
[   51.938737][  T111]   lock(fs_reclaim);
[   51.940418][  T111]                                lock(&nilfs->ns_segctor_sem);
[   51.943690][  T111]                                lock(fs_reclaim);
[   51.946520][  T111]   rlock(sb_internal#2);
[   51.948443][  T111] 
[   51.948443][  T111]  *** DEADLOCK ***
[   51.948443][  T111] 
[   51.951910][  T111] 2 locks held by kswapd0/111:
[   51.954005][  T111]  #0: ffffffff8dd3a9a0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0x166/0x1970
[   51.957923][  T111]  #1: ffff88801dd160e0 (&type->s_umount_key#55){.+.+}-{3:3}, at: super_cache_scan+0x96/0x550
[   51.962231][  T111] 
[   51.962231][  T111] stack backtrace:
[   51.964573][  T111] CPU: 3 PID: 111 Comm: kswapd0 Not tainted 6.10.0-rc2-syzkaller-00022-g32f88d65f01b #0
[   51.967761][  T111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   51.971373][  T111] Call Trace:
[   51.972801][  T111]  <TASK>
[   51.973813][  T111]  dump_stack_lvl+0x116/0x1f0
[   51.975374][  T111]  check_noncircular+0x31a/0x400
[   51.977000][  T111]  ? __pfx_check_noncircular+0x10/0x10
[   51.978779][  T111]  ? add_lock_to_list+0x17d/0x380
[   51.980557][  T111]  __lock_acquire+0x2478/0x3b30
[   51.982584][  T111]  ? __pfx___lock_acquire+0x10/0x10
[   51.984668][  T111]  ? hlock_class+0x4e/0x130
[   51.986563][  T111]  ? __lock_acquire+0x14f4/0x3b30
[   51.988594][  T111]  lock_acquire+0x1b1/0x560
[   51.990505][  T111]  ? nilfs_evict_inode+0x157/0x550
[   51.992583][  T111]  ? __pfx_lock_acquire+0x10/0x10
[   51.994575][  T111]  ? __pfx___might_resched+0x10/0x10
[   51.996568][  T111]  nilfs_transaction_begin+0x21b/0xa40
[   51.998389][  T111]  ? nilfs_evict_inode+0x157/0x550
[   52.000150][  T111]  nilfs_evict_inode+0x157/0x550
[   52.002074][  T111]  ? __pfx_nilfs_evict_inode+0x10/0x10
[   52.004176][  T111]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   52.006358][  T111]  ? __pfx_nilfs_evict_inode+0x10/0x10
[   52.008620][  T111]  evict+0x2ed/0x6c0
[   52.010244][  T111]  iput.part.0+0x5a8/0x7f0
[   52.012146][  T111]  iput+0x5c/0x80
[   52.013746][  T111]  dentry_unlink_inode+0x295/0x480
[   52.015737][  T111]  __dentry_kill+0x1d0/0x600
[   52.017438][  T111]  ? shrink_dentry_list+0x11a/0x5d0
[   52.019462][  T111]  shrink_dentry_list+0x140/0x5d0
[   52.021415][  T111]  prune_dcache_sb+0xeb/0x150
[   52.023032][  T111]  ? __pfx_prune_dcache_sb+0x10/0x10
[   52.024849][  T111]  super_cache_scan+0x32a/0x550
[   52.026342][  T111]  do_shrink_slab+0x44f/0x11c0
[   52.027884][  T111]  shrink_slab+0xa87/0x1310
[   52.029360][  T111]  ? shrink_slab+0x86a/0x1310
[   52.030943][  T111]  ? __pfx_shrink_slab+0x10/0x10
[   52.032579][  T111]  ? find_held_lock+0x2d/0x110
[   52.034240][  T111]  ? mem_cgroup_calculate_protection+0x45/0x500
[   52.036420][  T111]  shrink_one+0x493/0x7c0
[   52.037016][ T4642] Bluetooth: hci0: command tx timeout
[   52.038111][  T111]  ? lru_gen_shrink_node+0x885/0x1750
[   52.040266][ T4642] Bluetooth: hci1: command tx timeout
[   52.042239][  T111]  lru_gen_shrink_node+0x89f/0x1750
[   52.046051][  T111]  ? lru_gen_shrink_node+0x622/0x1750
[   52.047829][  T111]  ? __pfx_lru_gen_shrink_node+0x10/0x10
[   52.049750][  T111]  ? pgdat_balanced+0x1b2/0x210
[   52.051791][  T111]  balance_pgdat+0x1105/0x1970
[   52.053843][  T111]  ? __pfx_balance_pgdat+0x10/0x10
[   52.055969][  T111]  ? __pfx___lock_acquire+0x10/0x10
[   52.057838][  T111]  ? lock_acquire+0x1b1/0x560
[   52.059422][  T111]  ? __pfx___might_resched+0x10/0x10
[   52.061390][  T111]  kswapd+0x5ea/0xbf0
[   52.062737][  T111]  ? __pfx_kswapd+0x10/0x10
[   52.064305][  T111]  ? __pfx_autoremove_wake_function+0x10/0x10
[   52.066378][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[   52.068182][  T111]  ? __kthread_parkme+0x148/0x220
[   52.069938][  T111]  ? __pfx_kswapd+0x10/0x10
[   52.071903][  T111]  kthread+0x2c1/0x3a0
[   52.073690][  T111]  ? _raw_spin_unlock_irq+0x23/0x50
[   52.075933][  T111]  ? __pfx_kthread+0x10/0x10
[   52.077913][  T111]  ret_from_fork+0x45/0x80
[   52.079772][  T111]  ? __pfx_kthread+0x10/0x10
[   52.081695][  T111]  ret_from_fork_asm+0x1a/0x30
[   52.083742][  T111]  </TASK>
[   52.087696][ T5397] segctord: attempt to access beyond end of device
[   52.087696][ T5397] loop1: rw=2049, sector=256, nr_sectors = 32 limit=0
[   52.092763][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   52.176817][ T5419] loop3: detected capacity change from 0 to 256
[   52.294195][ T5424] loop2: detected capacity change from 0 to 256
[   52.676965][ T5228] Bluetooth: hci3: command tx timeout
[   54.117042][ T5228] Bluetooth: hci1: command tx timeout
[   54.117393][ T4642] Bluetooth: hci0: command tx timeout
[   54.578427][ T5259] syz-executor.1: attempt to access beyond end of device
[   54.578427][ T5259] loop1: rw=395265, sector=4088, nr_sectors = 2 limit=0
[   54.583046][ T5259] Buffer I/O error on dev loop1, logical block 2044, lost sync page write
[   54.586309][ T5259] NILFS (loop1): unable to write superblock: err=-5
[   54.589252][ T5259] syz-executor.1: attempt to access beyond end of device
[   54.589252][ T5259] loop1: rw=395265, sector=2, nr_sectors = 2 limit=0
[   54.594489][ T5259] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   54.598566][ T5259] NILFS (loop1): unable to write superblock: err=-5
[   54.601983][ T5397] segctord: attempt to access beyond end of device
[   54.601983][ T5397] loop1: rw=2049, sector=256, nr_sectors = 32 limit=0
[   54.606209][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.609977][ T5397] segctord: attempt to access beyond end of device
[   54.609977][ T5397] loop1: rw=2049, sector=256, nr_sectors = 32 limit=0
[   54.614202][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.618027][ T5397] segctord: attempt to access beyond end of device
[   54.618027][ T5397] loop1: rw=2049, sector=256, nr_sectors = 32 limit=0
[   54.622254][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.625783][ T5397] segctord: attempt to access beyond end of device
[   54.625783][ T5397] loop1: rw=2049, sector=256, nr_sectors = 32 limit=0
[   54.630158][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.633840][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.634964][   T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.637360][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.645340][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.649033][ T5397] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.653061][ T5259] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.657470][ T5259] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.661429][ T5259] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.665658][ T5259] NILFS (loop1): I/O error writing log (start-blocknr=128, block-count=16) in segment 2
[   54.669676][ T5259] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[   54.673178][ T5259] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[   54.676202][ T5259] NILFS (loop1): unable to write superblock: err=-5
[   54.757080][ T4642] Bluetooth: hci3: command tx timeout
[   56.846881][ T4642] Bluetooth: hci3: command tx timeout
[   56.993585][   T61] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.054882][   T61] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.111406][   T61] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.187790][   T61] bridge_slave_1: left allmulticast mode
[   57.189822][   T61] bridge_slave_1: left promiscuous mode
[   57.191903][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.195526][   T61] bridge_slave_0: left allmulticast mode
[   57.197989][   T61] bridge_slave_0: left promiscuous mode
[   57.199959][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.353789][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   57.359726][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   57.364810][   T61] bond0 (unregistering): Released all slaves
[   57.661200][   T61] hsr_slave_0: left promiscuous mode
[   57.663502][   T61] hsr_slave_1: left promiscuous mode
[   57.665985][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   57.672128][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[   57.675024][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   57.677632][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[   57.683470][   T61] veth1_macvtap: left promiscuous mode
[   57.685397][   T61] veth0_macvtap: left promiscuous mode
[   57.687628][   T61] veth1_vlan: left promiscuous mode
[   57.689447][   T61] veth0_vlan: left promiscuous mode
[   57.870260][   T61] team0 (unregistering): Port device team_slave_1 removed
[   57.893772][   T61] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
09:38:52  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000000 RBX=ffffc900073374a8 RCX=ffffc9000312b000 RDX=1ffff92000e66e97
RSI=ffffffff813c7352 RDI=ffffc900073374a8 RBP=ffffc90007337ee8 RSP=ffffc900073373e0
R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000001 R11=dffffc0000000000
R12=ffffc900073374b0 R13=ffffc900073374b8 R14=ffffc90007330000 R15=0000000000000001
RIP=ffffffff813c7390 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005640e3b9f000 CR3=0000000011d5e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000044000001 Opmask01=000000000000001f Opmask02=000000000000ffdf Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff6ec6bf70 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 48b817a64ac96e6d 00000005640e3a9f 0000000000000231 000000302f716d00
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 000000000036316c 6c696b66722f3031 7968702f31313230
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3832383a264c3f38 3a264e3f383a2648 3f383a264b3f383a 264b3e383a263e3e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88802c346360 RCX=ffffffff818254fb RDX=ffff888015fa0000
RSI=ffffffff818254d5 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900003f7910
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed1005868c6d R13=0000000000000001 R14=ffff88802c346368 R15=ffff88802c13fdc0
RIP=ffffffff818254d7 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005640e3a94d18 CR3=000000000d97a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 40837e857480f922
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3f9b9d3fee0d23e0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000005 0000000000bffce2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000260f9b0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000005 0000000000bffce7
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000260f9ae
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000c0252f
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000260f9ab
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000bfd294
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000260f9ac
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000006 0000000000c02535
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000260f9aa
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000bfe1a1
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000032e7c RBX=0000000000000002 RCX=ffffffff8adc8c59 RDX=ffffed1005846fe6
RSI=ffffffff8b8fbf20 RDI=ffffffff816712bc RBP=ffffed1002c79000 RSP=ffffc90000487e08
R8 =0000000000000000 R9 =ffffed1005846fe5 R10=ffff88802c237f2b R11=ffffffff8b2e3dc0
R12=0000000000000002 R13=ffff8880163c8000 R14=ffffffff8fe2c090 R15=0000000000000000
RIP=ffffffff8adca04f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f5f40000 CR3=000000000d97a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84f9c735 RDI=ffffffff94d5f0c0 RBP=ffffffff94d5f080 RSP=ffffc900010f6bf8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e30312e36
R12=0000000000000000 R13=0000000000000074 R14=ffffffff84f9c6d0 R15=0000000000000000
RIP=ffffffff84f9c75f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f73ae3dc CR3=0000000053576000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000