last executing test programs:

8m51.16160644s ago: executing program 0 (id=159):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x3, 0x1d}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x10, 0x1, r0, 0x0, &(0x7f00000005c0)={&(0x7f0000000240)=@can, 0x80, &(0x7f0000001b40)=[{&(0x7f0000000640)=""/248, 0xf8}, {&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000000100)=""/2, 0x2}, {&(0x7f0000001740)=""/202, 0xca}, {&(0x7f0000001840)=""/122, 0x7a}, {&(0x7f00000018c0)=""/142, 0x8e}, {&(0x7f0000001980)=""/176, 0xb0}, {&(0x7f0000001a40)=""/219, 0xdb}], 0x8, &(0x7f0000003000)=""/4096, 0x1000}, 0x0, 0x0, 0x1, {0x3}})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

8m50.623348111s ago: executing program 0 (id=162):
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80c2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x641, 0x0)
flock(r0, 0x2)
fcntl$lock(r0, 0x6, &(0x7f0000000740)={0x1})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b0000000", @ANYRES16=r2, @ANYBLOB="05000cdb6eaebc3189589b00000008000300", @ANYRES32=r3, @ANYBLOB="6a000e008000000008021100000108021100000008021100000000000000000000000000a8010100040603077f00fc00050302690525030024042a01012d1a000301080000000000000002000200130000000600000000000c710700000000010608760609027fffe9000000080026006c09000008000c006400000008000d000000000010005a80"], 0xb0}}, 0x0)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0xc08, 0x3, 0x440, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3a8, 0x3c8, 0x3c8, 0x3a8, 0x3c8, 0x3, 0x0, {[{{@ip={@multicast2, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}, {0x4}, {}, {}, {0x0, 0x0, 0x5e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0x0, 0x4}, {}, {0x4, 0x8}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x7f}, {0x0, 0x4}, {}, {}, {}, {0xfffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}]}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4a0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r5, &(0x7f00000027c0)={0x2020}, 0x2020)

8m49.50401886s ago: executing program 0 (id=164):
r0 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000180))
connect$unix(r0, &(0x7f0000001000)=@file={0x1, './file0\x00'}, 0x6e)
r1 = fsopen(&(0x7f00000000c0)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000001080)=ANY=[@ANYBLOB="18000000000000a23a8901000000010095cab30000000000526aefc321a449b82149a4c29fa34b"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000010c0)={&(0x7f0000001100)='ext4_ext_handle_unwritten_extents\x00', r2, 0x0, 0xfffffffffffffffb}, 0x18)
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x2000490, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRES8=0x0], 0x11, 0x489, &(0x7f00000009c0)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x419, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x2}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
eventfd2(0x4, 0x1)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000013c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x0, 0x178, 0x394, 0x0, 0x178, 0x2c8, 0x258, 0x258, 0x2c8, 0x258, 0x3, 0x0, {[{{@ipv6={@loopback={0x1f0}, @mcast2, [], [], 'team_slave_0\x00', 'netpci0\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "fc6b061134c5d5c8465af5f5caa5bd6c0dde77ff83daa984c0d76167e0608dcaa2caff7bd9c5923cccd5b483df8124249f91b8c3c2cea9bed64dc935a975401a68e34a04c1f15e50050729ba985e8c1576994e350d93a782668d4d51a1bc76bba1fde09794922ae65a804c56f092e430ebb8fa892d671c8c8035cae06810f8c6", 0x20}}, @common=@unspec=@addrtype1={{0x28}, {0xa}}]}, @common=@inet=@SET2={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'wg2\x00', 'hsr0\x00'}, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "08db"}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000000000000000000007000000440c59e1ac14142e00a045558ecabc9e64000000000000000000000001000000f9ffffff00000000"], 0x38}, 0x20000040)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), r4)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x20006804)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
tkill(0x0, 0xb)

8m47.211541867s ago: executing program 0 (id=170):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
acct(&(0x7f0000000000)='./file0/file1\x00')
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETENCODER(r5, 0xc01464a6, &(0x7f00000000c0))
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r6, 0x40045010, &(0x7f0000000040)=0x9)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x5c, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x45, 0x11, 0x0, 0x1, [@generic="2fe5af660e49035a45f4bfb9f42cf4a03da9dc13dd24291214b225a0c4824cdc01eaf173584a4f8ccf2725ddc31c46bf937bd001977f139508a3576fb87176ca80"]}]}, 0x5c}], 0x1}, 0x0)

8m45.532114328s ago: executing program 0 (id=176):
syz_open_dev$vim2m(0x0, 0x2000000000000005, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x44804)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000300)=@urb_type_interrupt={0x1, {0x3}, 0x8, 0xc5, &(0x7f0000002580)="d6d0f98eb439d08d80e00f261b94238ebba2a496ee196f94364a4ec3f7027d16fedb92e1fb4dcfebf18e9e494ea541acde80f4740bc61a2d00aa425bd60a9274dee98f", 0x43, 0xa, 0x8, 0x0, 0x7, 0x69, 0x0})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xc9)
syz_genetlink_get_family_id$nbd(0x0, r3)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), r5)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r6, 0x701, 0x0, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xb, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x2, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0xb, 0x2, 0xd9a, 0xd, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0xffffffff]}})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

8m41.026157652s ago: executing program 0 (id=183):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x2c, 0x0, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x2c}}, 0x20000000)
r4 = dup(r2)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r4, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

8m39.796382058s ago: executing program 32 (id=183):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x2c, 0x0, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x2c}}, 0x20000000)
r4 = dup(r2)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r4, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

6m12.348629564s ago: executing program 4 (id=487):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140)="ed", 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xde6bb34ddff9ed59, &(0x7f00000007c0)={0x8000000008, 0x7}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0xfe6a)
r3 = userfaultfd(0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r5 = accept4(r4, 0x0, 0x0, 0x0)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
write(r5, &(0x7f0000000040)="cb", 0xfffffdef)
madvise(&(0x7f0000033000/0x4000)=nil, 0x4000, 0x17)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x40000, 0x0)
r7 = gettid()
timer_create(0x9, &(0x7f00000001c0)={0x0, 0x4002e, 0x800000000007, @tid=r7}, &(0x7f0000000200))
r8 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, &(0x7f0000000080)={'pcmmio\x00', [0x10d, 0xd, 0x1, 0x1000, 0x0, 0x1, 0x1, 0x4000000f, 0x1000, 0x1, 0x9, 0x5, 0x6, 0x8, 0x7ffdffff, 0x6, 0xffffffa7, 0x4cbc, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x4e2df, 0x9, 0x1, 0x4, 0x7, 0x2, 0x7, 0x5, 0x7]})
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000001780)=""/4104, 0x1008}], 0x1)
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r9 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r9, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r5, &(0x7f0000000d80)=[{{&(0x7f0000000e80)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000640)='\'', 0x1}], 0x1, 0x0, 0x0, 0x880}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000280)="4235e3256bbf6125fe69bb2155629aaa102b3bec71d403ba2b40332366f2ff75fb1309ff061004500fde8eb930b81073eaa256ea174d3791bdf646a07a40ee72", 0x40}, {0xfffffffffffffffe}, {&(0x7f0000000340)="122d3879735556f4bdc71f9298da73905c0b3b5381b540f5d1f64aca92a1e894fe8eb1391da3444641bd3aa596390bbbebef63e4d4c994795b874a0164ca551fac9617afcb5c1ca437d521a07a8e0dc9c5bcec60f1060234765da0ab22e5bcabb40b97b807131466b97cb00d0bd2b58c681b06312732140151abbe9798e4d199f783edbe2de73fa3e5f42c477298f4bdaa6d0568013ac6abe9aa0a91f7816c14090044d1b55c01719708aa0dcf8123f1f3cbdde13140d62d0349b6e9dcfdd262fa2d45bc6f0299b78954d26c509fb5b7f03e3329f3a473fd3a5c1bb387", 0xdd}, {&(0x7f0000000440)="9c3678f7536c34908ece0dfce4c43b02fe07600648045127ef845cda256807ade45a0509edeecb7c4146d91e324992ffa28545b22c18671f233a9de7a71d0ba1e2e92723ef06364051ace6117c2224ad8a1cde237f85e12800cff37809fae16970bd2c01c7e62a052b11c1e717aacb34f71bae7e98b0b036d2d9e4fce4734baf54742e026b2ccee3ba287303469427235928e6bb8c46ac8432b2", 0x9a}], 0x4, 0x0, 0x0, 0x4001}}, {{&(0x7f0000000680)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000580)="5f20d04a4f78a824ab0be5b52036b9d4e68e46e7d7958c7a1230fc7de22953ccd9b3c80b07b425ba0ad4b8308ab2377ab51056f86aad935cae02fac80264391cd5", 0x41}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0001000030000000000000000100001901000000d1cd3b3e4085285e3bff402ba847e2b38bc32bfe0853e8fb1d5678d487dc68033702d7438f1b765ea10f5c7367632edcf3796c4cef7096ff5ad9f42768eb7938a83fbddd49feb72188b6f29ea414754a96ab0c2d53fb4fff44a8203f0e0201e9b75c09dd3278302f98fafea289a7b47435441a7a2a2b8ccc9a8203372b677d9a9492ccdd", @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r6, @ANYRES32=r6, @ANYRES32=r4, @ANYRES32, @ANYRES32=r9, @ANYBLOB="2c000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r9, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32=r6, @ANYRES32=r0, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r5, @ANYRES32=r2, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r6, @ANYRES32=r0, @ANYRES32=r8, @ANYRES32, @ANYRES32=r1, @ANYBLOB="2c000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r5, @ANYRES32=r2, @ANYRES32=r6, @ANYRES32=r9, @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00'], 0x130, 0x800}}], 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)

6m6.640091738s ago: executing program 4 (id=502):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000001c0)={0x73622a85, 0x8, 0x3})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
io_uring_setup(0x1d06, &(0x7f0000000440)={0x0, 0x903, 0x10000, 0x0, 0x36d})
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private=0xa010101, @in=@loopback, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0xa0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x20000000000000}, 0x0, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x6c}, 0x0, @in6=@remote, 0x0, 0x1, 0x0, 0x4, 0x0, 0x2}}, 0xe8)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x20000023896)
ioctl$TIOCSERGETLSR(r2, 0x5459, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x701000, 0x1)
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendto$inet6(r5, &(0x7f0000000300)="e138230dd5337feb03b32b68280040c6620bf2b2a231d3ec7e366665f2b574765c341232c6b012b9ab45ea1e42f172ce272745fae29805e601a96c7e879c9508f82535bf02487d39dacf450329a87aa7acc1b9a95b52c8191b4db209a4503697714408d006ab08383f600f5cdad60b9414529d24382d59d4228f8286f5af5de71bc00203fa6231009ef4223ebb9ab2064157ef45dab04a20be37d34708a044074b9a8fccb17b835563fe500186e78975e4ac5be4d9777a6ef42eadf00fc658cac36203edfc05928a917f8c16b3a25d9fc312e574d6084e7322ea4a40f882e16f081088c1cbfe497fadde98469574", 0xee, 0x4041, &(0x7f0000000400)={0xa, 0x4e24, 0x0, @remote, 0x3}, 0x1c)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002801400088008"], 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmmsg$inet(r6, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
open_tree(r4, &(0x7f0000000280)='./control\x00', 0x901)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
syz_read_part_table(0x105f, &(0x7f0000000000)="$eJzsz8EtBXEUxeHfm/F/GWJBogodWEksdKAGZXi2YqcLC4WpgRBGQgVYfN/mJPee3OTGn1qm7j/y+aReqtt6eG1attWoMeZans6OD9f63XV1flpvc1O79n6cuhzVQRfVzedg0+5rtX+05va7Pbepq8dfehMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/rX3AAAA//+dFAtr")

6m2.632040489s ago: executing program 4 (id=512):
r0 = accept$unix(0xffffffffffffffff, &(0x7f0000000f80)=@abs, 0x0)
connect$unix(r0, &(0x7f0000001000)=@file={0x1, './file0\x00'}, 0x6e)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000001080)=ANY=[@ANYBLOB="18000000000000a23a8901000000010095cab300"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000010c0)={0x0, r2, 0x0, 0xfffffffffffffffb}, 0x18)
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x2000490, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRES8=0x0], 0x11, 0x489, &(0x7f00000009c0)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x419, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x2}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
eventfd2(0x4, 0x1)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000013c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x398, 0x0, 0x178, 0x394, 0x0, 0x178, 0x2c8, 0x258, 0x258, 0x2c8, 0x258, 0x3, 0x0, {[{{@ipv6={@loopback={0x1f0}, @mcast2, [], [], 'team_slave_0\x00', 'netpci0\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "fc6b061134c5d5c8465af5f5caa5bd6c0dde77ff83daa984c0d76167e0608dcaa2caff7bd9c5923cccd5b483df8124249f91b8c3c2cea9bed64dc935a975401a68e34a04c1f15e50050729ba985e8c1576994e350d93a782668d4d51a1bc76bba1fde09794922ae65a804c56f092e430ebb8fa892d671c8c8035cae06810f8c6", 0x20}}, @common=@unspec=@addrtype1={{0x28}, {0xa}}]}, @common=@inet=@SET2={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'wg2\x00', 'hsr0\x00'}, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "08db"}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000000000000000000007000000440c59e1ac14142e00a045558ecabc9e64000000000000000000000001000000f9ffffff00000000"], 0x38}, 0x20000040)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), r4)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x20006804)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)

5m59.844493635s ago: executing program 4 (id=518):
r0 = socket(0xa, 0x3, 0xff)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x504, &(0x7f0000002580)="$eJzs3c9rXFsdAPDvzCR5SZtn33uKvFfBFirUHzSTH0gTFcSVuiiIBTcKNSbTWDPphMykNqFgqrsuXIiiIC7c+xe4sStLQVwrbl1Ji9YIVSpcmTtz00kyk041mfHlfj4wnXvnTOd7ziTfkzPnnjs3gNy62PynEDEZEb+PiHOt3f1PuNi62312b6l5K0SSXP9rIX1ecz97avb/zkbETkSMR8RXvxjxrcLhuPWt7dXFarWy0d4vN9bWy/Wt7Su31hZXKiuV2zPzVxcW5qfnZheOra0PfvidB9d+/eWxXz3/wZNHP/rtb5rVmmyXdbbjOLWaPhpvdzw2EhGfO4lgQ1Bqt2di2BXhv9L8+X0wIi6l+X8uSulPsz8vTrRmwElLkiT5d/JGr+KdBDi1iukYuFCciojWdrE4NdUaw38ozhSrtXrjUzdrm7eXW2Plt2K0ePNWtTLd/qzwVowWmvsz6fbL/dkD+3MR6Rj4x6WJdH9qqVZdHmxXBxxw9kD+/6PUyn8gJ/r/yA+cNvIf8kv+Q37Jf8gv+Q/5Jf8hv+Q/5Jf8h/yS/5Bfnfmfncj15pDqAgzWUX//xwZYD2CgvnLtWvOWZOe/L9/Z2lyt3bmyXKmvTq1tLk0t1TbWp1ZqtZX0nJ21V71etVZbn/l0bN4tNyr1Rrm+tX1jrbZ5u3EjPa//RmV0IK0C+vH2hYd/LETEzmcm0lt0/MmXq3C6JUkhhn0OMjAcpWF3QMDQOPQH+fUan/F7fkkY8P7W5St694yf7Vn0+Vg/keoAA1A8qvDF48FVBBi4y+85/gd5Zf4f8sv8P+TXK8b4hgeQA0fN/0f7Wn5d9Tv///z16gOcvCPn/4FTbbLL9b+SJPnemx3X7pqOiA9ExB9Ko29k1/oCToPiXwrt8f/lcx+bPFg6VvhnOgcwFhHf/fn1n95dbDQ2ZpqP/23v8cbP2o/PDqP+QG/7Z/iyPM3yGADIr91n95ay2yDjPv1CaxHC4fgj7bnJ8XQEc2a3sG+tQuGY1i7s3I+Id7vFL7Svd9468nFmt3Qo/jvt+0LrJdL6jqTXTR9M/Pc64n+0I/75//ldgXx42Ox/prvlXzHN6djLv/39z+QxrY/O+r9szXVn/Kz/K/Xo/y70GePbv/h+t8O76WLvp/cjznftf7N442msg/GbdbvcZ/wn3/jah3uVJb9svU63+JnmVrmxtl6ub21fuZXVYv7qwsL89NzsQjmdoy5nM9WHffbd3z3qFb/Z/rYe7f/TofZPtOv0iT7b/6+PPP76xSPif/xS99+/d9L7A+9/kuzV4ZN9xv/77J+/2ausGX+5x/tf7BY/stKIuT7j13/yJecOA8D/kfrW9upitVrZ6LIx2rvIhg0bg94YiQEGfVXPsTOYDgo4MS+Tftg1AQAAAAAAAAAAAPrVa/Xvw2NcTjzsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnAb/CQAA//9AntRF")
mount$overlay(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000), 0x18040, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40000, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000480)=ANY=[])
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x3, @remote, 0x9}, 0x1c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=@allocspi={0x150, 0x16, 0x1, 0x0, 0x0, {{{@in, @in6=@mcast1, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@local, 0x0, 0x33}, @in=@broadcast, {0x0, 0x1}, {0x0, 0x2}, {}, 0x0, 0x0, 0xa}, 0x5, 0x5}, [@offload={0xc, 0x1c, {0x0, 0x1}}, @algo_aead={0x4c, 0x12, {{'morus640-generic\x00'}, 0x0, 0x180}}]}, 0x150}}, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x2cb2, 0x4)
sendmmsg$inet(r0, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="2460cf4782a734649801d319bafbc635259b1466e91c886d832b19a016199327058bee4bee12e0a8", 0x28}], 0x1}}], 0x1, 0x400c8a0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x41, &(0x7f0000000880)={[{@nouser_xattr}, {@nodiscard}, {@usrjquota}, {@grpjquota}, {@grpjquota}, {@minixdf}, {@quota}, {@noload}, {@block_validity}]}, 0x64, 0x51c, &(0x7f0000001740)="$eJzs3c9rJFkdAPBvdbpjMpOZZNWDLrj+2JXMoNOdbNzd4GFdQfS0oK73MSadENJJh3RndxIWN4N/gCCigie9eBH8AwRZ8OJRhAU9KyqK6IwevDgl1V2dmWS6O5mZnnQ2/flAdb2qV1Xf9zqp6npVj6oARtYnIuK1iLiXpun1iJjO5xfyIQ7aQ7bc3TtvL2dDEmn6xj+TSPJ5nW0l+fhyvtpERHz9KxHfSh6O29jb31iq1ao7+XSlubldaezt31jfXFqrrlW3FhbmX158ZfGlxbmB1PNKRLz6pb/+4Ls/+/Krv/rsW3+6+fdr386KNZXnP1iPR1RsfU50z2xXvXQkO1th5zGDnUfFVg1zk92WGHtozu2nXCYAALrLzvE/GBGfiojrMR1j+eksAAAAcHGkX5iKsSQi7W68x3wAAADgfaTQ6gObFMp5X4CpKBTK5XYf3g/HpUKt3mh+ZrW+u7XS7is7E6XC6nqtOpf3FZ6JUpJNz7fS96dfPDa9EBHPRMT3pydb0+Xlem1l2Bc/AAAAYERcPtb+/890u/0PAAAAXDAzwy4AAAAA8NRp/wMAAMDFp/0PAAAAF9pXX389G9LO+69X3tzb3ai/eWOl2tgob+4ul5frO9vltXp9rfXMvs2Ttler17c/F1u7tyrNaqNZaezt39ys7241b673ekM2AAAA8LQ98/F3/5BExMHnJ1tDZvx0q55yMeC8Kh6mknzcZbf+49X2+C9nVCjgTIwNuwDA0BSHXQBgaErDLgAwdMkJ+T077/w2H39ysOUBAAAGb/ajve//F/quedA/Gzj37MQwutz/h9HVuv9/2p68ThbgQik5A4CR98T3/0+Upo9UIAAAYOCmWkNSKOeX96aiUCiXI660XgtQSlbXa9W5iLgaEb+fLn0gm55vrZmc2GYAAAAAAAAAAAAAAAAAAAAAAAAAANrSNIkUAAAAuNAiCn9Lft1+lv/s9AtTx68PjCf/nY78FaFv/fiNH95aajZ35rP5/zqc3/xRPv/FYVzBAAAAgJHwSC/w77TTO+14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiku3feXu4MJyz6ziDj/uOLETHTLX4xJlrjiShFxKV/J1F8YL0kIsYGEH8y+/hIt/hJVqzDkN3iTw4g/sHtvvFjJv8WusW/PID4MMrezY4/rx3b/44cWLrvf8WII9OPq/fxLw6Pf2M99v8rp4zx7Hu/qPSMfzvi2WL3408nftIj/vOnjP/Nb+zv98pLfxIx2/X3JzkSq9Lc3K409vZvrG8urVXXqlsLC/MvL76y+NLiXGV1vVbNP7vG+N7HfnmvX/0v9Yg/06f+VyPihVPW/3/v3brzoXay1C3+tefz+Encj/+bn+ZLPBy/kP/2fTpPZ/mznfRBO/2g537+u+f61X+lR/1P+vtf61/t8U7i+te+8+f+iwIAZ6mxt7+xVKtVdy5sImuln4NiSOSJ8XP0X/fOQDeYpmma7VNPsJ0kzsPX0koM+8gEAAAM2v2T/mGXBAAAAAAAAAAAAAAAAAAAAEbXWTxO7HjMg8NUMohHaAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMT/AwAA//+VPdXC")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1aca421, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1aca421, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

5m55.467319391s ago: executing program 4 (id=524):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000000c0)={[{@delalloc}, {@dioread_lock}, {@dioread_lock}, {@dioread_lock}, {@dioread_lock}, {@resgid}, {@data_err_ignore}, {@nojournal_checksum}, {@nobh}, {@user_xattr}, {@bh}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}]}, 0xfe, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x480400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000240), 0x208002)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}})
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x40800)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r4, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
setsockopt$inet_int(r4, 0x0, 0xc, &(0x7f0000000180)=0x1, 0x4)
recvmmsg(r4, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/249, 0xf9}, 0x3}], 0x1, 0x45833af92e4b39ff, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, 0x0)
iopl(0x3)
unshare(0xa000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x0, &(0x7f0000ffc000/0x3000)=nil)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = open(&(0x7f0000000080)='./file1\x00', 0x167840, 0xb)
pwritev2(r5, &(0x7f0000006bc0)=[{&(0x7f0000005b80)="85", 0x1}], 0x1, 0x5, 0x0, 0xa)

5m53.800134728s ago: executing program 4 (id=528):
syz_open_dev$vim2m(&(0x7f0000000000), 0x2000000000000005, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x44804)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000300)=@urb_type_interrupt={0x1, {0x3}, 0x8, 0xc5, &(0x7f0000002580), 0x0, 0xa, 0x8, 0x0, 0x7, 0x69, 0x0})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xc9)
syz_genetlink_get_family_id$nbd(0x0, r3)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), r5)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r6, 0x701, 0x0, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xb, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x2, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0xb, 0x2, 0xd9a, 0xd, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0xffffffff]}})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

5m53.159947621s ago: executing program 33 (id=528):
syz_open_dev$vim2m(&(0x7f0000000000), 0x2000000000000005, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x44804)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000300)=@urb_type_interrupt={0x1, {0x3}, 0x8, 0xc5, &(0x7f0000002580), 0x0, 0xa, 0x8, 0x0, 0x7, 0x69, 0x0})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0xc9)
syz_genetlink_get_family_id$nbd(0x0, r3)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), r5)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r6, 0x701, 0x0, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x1000, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xb, 0x7, 0xbed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x2, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0xb, 0x2, 0xd9a, 0xd, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0xffffffff]}})
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

20.057330552s ago: executing program 5 (id=1294):
fsopen(&(0x7f0000000240)='ubifs\x00', 0x0)

19.271473601s ago: executing program 5 (id=1296):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x3, &(0x7f0000000500)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_open_dev$video4linux(0x0, 0x92e2, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0xc1105511, &(0x7f0000000040))
sendmsg$NFT_MSG_GETRULE(r3, &(0x7f000001c380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x8c0}, 0x4000)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000d80)=@ipv4_newaddr={0x20, 0x14, 0x509, 0x0, 0x0, {0x2, 0x1, 0x0, 0xff, r2}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0)
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f00000000c0)=ANY=[], 0x1, 0x1513, &(0x7f0000002d00)="$eJzs3Au4TlW3OPAx5pxLm9Cb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33kHySJAkJSeb/0df3d77Td0595+sc5zl7/J5nPXuOvd4x1lh77Od911rPs/c37QdWrlulYm1mhn8J/vVLKgCkAEAfALgGACIAKJGlRBbAIZBeY+q/dhDx53poypXuQFxJMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma81rZ0u72P/f8H+T5//868vn/f8jhIqO+WFfk+g7/RIrMP22T+adtMv+0Teaftsn80zaZ//9xEUCF/2S3zD9tk/kLkZZd6efPsl3Z7Ur//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPxtfaX7EkIIIYQQQgghxJ8nXHWlOxBCCCGEEEIIIcR/PwQFGgxEkA6ughRIDxngasgImSAzXAMJuBaywHWQFa6HbJAdckBOyAW5IQ9YIHDAEENeyAdJuAHyw41QAApCISgMHopAUbgJisHNUBxugRJwK5SE26AUlIYyUBZuh3JwB5SHClAR7oRKcBdUhipwN1SFe6Aa3AvV4T6oAfdDTXgAasGDUBsegjrwMNSFR6AePAr1oQE0hEbQ+L+U/yJ0hpegC3SFVOgG3eFl6AE9oRf0hj7wCvSFV6EfvAb9YQAMhNdhELwBg+FNGAJDYRi8BcNhBIyEUTAaxsBYeBvGwTswHt6FCTARJsFkmAJTYRq8B9NhBsyE92EWfACzYQ7MhXkwHz6EBbAQFsFHsBg+hiWwFJbBclgBK2EVrIY1sBbWwXrYABthE2yGLfAJbIVtsB12wE7YBbvhU9gDe2EffAb74fN/Mv/sv8vvgICAChUaNJgO02EKpmAGzIAZMSNmxsyYwARmwSyYFbNiNsyGOTAH5sJcmAfzICEhI2NezItJTGJ+zI8FsAAWwkLo0WNRLIrF8GYsjsWxBJbAklgSS2FpLI1lsSyWw3JYHstjRayIlbASVsbKeDfejfdgNayG1REBoAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2xITbGxtgEm2BTbIrNsTm2wBbYEltiK2yFrbE1tsE22BbbYjtsh+2xPXbAjtgRX8QX8SV8CbtiJdUNu2N37IE9sBf2xt74CvbFV/FVfA374wAciK/j6/gGDsYzOASH4jAchuXUCByJo5DVGByLY3EcjsPxOB4n4ESciJNxCk7FaTgNp+MMnIHv4yz8AD/AOTgH5+F8nI8LcCEuwkW4GM/iElyKy3A5rsCVuAJX4xpcjetwPa7DjbgRN+Nm/AQ/wW24DXfgDtyFu/BT/BT34l7sj/txPx7AA3gQD+IhPISH8TAewSN4FI/iMTyGx/E4nsCTeApP4mk8jWfwLJ7Dc3gez+MFfD7XV3V2FVzbH9QlRhmVTqVTKSpFZVAZVEaVUWVWmVVCJVQWlUVlVVlVNpVN5VA5VC6VS+VReRQpUqxilVflVUmVVPlVflVAFVCFVCHllVdFVVFVTBVTxVVxVULdqkqq21QpVVo182VVWVVONfflVQVVUVVUldRdqrKqoqqoqqqqqqaqqeqquqqhaqia6gFVS3XDXviQujSZumoA1lMDsb5qoBqqRuoNfEw1UYOxqWqmmqsn1FAcgi1VE99KPa1aq5HYRj2rRuFzqp0ag+3VC6qD6qg6qRdVZ9XUd0n361ugmow9VE/VS/VWmeAudWlildVrqr8aoAaq19U8fEMNVm+qIWqoGqbeUsPVCDVSjVKj1Rg1Vr2txql31Hj1rpqgJqpJarKaoqaqaeo9NV3NUDPV+2qW+kDNVnPUXDVPzVcfqgVqoVqkPlKL1cdqiVqqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaov6RG1V29R2tUPtVLvUbvWp2qP2qn3qM7Vffa4OqL+og+oLdUh9qQ6rr9QR9bU6qr5Rx9S36rj6Tp1QJ9Up9b06rX5QZ9RZdU79qM6rn9QF9bO6qIICjVpprY2OdDp9lU7R6XUGfbXOqDPpzPoandDX6iz6Op1VX6+z6ew6h86pc+ncOo+2mrTTrGOdV+fTSX2Dzq9v1AV0QV1IF9ZeF9FF9U26mL5ZF9e36BL6Vl1S36ZL6dK6jC6rb9fl9B26vK6gK+o7dSV9l66sq+i7dVV9j66m79XV9X26hr5f19QP6Fr6QV1bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hn9Qt9VO6lX5at9bP6Db6Wd1WP6fb6ed1e/2C7qA76k76Z31RB91Fd9Wpupvurl/WPXRP3Uv31n30K7qvflX306/p/nqAHqhf14P0G3qwflMP0UP1MP2WHq5H6JF6lB6tx+ix+m09Tr+jx+t39QQ9UU/Sk/UUPVX3+rXSzD+Q/84/yO/3y9E36y36E71Vb9Pb9Q69U+/Su/VuvUfv0fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/RJ/aP+Xp/WP+gz+qw+q3/U5/V5feHXnwEYNMpoY0xk0pmrTIpJbzKYq01Gk8lkNteYhLnWZDHXmazmepPNZDc5TE6Ty+Q2eYw1ZJxhE5u8Jp9JmhtMfnOjKWAKmkKmsPGmiClqbvqX83+vv8amsWlimpimpqlpbpqbFqaFaWlamlamlWltWps2po1pa9qadqadaW/amw6mg+lkOpnOprPpYrqYVJNqupuXTQ/T0/QyvU0f84rpa/qafqaf6W/6m4FmoBlkBpnBZrAZYoaYYWaYGW6Gm5FmpBltRpuxZqwZZ8aZ8Wa8mWAmmElmkplipphpZpqZbqabmWammWVmmdlmtplr5pr5Zr5ZYBaYRWaRWWwWmyVmqVlqlpvlZqVZaVab1WatWWvWm/Vmo9lolpgtZovZaraa7Wa72Wl2mt1mt9lj9ph9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6OmxPmhDllTpnT5rQ5Y86Yc+acOW/OmwvmgrloLl667ItUpCITmShdlC5KiVKiDFGGKGOUMcocZY4SUSLKEmWJskbXR9mi7FGOKGeUK8odpYKNKHIRR3GUN8oXJaMbovzRjVGBqGBUKCoc+ahIVDS6KSoW3RwVj26JSkS3RiWj26JSUemoTFQ2uj0qF90RlY8qRBWjO6NK0V1R5ahKdHdUNbonqhbdG1WP7otqRPdHNaMHolrRg1Ht6KGoTvRwVDd6JKoXPRrVjxpEDaNGUeM/tX4IZ7I/7rvYrjbVdrPd7cu2h+1pe9neto99xfa1r9p+9jXb3w6wA+3rdpB9ww62b9ohdqgdZt+yw+0IO9KOsqPtGDvWvm3H2XfsePuunWAn2kl2sp1ip9pp9j073c6wM+37dpb9wM62c+xcO8/Otx/aBXahXWQ/sovtx3aJXWqX2eV2hV1pV9nVdo1da9fZ9XaD3Wg32c12i/3EbrXb7Ha7w+60u+xu+6ndY/faffYzu99+bg/Yv9iD9gt7yH5pD9uv7BH7tT1qv7HH7Lf2uP3OnrAn7Sn7vT1tf7Bn7Fl7zv5oz9uf7AX7s71ow6WL+0sf72TIUDpKRymUQhkoA2WkjJSZMlOCEpSFslBWykrZKBvloByUi3JRHspDlzAx5aW8lKQk5af8VIAKUCEqRJ48FaWiVIyKUXEqTiWoBJWkklSKSlEZKkO30+10B91BFagC3Ul30l10F1WhKlSVqlI1qkbVqTrVoBpUk2pSLapFtak21aE6VJfqUj2qR/WpPjWkhtSYGlMTakJNqSk1p+bUglpQS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlAn6kSdqTN1oS6USqnUnbpTD+pBvagX9aE+1Jf6Uj/qR/2pPw2kgTSIBtFgGkxDaCgNo7doOI2gkTSKRtMYGktjaRyNo/E0nibQBJpEk2gKTaFpNI2m03SaSTNpFs2i2TSb5tJcmk/zaQEtoEW0iBbTYlpCS2gZLaMVtIJW0SpaQ2toHa2jDbSBNtEm2kJbaCttpe20nXbSTtpNu2kP7aF9tI/20346QAfoIB2kQ3SIDtNhOkJH6CgdpWN0jI7TcTpBJ+gUnaLTdJrO0Bk6R+foPP1EF+hnukiBUpyCDO5ql9FlcpndNS7FpXcZ3F8vmC7FOVxOl8vldnmcddlc9r+LyTlXwBV0hVxh510RV9Td9Ju4lCvtyriy7nZXzt3hyv8mrurucdXcva66u89VcXf/XVzD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zm3iBW+jWuLVunVvv9ri97pz70R1137jz7ifXxXV1fdwrrq971fVzr7n+bsBv4mHuLTfcjXAj3Sg32o35TTzJTXZT3FQ3zb3nprsZv4nnuw/dLLfIzXZz3Fw375f4Uk+L3EdusfvYLXFL3TK33K1wK90qt/r/97rcbXSb3Ga3233qtrptbrvb4Xa6Xb/El85jn/vM7XefuyPua3fQfeEOuWPusPvql/jS+R1z37rj7jt3wp10p9z37rT7wZ1xZ385/0vn/r372V10wQEjK9ZsOOJ0fBWncHrOwFdzRs7EmfkaTvC1nIWv46x8PWfj7JyDc3Iuzs152DKxY+aY83I+TvINnJ9v5AJckAtxYfZchIvyTVyMb+bifAuX4Fu5JN/Gpbg0l+GyfDuX4zu4PFfginwnVwqBK3MVvpur8j1cje/l6nwf1+D7uSY/wLX4Qa7ND3Edfpjr8iNcjx/l+tyAG3IjbsyPcRN+nJtyM27OT3ALfpJb8lPcip/m1vwMt+FnuS0/x+34eW7PL3AH7sid+EXuzC9xF+7KqdyNu/PL3IN7ci/uzX34Fe7Lr3I/fo378wAeyK/zIH6DB/ObPISH8jB+i4fzCB7Jo3g0j+Gx/DaP43d4PL/LE3giT+LJPIWn8jR+j6fzDJ7J7/Ms/oBn8xyey/N4Pn/IC3ghL+KPeDF/zEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/gT3srbeDvv4J28i3fzp7yH9/I+/oz38+d8gP/CB/kLPsRf8mH+io/w13yUv+Fj/C0f5+/4BJ/kU/w9n+Yf+Ayf5XP8I5/nn/gC/8wXOTDEGKtYxyaO4nTxVXFKnD7OEF8dZ4wzxZnja+JEfG2cJb4uzhpfH2eLs8c54pxxrjh3nCe2McUu5jiO88b54mR8Q5w/vjEuEBeMC8WFYx8XiYvGN8XF4pvj4vEtcYn41rhkfFtcKi4dP3Jf2fj2uFx8R1w+rhBXjO+MK8V3xZXjKvHdcdX4nrhafG9cPb4vLh7fH9eMH4hrxQ/GteOH4jrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuET8Zt4yfilvFT8et42d+d39q3C3uHr8cvxyHcK+em5yXnJ/8MLkguTC5KPlRcnHy4+SS5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTmZAhVrgKPXnntjY98On+VT/HpfQZ/tc/oM/nM/hqf8Nf6LP46n9Vf77P57D6Hz+lz+dw+j7eevPPsY5/X5/NJf4PP72/0BXxBX8gX9t4X8UV9I9/YN/ZN/OO+qW/mm/sn/BP+Sf+kf8o/5Z/2rf0zvo1/1rf1z/l2/nn/vH/Bd/AdfSf/ou/sX/JdfFef6lN9d9/d9/A9fC/fy/fxfXxf39f38/18f9/fD/QD/SA/yA/2g/0QP8QP88P8cD/cj/Qj/Wg/2o/1Y/04P86P9+P9BD/BT/KT/BQ/xU/z0/x0P93P9DP9rAKz/Gw/28/1c/18P98v8Av8Ir/IL/aL/RK/xC/zy/wKv8Kv8qv8Gr/Gr/Pr/Aa/wW/ym/wWv8Vv9Vv9dr/d7/Q7/W6/2+/xe/w+v8/v9/v9AX/AH/QH/SH/pT/sv/JH/Nf+qP/GH/Pf+uP+O3/Cn/Sn/Pf+tP/Bn/Fn/Tn/oz/vf/IX/M/+og9+bOLtxLjEO4nxiXcTExITE5MSkxNTElMT0xLvJaYnZiRmJt5PzEp8kJidmJOYm5iXmJ/4MLEgsTCxKPFRYnHi48SSxNLEssTyxIrEykQIubfGIW/IF5LhhpA/3BgKhIKhUCgcfCgSioabQrFwcygebgklwq2hZLgtlAqlQ5nwaKgfGoSGoVFoHB4LTcLjoWloFpqHJ0KL8GRoGZ4KrcLToXV4JrQJz4a24bnQLjwf2ocXQofQMXQKL4bO4aXQJXQNqaFb6B5eDj1Cz9Ar9A59wiuhb3g19Auvhf5hQBgYXg+DwhthcHgzDAlDw7DwVhgeRoSRYVQYHcaEseHtMC68E8aHd8OEMDFMCpPDlDA1TAvvhelhRpgZ3g+zwgdhdpgT5oZ5YX74MCwIC8Oi8FFYHD4OS8LSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvCJ2Fr2Ba2hx1hZ9gVdodPw56wN+wLn4X94fNwIPwlHAxfhEPhy3A4fBWOhK/D0fBNOBa+DcfDd+FEOBlOhe/D6fBDOBPOhnPhx3A+/BQuhJ/DRfmbNSGEEEKIP0T/zv5u/+B76QBA/bruDgCZtuU8/O9rbsj213VPlatFAgCe7tr+ob9tlSqlpqb++tolGqJ8cwAg8ff1/xYvhebwJLSCZlDsH/bXU3U8z79TP3krQIZ/k5MCl+PL9W/+D+o/9sSwBSXjc1n+k/pzAArku5yTHi7Hl+sX/w/qZ2/yO/2n/2IsQNN/k5MRLseX6xeFx+EZaPV3r/wDAxZCCCGEEEIIkSb0VGXa/t7986X781zmcs5VcDn+vftzIYQQQgghhBBCXHnPdez01GOtWjVr+8cW+OtzgX8u609b1Nq299lLh78yR5fFf3mBAPC/oA1Z/PHFFX5jEkIIIYQQQvzpLl/0X+lOhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKItOt/4t+JXelzFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIa60/xcAAP//daA1bQ==")
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x3000000, &(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0x1, 0x5d8, &(0x7f00000006c0)="$eJzs3U1vG8cdB+Df0rJsuoDDJHaSFi0q2IcWMWqLYuLoUKBuURQ6BEWAXnLJQbDpWDCtBBJTKEFR2H299hskPcjnnnooejCQnvsVBPSQQ4HedXOxyyXFWIoixbJIJc8DDGeGszs78/fuiLuEwQDfWEtv5/SjFFm68uZGWd/a7PS2Njv3huUkZ5I0kplBlmI1KT5NbmSQ8u3yzbq74ouO887Hbyx+1n74YFCbqVO1fWO//Q7mfp0yl+RUnR9Vfzefur9iNMMyYJeHgYNJe7zL/cPs/pTXLTANisHfzV1aybkkZ+vPAalXh8bxju7oHWqVAwAAgBPque1sZyPnJz0OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnq3/8v6tQYludSDH//f7Z+L3X5RHs06QEAAAAAAAAAwBH4/na2s5Hzw/rjovrO/1JVuVC9fisfZD3drOVqNrKcfvpZSztJa6yj2Y3lfn+tfYA9F/bcc+F45gsAAAAAAAAAX1O/y9LO9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANiuTUIKvShWG5lcZMkrNJZsvt7if/HJZPskeTHgAAAAAcg+e2s52NnB/WHxfVPf9L1X3/2XyQ1fSzkn566eZW9SxgcNff2Nrs9LY2O/fKtLvfn/7vUMOoeszg2cPeR56vtrg42mMpv8ivciVzeStrWcmvs5x+upnLz6vScoq06qcXreE49x7vjc/V3vqysb5SjaSZ21mpxnY1N/NeermVRjWHapv9j/igjE7xk9oBY3SrzssZ/aXOp0OrisjpUUTm69iX0Xh+/0gc8jx58kjtNEbPoC48g5ifq/My1n+a6pgvjJ19L+0fieTSf7739zu91bt3bq9fmZ4pfUVPRqIzFomXv1GRmK2jMVhFD7daXqr2PZ+V/DLv5Va6eT2LeT0LeS2vZT6LuT4W14sHuNYah7vWLv+wLjST/LnOp0MZ1+fH4jq+0rWqtvF3dqL0wtGvSDPfqQvlMX5f59PhyUi0xyLx4v6R+Ovj8nW9t3p37c7y+wc83g/qvLxs/zhVa3N5vrxQ/mNVtc+fHWXbi3u2tau2C6O2xq62i6O2L7tSZ+vPcLt7WqjaXt6zrVO1vTLWttenHACm3rlXz802/9v8d/OT5h+ad5pvnv3ZmcUz353N6X/N/OPU3xoPGz8uXs0n+e3O/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDVrX/40d3lXq+7pqCgoDAqTHplAp61a/17719b//CjH63cW363+253tdNpX19YvL64cP3a7ZVed37wOulhAs/Azh/9SY8EAAAAAAAAAAAAOKjj+O8Ek54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLItvZ3Tj1KkPX91vqxvbXZ6ZRqWd7acSdJIUvwmKT5NbmSQ0hrrrvii47zz8RuLn7UfPtjpa2a4fWO//Q7mfp0yl+RUnR9Vfzefur9iNMMyYJeHgYNJ+38AAAD//+NBDmE=")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b1245d, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
write$binfmt_format(r5, &(0x7f0000000000)='1\x00', 0x2400)

17.296862675s ago: executing program 5 (id=1300):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010d90455a00000000000010902240001000000000904000801030000000921000000012204000905810300"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0022050800000000000004"], 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="8d", 0x1, 0x40, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000001500)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/131, 0x83}, 0xc}], 0x1, 0x2131, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(0xffffffffffffffff, 0x7a6, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2, &(0x7f0000000240)={[{@quota}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@noquota}, {@errors_continue}, {@discard_size={'discard', 0x3d, 0x4}}, {@errors_continue}, {@quota}, {@discard}, {@errors_remount}]}, 0x1, 0x60b9, &(0x7f0000013cc0)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGALEWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo8zma6eOb+fNK56+lRNn/K/qy9TVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgf/uDH56qIuPqrdMOJiP+LfkQvYqWp1yJiZe1EXn4QES/EdnM8HxHDpYhm/e1/no14PSI+eibiwcO7683N5/fZj+//+R9/+MlTP/r7n4Zn/vuX2/03pi13585v//PXewfbZgAAAChNXdd1lT7mn0yf73tddwoAmIv8+l8n+Xb1wtWbC9YftVqtVh/Buq2e7F67iIjN9jrNewaH4wHgiNmMj7vuAh2Sf9EGEfFU150AFlrVdQc4FA8e3l2vUr5V+/Vgbac9nwuyJ//Navf6jmnTWcbPMZnX42sr+vHclP6szKkPiyTn3xvP/+pO+ygtd9j5z8u0/Ec7lz4VJ+ffH89/zPHJvzcx/1Ll/AdPlH9f/gAAAAAAsMDy3/9PdHz8d+ngm7Ivjzv+uzanPgAAAAAAAADA5+2g4//tMv4fAAAALKzms3rjd888um3ad7E1t1+pIp4eWx4oTLpYZrXrfgAAAAAAAAAAAABASQY75/BeqSKGEfH06mpd181P23j9pA66/lFX+vZDybp+kgcAgB0fPTN2LX8VsRwRV9J3/Q1XV1frenlltV6tV5by+9nR0nK90vpcm6fNbUujfbwhHozq5pctt9Zrm/V5eVb7+O9r7mtU9/fRsfnoMHAAiIidV6MHXpGOmbp+Nrp+l8PRYP8/fuz/7EfXj1MAAADg8NV1XVfp67xPpmP+va47BQDMRX79Hz8uoFar1Wq1+vjVbfVk99pFRGy212neMxiOHwCOmM34uOsu0CH5F20QES903QlgoVVdd4BD8eDh3fUq5Vu1Xw/S+O75XJA9+W9W2+vl9SdNZxk/x2Rej6+t6MdzU/rz/Jz6sEhy/r3x/K/utI/Scoed/7xMy7/ZzhMd9KdrOf/+eP5jjk/+vYn5lyrnP3ii/PvyBwAAAACABZb//n9ioY7/jj7r5sz0uOO/a4d2rwAAAAAAAABwuB48vLuer3vNx/+/MGE5138eTzn/Sv5Fyvn3xvL/6thy/db8/bce5f/vh3fX/3j7X/+fp/vNfynPVOmRVaVHRJXuqRqk6UG27tO2hv1Rc0/DqtcfpHN+6uE7cT1uxEac3bNsL/1/PGo/t6e96elwu73u77Sf39M+2G3P61/Y0z5MZzrVK7n9dKzHz+NGvL3d3rQtzdj+5Rnt9Yz2nH/f/l+knP+g9dPkv5raq7Fp4/6HvU/t9+3ppPu5fP2Lvzl7+Jsz01b0d7etrdm+lzroz/b/yVOj+OWtjZun71y7ffvmuUiTPbeejzT5nOX8h+ln9/n/5Z32/Lzf3l/vfzh64vwXxVYMpub/cmu+2d5X5ty3LuT8R+kn5/92ap+8/x/l/Kfv/6920B8AAAAAAAAAAAAAAAB4nLquty8RvRwRF9P1P11dmwkAzNfl9JUbdZJvn1fdn/P9qdVHvK4WrD9zrT+pF6s/avVRrNvqyd5sFxHxt/Y6FyPi15N+GQCwyD6JiH923Qk6I/+C5e/7a6anuu4MMFe33v/gp9du3Ni4eavrngAAAAAAAAAAn1Ue/3OtNf7zqbqu740tt2f817di7aDjfw7yzO4Ao1MGqu4/+TY9zlZv1O+1hht/MaaN/z3cnXvc+N+DGfc3nNE+mtG+NKN9eUb7xAs9WnL+L7bGOz8VESfHhl8vYfzX8THvS5Dzf6n1eG7y/8rYcu38698f5fx7e/I/c/u9X5y59f4Hr11/79q7G+9u/OzCuXNnL1y8eOnSpTPvXL+xcXbn3w57fLhy/nnsa+eBliXnnzOXf1ly/l9KtfzLkvP/cqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP/XUi3/suT8X021/MuS8/96quVflpz/a6mWf1ly/qdTLf+y5PzPpHqf+a8cdr+Yj5x/PsJl/y9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvN/PdXyL0vO/xupln9Zcv4XUy3/suT8v5lq+Zcl538p1fIvS87/W6mWf1ly/t9OtfzLkvN/I9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP+bqZZ/WR59/78ZM2bM5Jmun5kAAAAAAAAAAAAAgHHzOJ24620EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP3v12rkZCPk7+RtYO8YYZ5NdX+ILrYsJ14Zbya2kl9iud+0s+BavXZI0kh0FSiSMiirahhdtAUVt3lRYVV7QKqC8QK0qVSLtC/oGUaHyIqoCCkiV2ipkqznzPM/OzJ6d2bUn9sw5n48U/7wzZ+acOXPm7H7X+c4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA02vD+mS8OZFlW+y//Y22WXVv7++rxtfll77naWwgAAABcrl/mf756Q7pg/zJu1LDMP779+8/Pz8/PZ58e+pORr87PpyvGs2xkVZbl10UXf/zgQOMywVPZ2MBgw9eDHVY/1OH64Q7Xj3S4frTD9as6XD/W4fpFO2CR1fXfx+R3tin/69r6Ls1uzEby6zYV3OqpgVWDg/F3ObmB/DbzI0ey2exYNpNNNS1fX3YgX/6FDbV1fSSL6xpsWNf62hHy8ycOx20YCPt4U9O6Fu4z+un7svFf/PyJw3915pWbi2bH3dB0f/Xt3LKxtp2fD5fUt3UgW5X2SdzOwYbtXF/wnAw1bedAfrva31u389VlbufQwmZeUa3P+Vg2mP/9pXw/DTf+Wi/tp/Xhsv++Ncuy8wub3brMonVlg9mapksGF56fsfoRWbuP2qH05mx4RcfphmUcp7U5van5OG19TcTnf0O43fAS29D4NP30ydGG5/21+Us5TqPao17qtdJ6DHb7tdIrx2A8Ll7KH/TThcfgpvD4n9i89DFYeOwUHIPpcTccgxs7HYODo0P5NqcnYSC/zcIxuK1p+aF8TQP5fHlz+2Nw8szxU5Nzjz1+++zxQ0dnjs6c2LFt29SOXbv27NkzeWT22MxU/c9L3Nu9b002mF4DG8O+i6+Bd7Us23iozn9jdNH591Jfh2NtXodrW5bt9utwuPXBDVyZF+TiY7r+2rivttPHLgxmS7zG8udn6+W/DtPjbngdDje8Dgu/pxS8DoeX8TqsLXNq6/J+Zhlu+K9oG5b+XnB5x+DahmOw9eeR1mOw2z+P9MoxOBaOix9uXfp7wfqwvU9PrPTnkaFFx2B6uOHcU7sk/bw/ticfRcflLbUrrhnNzs7NnL7j0UNnzpzeloVxRbyl4VhpPV7XNDymbNHxOrji43X/7NufvqXg8rVhX43dXvtjbMnnqrbMzjvaP1f5d7fi/dl06fYsjC670vuz6Lt5bX+OZtnXvvfkPd954mvvX3J/1vLm5ycv/2fxlEsbzr8jS5x/Y+5/vb6+dFdPDY0M11+/Q2nvjDSdj5ufquH83DWQr/vVyeWdj0fCf1f6fHxjm/PxupZlu30+Hml9cPF8PNDptx2Xp/X5HAvHybGp9ufj2jLrtq/0mBxuez6+NcyBsP/fHZJCykUNx85Sx21a1/DwSHhcw3ENzcfpjqblR0I2q63rue2XdpxuubV+X0Pp0S24UsfpeMuy3T5O0+++ljpOBzr99u3StD6fY+G4uHFH++O0tsyLOy//3Lk6/rXh3Dna6RgcGRqtbfNIOgjz8302vzoeg3dkh7OT2bFsOr92ND+eBvJ1Tdy5vGNwNPx3pc+V69ocg1talu32MZi+jy117A0ML37wXdD6fI6F4+KZO9sfg7VlPrC7uz+7bgmXpGUafnZt/f3aUr/zuqVlN71Rx8pw2M7v7W7/u9naMsf2rDRntt9Pt4VLrinYT62v36VeU9PZldlP68J2vrJn6f1U257aMl/du8zjaX+WZeceuSv/fW/495W/PfuD55v+3aXo33TOPXLXz6478g8r2X4A+t/r9bGm/r2u4V+mlvPv/wAAAEBfiLl/MMxE/gcAAIDSiLk//l/hifwPAAAApRFz/3CYSUXy/7oPvDL7+rksNfPng3h92g1315eLHdep8PX4/ILa5Xc9O/Nff39ueesezLLstbv/oHD5dXfH7aobD9t58YPNly/y/O3LWvfB+8+l9Tb2178e7j8+nuUeBkUV3Kksy1644cv5esYfvJDPF+8+mM97zj/9VG2ZV/fWv463f/kt9eX/PJR/9x851HT7l8N++EmYUx8t3h/xdt+68O71ux9YWF+83cDG6/OH/cxD9fuN75Pzlafqy8f9vNT2f+dLz32rtvyj7yze/nODxdv/XLjfZ8P8n7fVl298Dmpfx9t9IWx/XF+83R3f/G7h9l/8Yn35Ux+qL3cwzLj+LeHrTR96ZbZxfz06cKjpcWUfri8X1z/1gz/Kr4/3F++/dfvHDlxo2h+tx8eL/1q/n8mW5ePlcT3R37Wsv3Y/jcdnXP9zf3iwaT93Wv/Fe15+W+1+W9d/W8typx7Zmq9/4f6a37HpL77w5cL1xe3Z/zenmh7P/k+F13FY/zMPheMxXP+/F+v31/ruCgc/1Xz+ict/fe25pscTfeQX9fVffO/RfK4aW73mmmuvu/78O2r7LsteWlW/v07rP/qXJ5u2/xs31fdHvD529FvXv5S4/tOfmzhxcu7s7HTaq0/ckL93zsfq2xO394Zwbm39+sDJMw/PnB6fGp/KsvHyvoXeJftmmD+rj/Ptl55fdAbden94Pm/5sxfWbP6XL8XL/+2++uUXPlr/vvWusNxXwuVrw/O3svUv9syGm/LX98CLYQvnF79f8OVYv+k/9yxrwfD4W38uiMf7qbc+nO+H2nX59434ur7M7f/RdP1+vh3263x4Z+aNNy2sr3H5+N4IF+6tv94ve/+F01x8Xv86PN8f/0n9/uN2xcf7o/BzzHfXNZ/v4vHx7XODrfefv4vH+XA+yc7Xr49Lxf194dWbCjcvvg9Jdv7m/Os/Tvdz84oe5lLmHpubPDZ74uyjk2dm5s5Mzj32+IHjJ8+eOHMgfy/PA5/pdPuF89Oa/Pw0PbNrZ5afrU7Wxxvsam//qfsPT++e2jw9c+TQ2SNn7j81c/ro4bm5wzPTc5sPHTky87lOt5+d3rdt+94du7dPHJ2d3rdn794deydmT5ysbUZ9ozrYNfXZiROnD+Q3mdu3c++2O+/cOTVx/OT0zL7dU1MTZzvdPv/eNFG79e9PnJ45dujM7PGZibnZx2f2bdu7a9f2ju8GePzUkbnxydNnT0yenZs5PVl/LONn8otr3/s63Z5ymvv3+s+zrQbqb8SXffK2Xen9WWuefXLJu6ov0vIGoq+E96L5pzed2rOcr2PuHwkzqUj+BwAAgCqIuX80zET+BwAAgNKIuX9VmIn8DwAAAKURc/9YmElF8n/p+v/rzi1r/fr/+v+N+0v/v2L9/3t7rf9fP1/o/3fH5fbv9f8D/X/9f/1//X/9f7qg1/r/MfevzrJK5n8AAACogpj714SZyP8AAABQGjH3XxNmIv8DAABAacTcf22YSUXyv/6//r/+v/6//n/x+vX/+5P+f3v6/x3o/09m1er/n+/m9uv/6/+zWK/1/2Puvy7MpCL5HwAAAKog5v7rw0zkfwAAACiNmPtvCDOR/wEAAKA0Yu5fG2ZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/Pv9f/1//n67qtf5/zP1vCjOpSP4HAACAKoi5/81hJvI/AAAA9J7hS7tZzP1vCTNZlP8vcQUAAADAVRdz/41ZSxG8Iv/+r/+v/6//r/+v/1+8/uX3/4cy/f/eof/fnv5/B/r/+v/6//r/dFWv9f/z3J+NZW8NM6lI/gcAAIAqiLn/pjAT+R8AAABKI+b+/xdmIv8DAABAacTcvy7MpCL5X/9f/1//X/9f/794/T7/vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7bw4zqUj+BwAAgCqIuf+WMBP5HwAAAEoj5v7/H2Yi/wMAAEBpxNy/PsykIvlf/7/H+/+xOar/r/+v/6//r/+/LPr/7en/d6D/r/+v/6//T1f1Wv8/5v63hZlUJP8DAABAFcTc//YwE/kfAAAASiPm/neEmcj/AAAAUBox94+HmVQk/+v/93j/3+f/6//r/+v/6/+viP5/e/r/Hej/6//r/+v/01W91v+PuX9DmElF8j8AAABUQcz9G8NM5H8AAAAojZj7bw0zkf8BAACgNGLu3xRmUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/Z5hJRfI/AAAAVEHM/ZvDTOR/AAAAKI2Y+98VZiL/AwAAQGnE3L8lzKQi+V//X/9f/1//X/+/eP36//1J/789/f8O9P/1//X/9f/pql7r/8fc/+4wk4rkfwAAAKiCmPu3hpnI/wAAAFAaMfffFmYi/wMAAEBpxNw/EWZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/+v/6//r/dFWv9f9j7r89zKQi+R8AAACqIOb+O8JM5H8AAAAojZj7J8NM5H8AAAAojZj7p8JMKpL/9f/1//X/9f9X1P9/x8L96v/X6f/3Fv3/9vT/O9D/1/+/6v3/Ef1/SqXX+v8x928LM6lI/gcAAIAqiLl/e5iJ/A8AAAClEXP/jjAT+R8AAABKI+b+nWEmFcn/+v/6//r/+v8+/794/fr//Un/v73u9//jQ9T/1//X//f5//r/LNZr/f+Y++8MM6lI/gcAAIAqiLl/V5iJ/A8AAAClEXP/7jAT+R8AAABKI+b+PWEmFcn/+v/6//r/+v/6/8Xr1//vT/r/7fn8/w70//X/9f/1/+mqXuv/x9y/N8ykIvkfAAAAqiDm/veEmcj/AAAAUBox9/9KmIn8DwAAAKURc/+vhplUJP/r/+v/6//r/+v/F69f/78/6f+3p//fgf6//r/+v/4/XdVr/f+Y+/eFmVQk/wMAAEAVxNz/a2Em8j8AAACURsz97w0zkf8BAACgNGLu3x9mUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/X5hJRfI/AAAAVEHM/XeFmcj/AAAAUBox978/zET+BwAAgNKIuf8DYSYVyf/6//r/+v/6//r/xevX/+9P+v/t6f93oP+v/6//r/9PV/Va/z/m/g+GmVQk/wMAAEAVxNz/oTAT+R8AAABKI+b+D4eZyP8AAABQGjH3fyTMpCL5X/9f/1//X/9f/794/fr//Un/vz39/w70/0vW/x+/Tv9f/583SlECWuzS+v/XvrbkCi+z/x9z/6+HmVQk/wMAAEAVxNx/d5iJ/A8AAAClEXP/R8NM5H8AAAAojZj7PxZmUpH8r/+v/6//r/+v/1+8fv3//qT/316f9f9/eX24XP+/Tv+/t7e/J/v/P16q/z+/qvX2+v+8ES6t/1+oK/3/mPs/HmZSkfwPAAAAVRBz/yfCTOR/AAAAKI2Y+z8ZZiL/AwAAQGnE3P8bYSYVyf/6/7XtWGgv6//r/+cX6P/r/+v/9y39//b6rP/v8/9b6P/39vb3ZP/f5/9zlfVa/z/m/k+FmVQk/wMAAEAVxNx/T5iJ/A8AAAClEXP/vWEm8j8AAACURsz994WZVCT/6//7/H/9f/1//f/i9ev/9yf9//b0/zvQ/9f/77X+/3/o/9Pfeq3/H3P//WEmFcn/AAAAUAUx9z8QZiL/AwAAQGnE3P+bYSbyPwAAAJRGzP2fDjOpSP7X/++X/v+4/r/+v/5/y+PR/9f/L6L/357+fwf6//r/vdb/9/n/9Lle6//H3P9gmMny8//YspcEAAAAroqY+38rzKQi//4PAAAAVRBz/2+Hmcj/AAAAUBox9/9OmElF8r/+f7/0/33+f6b/r//f8nj0//X/i1y5/n888+j/6//r/0f6//r/+v+06rX+f8z9vxtmUpH8DwAAAFUQc/9DYSbyPwAAAPSFov8nu1XM/QfCTOR/AAAAKI2Y+w+GmVQk/+v/6//r//do//9PN/7zD7//iYPb9P/1//X/V+SKfv5/7cXv8//1//X/E/1//X/9f1r1Wv8/5v5DYSYVyf8AAABQBTH3/16YifwPAAAApRFz/+EwE/kfAAAASiPm/ukwk4rkf/1//X/9/x7t//fx5//H/aH/36xr/f940tX/L3RF+/8PLPTE9f9X2v8fLbxU/1//v5+3X/9f/5/Feq3/H3P/TJhJRfI/AAAAVEHI/YNH6nPhCvkfAAAASiPm/qNhJvI/AAAAlEbM/Q+HmVQk/+v/6//r/+v/+/z/4vX3bP/f5/+3pf/fXu/0/4vp/+v/9/P26//r/7NYr/X/Y+6fDTOpSP4HAACAKoi5/zNhJvI/AAAAlEbM/Z8NM5H/AQAAoDRi7j8WZlKR/K//r/+v/6//r/9fvH79//6k/9+e/n8H+v/6//r/+v90Va/1/2PuPx5mUpH8DwAAAFUQc/+JMBP5HwAAAEoj5v6TYSbyPwAAAJRGzP2nwkz+j737aN6rLv84fuf/D2MyPAAXbtj7EFjoWh+ACzcudMZxoaPYG8FesfeCvWMBRWzYG9hQ7GLvigU76sRxcl1X8kvO79xJvJOc871er82lwXiiw4Af4T3fJvtf/6//H7b/v5v+f7/v6//1/yPT/8/T/2+h/9f/6//1/+zU0vr/3P0Pjlua7H8AAADoIHf/Q+IW+x8AAACGkbv/srjF/gcAAIBh5O5/aNzSZP+f1P8f2PTs/zPj1f+P1P97/3/f7+v/9f8jO7/9/xX//SOf/l//r/8P+n/9v/6fky2t/8/d/7C4pcn+BwAAgA5y9z88brH/AQAAYBi5+x8Rt9j/AAAAMIzc/Y+MW5rsf+//e/9f/6//1/9Pf1//v07e/5/Xqf+/7JaLH3j7dXe5/ky+r//X/+v/9f/s1tL6/9z9j4pbmux/AAAA6CB3/6PjFvsfAAAAhpG7/zFxi/0PAAAAw8jd/9i4pcn+1//r//X/+n/9//T39f/rpP+f16n/P5vv6//1//p//T+7tbT+P3f/4+KWJvsfAAAAOsjd//i4xf4HAACAYeTuvzxusf8BAABgGLn7j8QtTfa//v/c9///1v/r/+Pq//X/+v9zT/8/T/+/hf5f/6//1/+zU0vr/3P3XxG3NNn/AAAA0EHu/ifELfY/AAAADCN3/xPjFvsfAAAAhpG7/0lxS5P9r//3/r/+X/+v/5/+vv5/nfT/885//z/1Z8j96f9X3/9fpP/X/+v/OdEZ9v93zPxheyf9f+7+J8ctTfY/AAAAdJC7/ylxi/0PAAAAw8jd/9S4xf4HAACAYeTuf1rc0mT/6//1//p//b/+f/r7+v910v/PW8z7/wcOTv6w/n/1/b/3//X/+n/2WNr7/7n7nx63NNn/AAAA0EHu/mfELfY/AAAADCN3/zPjFvsfAAAAhpG7/1lxS5P9r//X/+v/9f/6/+nvz/X/15/w69P/L4v+f95i+v996P/1/2v+9ev/9f+camn9f+7+Z8ctTfY/AAAAdJC7/8q4xf4HAACAYeTuf07cYv8DAADAMHL3PzduabL/p/v/479d/3969P97f/36/+nfP3bV/+e/o/5/tv+/u/f/e9L/z9P/b6H/1//r//fr/w9v+/n6f6Ysrf/P3f+8uKXJ/gcAAIAOcvc/P26x/wEAAGAYuftfELfY/wAAADCM3P0vjFua7H/v/+v/9f/r6/+9/3/MhXz/f3Pe+/+D+v/TpP+fp//fQv+v/9f/e/+fnVpa/5+7/0VxS5P9DwAAAB3k7n9x3GL/AwAAwDqc+PcOnPw3lIbc/S+JW+x/AAAAGEbu/pfGLU32v/5f/6//1//37v8PraT/9/7/6dL/z9P/b3Fh+/8Dg/b/Bwfr/6/a7+cvof+/XP/Pwuzp/284/uMXqv/P3f+yuKXJ/gcAAIAOcve/PG6x/wEAAGAYuftfEbfY/wAAADCM3P2vjFua7P9z3v8f3v/b+n/9v/5f/3/h+/+1vP+v/z9d+v95+v8tvP/v/X/v/+v/2ak9/f8JLlT/n7v/VXFLk/0PAAAAHeTuf3XcYv8DAADAMHL3XxW32P8AAAAwjNz9r4lbmux/7//r//X/+n/9//T39f/rpP+fp//fQv+v/9f/6//ZqaX1/7n7Xxu3NNn/AAAA0EHu/tfFLfY/AAAADCN3/+vjFvsfAAAAhpG7/w1xS5P9r/8/t/1//rj+X/+/0f/r//X/50Xb/v/A1J+JTrVP/3/T/Y/cc++P6P/1//p//b/+nx1YRP9/9Pj/uszd/8a4pcn+BwAAgA5y978pbrH/AQAAYBi5+98ct9j/AAAAMIzc/W+JWwbZ/4e2/Hb9v/f/9f/6f/3/9Pf1/+vUtv8/Td7/30L/r//X/+v/2alF9P8n/PPc/W+NWwbZ/wAAAMCmdv/b4hb7HwAAAIaRu//tcYv9DwAAAMPI3f+OuKXJ/tf/6//1//p//f/09/X/66T/n6f/30L/r//X/+v/2aml9f+5+6+OW5rsfwAAAOggd/874xb7HwAAAIaRu/9dcYv9DwAAAMPI3f/uuKXJ/tf/6//1//p//f/09/X/66T/n6f/32w218z8Aqb6/6N30v/r//X/+n/O0tL6/9z974lbmux/AAAA6CB3/zVxi/0PAAAAw8jdf23cYv8DAADAMHL3vzduabL/9f/6f/2//l//P/19/f866f/n6f+38P6//l//r/9np5bW/+fuf1/c0mT/AwAAQAe5+6+LW+x/AAAAGEbu/vfHLfY/AAAADCN3//VxS5P9r//X/+v/9f/6/+nv6//X6dz1/xv9v/5f/7+F/l//r//nZEvr/3P3fyBuabL/AQAAoIPc/R+MW+x/AAAAGEbu/g/FLfY/AAAADCN3/4fjlib7X/+v/9f/6//1/9Pf1/+vk/f/5+n/t9D/6//1//p/dmpp/X/u/o/ELU32PwAAAHSQu/+GuMX+BwAAgGHk7v9o3GL/AwAAwDBy938sbmmy//X/+v+9/f9mo//X/+v/jzkP/f+hjf5/5/T/8/T/W+j/x+z//28zUP9/eN+fr/9niZbW/+fu/3jc0mT/AwAAQAe5+z8Rt9j/AAAAMIzc/Z+MW+x/AAAAGEbu/k/FLU32v/5f/+/9f/2//n/6+97/Xyf9/zz9/xb6/zH7f+//6/+5YJbW/+fu/3Tc0mT/AwAAQAe5+z8Tt9j/AAAAMIzc/Z+NW+x/AAAAGEbu/s/FLU32v/5f/6//1//r/6e/r/9fJ/3/PP3/Fvp//b/+X//PTi2t/8/d//m4pcn+BwAAgA5y998Yt9j/AAAAMIzc/TfFLfY/AAAADCN3/xfilib7X/+v/9f/r7P/P6T/1//r/yctpf+/9NJ73Kz/1//r//X/+n/9f3dL6/9z938xbmmy/wEAAKCD3P1filvsfwAAABhG7v4vxy32PwAAAAwjd/9X4pYm+//U/v+izbFC9Zip/j8aNf3/CfT/e3/9+v/p3z+8/6//1/+fe0vp/73/f3a/fv2//n/Nv/4z6v8vOfXn6/8Z0dL6/9z9N8ctTfY/AAAAdJC7/6txi/0PAAAAw8jd/7W4xf4HAACAYeTuvyVuabL/vf+v/9f/6//1/9Pf1/+vk/5/nv5/C/2//t/7/w+67//r/9mdpfX/ufu/Hrc02f8AAADQQe7+b8Qt9j8AAAAMI3f/N+MW+x8AAACGkbv/W3FLk/2v/9f/6//1//r/6e/r/9dJ/z9P/7+F/l//r//3/j87tbT+P3f/t+OWJvsfAAAAOsjd/524xf4HAACAYeTu/27cYv8DAADAMHL3fy9uabL/d9//X6L/D/r/pfT/99H/n/R9/b/+f2T6//wz+jT9/xb6f/2//l//z04trf/P3X9r3NJk/wMAAEAHufu/H7fY/wAAADCM3P0/iFvsfwAAABhG7v4fxi1N9r/3/3v1/wc2Hft/7//r//X/nej/5+n/t9D/6//1//p/dmpp/X/u/h/FLU32PwAAAKzVve76gFtP91+bu//HcYv9DwAAAMPI3f+TuMX+BwAAgGHk7v9p3NJk/+v/e/X/Pd//1//r//X/nej/5+n/t9D/6//1//p/dmpp/X/u/p/FLScMv4Nn/J8SAAAAWJLc/T+PW5r89X8AAADoIHf/L+KWU/b/0dP8u9oBAACApcnd/8u4pclf/9f/L7z/34zf/9+20f/r/4/R/+v/d0H/P+9/7P+PHtD/6/9n6P/1//p/Tra0/j93/6/ilib7HwAAAAa15/9RyN3/67jF/gcAAIBh5O7/Tdxi/wMAAMAwcvf/Nm5psv/1/wvv/8/q/f/D9Y/W0P97//8c9v9XHpr8vv5f/z8y/f887/9vof/X/+v/9f/s1NL6/9z9t8UtTfY/AAAAdJC7/3dxi/0PAAAAw8jd//u4xf4HAACAYeTu/0Pc0mT/6/9H7P/X9f6//t/7/2ff/9/54iM33vt+116t/+e489n/5+8L+n/9v/7/GP2//l//z8mW1v/n7v9j3NJk/wMAAEAHuftvj1vsfwAAABhG7v4/xS32PwAAAAwjd/+f45Ym+1//r/9fSv+f/11fgP7/yPr6/2yKu/f/3v/X/5/K+//z9P9b6P/1//p//T87tbT+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAYeTu/1vcYv8DAADAMHL3/z1uabL/9f/6/6X0/8n7/8d/nvf/j9H/6//PhP5/nv5/C/2//l//r/9np5bW/+fu/0fc0mT/AwAAQAe5+++IW+x/AAAAGEbu/n/GLfY/AAAADCN3/7/ilib7X/+v/9f/6//1/9Pf1/+vk/5/nv5/C/2//l//r/9np5bW/+fu/08AAAD//6cRdCE=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)

16.428272642s ago: executing program 6 (id=1302):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$pppoe(0x18, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$phonet(r0, &(0x7f0000000040)={0x23, 0x14}, 0x10)

12.619178546s ago: executing program 6 (id=1305):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x70, "f42a97b96d025891dd3f75fdda624457ad3d5c36389c308570204262"}})

11.760312555s ago: executing program 6 (id=1309):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_PROTOCOL(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="34000000010609"], 0x34}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
r4 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x679a, 0x1000, 0x4, 0x3ce}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r2, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

7.400954163s ago: executing program 5 (id=1311):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5}, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) (async)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r0 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r0, &(0x7f0000000100)={0x18}, 0x18)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
statx(r0, &(0x7f00000002c0)='./file0\x00', 0x400, 0x10, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
statx(r0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0), 0xc, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_user}, {@version_u}, {@loose}, {@fscache}, {@cache_readahead}, {@version_9p2000}, {@fscache}, {@posixacl}], [{@context={'context', 0x3d, 'unconfined_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '['}}, {@obj_user={'obj_user', 0x3d, 'syz'}}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@euid_gt={'euid>', r2}}, {@uid_eq={'uid', 0x3d, r3}}]}}) (async)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0), 0xc, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_user}, {@version_u}, {@loose}, {@fscache}, {@cache_readahead}, {@version_9p2000}, {@fscache}, {@posixacl}], [{@context={'context', 0x3d, 'unconfined_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '['}}, {@obj_user={'obj_user', 0x3d, 'syz'}}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@euid_gt={'euid>', r2}}, {@uid_eq={'uid', 0x3d, r3}}]}})
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000423000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x4a, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000423000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x483, 0x0, 0x7}]})
setrlimit(0x3, &(0x7f0000000040)={0x4, 0x73d})
write$FUSE_DIRENTPLUS(r0, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) (async)
r6 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r8, 0xffffffffffffffff)
keyctl$get_persistent(0x16, 0x0, r6) (async)
keyctl$get_persistent(0x16, 0x0, r6)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000240)={{0x9, 0x7, 0x9}, 'syz1\x00', 0x2d})
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[])

7.193142789s ago: executing program 1 (id=1312):
r0 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000180))
connect$unix(r0, &(0x7f0000001000)=@file={0x1, './file0\x00'}, 0x6e)
r1 = fsopen(&(0x7f00000000c0)='ceph\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000001080)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000010c0)={&(0x7f0000001100)='ext4_ext_handle_unwritten_extents\x00', r2, 0x0, 0xfffffffffffffffb}, 0x18)
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x2000490, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRES8=0x0], 0x11, 0x489, &(0x7f00000009c0)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, 0x20000040)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
link(&(0x7f00000001c0)='./file1\x00', 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, 0x0, 0x20006804)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000100)='\x00\x00\x00\xa6\a=', 0x0, r1)
tkill(0x0, 0xb)

7.072312552s ago: executing program 2 (id=1313):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==") (async)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x4cc02, 0x0) (async)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000100)={<r1=>0x0, 0x90, "331d54ca9f87b0085c865c7ebf4cc9b5c1994584e1fde793eb391c5bb01ea0331bd78f59fc8162c75cedcb91a8eca45dc13e9e018120c1bfe5568c4a269f2f50cc437c3abfd5a180c79000a5d92b2a7d105346327527d03ac11b517040940f63f323bb66fc169a9edef40c9f2a89f6fd91310fad763107d37527178c0b917baa4154aa738dd4b32bdcc958768270b44d"}, &(0x7f00000001c0)=0x98) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bridge_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_newvlan={0x28, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0x4, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x3000000}}}]}, 0x28}}, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000200)={r1, @in6={{0xa, 0x4e24, 0x200, @ipv4={'\x00', '\xff\xff', @empty}, 0x1000000}}, [0x9, 0x3, 0x2, 0xc9, 0x2, 0x8, 0x1, 0x80000001, 0x1b83, 0x3, 0x3, 0x1, 0x0, 0x9, 0x6cd]}, &(0x7f0000000300)=0x100) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = socket$inet6(0xa, 0x802, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x38, 0x1411, 0x800, 0x70bd29, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x3b}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x10) (async)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff0204a4ffffffffffffffffff1f2be82db1af0000000000", 0x18)
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

6.287853072s ago: executing program 2 (id=1315):
r0 = syz_open_dev$vim2m(&(0x7f0000000e40), 0x8, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x25, 0x2, 0x3, "a677c17a5a000000000000000000000000000000000000000000004000", 0x31324d59}) (fail_nth: 3)

6.180290161s ago: executing program 1 (id=1316):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2880082, &(0x7f0000001100), 0x1, 0x793, &(0x7f0000001600)="$eJzs3MFLXNcaAPDvXp0YE/PGB2/x3ibvQQIJhIwaN8nq+TZvFwgEuk1FRxGvTnDGVG0gprtCIY2bthRKu++y20JI/4DuSqCF7gulTe2i7WbKHUdt4owZ45hJ098PrnPOveee73z3Xo/3gncC+Mv6T/4jiRiKiGsRUWyuTyPiWKN0PGJ9q93m49tT+ZJEvX79hyTfLTbrxZ2+kubnyWjsEv+MiIeFiAtv7Y1bXV2bn8yy8lKzPlJbuDlSXV27OLcwOVueLS+OjV8ZvTw+fnl0vGu5nn3tyuD9L/+/sfHVZ7V7p/svJjHRyDuauXUt0B9sHZNCTDy1fvEogvVQ0kGb/oM0BgDgSOT3+X3Ne7NCFKNv9y5tr302AQAAAC+v+kC9U7923BIAAAB4ySTR6xEAAAAAR2v7/wC23+09qvdg2/n+fxEx3Cp+f+Md4ojjUYiIE5vJE68fJFu7waGs342IBxMtrr/Dv6Q8ulsc7E6PdNuDfP6ZaDX/pDvzT7SYf/q3vzvhkNrPf7vx+9rMf9c6jPH5R/8qtI1/t7ry9ulW8ZOd+Emb+K93GP/exjv3222rfxJxruXfn+SJWPt8P8TIzFzW6ldrZ7gPfzv/qH3+ESf2xE+SRtRk//xvdpj/m5s/za/vE//8mf3P/1b8gSf2y6+Jd5vjSCPifvMzr288FePMwtdf7I2crG/Hn25z/Fue//G+nR4+7jD/bz8dWOmwKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADSkETEUSVraKadpqRRxMiL+ESfSrFKtXZipLC9O59sihqOQzsxl5dGIKG7Vk7w+1ijv1i/l5cHd+nhE/P2bwa2gc1m5NFXJpnudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADtORsRQJGkpItKI+LmYpqVSr0cFAAAAdN1wrwcAAAAAHDnP/wAAAPDqe97n/6TL4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeadeuXs2X+ubj21N5ffrW6vJ85dbF6XJ1vrSwPFWaqizdLM1WKrNZuTRVWXhWf2lEjF2J5ZWRWrlaG6murt1YqCwv1m7MLUzOlm+UCy8kKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5qqLEkA6WISBvlNC2VIk5FxHAUkpm5rDwaEX+LiEfFwkBeH+v1oAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi66ura/GSWlZf+3IX6i0inLyK612FfdKGfSCJeklPQovBB86zs1yZZj+j5UNPmQA/Tz8GujTvPOCy9Lvy7R/MRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC9VV1dm5/MsvJStdcjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoLfS75KIyJdzxbNDT289lvxSjMGt8hsfXn9vZbJWWxrL1/9YbGyPiNr7zfWXIuJUc8c7LzYLAAAAeMX99yCNt5/Tt5/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOlVdXZufzLLy0hEW4m6vswQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7H7wEAAP//YEa3Uw==")
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x0, 0x1}, 0x2})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r1, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x8, 0xfd, @tick=0x8, {}, {}, @result}], 0x1c)
chdir(&(0x7f0000000240)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80000, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000140)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

5.713498902s ago: executing program 2 (id=1317):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000130000000000000000000000fc00"/31], 0xb8}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_NEWPDP(r0, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x1, 0x100)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (fail_nth: 3)
sendto$inet(r2, 0x0, 0x0, 0x11, 0x0, 0x0)

5.509122765s ago: executing program 5 (id=1318):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r3 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r5, 0xc0884113, &(0x7f0000000240)={0x1, 0x7f, 0xab, 0x7, 0x7fe, 0x8, 0x40009, 0x6, 0x4, 0x2c, 0x1f})
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r5, 0xc06c4124, &(0x7f0000006500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
getpid()
eventfd(0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x20)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r7 = syz_usb_connect(0x1, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0)
syz_usb_control_io$uac1(r7, 0x0, &(0x7f0000000300)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="400006000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$EBT_SO_SET_COUNTERS(r6, 0x0, 0x81, &(0x7f0000000240)={'nat\x00', 0x0, 0x0, 0x0, [0x1ed0, 0x5e, 0x6, 0x6be9, 0xee, 0x5], 0x4, &(0x7f0000000040)=[{}, {}, {}], 0x0, [{}, {}, {}, {}]}, 0xb8)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x4010, 0xffffffffffffffff, 0xdb191000)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c80)=ANY=[@ANYRES8=r1], 0xf4}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

5.456394913s ago: executing program 1 (id=1319):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0x0, 0x30c}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg$unix(r4, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)=""/51, 0x33}, {&(0x7f0000000280)=""/63, 0x3f}], 0x2}}], 0x1, 0x12021, 0x0)
sendmsg$sock(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000000c0)="9e71b93506a6a947b3a82beeafee9cf86dd39c7bf2cedfb2c42c60c2512beb5c00ecf9df0b9221962812dce1152654cf7c8b3b4dc9e3927b11861606fab3ee4831fdb8ff0d53c4c06ac523bd665519926d7d8fbfab7f580ba7480982235e25ff4db3e43c2e6dfaa76091d717305c87a2a9f7", 0x72}], 0x1}, 0x4004001)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x4c, 0x0, 0x0, 0x3, &(0x7f0000000000)={0x77359400}})
r5 = syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r6=>0x0)
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{}, {0x0, 0x989680}}, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(r6, 0x0, &(0x7f0000000140)={{}, {0x0, 0x989680}}, &(0x7f0000000180))
ioctl$MEDIA_IOC_REQUEST_ALLOC(r5, 0x80047c05, 0x0)
pselect6(0x40, &(0x7f0000000440)={0x0, 0x0, 0x38ad, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000000400)={0x3, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r7, 0x11c, 0x1, &(0x7f00000001c0)=""/167, &(0x7f0000000040)=0xa7)
io_uring_enter(r0, 0x3516, 0x3fffe, 0x9, 0x0, 0x0)

4.932563998s ago: executing program 6 (id=1320):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x1fd, 0x1, 0x0, 0x2000, &(0x7f0000bd3000/0x2000)=nil})
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x0, &(0x7f0000000000))
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x8000001f)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x4)
fcntl$notify(r4, 0x402, 0x8000003d)
close_range(r3, r4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000002e00)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002120207b1a00fe00000000bfa10000000000000701000078ffffffb702000008000000b70300000000000085000000c700000095"], &(0x7f0000000040)='syzkaller\x00', 0x9}, 0x94)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4048aecb, &(0x7f0000001ac0))
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4.834949665s ago: executing program 2 (id=1321):
r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x800)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@mcast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@private2}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x92002, &(0x7f0000000080)={[], [{@euid_lt={'euid<', r1}}]}, 0x0, 0x5982, &(0x7f0000000440)="$eJzs3X+QHNV9IPDXM7Pa0a5+rAQEGcxqESghEFsrfhW2U7GSS+wUEEouUg7iZMOCVkS2JFSSCCBIEDnwQQEunHIqwckfxIWpw1ZcVMHZyJQxP07ibGyKs4+6wtTZd9h/+Apz6AzoKAp7U7vTbzTTO709OzMrCfh8Stqe96bn+153v+np75vZnQAAAMB7wv5bdxy86IQ/+d7fjr9x059+a8vNYbA8VV+NKwyly+uOVA85nPory6aW2XHxOzd89ecjV/7Rdx8c+Mqb+zacvPHHf3zMlY9+5vy99/zTE68vfPg3LxXFjePp9EPl5JUkhOq3D/z95/Y9c/xkXRJCKCdDu0NYkix9YkmSCTH6VghhQ1qYn7nzoTfO2ji5vPmO/qb6xZn1jPf3tmo6znYdvPaM8JM/XHfLD5Z//V/79ry8u3b3RKo+nkJYdHnj4/vSsRfHXxxty9JlHLRrQwgDDY87r6Bfp7TZ/1U55RPT5bx0OVgQJ96/IlMuZdbLlqO+zHKgoL1u5fWj0/WKLMiUsyejbuX1M9YvSZffTJenzzJ+Of5PQikJlXr3NyeHxkhoOG5JSKaOZbVeLtWPbUi3P1NOMuVSplzuy2zXVLvpQCsnSXN9XC9TH0/HlbT+5MZzdQsX59S/L11W0yfqm7EcsjdqBqfdqG/XlNivAzP05XAoNZyDWtXXD3x6MAbTusFk6bTHTLQQ79u37s6V5fVP7h9q3Y36039waiTNPv6u7y9Z8Omv3X7NspztTC4vpfFLHcX/6QXPvnrp7V/+Um78u2P8ckfxz3xs4JULnrp1Rc7+CcmBJI1f6Sj+2EtP37X82Cv25Pb/3hi/mh9/3vRG4n1r9j7bv/DgY4/n9n807p/5HfX/xY987GcPPP/Iy7nxQ4w/0FH89Xu3fb5/+OBpufEfj/tnsLPx89qec18YHv7FSF7852L8hR3Fv3/3PR++b/Ed5+ce37Vx/wx1FP/CUx+9ZcHBR07KO3cm9/bqlRPgvemYEMLka8RtaTknz5yUVBvmLbJ5Zrca8oV/HKnUrvkWpP8X9rKhzMXnZDuLehkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEIIx53xXz/+vz859EolLfenN14s1Zaxfl4IyfwQwo6dY9t3btp61chnrr5m+9axzSNjO0fGt+7cfv3I2b83sn182+ax6yfvHf3AWbXHLQ1JbZmcNK3t/omJidJQc11s79+duucnK8/7P78MYfS4Hw1Xcvu/6p4t9x3b4mdGsmbio1uuuehH5/xLul1Dab+GWvRrYmJiIuT06/9e8vZ9f3fg56eFMPpbM/Xr6Rf/4DtNHZqqOBQnVeoPtQ71JwMt+1HvddqfuL8qGzdtHh+def9OPr6csx3//oaX39p43Rferu3fau52tLl/56+Z2Fz6h3UX/vofbqxVFPXrSB33ov0dtyL2L+6/arq/F6XbtShnuyo523XrDx5//tsn3P767jBaeW359LaLtqsvHQB9yftat5vZVbGFgWRJU301XT8e8djfVTu3bFu14/pdH9i0Zeyq8avGt35o9dmrzx0959xzVk1t+aoeb39s/7fb3P7DM54W/9Xub8af7Y2non4V7Y/JfhXvj8Ye5T3/Bi7+3Bc/dM9TF9UqisZ5XLt+PkmXA5PHeXVoGG/T91Wr7SraDyGEkVb74dXXzw/H/49NtxSdhxqPTOPPjGTNxDMrfvUv5/3zst+vVRyW83xjhzo8z9d7fag/U/urmh6PiaN0//aHcrpdgy37tfqZp/ru3P/Lv673b968cN3Yzp3bV9d+Lkh7uiA5sWW/srVxu5ZP/SyHdLeE+jBtMV4n9YVa/7Lnz7h6dq8OpvcNJktbbldWvG/fujtXltc/uT9vTycP1lqcHxbWlsn7c9bcnHlgud7hVu0frc+/ovEx/PF/fviTD3/j7Gnj48zaz6LtSnK26+vP3//Fr3zhP36jd9v18T94duhX//MvV9Yq3innlXqv0/4kjeeVM0Moev4tD623I/f5V2q9PUXPv2w7h9ZvHW8kUx4M5Y6er2c+NvDKBU/duiL3+Xqg3efrjU2lcsHz9WgZP9nnV1Jp7sfcPb+aBkqyZuK7tx2z+4mb1p5Qqyga1/W1W43rs9rIP3K26zuXvjB89ch/+O+9O2989fceuuzHY2v+plbR+XGPfenNca+m+7eas3/rvY55Z+P+/eCVV2/eUKs/eq9/02VB/hNPJTuu3/XZsc2bx7fvaG+72n09je1k93Knr6fx7La0YLtK07Zr7m60s7/afb7F/m/oeH81P98GQ9LR68Ku7y9Z8Omv3X7N0LRHpQ1dXkrjlzqK/9MLnn310tu//KXc+HfH+JWO4o+99PRdy4+9Yk9u/HuTNH61o/hr9j7bv/DgY4/nxh+N/Z/fUfwXP/Kxnz3w/CMv58YPMf5gZ/v/tT3nvjA8/Ivc+M8laTuT10ghPPTGWRtr5ST0pc+32I++pn6FbDnJlEuZcrmxXKrNtdYbKCdJc31cL60/uaEvrfxFTn28Cqsuqy3fjOWQvTFz/dGm1HDub1Wfe506kXOhCQDwLhPf/4/XoPH9//H0cih/pgEO6TYPW5YTN+Zhh+Zz5jXdvyyNHx8f5wGHPxhGJ5c3j9Qu9Gf7PkJ8PmTnOWM7p53SHKPTec6i+fcVmXLsV22+vNKQh6amz79XQhvz79PbmXn+PbP5xfPjI7dN69ZIw7xV9vj1pTNmrT7vkOlvZTJC3vjIzovFz3MMLwprp9prc3xkP0cTj0P2czSxnRMyJ85OP0fT7fiI3Z5hfEx1ufj9jenHL8ywfw8dv9bRssdvFse7Orn+XL8/24N5w5antMM3bzi374eZl8yJnz7BjvZ5w1gft6PS5nziJ3PqezWfGE8XsV8HZujL4dDxfCLAUS7m//E1YjL/n7wA//+Z9YquQ7NXjTFe7ueEyq37U5R3TP+c3kBHr+Pr9277fP/wwdNyr3Meb/dzP9uaSgMFn/sp2o8rM+XC/ZgzQVOU72XbKdrv2c9lDIaFHe33+3ff8+H7Ft9xfu5+X1t7IS3e719sKi0s2O9HPl+Y39RSvO/o+ZxBQ77w1iltx5cvHB2fYyiaPzti+Uj6wae5ykf+PKd+tvnIwLQb9e2a8o7LR/oOb78AgHeOmP/X3z9L8///FVdIryOK8tbTM+UYLzdvzbk+yctb/yxdXpdZfzD9jYrZXjdfeOqjtyw4+MhJuXnLve3mof+pqTRUmId2lzfn5hFre/N58dw8op5ndfe+Um7/63lid3l6bvx6nt5dHp27f+p5dHfvG+bGr88DHNV57jP/r7n6UPx6nlswX5dpLBbbna971+bR6a/PzlUefXFO/Wzz6MFpN+rbNUUeDQBwZMX8P17Gxfz/qcx63b7Pnpt39Oi6Pfv3QOrxnztceeVc531znbfOdV4/1/MSR3Ve3Mb7v3M9LzS382Tv+bw4bVReDADA0Szm//PTcn7+311+0ip/62vKT95l+XnSXnz5+TslP3+nz3/J/70vXkz+DwDw7hbz//hrj/Hv//2XtJz9u/Xvujy9zfjydHl6mMs8PU265mKeLfgcwJGdB9h9aH3zAAAAHAl9U5nS9N+z/1S6zP6efd7v5V+as367KlO/Yx/CFTu3j49fds22DWM7xy/bevWG8R2XXbt9086d41tr63WbN+bmLWne2Bcq6f5ovV42b1uc/j2ExTl/DyG7fgx74tSN6X8PIdvs/IK/I3Do+LXX37zjV5ph/VbjI+9458X/i5z1o/rxv/Ivz7xs447LNm3dtHPT2OZNu8ab15vMWgdm8b2ZcbfM6vtSMz+mKc3++zt704/StH70pfsj7/vZk0w/lqQ9WZL3/Qc5/f7ef/u7vzp14u0HQhg9rvz+rvZfsmbiP18y/mc79/9o22T/SzP2v75m2q+i7yvNrh+3p7L56h07z9h49TVbs98o2Zk4n1Gql+doPiN9+pfbnJ9Yn1M/288plKfdODq1PT8BAECT+P5/vJ6N7x9+Ib2AivXt5+ndvX+cm6ePtpenZ7+XrChPz64ft7fdPL3aZZ6ebb8oT2+1fqs8PS/vzov/5znrz1b746S7z3nkjpPL2xsn2e8zKBon2fVnO06SLsdJtv2icdJq/cw42RNmOO558T+Rs36e9sdDd5/LyR0Pd7c3Hn43Uy4aD9n1ZzseSl2Oh2z7ReOh1fqtzht5xzcv/kU567ereXxMDoypcTF+2bVXb/9sw3pz/f0X3fev6+8LbN2/y7v7YrH2+z+3n/ua+/7P7efK5r7/3X2uLLf/z3U3E9Z+/+f2+106ddjma9MPmxV9/uzkGeZeJ63L2Y7ZzuPOm3bj6GQeF46cmP/Ht3ti/n9Huuz120BzfZ0099+T5nvMWsbv0feYFV3HHNWv5w0eSJfvtdfzENa0rPV6DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCsv7Jsarn/1h0HLzrhT773t+Nv3PSn39py8+/c8NWfj1z5R999cOArb+7bcPLGH//xMVc++pnz997zT0+8vvDh37xUGHho6mfl9LRYDSF5JQmh+u0Df/+5fc8cP1mXhBDKydDuEJYkS59YkmQijL4VQthQ72fznQ+9cdbGyeXNd/Q31S/OBMluVxgsx/409jOE6wq3iHegajrOdh289ozwkz9cd8sPln/9X/v2vLz70CpJtWE8hbDo8sbH94UQ5qf/J8XRtiw+OF2uDSEMNDzuvIJ+ndJm/1fllE9Ml/PS5WBBnHj/iky5lFkvW476MsuBgva6ldePTtcrsiBTzp6MupXXz1i/JF1+M12ePsv45fg/CaUkVOrd35wcGiOh4bglIZk6ltV6uVQ/tiHd/kw5yZRLmXK5L7NdU+2mA62cJM31cb1MfTwdV9L6kxvP1S1cnFP/vnRZTZ+ob8ZyyN6oGZx2o75dU2K/DszQl8Oh1HAOalVfP/DpwRhM6waTpdMeM9FCvG/fujtXltc/uX8opx/Jg0kaP+ko/q7vL1nw6a/dfs2yvPiXl9L4pY7i//SCZ1+99PYvfyk3/t0xfrmj+Gc+NvDKBU/duiJ3/xyI+6fSUfyxl56+a/mxV+zJ7f+9MX61o/hr9j7bv/DgY4/n9n807p/5HcV/8SMf+9kDzz/ycm78EOMPdBR//d5tn+8fPnhabvzH4/4Z7Gz8vLbn3BeGh38xkhf/uRh/YUfx7999z4fvW3zH+bnHd23cP0Mdxb/w1EdvWXDwkZPyzp3Jvb165QR4bzomvca6LS13mmd2qyFf+MeRSu2ab0H6f2EvG8qYbGfRHMYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODd6Yc3nv2pSz76iXWVJIQkZ52JFuJ95Xlr1ox00O7YS0/ftfzYK/Y01i1rXuXtiQ7iAgAAANPFPLxUr6mGZeHaZH44seX6cY7gxFhKmuuzcwgxTnaOoNM4pR7FKfcoTqVHcfp6FGdej+L09yhOtSBONbQXZ/4McSqTo6LN/gzM2J/24wz2KM6CHsVZ2KM4i3oUZ3GP4gzNGKdpHCYzxVkyLU61OWqb/Vnafn9mjHNMj+Ic26M4x/Uozm/1KM7xPYqzbMY4xeNwYbrmCXlxpm6UC+NUknL9jlbz6cen7ZzUZTuDBe0sLHo9brOd+W22c0rmcaVZtlNts53f7rKdpM12frfLdkoF7cRxe122f7GdWGpz/F/fozi7ehTnhh7FubFHcf66R3H+pkdxbuoyDkC7Yv5/KN8bCv2V3w8D6RknOwsQ893lUz+nv97lnZBivPdn6ucVxcsm6pl4y2fbv+wEQibeikx9X1O8Sj0fmSFetTHeysydhdubnVDI9O/0tPzr9MMR/UXxshMLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCHfnjj2Z+65KOfWBeSMPmvpYkW4n3leWvWjHTQ7r51d64sr39yf2Ndf6WDQAAAAEChmIf31Wuqob+yOvQn85rWq6bzANW0XB6qLYcXhbWTy2SkNFUeSJbM+LhK+rhVO7dsW7Xj+l0f2LRl7Krxq8a3fmj12avPHT3n3HNWbdy0eXy09jOE/oJ4IYSp6Ycd1+/67NjmzePbd9Qqs/1flj5uWVpO0scNfzCMTi5vTvu/tKC90rT25u5G8dEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/o1duwuR6yzjAP6emdmZ6baxI/2ahmYz5KPEDzSJW0m1dA4IFtokZCnITHWVYBMMbprQJiXWsQ3Y1gRFaAmESC6MxEK1eGNbW8R+EIjUaMCNQdqivdALpdVKWnIhKSPZnTNfmclsx9pN4+93MWfmfZ/3fc47Fwv/swMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvL+ma+OTlfJEdTQKIepTU+8hmUtn47g0RN8vPbv9+7mx0yvax3KZITYCAAAABkpy+EhzJB9ymXRIh2tnPi0JbROhlfsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/P9O18clKeaJ6aRRC1Kem3kMyl87GcWmIvq+99cSnXx4b+1v7WHaIfQAAAIDBkhyeao7kQzEsDSPRtR11ybOBhV3ru+uSfRbNsa772UG/uqVzrLt+jnUfGVC3vnHdFQAAAOADKN/5Mcn/meZIIeQyC/rm/0G5Pqlb3FWXblyH+a0AAAAA8N9J8n+uOVIMuUyxmdfnmveXdNUl6wf93z5Zv7zP+kH/z1/XuPo/PQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8cEzXxicr5YlqOgoh6lNT7yGZS2fjuDRE39XPjf7jtiMPLWkfy2WG2AgAAAAYKMnhreidD7nMaBgJl87k/rFbDj75hSefHg8hzMb87JZG3a6NO3bcvTqpW3XsyMj3jr7xrVZddrZi1ezrvBwOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4T03Xxicr5YnqJVEIUZ+aeg/JXDobx6Uh+r762c//5fGTz7zePlYcYh8AAABgsCSHt7J/PhRDNmTD1TOf2rP+Wamu9f2eGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXj3u+cd/XN05NbbrbG2+8+V+8SYUQLoDbeLdv5vsvEwAA8F5bHKJQf5eu2TDfdw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwIpmvjk5XyRDUfhRD1qan3kMyls3FcGqJv/Ozx3ILTz73QPlYcYh8AAABgsCSHt7J/PhTDSBgJV8186vVMYCb/F97HmwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuKNO18clKeaK6IAoh6lNT7yGZS2fjuDRE38d2H/jM4cu/e2v7WC4zxEYAAADAQEkOzzZH8iGX+WjIhesan6c6F0TpxrX3c4HWuu0dy0bnvK7WsS4953V7uk6WaZxmdl0+2a8we22uK527rtS2rhia7Usd68K+jlULBtxnAAAAgHmU5P9cc6QQcplcK+dmO+sLci4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Md0bXyyUp6oRlEIUZ+aeg/JXDobx6Uh+t732w9f9uWf7t3ZPlYcYh8AAABgsCSHt7J/PhTDovChsGgm94dCZ31S98/KmcOP/uuvK0JYefWJsUz3tj9M3vz61Zuf734JIdVZnQrh8ka/qE+/3/z+0XuX1c88HsLKq9LXndMvnL9f55Zx/anKpnU7jp7YPuDLAQAAgItEkv9HmiOFkMvc1Tf/J8l7QP5vmgngl9+7+xdXNl4bibxrRarQ6Jfq0+9zy5748/I1f3/jbP4/X79PHth6+MqOhrMjXaK4Xt66c/2JGw6lklPP9k939U++ly9+8/V/b971yJnZ/vmQb4wvzPTqf+5rl0vi+lRqf3XtO/trnf0zfc7/0O9eOPmrhXvfPtv/rcWjzf7Xn+f85+8/evvD+248cGR9Z/8QQqlX/zffvjVc88ctD3aff7Rr4/Zvvv21SxTXjy05dWjNweJNnf2jrv7J9/+zk4/t+/Ej33k66Z/8VmTF0rn2T3X1f2nPFbtffGDDws7+qT7nf/6Ol8e2lb79h+7z39mxa6Z1F+nOO+rtlY3x/X2mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhLTtfHJSnmimopCiPrU1HtI5tLZOC4N0fe1246/ecfeH/2gfaw4xD4AAADAYEkOb2X/fCiGbMiG0Znc/1Rl07odR09sD4XZ2ahxzUxtu2fHxzZv23nXnfN05wAAAMBcJfk/0xwphFxmWRhp5P/y1p3rT9xwKJXk/1SS/zdvmdq0MjTrXtpzxe4XH9iwsPmcIISZnwXkz9Z9qlV3y83HC6f+9LXlPetWt+qOLTl1aM3B4k1JXWivWxWazyd+8vGff+WVjfH9zftrr/vEV7dNNR5PJPuO3v7wvhsPHFnfPEfjOtrYN6mbSu2vrn1nfy2pSzeu+ca5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBzTdfGJyvliWpIhxD1qan3kMyls3FcGqLv2mW/fPCy088sah/LZYbYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ww4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX26y9EqrKPA/jzzOy+O+7s6q6+0Fa0rlYUdpEURNRNRUVohNCVIWFpXkRBEFHYRWtoJFZ0E2TdSFRQbSEU5CaJFmv0T7rpooIC6yIQaaFcpIuKnTnPNHOc49RZC6rPB2afeZ4553t+5zzPnNkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/KMM9I012sM77p+75ZwbPnr0rhOP3PTOvdsuevjV7yY2Xffh3sGXTs5sXrHly+uXbdp/95rp3c8f+mn4rV+O9gx+qNmsyrq1EOLxGELt3dlnHpv5+Kz5sRhCqMaRyRBG49JDozGXsPrnEMLmVp2dH7554vIt8+22XQMd40tyIfnzCvVqqqdppLNe/l1q2TrbOvfgJeHra9dv/3T5G6/3Tx2bbG3xv8bftJ5CWLyxff/+EMKi7DUvrbaxrE2Ldl0IYbBtvyt71HX+H6z/0oL+uR3Vh1DvkZM+X5nrV3Lb5ftJf64d7HG8hSqqo+x2vQzl+vmb0UIV1ZnGR7P27axd9Sfzq+kVQyWGvlb598Tf10hom7cYYmMua61+pTW3ITv/XD/m+pVcv9qfO6/GcbOFVo2xczxtlxtPt+O+bHxF+726i1sLxs/O2lr2RT2Z+iH/pql+ypvWeTWkumZPU8vfodJ2D+o23pr4bDLq2Vg9Lj1ln1+7SJ/NrH/iwuqG9w6PFNQR98YsP5bK3/rJ6NDtr+18YKwof2Mly6+Uyv9m7ZEfbtv5wnOF+U+n/Gqp/MsODB5f+/6OlYXXZzZdn75S+Xcc/eDJ5f+/c6rbXDfy96T8Wqn8a6aPDAzPHThYWP/qdH0Wlcr/6uobv33l833HCvNDyh8slb9h+r6nBsbnLi7MP9j8KtQbK7TE+vlx6oovxse/nyjK/yxd/+Eu+bFn/suTu696ccmuNYXrc126PiOl6r/5gv3bh+b2nVd074x7ztQvJ8B/07Lsf6zHs37xc2aItdM8Zy5U2/PCsxN9zV+goew1fCYPlDN/nMV/YT4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MYOHJAAAAAACPr/uh2BAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPBQAA///u2SuJ")

4.608183455s ago: executing program 3 (id=1322):
prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffd000/0x2000)=nil)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}}, &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_dev$rtc(&(0x7f0000000180), 0x1, 0x1a000)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0)
ioctl$RTC_UIE_ON(r3, 0x7003)
ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f00000001c0)={0x1, 0x1, {0xa, 0x2e, 0x2, 0x6, 0x2, 0xfe3, 0x0, 0x151}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x11, r4, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16, @ANYBLOB="ff83"], 0x4}}, 0x0)
sendfile(r7, r6, 0x0, 0x100000002)
ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000100)={0x1, 0x0, {0x20, 0x31, 0x6, 0x5, 0x6, 0x2b1, 0x0, 0x32, 0x1}})
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r8, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x10000000}}, 0x10)
r9 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r9, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1004}}}, 0x10, 0x0}, 0x0)

4.384606381s ago: executing program 6 (id=1323):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
move_pages(r1, 0x8, &(0x7f0000000040)=[&(0x7f00002cd000/0x1000)=nil, &(0x7f00003d6000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000220000/0x2000)=nil, &(0x7f0000640000/0x4000)=nil, &(0x7f000034b000/0x2000)=nil, &(0x7f000068f000/0x4000)=nil, &(0x7f0000163000/0x1000)=nil], &(0x7f00000000c0)=[0xf], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2)

4.348862039s ago: executing program 3 (id=1324):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=ANY=[@ANYBLOB], 0xd8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
socket(0x10, 0x803, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='nmi_noise\x00', r0, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xa, 0x21bb, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_POLL(r2, 0x640f)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x9, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x3, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x400e2df, 0x10001, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]})
ioctl$COMEDI_DEVINFO(r2, 0x80b06401, &(0x7f0000000180))
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
syz_open_dev$video4linux(0x0, 0x1f, 0x420001)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x6, 0x1000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002240)=""/102392, 0x18ff8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x71, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$sysctl(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x9, 0x7fffffffffffffff, 0x0, 0x6, 0x2, 0x3, 0x0, 0x20000000006, 0x7fffffff})
mkdirat(r1, &(0x7f0000000340)='./file0\x00', 0x0)

4.116021091s ago: executing program 3 (id=1325):
socket(0x25, 0x1, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000100)='ecryptfs\x00', 0x0, 0x0) (async)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x18}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r5, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
openat$khugepaged_scan(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x6, 0x9, &(0x7f0000000080)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000000)='GPL\x00', 0xff, 0x0, 0x0, 0x41100, 0x0, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf01}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000ff00000000800000308001", @ANYRES32, @ANYBLOB="00000000000000e1513f90000000000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYBLOB], 0x50) (async)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)

3.717537026s ago: executing program 1 (id=1326):
r0 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000180))
connect$unix(r0, &(0x7f0000001000)=@file={0x1, './file0\x00'}, 0x6e)
r1 = fsopen(&(0x7f00000000c0)='ceph\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000001080)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000010c0)={&(0x7f0000001100)='ext4_ext_handle_unwritten_extents\x00', r2, 0x0, 0xfffffffffffffffb}, 0x18)
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x2000490, &(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRES8=0x0], 0x11, 0x489, &(0x7f00000009c0)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, 0x20000040)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
link(&(0x7f00000001c0)='./file1\x00', 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, 0x0, 0x20006804)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000100)='\x00\x00\x00\xa6\a=', 0x0, r1)
tkill(0x0, 0xb)

3.306520637s ago: executing program 3 (id=1327):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
setrlimit(0x0, &(0x7f0000000080)={0x8, 0x8})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0xa, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000005bcb00001860000000010000680000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), r1)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x34, r2, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc00c4}, 0x2000c040)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r4}, 0x10)

2.496320421s ago: executing program 1 (id=1328):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4002, &(0x7f0000000080)={[{@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@delalloc}, {@delalloc}]}, 0x1, 0x7a2, &(0x7f0000000f80)="$eJzs3ctrG9caAPBvZDuOk9xrX7hwb7oyFFpDiFynbtJCFyldlEIDgXbdxMiKSS1bwZJDbAxNKIVuCn0tCu0m6z7SXbd9bNv/oouS0IcTmtJFcRlp5Ki25CipJRn8+8HY58xD53w6M2fOaAYpgH1rPP2TizgaEe8kEaPZ/CQihmqpwYjT9fXurq8V0imJjY2Xf0lq69xZXytE0zapw1nm/xHxzZsRx3Lby62srM7PlErFpSw/WV24NFlZWT1+cWFmrjhXXDw5NT194tRTp07uXqy/fb965Na7Lzz++ek/3vjfjbe/TeJ0HMmWNcexW8ZjPHtPhtK38G+e3+3C+izpdwV4KOmhOVA/yuNojMZALdXGSC9rBgB0ywYAsA8lxgAAsM80Pge4s75WaEz9/USit356LiIO1uNv3N+sLxnM7tkdrN0HPXQnqd0ZadwdSSJibBfKH4+Ij7989dN0iqwd3EsDeuHqtYg4Pza+vf9Ptj2zkNl4fTM5vONrP7HTwo36tuNbZu+38w/001fp+OfpVuO/3Ob4J5rGPw3DLY7dh3H/4z93cxeKaSsd/z3b9Gzb3ab4M2MDWe5ftTHfUHLhYqmY9m3/joiJGBpO81O1VTdHbsnVpjImbv95u135zeO/X9977ZO0/PT/vTVyNwe3dLOzM9WZXQk+jf9axCODreJPNts/afHoTzrvbIdlvPjMWx+1W5bGn8bbmLbH310b1yMea9n+90bhyY7PJ07WdofJxk7Rwhc/fHioXfnN7Z9OafmNa4FeSNs/rVzSPv6xpPl5zcqDl/Hd9dGv2y27f/yt9/8DySu19IFs3pWZanVpKuJA8tL2+SfubdvIN9ZP4594tPXxXy+2vv9v7f/Sa8LzHcY/eOvnzx4+/u5K45/def/f0v4Pnrhxd36gXfmdtf90LTWRzemk/+u0gv/kvQMAAAAAAAAAAAAAAAAAAAAAAACATuUi4kgkufxmOpfL5+u/4f3fOJQrlSvVYxfKy4uzUfut7LEYyjW+6nK06ftQp7Lvw2/kT2zJPxkR/4mID4ZHavl8oVya7XfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJA53Ob3/1M/Dve7dgBA1xzsdwUAgJ5z/geA/efBzv8jXasHANA7rv8BYP/p+Px/vrv1AAB6x/U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXXb2zJl02vh9fa2Q5mcvryzPly8fny1W5vMLy4V8obx0KT9XLs+VivlCeWFzw/e3vNDV+r9SuXxpOhaXr0xWi5XqZGVl9dxCeXmxeu7iwsxc8VxxqKfRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBnKiur8zOlUnFJYsfEyN6oxp5JDMaeqIZE1xLNvcRI/zooAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD3urwAAAP//mFguzQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)

2.05375081s ago: executing program 2 (id=1329):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
setrlimit(0x0, &(0x7f0000000080)={0x8, 0x8})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0xa, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000005bcb00001860000000010000680000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), r1)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x34, r2, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc00c4}, 0x2000c040)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='mm_lru_insertion\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x10)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x40010)
socket$inet6(0xa, 0x3, 0x9)
openat$autofs(0xffffff9c, &(0x7f0000000540), 0x40280, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x9)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000011143dcf0000000000000000080001000000000008004b0028"], 0x28}}, 0x0)

1.302559462s ago: executing program 3 (id=1330):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x15)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

1.200341367s ago: executing program 5 (id=1331):
r0 = fanotify_init(0x200, 0x0)
r1 = memfd_create(&(0x7f0000000300)='-B\xd5NI\xc5j\x9appp\xf0\n\x84\xae\n\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x1a\xcaR\xcf\xbcs\x86\xdf\xb9\xb9\x12\x8b\x04\xa3\xbd\xf2C\x93\xb8\x9a\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04(\xcc\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r2, 0x0, 0xd}, 0x18)
socket$kcm(0x21, 0x2, 0x2)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x80000001, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0xf4e0, 0x2}, 0x0, 0x0)
r3 = dup(r1)
fanotify_mark(r0, 0x1, 0x4800105c, r3, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.114048799s ago: executing program 6 (id=1332):
r0 = fanotify_init(0x200, 0x0)
r1 = memfd_create(&(0x7f0000000300)='-B\xd5NI\xc5j\x9appp\xf0\n\x84\xae\n\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x1a\xcaR\xcf\xbcs\x86\xdf\xb9\xb9\x12\x8b\x04\xa3\xbd\xf2C\x93\xb8\x9a\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04(\xcc\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r2, 0x0, 0xd}, 0x18)
socket$kcm(0x21, 0x2, 0x2)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x80000001, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0xf4e0, 0x2}, 0x0, 0x0)
r3 = dup(r1)
fanotify_mark(r0, 0x1, 0x4800105c, r3, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (fail_nth: 1)

491.23002ms ago: executing program 2 (id=1333):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffdfe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xc0010112}]})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
readv(r7, &(0x7f0000000040), 0x0)
write$proc_mixer(r7, 0x0, 0xff0e)
r8 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/card0/oss_mixer\x00', 0x1a1900, 0x0)
dup3(r8, r7, 0x0)
pipe2(&(0x7f00000003c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@cache_fscache}]}})
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x7, 0x44, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
epoll_create1(0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x2f5380, 0x34343459, 0x58595556, 0x425, 0x10001, 0x8, 0x0, 0x1, 0x3, 0x0, 0x7}})

74.963639ms ago: executing program 3 (id=1334):
socket$nl_generic(0x10, 0x3, 0x10)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$kcm(0xa, 0x2, 0x11)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x11, r2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r6, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r1], 0x4}}, 0x0)
sendfile(r5, r4, 0x0, 0x100000002) (fail_nth: 3)

0s ago: executing program 1 (id=1335):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f00000000c0)=ANY=[@ANYBLOB="1f0901000000f6f42e4dcc1fa1500084e024cda6a049df29d847cc2093e469120e79023ea32a4568aa3d9be8a5d97f4332a61660b74d19db0f220a3631d4501b66bef8bfb1f966a48312a4bdf1df9733b0bc9344b2bf9eea41f91dbb87fb1a18609137db67b9a730952abe6d768047ee824f24b0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000") (async)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x7, 0x4, 0x2500, 0x7, 0x20}, 0x50) (async)
r2 = getpid() (async)
socket$netlink(0x10, 0x3, 0x13)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
socketpair(0x1a, 0x2, 0x8, &(0x7f0000000140)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
listen(r5, 0x3) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0) (async)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
timer_create(0x0, 0x0, 0x0) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) (async)
socket$kcm(0x10, 0x3, 0x10) (async)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB, @ANYRESHEX=r6, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB='\x00X'])
socket$netlink(0x10, 0x3, 0x0) (async)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, &(0x7f00000001c0)) (async)
read$char_usb(r1, 0x0, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

 T5917] gs_usb 6-1:0.0: Couldn't send data format (err=-110)
[  505.843500][ T5917] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -110
[  505.933270][T10284] loop2: detected capacity change from 0 to 128
[  505.993446][T10284] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  506.021743][T10275] netlink: 8 bytes leftover after parsing attributes in process `syz.6.904'.
[  506.030797][T10275] netlink: 8 bytes leftover after parsing attributes in process `syz.6.904'.
[  506.122041][T10284] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  508.303083][ T9915] usb 6-1: USB disconnect, device number 10
[  509.004512][T10310] loop1: detected capacity change from 0 to 64
[  510.302458][T10300] loop5: detected capacity change from 0 to 32768
[  510.322429][T10303] loop3: detected capacity change from 0 to 32768
[  510.425177][   T30] audit: type=1800 audit(1753245393.210:52): pid=10303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.913" name="file2" dev="loop3" ino=7 res=0 errno=0
[  510.494887][T10304] loop6: detected capacity change from 0 to 32768
[  510.552826][T10304] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.911 (10304)
[  510.651904][T10304] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  510.689960][T10304] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  510.722781][T10304] BTRFS info (device loop6): disk space caching is enabled
[  510.762621][T10304] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  510.957564][T10304] BTRFS info (device loop6): rebuilding free space tree
[  511.016506][T10304] BTRFS info (device loop6): disabling free space tree
[  511.036536][T10304] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  511.081344][T10304] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  512.095896][ T1329] BTRFS info (device loop6): qgroup scan completed (inconsistency flag cleared)
[  512.209480][ T5962] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  512.271091][ T9915] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  512.464309][ T5962] usb 7-1: config 0 has an invalid interface number: 41 but max is 0
[  512.505267][ T9915] usb 3-1: Using ep0 maxpacket: 8
[  512.508551][ T5962] usb 7-1: config 0 has no interface number 0
[  512.521493][ T9915] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  512.530110][ T9915] usb 3-1: config 0 has no interface number 0
[  512.536270][ T9915] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  512.542851][ T5962] usb 7-1: config 0 interface 41 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  512.597300][ T9915] usb 3-1: New USB device found, idVendor=05c6, idProduct=90b2, bcdDevice=ae.7e
[  512.598495][ T5962] usb 7-1: config 0 interface 41 has no altsetting 0
[  512.617167][ T9915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.958893][ T5962] usb 7-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  513.077891][ T5962] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.086070][ T9915] usb 3-1: Product: syz
[  513.086095][ T9915] usb 3-1: Manufacturer: syz
[  513.086111][ T9915] usb 3-1: SerialNumber: syz
[  513.193094][ T5962] usb 7-1: Product: syz
[  513.197335][ T5962] usb 7-1: Manufacturer: syz
[  513.200813][ T9915] usb 3-1: config 0 descriptor??
[  513.267868][ T5962] usb 7-1: SerialNumber: syz
[  513.309604][ T5962] usb 7-1: config 0 descriptor??
[  513.369512][ T5962] usb 7-1: can't set config #0, error -71
[  513.415155][ T5962] usb 7-1: USB disconnect, device number 4
[  513.429345][T10348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.447040][T10348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.451126][ T8552] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  513.501510][ T5857] usb 3-1: USB disconnect, device number 11
[  513.570779][T10367] loop1: detected capacity change from 0 to 256
[  513.626688][T10367] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  513.790729][T10369] loop3: detected capacity change from 0 to 2048
[  513.997942][T10371] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  514.096795][T10372] netlink: 8 bytes leftover after parsing attributes in process `syz.1.932'.
[  514.898642][   T30] audit: type=1800 audit(1753245397.680:53): pid=10375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.927" name="file1" dev="loop3" ino=15 res=0 errno=0
[  516.407110][T10382] loop2: detected capacity change from 0 to 4096
[  516.449649][T10382] ntfs3: Unknown parameter 'ÿÿÿÿ'
[  517.200656][T10399] netlink: 'syz.1.939': attribute type 12 has an invalid length.
[  517.210087][T10399] netlink: 'syz.1.939': attribute type 29 has an invalid length.
[  517.217908][T10399] netlink: 148 bytes leftover after parsing attributes in process `syz.1.939'.
[  517.227117][T10399] netlink: 59 bytes leftover after parsing attributes in process `syz.1.939'.
[  517.767735][T10401] netlink: 20 bytes leftover after parsing attributes in process `syz.3.937'.
[  519.950090][T10418] 8021q: adding VLAN 0 to HW filter on device bond1
[  520.155992][T10418] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  520.165838][T10418] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  520.498283][   T30] audit: type=1400 audit(1753245403.280:54): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=10423 comm="syz.2.945"
[  521.086869][T10418] loop1: detected capacity change from 0 to 256
[  522.228982][T10418] FAT-fs (loop1): Directory bread(block 64) failed
[  522.250088][T10418] FAT-fs (loop1): Directory bread(block 65) failed
[  522.300251][T10418] FAT-fs (loop1): Directory bread(block 66) failed
[  522.336886][T10418] FAT-fs (loop1): Directory bread(block 67) failed
[  522.363867][T10418] FAT-fs (loop1): Directory bread(block 68) failed
[  522.408923][T10418] FAT-fs (loop1): Directory bread(block 69) failed
[  522.428019][T10418] FAT-fs (loop1): Directory bread(block 70) failed
[  522.448738][T10418] FAT-fs (loop1): Directory bread(block 71) failed
[  522.508761][T10418] FAT-fs (loop1): Directory bread(block 72) failed
[  522.560068][T10418] FAT-fs (loop1): Directory bread(block 73) failed
[  522.936955][   T30] audit: type=1400 audit(1753245405.720:55): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=10460 comm="syz.5.958"
[  524.517092][T10476] netlink: 'syz.2.962': attribute type 15 has an invalid length.
[  524.608896][T10476] netlink: 666 bytes leftover after parsing attributes in process `syz.2.962'.
[  524.650904][T10478] loop5: detected capacity change from 0 to 512
[  524.686442][T10478] ext4: Unknown parameter 'pcr'
[  525.016085][T10481] FAULT_INJECTION: forcing a failure.
[  525.016085][T10481] name failslab, interval 1, probability 0, space 0, times 0
[  525.029255][T10481] CPU: 0 UID: 0 PID: 10481 Comm: syz.6.963 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  525.029293][T10481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  525.029303][T10481] Call Trace:
[  525.029309][T10481]  <TASK>
[  525.029315][T10481]  dump_stack_lvl+0x189/0x250
[  525.029337][T10481]  ? __pfx____ratelimit+0x10/0x10
[  525.029360][T10481]  ? __pfx_dump_stack_lvl+0x10/0x10
[  525.029377][T10481]  ? __pfx__printk+0x10/0x10
[  525.029402][T10481]  ? __pfx___might_resched+0x10/0x10
[  525.029419][T10481]  should_fail_ex+0x414/0x560
[  525.029444][T10481]  should_failslab+0xa8/0x100
[  525.029467][T10481]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  525.029490][T10481]  ? __alloc_skb+0x112/0x2d0
[  525.029508][T10481]  __alloc_skb+0x112/0x2d0
[  525.029526][T10481]  netlink_sendmsg+0x5c6/0xb30
[  525.029548][T10481]  ? __pfx_netlink_sendmsg+0x10/0x10
[  525.029564][T10481]  ? aa_sock_msg_perm+0xf1/0x1d0
[  525.029581][T10481]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  525.029598][T10481]  ? __pfx_netlink_sendmsg+0x10/0x10
[  525.029613][T10481]  __sock_sendmsg+0x219/0x270
[  525.029637][T10481]  ____sys_sendmsg+0x505/0x830
[  525.029659][T10481]  ? __pfx_____sys_sendmsg+0x10/0x10
[  525.029683][T10481]  ? import_iovec+0x74/0xa0
[  525.029703][T10481]  ___sys_sendmsg+0x21f/0x2a0
[  525.029722][T10481]  ? __pfx____sys_sendmsg+0x10/0x10
[  525.029766][T10481]  ? __fget_files+0x2a/0x420
[  525.029780][T10481]  ? __fget_files+0x3a0/0x420
[  525.029802][T10481]  __x64_sys_sendmsg+0x19b/0x260
[  525.029822][T10481]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  525.029847][T10481]  ? __pfx_ksys_write+0x10/0x10
[  525.029867][T10481]  ? rcu_is_watching+0x15/0xb0
[  525.029885][T10481]  ? do_syscall_64+0xbe/0x3b0
[  525.029902][T10481]  do_syscall_64+0xfa/0x3b0
[  525.029915][T10481]  ? lockdep_hardirqs_on+0x9c/0x150
[  525.029937][T10481]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.029951][T10481]  ? clear_bhb_loop+0x60/0xb0
[  525.029986][T10481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.030000][T10481] RIP: 0033:0x7fd5d378e9a9
[  525.030014][T10481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  525.030028][T10481] RSP: 002b:00007fd5d15f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  525.030044][T10481] RAX: ffffffffffffffda RBX: 00007fd5d39b6080 RCX: 00007fd5d378e9a9
[  525.030055][T10481] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000005
[  525.030064][T10481] RBP: 00007fd5d15f6090 R08: 0000000000000000 R09: 0000000000000000
[  525.030073][T10481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.030082][T10481] R13: 0000000000000000 R14: 00007fd5d39b6080 R15: 00007fffe238a7a8
[  525.030104][T10481]  </TASK>
[  525.973092][T10490] netlink: 36 bytes leftover after parsing attributes in process `syz.5.968'.
[  526.339133][T10493] netlink: 20 bytes leftover after parsing attributes in process `syz.1.967'.
[  527.635954][T10506] loop3: detected capacity change from 0 to 1024
[  527.705311][T10483] loop2: detected capacity change from 0 to 32768
[  527.819655][T10513] vlan0: entered promiscuous mode
[  527.938883][   T30] audit: type=1400 audit(1753245410.650:56): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=10502 comm="syz.6.972"
[  528.103190][T10483] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  528.338283][   T30] audit: type=1800 audit(1753245410.720:57): pid=10506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.973" name="file1" dev="loop3" ino=20 res=0 errno=0
[  528.375222][T10506] syz.3.973: attempt to access beyond end of device
[  528.375222][T10506] loop3: rw=34817, sector=5778, nr_sectors = 2 limit=1024
[  528.507500][T10483] XFS (loop2): Metadata corruption detected at xfs_dinode_verify+0x1a6/0x1570, inode 0x1801 dinode
[  528.563611][T10483] XFS (loop2): Unmount and run xfs_repair
[  528.578534][T10483] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  528.585986][T10483] 00000000: 49 4e 80 00 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  528.698586][T10483] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  528.708013][T10483] 00000020: 1d cd 65 00 00 00 00 00 34 f7 58 68 7f c1 72 a0  ..e.....4.Xh..r.
[  528.763783][T10483] 00000030: 34 f7 58 68 7f c1 72 a0 00 00 00 00 00 00 00 00  4.Xh..r.........
[  528.822756][T10483] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  528.902943][T10483] 00000050: 00 00 00 02 00 00 00 00 00 00 00 04 00 00 00 00  ................
[  529.658980][T10483] 00000060: ff ff ff ff 0f 42 bd a6 00 00 00 00 00 01 00 00  .....B..........
[  529.722994][T10483] 00000070: 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 08  ................
[  529.769887][T10525] loop6: detected capacity change from 0 to 32768
[  529.777352][T10525] ocfs2: Unknown parameter '0xffffffffffffffff'
[  529.792121][T10483] XFS (loop2): metadata inode 0x1801 type 5 is corrupt
[  529.800869][T10483] XFS (loop2): failed to read RT inodes
[  529.810301][T10483] XFS (loop2): Uncorrected metadata errors detected; please run xfs_repair.
[  529.837184][T10527] Driver unsupported XDP return value 0 on prog  (id 216) dev N/A, expect packet loss!
[  530.145484][T10531] FAULT_INJECTION: forcing a failure.
[  530.145484][T10531] name failslab, interval 1, probability 0, space 0, times 0
[  530.147711][T10503] loop1: detected capacity change from 0 to 32768
[  530.192234][T10531] CPU: 0 UID: 0 PID: 10531 Comm: syz.3.979 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  530.192265][T10531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  530.192279][T10531] Call Trace:
[  530.192287][T10531]  <TASK>
[  530.192295][T10531]  dump_stack_lvl+0x189/0x250
[  530.192323][T10531]  ? __pfx____ratelimit+0x10/0x10
[  530.192356][T10531]  ? __pfx_dump_stack_lvl+0x10/0x10
[  530.192380][T10531]  ? __pfx__printk+0x10/0x10
[  530.192414][T10531]  ? __pfx___might_resched+0x10/0x10
[  530.192439][T10531]  should_fail_ex+0x414/0x560
[  530.192475][T10531]  should_failslab+0xa8/0x100
[  530.192510][T10531]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  530.192550][T10531]  ? __alloc_skb+0x112/0x2d0
[  530.192577][T10531]  __alloc_skb+0x112/0x2d0
[  530.192604][T10531]  netlink_sendmsg+0x5c6/0xb30
[  530.192635][T10531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  530.192660][T10531]  ? aa_sock_msg_perm+0xf1/0x1d0
[  530.192684][T10531]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  530.192708][T10531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  530.192731][T10531]  __sock_sendmsg+0x219/0x270
[  530.192767][T10531]  ____sys_sendmsg+0x505/0x830
[  530.192796][T10531]  ? __pfx_____sys_sendmsg+0x10/0x10
[  530.192832][T10531]  ? import_iovec+0x74/0xa0
[  530.192861][T10531]  ___sys_sendmsg+0x21f/0x2a0
[  530.192888][T10531]  ? __pfx____sys_sendmsg+0x10/0x10
[  530.192949][T10531]  ? __fget_files+0x2a/0x420
[  530.192970][T10531]  ? __fget_files+0x3a0/0x420
[  530.193002][T10531]  __x64_sys_sendmsg+0x19b/0x260
[  530.193030][T10531]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  530.193065][T10531]  ? __pfx_ksys_write+0x10/0x10
[  530.193094][T10531]  ? rcu_is_watching+0x15/0xb0
[  530.193121][T10531]  ? do_syscall_64+0xbe/0x3b0
[  530.193146][T10531]  do_syscall_64+0xfa/0x3b0
[  530.193164][T10531]  ? lockdep_hardirqs_on+0x9c/0x150
[  530.193196][T10531]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.193216][T10531]  ? clear_bhb_loop+0x60/0xb0
[  530.193241][T10531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.193260][T10531] RIP: 0033:0x7f04cb18e9a9
[  530.193279][T10531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.193296][T10531] RSP: 002b:00007f04cbfb6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  530.193319][T10531] RAX: ffffffffffffffda RBX: 00007f04cb3b5fa0 RCX: 00007f04cb18e9a9
[  530.193333][T10531] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  530.193346][T10531] RBP: 00007f04cbfb6090 R08: 0000000000000000 R09: 0000000000000000
[  530.193358][T10531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.193370][T10531] R13: 0000000000000000 R14: 00007f04cb3b5fa0 R15: 00007ffda8604df8
[  530.193401][T10531]  </TASK>
[  530.199969][T10503] jfs: Unknown parameter 'noquá¥âØdiscard'
[  530.539383][T10530] loop6: detected capacity change from 0 to 4096
[  531.215781][T10539] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  531.245595][T10530] NILFS error (device loop6): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1
[  531.308890][T10530] Remounting filesystem read-only
[  531.318347][T10540] NILFS error (device loop6): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1
[  531.428566][ T5909] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  531.635054][ T5909] usb 4-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice=db.e9
[  531.780243][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.044536][ T5909] usb 4-1: config 0 descriptor??
[  532.179154][ T5909] pcwd_usb: This driver only supports 1 device
[  532.210728][T10550] loop1: detected capacity change from 0 to 128
[  532.266848][T10550] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  532.303686][T10550] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  533.423436][    T9] usb 4-1: USB disconnect, device number 15
[  534.583948][T10566] loop2: detected capacity change from 0 to 32768
[  534.591099][T10566] ocfs2: Unknown parameter '0xffffffffffffffff'
[  534.855082][ T9915] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  535.044241][ T9915] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  535.084732][ T9915] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.127989][ T9915] usb 6-1: Product: syz
[  535.137858][ T9915] usb 6-1: Manufacturer: syz
[  535.144009][ T9915] usb 6-1: SerialNumber: syz
[  535.162117][ T9915] usb 6-1: config 0 descriptor??
[  535.204547][T10576] loop2: detected capacity change from 0 to 128
[  535.360464][T10576] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  535.376840][T10574] loop3: detected capacity change from 0 to 64
[  535.422149][T10576] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  536.405428][T10589] FAULT_INJECTION: forcing a failure.
[  536.405428][T10589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  536.538354][T10589] CPU: 0 UID: 0 PID: 10589 Comm: syz.6.997 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  536.538389][T10589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  536.538402][T10589] Call Trace:
[  536.538409][T10589]  <TASK>
[  536.538419][T10589]  dump_stack_lvl+0x189/0x250
[  536.538448][T10589]  ? __pfx____ratelimit+0x10/0x10
[  536.538479][T10589]  ? __pfx_dump_stack_lvl+0x10/0x10
[  536.538501][T10589]  ? __pfx__printk+0x10/0x10
[  536.538530][T10589]  ? __might_fault+0xb0/0x130
[  536.538572][T10589]  should_fail_ex+0x414/0x560
[  536.538607][T10589]  _copy_from_iter+0x1db/0x16f0
[  536.538633][T10589]  ? sock_alloc_send_pskb+0x875/0x990
[  536.538668][T10589]  ? __pfx__copy_from_iter+0x10/0x10
[  536.538701][T10589]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  536.538732][T10589]  skb_copy_datagram_from_iter+0xf5/0x720
[  536.538762][T10589]  ? __lock_acquire+0xab9/0xd20
[  536.538794][T10589]  ? skb_put+0x11b/0x210
[  536.538821][T10589]  unix_dgram_sendmsg+0x51a/0x1830
[  536.538854][T10589]  ? aa_file_perm+0x13e/0x11b0
[  536.538880][T10589]  ? aa_file_perm+0x13e/0x11b0
[  536.538909][T10589]  ? _parse_integer_limit+0x1ae/0x1f0
[  536.538930][T10589]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  536.538970][T10589]  ? aa_sock_msg_perm+0xda/0x1d0
[  536.538993][T10589]  ? unix_seqpacket_sendmsg+0x111/0x1e0
[  536.539017][T10589]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  536.539044][T10589]  __sock_sendmsg+0x219/0x270
[  536.539077][T10589]  sock_write_iter+0x258/0x330
[  536.539108][T10589]  ? __pfx_sock_write_iter+0x10/0x10
[  536.539149][T10589]  ? bpf_lsm_file_permission+0x9/0x20
[  536.539176][T10589]  ? security_file_permission+0x75/0x290
[  536.539215][T10589]  vfs_write+0x548/0xa90
[  536.539251][T10589]  ? __pfx_sock_write_iter+0x10/0x10
[  536.539280][T10589]  ? __pfx_vfs_write+0x10/0x10
[  536.539323][T10589]  ? __fget_files+0x2a/0x420
[  536.539355][T10589]  ksys_write+0x145/0x250
[  536.539388][T10589]  ? __pfx_ksys_write+0x10/0x10
[  536.539425][T10589]  ? do_syscall_64+0xbe/0x3b0
[  536.539450][T10589]  do_syscall_64+0xfa/0x3b0
[  536.539469][T10589]  ? lockdep_hardirqs_on+0x9c/0x150
[  536.539501][T10589]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.539521][T10589]  ? clear_bhb_loop+0x60/0xb0
[  536.539546][T10589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.539566][T10589] RIP: 0033:0x7fd5d378e9a9
[  536.539585][T10589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.539603][T10589] RSP: 002b:00007fd5d452b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  536.539625][T10589] RAX: ffffffffffffffda RBX: 00007fd5d39b5fa0 RCX: 00007fd5d378e9a9
[  536.539641][T10589] RDX: 0000000000000009 RSI: 0000200000000180 RDI: 0000000000000004
[  536.539653][T10589] RBP: 00007fd5d452b090 R08: 0000000000000000 R09: 0000000000000000
[  536.539666][T10589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.539679][T10589] R13: 0000000000000000 R14: 00007fd5d39b5fa0 R15: 00007fffe238a7a8
[  536.539712][T10589]  </TASK>
[  536.870116][    T9] usb 6-1: USB disconnect, device number 11
[  537.742811][T10603] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1003'.
[  537.756518][T10602] syzkaller1: entered promiscuous mode
[  537.762779][T10602] syzkaller1: entered allmulticast mode
[  538.796381][T10606] loop6: detected capacity change from 0 to 32768
[  538.803551][T10606] ocfs2: Unknown parameter '0xffffffffffffffff'
[  539.558719][ T5857] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  539.669165][T10621] netlink: 'syz.3.1006': attribute type 12 has an invalid length.
[  539.677109][T10621] netlink: 'syz.3.1006': attribute type 29 has an invalid length.
[  539.685157][T10621] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1006'.
[  539.694525][T10621] netlink: 59 bytes leftover after parsing attributes in process `syz.3.1006'.
[  540.258493][ T5857] usb 2-1: Using ep0 maxpacket: 32
[  540.265946][ T5857] usb 2-1: config 0 has an invalid interface number: 129 but max is 0
[  540.274549][ T5857] usb 2-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[  540.377930][ T5857] usb 2-1: config 0 has no interface number 1
[  540.404532][ T5857] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  540.453134][ T5857] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  540.554652][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.604649][ T5857] usb 2-1: config 0 descriptor??
[  540.653386][ T5857] hub 2-1:0.0: Invalid hub with more than one config or interface
[  540.692858][ T5857] hub 2-1:0.0: probe with driver hub failed with error -22
[  540.707493][T10631] loop6: detected capacity change from 0 to 1764
[  540.744377][ T5857] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  540.765676][ T5857] hub 2-1:0.129: Invalid hub with more than one config or interface
[  540.784353][ T5857] hub 2-1:0.129: probe with driver hub failed with error -22
[  540.926398][ T5857] usb 2-1: USB disconnect, device number 7
[  541.204556][T10637] loop3: detected capacity change from 0 to 128
[  541.253893][T10637] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  541.356351][T10637] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  542.591756][T10649] FAULT_INJECTION: forcing a failure.
[  542.591756][T10649] name failslab, interval 1, probability 0, space 0, times 0
[  542.628595][T10649] CPU: 1 UID: 0 PID: 10649 Comm: syz.2.1015 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  542.628618][T10649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  542.628628][T10649] Call Trace:
[  542.628635][T10649]  <TASK>
[  542.628642][T10649]  dump_stack_lvl+0x189/0x250
[  542.628664][T10649]  ? __pfx____ratelimit+0x10/0x10
[  542.628687][T10649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.628704][T10649]  ? __pfx__printk+0x10/0x10
[  542.628729][T10649]  ? __pfx___might_resched+0x10/0x10
[  542.628747][T10649]  should_fail_ex+0x414/0x560
[  542.628773][T10649]  should_failslab+0xa8/0x100
[  542.628798][T10649]  kmem_cache_alloc_noprof+0x73/0x3c0
[  542.628819][T10649]  ? ptlock_alloc+0x20/0x70
[  542.628844][T10649]  ptlock_alloc+0x20/0x70
[  542.628865][T10649]  pte_alloc_one+0x7d/0x170
[  542.628883][T10649]  __pte_alloc+0x25/0x1a0
[  542.628902][T10649]  __handle_mm_fault+0x49b3/0x5440
[  542.628937][T10649]  ? __pfx___handle_mm_fault+0x10/0x10
[  542.628968][T10649]  ? follow_page_pte+0xd03/0x13e0
[  542.628992][T10649]  ? __pfx___might_resched+0x10/0x10
[  542.629010][T10649]  handle_mm_fault+0x40a/0x8e0
[  542.629039][T10649]  __get_user_pages+0x1699/0x2ce0
[  542.629058][T10649]  ? __lock_acquire+0xab9/0xd20
[  542.629107][T10649]  __gup_longterm_locked+0xde9/0x1660
[  542.629138][T10649]  ? sanity_check_pinned_pages+0x1241/0x1300
[  542.629160][T10649]  ? gup_fast_fallback+0x195f/0x2010
[  542.629183][T10649]  gup_fast_fallback+0x1e6a/0x2010
[  542.629228][T10649]  ? __pfx_gup_fast_fallback+0x10/0x10
[  542.629247][T10649]  ? preempt_schedule_common+0x83/0xd0
[  542.629270][T10649]  ? preempt_schedule+0xae/0xc0
[  542.629291][T10649]  ? __pfx_preempt_schedule+0x10/0x10
[  542.629313][T10649]  ? __local_bh_disable_ip+0xf1/0x190
[  542.629339][T10649]  ? pin_user_pages_fast+0x4d/0xb0
[  542.629361][T10649]  iov_iter_extract_pages+0x35a/0x5e0
[  542.629388][T10649]  extract_iter_to_sg+0xe46/0x24e0
[  542.629409][T10649]  ? kernel_fpu_end+0xd2/0x120
[  542.629433][T10649]  ? sanity_check_pinned_pages+0x123a/0x1300
[  542.629451][T10649]  ? __pfx_kernel_fpu_end+0x10/0x10
[  542.629473][T10649]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  542.629488][T10649]  ? unpin_user_page+0xc9/0x1d0
[  542.629506][T10649]  ? __pfx_unpin_user_page+0x10/0x10
[  542.629523][T10649]  ? __asan_memcpy+0x40/0x70
[  542.629548][T10649]  ? __asan_memset+0x22/0x50
[  542.629568][T10649]  hash_sendmsg+0x4f4/0x11d0
[  542.629608][T10649]  ? __pfx_hash_sendmsg+0x10/0x10
[  542.629629][T10649]  __sock_sendmsg+0x219/0x270
[  542.629655][T10649]  ____sys_sendmsg+0x52d/0x830
[  542.629677][T10649]  ? __pfx_____sys_sendmsg+0x10/0x10
[  542.629703][T10649]  ? import_iovec+0x74/0xa0
[  542.629724][T10649]  ___sys_sendmsg+0x21f/0x2a0
[  542.629744][T10649]  ? __pfx____sys_sendmsg+0x10/0x10
[  542.629791][T10649]  ? __fget_files+0x2a/0x420
[  542.629806][T10649]  ? __fget_files+0x3a0/0x420
[  542.629829][T10649]  __sys_sendmmsg+0x227/0x430
[  542.629852][T10649]  ? __pfx___sys_sendmmsg+0x10/0x10
[  542.629868][T10649]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  542.629903][T10649]  ? ksys_write+0x22a/0x250
[  542.629927][T10649]  ? __pfx_ksys_write+0x10/0x10
[  542.629947][T10649]  ? rcu_is_watching+0x15/0xb0
[  542.629967][T10649]  __x64_sys_sendmmsg+0xa0/0xc0
[  542.629987][T10649]  do_syscall_64+0xfa/0x3b0
[  542.630001][T10649]  ? lockdep_hardirqs_on+0x9c/0x150
[  542.630023][T10649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.630038][T10649]  ? clear_bhb_loop+0x60/0xb0
[  542.630056][T10649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.630071][T10649] RIP: 0033:0x7f4e8358e9a9
[  542.630084][T10649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.630097][T10649] RSP: 002b:00007f4e843ea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  542.630113][T10649] RAX: ffffffffffffffda RBX: 00007f4e837b5fa0 RCX: 00007f4e8358e9a9
[  542.630124][T10649] RDX: 0000000000000001 RSI: 0000200000000640 RDI: 0000000000000004
[  542.630133][T10649] RBP: 00007f4e843ea090 R08: 0000000000000000 R09: 0000000000000000
[  542.630142][T10649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.630151][T10649] R13: 0000000000000000 R14: 00007f4e837b5fa0 R15: 00007fff60eb5c88
[  542.630174][T10649]  </TASK>
[  543.159939][T10644] loop6: detected capacity change from 0 to 32768
[  543.205369][T10654] netlink: 'syz.1.1016': attribute type 50 has an invalid length.
[  544.387931][T10660] ERROR: (device loop6): dbAllocAG: unable to allocate blocks
[  544.387931][T10660] 
[  544.513738][T10660] jfs_create: dtInsert returned -EIO
[  544.534575][T10660] ERROR: (device loop6): jfs_create: 
[  544.534575][T10660] 
[  544.727441][T10644] ERROR: (device loop6): dbAllocAG: unable to allocate blocks
[  544.727441][T10644] 
[  545.183490][T10644] jfs_create: dtInsert returned -EIO
[  545.348605][T10644] ERROR: (device loop6): jfs_create: 
[  545.348605][T10644] 
[  545.455703][T10674] loop2: detected capacity change from 0 to 128
[  545.550203][T10674] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  545.634774][T10674] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  545.735973][T10678] loop3: detected capacity change from 0 to 512
[  545.910404][T10678] loop3: detected capacity change from 0 to 1024
[  546.338100][T10683] loop6: detected capacity change from 0 to 256
[  546.350510][T10678] loop3: detected capacity change from 0 to 4096
[  546.429315][T10683] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  546.478495][T10683] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  546.566569][T10683] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  546.785335][T10684] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  546.795477][T10684] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  547.436565][T10672] loop5: detected capacity change from 0 to 32768
[  547.475987][T10686] loop3: detected capacity change from 0 to 128
[  547.573781][T10686] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  547.610567][T10672] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  547.713350][T10686] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  547.900462][T10679] loop1: detected capacity change from 0 to 32768
[  548.176777][T10679] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  548.197257][T10679] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  548.346259][T10672] XFS (loop5): Ending clean mount
[  548.415414][T10672] XFS (loop5): Quotacheck needed: Please wait.
[  548.474653][T10679] XFS (loop1): Ending clean mount
[  548.514020][T10679] XFS (loop1): Quotacheck needed: Please wait.
[  548.520077][T10710] loop6: detected capacity change from 0 to 64
[  548.541584][T10709] loop2: detected capacity change from 0 to 64
[  548.864116][T10672] XFS (loop5): Quotacheck: Done.
[  548.966756][T10679] XFS (loop1): Quotacheck: Done.
[  549.017188][ T6908] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  549.075217][ T5852] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  551.264750][T10732] loop2: detected capacity change from 0 to 64
[  552.639836][T10740] loop6: detected capacity change from 0 to 32768
[  552.647062][T10740] bcachefs: bch2_fs_parse_param() Error parsing option sb: option_value
[  553.920890][T10747] loop1: detected capacity change from 0 to 256
[  553.944618][T10747] exfat: Unknown parameter '€'
[  554.131292][T10747] loop1: detected capacity change from 0 to 1024
[  554.196481][T10750] loop6: detected capacity change from 0 to 256
[  554.262879][T10750] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  554.330994][T10750] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  554.433142][   T30] audit: type=1800 audit(1753245437.220:58): pid=10745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1040" name="file2" dev="loop1" ino=21 res=0 errno=0
[  554.485262][T10754] loop2: detected capacity change from 0 to 128
[  554.514585][T10750] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  554.546797][T10754] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  554.624792][T10754] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  555.008293][T10755] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  555.018760][T10755] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  556.634645][T10768] loop5: detected capacity change from 0 to 128
[  556.668351][T10768] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  556.868762][T10768] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  557.850289][T10766] loop2: detected capacity change from 0 to 4096
[  557.877283][T10766] ntfs3: Unknown parameter 'ˆ'
[  557.928658][T10777] loop1: detected capacity change from 0 to 64
[  559.830229][T10785] loop6: detected capacity change from 0 to 32768
[  559.837771][T10785] bcachefs: bch2_fs_parse_param() Error parsing option sb: option_value
[  560.528251][T10791] loop6: detected capacity change from 0 to 1024
[  560.621568][T10788] netlink: 'syz.1.1051': attribute type 4 has an invalid length.
[  560.674757][T10796] Bluetooth: MGMT ver 1.23
[  560.687008][T10797] loop3: detected capacity change from 0 to 1024
[  560.707231][T10791] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  560.750652][T10797] ext4: Bad value for 'min_batch_time'
[  560.786003][   T30] audit: type=1800 audit(1753245443.570:59): pid=10791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1052" name="file1" dev="loop6" ino=15 res=0 errno=0
[  560.822508][T10791] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 433:freeing already freed block (bit 27); block bitmap corrupt.
[  561.108347][T10804] loop2: detected capacity change from 0 to 128
[  561.141343][T10804] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  561.171528][ T8552] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.174601][T10804] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  561.901518][T10817] netlink: 'syz.6.1058': attribute type 1 has an invalid length.
[  562.093530][T10817] netlink: 208 bytes leftover after parsing attributes in process `syz.6.1058'.
[  562.827761][T10823] loop1: detected capacity change from 0 to 64
[  563.312638][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  563.819217][T10826] loop2: detected capacity change from 0 to 256
[  563.873704][T10826] exfat: Unknown parameter '€'
[  565.010429][T10839] loop5: detected capacity change from 0 to 32768
[  565.017735][T10839] bcachefs: bch2_fs_parse_param() Error parsing option sb: option_value
[  566.031539][T10848] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1066'.
[  566.362528][T10851] loop5: detected capacity change from 0 to 1024
[  566.644065][T10851] hfsplus: extend alloc file! (8192,8,110)
[  567.156434][T10856] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1067'.
[  568.792524][T10873] loop6: detected capacity change from 0 to 256
[  568.800140][T10873] exfat: Unknown parameter '€'
[  569.952132][T10891] loop1: detected capacity change from 0 to 32768
[  569.959460][T10891] bcachefs: bch2_fs_parse_param() Error parsing option sb: option_value
[  570.399771][T10884] loop2: detected capacity change from 0 to 64
[  570.425514][T10873] loop6: detected capacity change from 0 to 1024
[  570.463922][T10892] loop3: detected capacity change from 0 to 128
[  570.693120][T10892] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  570.811849][T10892] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  571.778126][T10879] loop5: detected capacity change from 0 to 256
[  571.785191][T10879] exfat: Unknown parameter '€'
[  571.889960][T10879] loop5: detected capacity change from 0 to 1024
[  571.988532][   T30] audit: type=1800 audit(1753245454.750:60): pid=10873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1072" name="file2" dev="loop6" ino=21 res=0 errno=0
[  572.250211][   T30] audit: type=1800 audit(1753245454.770:61): pid=10879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1074" name="file2" dev="loop5" ino=21 res=0 errno=0
[  572.821881][ T5857] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  573.128053][ T5857] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 86, changing to 10
[  573.458617][ T5857] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  573.513348][ T5857] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  573.527689][ T5857] usb 2-1: config 0 interface 0 has no altsetting 0
[  573.547318][ T5857] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  573.575381][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.615015][ T5857] usb 2-1: config 0 descriptor??
[  573.988776][ T5962] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  574.003205][T10906] netlink: 16182 bytes leftover after parsing attributes in process `syz.1.1079'.
[  574.030529][T10906] sctp: [Deprecated]: syz.1.1079 (pid 10906) Use of int in max_burst socket option deprecated.
[  574.030529][T10906] Use struct sctp_assoc_value instead
[  575.291115][ T5962] usb 6-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice=db.e9
[  575.291262][ T5962] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.324245][    T9] IPVS: starting estimator thread 0...
[  575.410800][T10933] IPVS: using max 24 ests per chain, 57600 per kthread
[  575.485763][ T5962] usb 6-1: config 0 descriptor??
[  575.641093][ T5962] pcwd_usb: This driver only supports 1 device
[  575.723310][T10936] loop3: detected capacity change from 0 to 64
[  575.751804][ T5857] usbhid 2-1:0.0: can't add hid device: -71
[  575.751920][ T5857] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  575.755272][ T5857] usb 2-1: USB disconnect, device number 8
[  576.087433][T10939] loop1: detected capacity change from 0 to 256
[  576.115851][T10931] tty tty4: ldisc open failed (-12), clearing slot 3
[  576.440835][T10941] loop3: detected capacity change from 0 to 256
[  576.522945][T10941] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  576.648596][T10941] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  577.505340][T10941] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  577.644115][T10941] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  577.654137][T10941] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  577.962081][T10954] ip6gretap0: entered promiscuous mode
[  577.968063][T10954] macsec2: entered allmulticast mode
[  577.974023][T10954] ip6gretap0: entered allmulticast mode
[  578.594133][ T5984] usb 6-1: USB disconnect, device number 12
[  578.600802][T10954] ip6gretap0: left allmulticast mode
[  578.606258][T10954] ip6gretap0: left promiscuous mode
[  579.680329][   T30] audit: type=1326 audit(1753245462.470:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10970 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04cb18e9a9 code=0x7ffc0000
[  579.741241][T10974] loop6: detected capacity change from 0 to 64
[  579.936497][T10982] loop5: detected capacity change from 0 to 256
[  580.059705][   T30] audit: type=1326 audit(1753245462.470:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10970 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f04cb18e9a9 code=0x7ffc0000
[  580.107845][   T30] audit: type=1326 audit(1753245462.520:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10970 comm="syz.3.1098" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f04cb18e9a9 code=0x7ffc0000
[  581.759040][   T43] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  582.830515][   T43] usb 6-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  582.848441][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.865267][   T43] usb 6-1: Product: syz
[  582.875957][   T43] usb 6-1: Manufacturer: syz
[  582.881214][   T43] usb 6-1: SerialNumber: syz
[  582.905995][   T43] usb 6-1: config 0 descriptor??
[  582.982463][T11011] loop6: detected capacity change from 0 to 256
[  583.022584][T11011] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  583.068537][T11011] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  583.121517][T11011] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  583.201291][T11011] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  583.211305][T11011] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  583.759685][T11016] loop2: detected capacity change from 0 to 32768
[  583.814304][T10994] x_tables: duplicate underflow at hook 1
[  583.998617][T11016] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  583.998648][T11016]   allowing incompatible features above 0.0: (unknown version)
[  583.998661][T11016]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  584.045507][T11016] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  584.053972][T11016] bcachefs (loop2): initializing new filesystem
[  584.100248][T11016] bcachefs (loop2): going read-write
[  584.177923][   T43] usb 6-1: f81604_write: reg: 105 data: 10 failed: -EPROTO
[  584.216203][T11009] loop3: detected capacity change from 0 to 32768
[  584.222905][   T43] f81604 6-1:0.0: Setting termination of CH#1 failed: -EPROTO
[  584.268236][   T43] f81604 6-1:0.0: probe with driver f81604 failed with error -71
[  584.365314][   T43] usb 6-1: USB disconnect, device number 13
[  584.384292][T11016] bcachefs (loop2): initializing freespace
[  584.387672][T11009] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  584.515247][T11009] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  584.661294][T11033] loop6: detected capacity change from 0 to 64
[  584.731955][T11035] FAULT_INJECTION: forcing a failure.
[  584.731955][T11035] name failslab, interval 1, probability 0, space 0, times 0
[  584.744782][T11035] CPU: 1 UID: 0 PID: 11035 Comm: syz.2.1111 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  584.744812][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  584.744825][T11035] Call Trace:
[  584.744835][T11035]  <TASK>
[  584.744845][T11035]  dump_stack_lvl+0x189/0x250
[  584.744875][T11035]  ? __pfx____ratelimit+0x10/0x10
[  584.744908][T11035]  ? __pfx_dump_stack_lvl+0x10/0x10
[  584.744933][T11035]  ? __pfx__printk+0x10/0x10
[  584.744968][T11035]  ? __pfx___might_resched+0x10/0x10
[  584.744988][T11035]  ? fs_reclaim_acquire+0x7d/0x100
[  584.745015][T11035]  should_fail_ex+0x414/0x560
[  584.745049][T11035]  should_failslab+0xa8/0x100
[  584.745084][T11035]  kmem_cache_alloc_noprof+0x73/0x3c0
[  584.745113][T11035]  ? getname_flags+0xb8/0x540
[  584.745141][T11035]  getname_flags+0xb8/0x540
[  584.745169][T11035]  __x64_sys_mkdirat+0x7a/0xa0
[  584.745201][T11035]  do_syscall_64+0xfa/0x3b0
[  584.745224][T11035]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.745243][T11035]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  584.745263][T11035]  ? clear_bhb_loop+0x60/0xb0
[  584.745289][T11035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.745309][T11035] RIP: 0033:0x7f4e8358e9a9
[  584.745328][T11035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.745347][T11035] RSP: 002b:00007f4e843a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  584.745368][T11035] RAX: ffffffffffffffda RBX: 00007f4e837b6160 RCX: 00007f4e8358e9a9
[  584.745383][T11035] RDX: 00000000000001c0 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  584.745397][T11035] RBP: 00007f4e843a8090 R08: 0000000000000000 R09: 0000000000000000
[  584.745410][T11035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  584.745422][T11035] R13: 0000000000000000 R14: 00007f4e837b6160 R15: 00007fff60eb5c88
[  584.745454][T11035]  </TASK>
[  584.939198][T11016] syz.2.1111 (11016) used greatest stack depth: 14712 bytes left
[  585.270192][ T5853] bcachefs (loop2): clean shutdown complete, journal seq 8
[  585.329857][T11009] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  585.374201][   T43] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  585.403691][   T43] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  586.839146][T11047] loop5: detected capacity change from 0 to 1024
[  586.903663][   T43] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1499ms
[  586.916012][   T43] gfs2: fsid=syz:syz.0: jid=0: Done
[  586.923501][T11009] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  586.933028][T11047] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.587203][ T6908] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  588.696661][T11062] loop6: detected capacity change from 0 to 256
[  588.748862][T11062] FAT-fs (loop6): bogus sectors per cluster 0
[  588.755013][T11062] FAT-fs (loop6): Can't find a valid FAT filesystem
[  588.766143][T11064] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1124'.
[  588.896884][T11062] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1123'.
[  589.086369][T11070] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1123'.
[  589.593818][T11062] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1123'.
[  589.681168][T11070] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1123'.
[  589.851116][T11070] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1123'.
[  589.927199][T11070] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1123'.
[  589.937847][T11070] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1123'.
[  590.094733][T11077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1125'.
[  590.577178][T11079] loop6: detected capacity change from 0 to 64
[  590.616811][T11066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'.
[  591.071480][T11083] loop5: detected capacity change from 0 to 256
[  591.089285][T11083] exfat: Unknown parameter '€'
[  591.454308][T11083] loop5: detected capacity change from 0 to 1024
[  592.166119][T11085] loop1: detected capacity change from 0 to 4096
[  592.235698][T11085] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  592.264165][   T30] audit: type=1800 audit(1753245475.050:65): pid=11082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1127" name="file2" dev="loop5" ino=21 res=0 errno=0
[  592.396961][T11085] FAULT_INJECTION: forcing a failure.
[  592.396961][T11085] name failslab, interval 1, probability 0, space 0, times 0
[  592.438506][T11085] CPU: 0 UID: 0 PID: 11085 Comm: syz.1.1128 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  592.438537][T11085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.438549][T11085] Call Trace:
[  592.438558][T11085]  <TASK>
[  592.438566][T11085]  dump_stack_lvl+0x189/0x250
[  592.438594][T11085]  ? __pfx____ratelimit+0x10/0x10
[  592.438625][T11085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  592.438649][T11085]  ? __pfx__printk+0x10/0x10
[  592.438681][T11085]  ? __pfx___might_resched+0x10/0x10
[  592.438700][T11085]  ? fs_reclaim_acquire+0x7d/0x100
[  592.438727][T11085]  should_fail_ex+0x414/0x560
[  592.438761][T11085]  should_failslab+0xa8/0x100
[  592.438795][T11085]  __kmalloc_noprof+0xcb/0x4f0
[  592.438822][T11085]  ? kfree+0x4d/0x440
[  592.438846][T11085]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  592.438876][T11085]  tomoyo_realpath_from_path+0xe3/0x5d0
[  592.438900][T11085]  ? tomoyo_domain+0xd9/0x130
[  592.438933][T11085]  tomoyo_path_perm+0x213/0x4b0
[  592.438964][T11085]  ? tomoyo_path_perm+0x1e3/0x4b0
[  592.438994][T11085]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  592.439065][T11085]  ? __pfx_current_check_access_path+0x10/0x10
[  592.439084][T11085]  ? __d_lookup+0x66/0x780
[  592.439115][T11085]  ? __d_lookup+0x66/0x780
[  592.439138][T11085]  ? __d_lookup+0x6df/0x780
[  592.439167][T11085]  tomoyo_path_unlink+0xa2/0xe0
[  592.439192][T11085]  ? __pfx_tomoyo_path_unlink+0x10/0x10
[  592.439233][T11085]  ? d_lookup+0x80/0xa0
[  592.439263][T11085]  security_path_unlink+0x167/0x360
[  592.439292][T11085]  do_unlinkat+0x2c1/0x560
[  592.439330][T11085]  ? __pfx_do_unlinkat+0x10/0x10
[  592.439368][T11085]  ? getname_flags+0x1e5/0x540
[  592.439396][T11085]  __x64_sys_unlinkat+0xd3/0xf0
[  592.439430][T11085]  do_syscall_64+0xfa/0x3b0
[  592.439449][T11085]  ? lockdep_hardirqs_on+0x9c/0x150
[  592.439481][T11085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.439502][T11085]  ? clear_bhb_loop+0x60/0xb0
[  592.439528][T11085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.439548][T11085] RIP: 0033:0x7f06b378e9a9
[  592.439567][T11085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.439585][T11085] RSP: 002b:00007f06b15f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  592.439608][T11085] RAX: ffffffffffffffda RBX: 00007f06b39b5fa0 RCX: 00007f06b378e9a9
[  592.439623][T11085] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  592.439637][T11085] RBP: 00007f06b15f6090 R08: 0000000000000000 R09: 0000000000000000
[  592.439650][T11085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  592.439662][T11085] R13: 0000000000000000 R14: 00007f06b39b5fa0 R15: 00007ffec891d028
[  592.439695][T11085]  </TASK>
[  592.446105][T11085] ERROR: Out of memory at tomoyo_realpath_from_path.
[  592.988082][T11095] ubi31: attaching mtd0
[  593.128570][T11095] ubi31: scanning is finished
[  593.133376][T11095] ubi31: empty MTD device detected
[  593.301431][T11097] loop5: detected capacity change from 0 to 4096
[  593.526948][T11097] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  593.536319][T11095] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  593.555142][T11095] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  593.582326][T11095] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  593.621318][T11095] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  593.716916][T11095] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  593.732439][T11095] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  593.798596][T11095] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1740722277
[  593.829672][T11095] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  593.855985][T11104] loop2: detected capacity change from 0 to 256
[  593.861222][T11099] ubi31: background thread "ubi_bgt31d" started, PID 11099
[  594.842054][T11110] loop2: detected capacity change from 0 to 256
[  594.857639][T11110] exfat: Unknown parameter '€'
[  595.512540][T11107] loop2: detected capacity change from 0 to 1024
[  595.628556][   T30] audit: type=1800 audit(1753245478.350:66): pid=11107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1136" name="file2" dev="loop2" ino=21 res=0 errno=0
[  596.455850][T11121] loop6: detected capacity change from 0 to 256
[  596.476484][T11121] exfat: Unknown parameter '€'
[  596.694152][T11121] loop6: detected capacity change from 0 to 1024
[  597.658181][T11126] loop5: detected capacity change from 0 to 64
[  597.856836][T11128] loop2: detected capacity change from 0 to 256
[  597.882239][T11128] exfat: Unknown parameter '€'
[  598.752589][T11123] loop2: detected capacity change from 0 to 1024
[  599.316846][T11136] __nla_validate_parse: 3 callbacks suppressed
[  599.316862][T11136] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1144'.
[  599.332033][T11136] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1144'.
[  599.486180][T11149] FAULT_INJECTION: forcing a failure.
[  599.486180][T11149] name failslab, interval 1, probability 0, space 0, times 0
[  599.538745][T11149] CPU: 0 UID: 0 PID: 11149 Comm: syz.2.1148 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  599.538776][T11149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  599.538789][T11149] Call Trace:
[  599.538798][T11149]  <TASK>
[  599.538807][T11149]  dump_stack_lvl+0x189/0x250
[  599.538835][T11149]  ? __pfx____ratelimit+0x10/0x10
[  599.538867][T11149]  ? __pfx_dump_stack_lvl+0x10/0x10
[  599.538890][T11149]  ? __pfx__printk+0x10/0x10
[  599.538923][T11149]  ? __pfx___might_resched+0x10/0x10
[  599.538941][T11149]  ? fs_reclaim_acquire+0x7d/0x100
[  599.538965][T11149]  should_fail_ex+0x414/0x560
[  599.538997][T11149]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  599.539016][T11149]  should_failslab+0xa8/0x100
[  599.539048][T11149]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  599.539065][T11149]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  599.539093][T11149]  ? shmem_alloc_inode+0x28/0x40
[  599.539116][T11149]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  599.539135][T11149]  shmem_alloc_inode+0x28/0x40
[  599.539154][T11149]  alloc_inode+0x6a/0x1b0
[  599.539175][T11149]  new_inode+0x22/0x170
[  599.539201][T11149]  shmem_get_inode+0x346/0xe90
[  599.539230][T11149]  __shmem_file_setup+0x163/0x300
[  599.539263][T11149]  __se_sys_memfd_create+0x308/0x780
[  599.539293][T11149]  do_syscall_64+0xfa/0x3b0
[  599.539311][T11149]  ? lockdep_hardirqs_on+0x9c/0x150
[  599.539341][T11149]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.539361][T11149]  ? clear_bhb_loop+0x60/0xb0
[  599.539385][T11149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.539405][T11149] RIP: 0033:0x7f4e8358e9a9
[  599.539425][T11149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.539443][T11149] RSP: 002b:00007f4e843e9e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  599.539465][T11149] RAX: ffffffffffffffda RBX: 0000000000000a2b RCX: 00007f4e8358e9a9
[  599.539479][T11149] RDX: 00007f4e843e9ef0 RSI: 0000000000000000 RDI: 00007f4e836116fc
[  599.539492][T11149] RBP: 0000200000000ac0 R08: 00007f4e843e9bb7 R09: 00007f4e843e9e40
[  599.539507][T11149] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000a80
[  599.539519][T11149] R13: 00007f4e843e9ef0 R14: 00007f4e843e9eb0 R15: 0000200000000040
[  599.539552][T11149]  </TASK>
[  599.971214][T11155] loop3: detected capacity change from 0 to 256
[  600.000894][T11153] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1150'.
[  600.038451][T11156] netlink: 'syz.6.1149': attribute type 12 has an invalid length.
[  600.046388][T11156] netlink: 'syz.6.1149': attribute type 29 has an invalid length.
[  600.054362][T11156] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1149'.
[  600.063665][T11156] netlink: 59 bytes leftover after parsing attributes in process `syz.6.1149'.
[  600.389380][T11153] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1150'.
[  601.074667][ T5857] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  601.839749][T11163] loop2: detected capacity change from 0 to 32768
[  601.847002][T11163] XFS: ikeep mount option is deprecated.
[  601.855267][T11163] XFS (loop2): sunit and swidth options incompatible with the noalign option
[  601.908504][ T5857] usb 3-1: device descriptor read/64, error -71
[  602.163825][ T5857] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  602.714682][ T5857] usb 3-1: device descriptor read/64, error -71
[  602.848898][ T5857] usb usb3-port1: attempt power cycle
[  603.482482][ T5857] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  603.539354][ T5857] usb 3-1: device descriptor read/8, error -71
[  603.556978][   T43] IPVS: starting estimator thread 0...
[  603.658462][T11190] IPVS: using max 25 ests per chain, 60000 per kthread
[  603.984555][ T5857] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  604.272912][ T5857] usb 3-1: device descriptor read/8, error -71
[  604.287889][T11197] netlink: 'syz.1.1160': attribute type 1 has an invalid length.
[  604.406852][T11199] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1160'.
[  604.778540][ T5857] usb usb3-port1: unable to enumerate USB device
[  605.112030][T11203] loop2: detected capacity change from 0 to 2048
[  605.151559][T11203] nilfs2: Unknown parameter '00000000000000000000'
[  605.742571][ T5896] udevd[5896]: incorrect nilfs2 checksum on /dev/loop2
[  605.918562][T11207] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1164'.
[  606.005823][T11220] veth1_macvtap: left promiscuous mode
[  606.078773][T11220] macsec0: entered promiscuous mode
[  606.084058][T11220] macsec0: entered allmulticast mode
[  606.231632][T11222] veth1_macvtap: entered promiscuous mode
[  606.238712][T11222] veth1_macvtap: entered allmulticast mode
[  606.254882][T11222] macsec0: left promiscuous mode
[  606.300913][T11222] macsec0: left allmulticast mode
[  606.306023][T11222] veth1_macvtap: left allmulticast mode
[  606.402216][T11226] FAULT_INJECTION: forcing a failure.
[  606.402216][T11226] name failslab, interval 1, probability 0, space 0, times 0
[  606.415466][T11226] CPU: 1 UID: 0 PID: 11226 Comm: syz.5.1169 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  606.415496][T11226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  606.415509][T11226] Call Trace:
[  606.415517][T11226]  <TASK>
[  606.415526][T11226]  dump_stack_lvl+0x189/0x250
[  606.415556][T11226]  ? __pfx____ratelimit+0x10/0x10
[  606.415588][T11226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  606.415612][T11226]  ? __pfx__printk+0x10/0x10
[  606.415639][T11226]  ? __lock_acquire+0xab9/0xd20
[  606.415679][T11226]  should_fail_ex+0x414/0x560
[  606.415715][T11226]  should_failslab+0xa8/0x100
[  606.415749][T11226]  __kmalloc_cache_noprof+0x70/0x3d0
[  606.415800][T11226]  ? llc_sap_open+0xe1/0x3b0
[  606.415826][T11226]  llc_sap_open+0xe1/0x3b0
[  606.415853][T11226]  llc_ui_autobind+0x217/0x530
[  606.415880][T11226]  llc_ui_sendmsg+0x1f5/0xdd0
[  606.415905][T11226]  ? aa_sk_perm+0x81e/0x950
[  606.415929][T11226]  ? __pfx_aa_sk_perm+0x10/0x10
[  606.415944][T11226]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  606.415971][T11226]  ? __pfx_llc_ui_sendmsg+0x10/0x10
[  606.415991][T11226]  ? __lock_acquire+0xab9/0xd20
[  606.416016][T11226]  ? aa_sock_msg_perm+0xf1/0x1d0
[  606.416040][T11226]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  606.416064][T11226]  ? __pfx_llc_ui_sendmsg+0x10/0x10
[  606.416086][T11226]  __sock_sendmsg+0x219/0x270
[  606.416119][T11226]  ____sys_sendmsg+0x52d/0x830
[  606.416150][T11226]  ? __pfx_____sys_sendmsg+0x10/0x10
[  606.416186][T11226]  ? import_iovec+0x74/0xa0
[  606.416216][T11226]  ___sys_sendmsg+0x21f/0x2a0
[  606.416244][T11226]  ? __pfx____sys_sendmsg+0x10/0x10
[  606.416309][T11226]  ? __fget_files+0x2a/0x420
[  606.416330][T11226]  ? __fget_files+0x3a0/0x420
[  606.416364][T11226]  __sys_sendmmsg+0x227/0x430
[  606.416395][T11226]  ? __pfx___sys_sendmmsg+0x10/0x10
[  606.416417][T11226]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  606.416464][T11226]  ? ksys_write+0x22a/0x250
[  606.416497][T11226]  ? __pfx_ksys_write+0x10/0x10
[  606.416524][T11226]  ? rcu_is_watching+0x15/0xb0
[  606.416551][T11226]  __x64_sys_sendmmsg+0xa0/0xc0
[  606.416578][T11226]  do_syscall_64+0xfa/0x3b0
[  606.416598][T11226]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.416628][T11226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.416647][T11226]  ? clear_bhb_loop+0x60/0xb0
[  606.416670][T11226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.416690][T11226] RIP: 0033:0x7f37dbf8e9a9
[  606.416709][T11226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.416725][T11226] RSP: 002b:00007f37dced3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  606.416747][T11226] RAX: ffffffffffffffda RBX: 00007f37dc1b5fa0 RCX: 00007f37dbf8e9a9
[  606.416761][T11226] RDX: 3284b164842c97f7 RSI: 0000200000000c40 RDI: 0000000000000005
[  606.416785][T11226] RBP: 00007f37dced3090 R08: 0000000000000000 R09: 0000000000000000
[  606.416798][T11226] R10: 0000000000008014 R11: 0000000000000246 R12: 0000000000000001
[  606.416810][T11226] R13: 0000000000000000 R14: 00007f37dc1b5fa0 R15: 00007ffc44644878
[  606.416844][T11226]  </TASK>
[  607.528434][T11232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  607.548702][T11232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  607.918794][ T5857] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  607.947240][   T43] IPVS: starting estimator thread 0...
[  608.715487][T11239] IPVS: using max 37 ests per chain, 88800 per kthread
[  608.751660][ T5857] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  608.770146][ T5857] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  608.867377][ T5857] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  609.035252][ T5857] usb 7-1: config 220 has no interface number 2
[  609.050963][ T5857] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  609.129195][ T5857] usb 7-1: config 220 interface 0 has no altsetting 0
[  609.156459][ T5857] usb 7-1: config 220 interface 76 has no altsetting 0
[  609.359447][ T5857] usb 7-1: config 220 interface 1 has no altsetting 0
[  609.389409][ T5857] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  610.288480][ T5857] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  610.296660][ T5857] usb 7-1: Product: syz
[  610.301519][ T5857] usb 7-1: Manufacturer: syz
[  610.306159][ T5857] usb 7-1: SerialNumber: syz
[  610.632262][ T5857] usb 7-1: can't set config #220, error -71
[  610.679117][ T5857] usb 7-1: USB disconnect, device number 5
[  610.933262][T11261] netlink: 'syz.5.1179': attribute type 12 has an invalid length.
[  610.943724][T11261] netlink: 'syz.5.1179': attribute type 29 has an invalid length.
[  610.951969][T11261] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1179'.
[  610.961621][T11261] netlink: 59 bytes leftover after parsing attributes in process `syz.5.1179'.
[  612.187779][T11267] loop2: detected capacity change from 0 to 256
[  612.209047][T11267] exfat: Unknown parameter '€'
[  612.490655][T11267] loop2: detected capacity change from 0 to 1024
[  612.512918][T11271] loop6: detected capacity change from 0 to 512
[  612.675495][T11271] Quota error (device loop6): v2_read_file_info: Can't read info structure
[  612.698654][T11271] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  612.738927][T11271] EXT4-fs (loop6): mount failed
[  612.791062][   T30] audit: type=1800 audit(1753245495.580:67): pid=11267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1181" name="file2" dev="loop2" ino=21 res=0 errno=0
[  612.811572][    C0] vkms_vblank_simulate: vblank timer overrun
[  613.063909][T11278] loop5: detected capacity change from 0 to 32768
[  613.132261][T11278] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  613.140542][T11278] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  613.691257][T11278] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  613.709633][ T5909] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  613.734589][ T5909] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  613.879627][T11284] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  613.926161][T11284] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.1187'.
[  614.398799][T11289] loop1: detected capacity change from 0 to 32768
[  614.423028][ T5909] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 688ms
[  614.463981][ T5909] gfs2: fsid=syz:syz.0: jid=0: Done
[  614.485079][T11278] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  614.589635][T11289] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  614.597120][T11289] CPU: 1 UID: 0 PID: 11289 Comm: syz.1.1189 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  614.597157][T11289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  614.597173][T11289] Call Trace:
[  614.597182][T11289]  <TASK>
[  614.597192][T11289]  dump_stack_lvl+0x189/0x250
[  614.597231][T11289]  ? __pfx_dump_stack_lvl+0x10/0x10
[  614.597267][T11289]  ? __pfx__printk+0x10/0x10
[  614.597308][T11289]  ? kernfs_path_from_node+0x250/0x290
[  614.597338][T11289]  ? kernfs_path_from_node+0x2f/0x290
[  614.597373][T11289]  sysfs_create_dir_ns+0x259/0x280
[  614.597406][T11289]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  614.597437][T11289]  ? do_raw_spin_unlock+0x122/0x240
[  614.597472][T11289]  kobject_add_internal+0x59f/0xb40
[  614.597508][T11289]  kobject_init_and_add+0x125/0x190
[  614.597540][T11289]  ? __pfx_kobject_init_and_add+0x10/0x10
[  614.597567][T11289]  ? __raw_spin_lock_init+0x45/0x100
[  614.597599][T11289]  ? __init_swait_queue_head+0xa9/0x150
[  614.597632][T11289]  gfs2_sys_fs_add+0x234/0x450
[  614.597664][T11289]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  614.597699][T11289]  ? is_dynamic_key+0xd6/0x1c0
[  614.597733][T11289]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  614.597780][T11289]  gfs2_fill_super+0x13c0/0x20d0
[  614.597833][T11289]  ? __pfx_gfs2_fill_super+0x10/0x10
[  614.597874][T11289]  ? sb_set_blocksize+0x104/0x180
[  614.597913][T11289]  ? setup_bdev_super+0x4c1/0x5b0
[  614.597952][T11289]  get_tree_bdev_flags+0x40b/0x4d0
[  614.597989][T11289]  ? __pfx_gfs2_fill_super+0x10/0x10
[  614.598024][T11289]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  614.598064][T11289]  ? rcu_is_watching+0x15/0xb0
[  614.598095][T11289]  gfs2_get_tree+0x51/0x1e0
[  614.598133][T11289]  vfs_get_tree+0x92/0x2b0
[  614.598158][T11289]  do_new_mount+0x2a2/0x9e0
[  614.598187][T11289]  ? ns_capable+0x8a/0xf0
[  614.598208][T11289]  ? __pfx_do_new_mount+0x10/0x10
[  614.598229][T11289]  ? path_mount+0x61c/0xfe0
[  614.598250][T11289]  ? user_path_at+0x44/0x60
[  614.598298][T11289]  __se_sys_mount+0x317/0x410
[  614.598329][T11289]  ? __pfx___se_sys_mount+0x10/0x10
[  614.598362][T11289]  ? do_syscall_64+0xbe/0x3b0
[  614.598385][T11289]  ? __x64_sys_mount+0x20/0xc0
[  614.598412][T11289]  do_syscall_64+0xfa/0x3b0
[  614.598434][T11289]  ? lockdep_hardirqs_on+0x9c/0x150
[  614.598469][T11289]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.598493][T11289]  ? clear_bhb_loop+0x60/0xb0
[  614.598520][T11289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.598543][T11289] RIP: 0033:0x7f06b379014a
[  614.598565][T11289] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  614.598584][T11289] RSP: 002b:00007f06b15f5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  614.598609][T11289] RAX: ffffffffffffffda RBX: 00007f06b15f5ef0 RCX: 00007f06b379014a
[  614.598626][T11289] RDX: 0000200000037f40 RSI: 00002000000008c0 RDI: 00007f06b15f5eb0
[  614.598642][T11289] RBP: 0000200000037f40 R08: 00007f06b15f5ef0 R09: 0000000001010084
[  614.598657][T11289] R10: 0000000001010084 R11: 0000000000000246 R12: 00002000000008c0
[  614.598672][T11289] R13: 00007f06b15f5eb0 R14: 0000000000037f14 R15: 0000200000000480
[  614.598707][T11289]  </TASK>
[  614.910066][T11289] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  614.924055][T11289] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  614.966065][T11290] loop6: detected capacity change from 0 to 128
[  615.058217][T11290] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  615.351266][T11290] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  615.805609][T11298] loop3: detected capacity change from 0 to 256
[  615.963464][T11298] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  616.106737][T11298] exFAT-fs (loop3): valid_size(150994954) is greater than size(10)
[  617.165954][T11313] loop1: detected capacity change from 0 to 256
[  617.182968][T11313] exfat: Unknown parameter '€'
[  617.500795][T11311] loop1: detected capacity change from 0 to 1024
[  617.615679][   T30] audit: type=1800 audit(1753245500.360:68): pid=11311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1195" name="file2" dev="loop1" ino=21 res=0 errno=0
[  617.900515][T11312] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1194'.
[  617.920820][T11316] loop6: detected capacity change from 0 to 32768
[  617.938645][T11302] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1194'.
[  617.965710][T11316] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  617.974050][T11316] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  617.985341][T11309] loop5: detected capacity change from 0 to 4096
[  618.384378][T11316] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  618.398295][ T5917] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  618.431923][ T5917] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  618.751648][T11309] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  618.827621][ T5917] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 396ms
[  618.914656][ T5917] gfs2: fsid=syz:syz.0: jid=0: Done
[  618.936084][T11316] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  620.109351][T11335] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1199'.
[  622.211368][T11340] loop3: detected capacity change from 0 to 32768
[  622.259937][T11340] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  622.267384][T11340] CPU: 0 UID: 0 PID: 11340 Comm: syz.3.1202 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  622.267415][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  622.267428][T11340] Call Trace:
[  622.267436][T11340]  <TASK>
[  622.267447][T11340]  dump_stack_lvl+0x189/0x250
[  622.267480][T11340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  622.267506][T11340]  ? __pfx__printk+0x10/0x10
[  622.267541][T11340]  ? kernfs_path_from_node+0x250/0x290
[  622.267569][T11340]  ? kernfs_path_from_node+0x2f/0x290
[  622.267598][T11340]  sysfs_create_dir_ns+0x259/0x280
[  622.267625][T11340]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  622.267651][T11340]  ? do_raw_spin_unlock+0x122/0x240
[  622.267682][T11340]  kobject_add_internal+0x59f/0xb40
[  622.267715][T11340]  kobject_init_and_add+0x125/0x190
[  622.267744][T11340]  ? __pfx_kobject_init_and_add+0x10/0x10
[  622.267768][T11340]  ? __raw_spin_lock_init+0x45/0x100
[  622.267796][T11340]  ? __init_swait_queue_head+0xa9/0x150
[  622.267827][T11340]  gfs2_sys_fs_add+0x234/0x450
[  622.267855][T11340]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  622.267888][T11340]  ? is_dynamic_key+0xd6/0x1c0
[  622.267917][T11340]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  622.267960][T11340]  gfs2_fill_super+0x13c0/0x20d0
[  622.268009][T11340]  ? __pfx_gfs2_fill_super+0x10/0x10
[  622.268044][T11340]  ? sb_set_blocksize+0x104/0x180
[  622.268078][T11340]  ? setup_bdev_super+0x4c1/0x5b0
[  622.268113][T11340]  get_tree_bdev_flags+0x40b/0x4d0
[  622.268145][T11340]  ? __pfx_gfs2_fill_super+0x10/0x10
[  622.268175][T11340]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  622.268210][T11340]  ? rcu_is_watching+0x15/0xb0
[  622.268238][T11340]  gfs2_get_tree+0x51/0x1e0
[  622.268272][T11340]  vfs_get_tree+0x92/0x2b0
[  622.268295][T11340]  do_new_mount+0x2a2/0x9e0
[  622.268320][T11340]  ? ns_capable+0x8a/0xf0
[  622.268341][T11340]  ? __pfx_do_new_mount+0x10/0x10
[  622.268366][T11340]  ? path_mount+0x61c/0xfe0
[  622.268383][T11340]  ? user_path_at+0x44/0x60
[  622.268421][T11340]  __se_sys_mount+0x317/0x410
[  622.268449][T11340]  ? __pfx___se_sys_mount+0x10/0x10
[  622.268474][T11340]  ? do_syscall_64+0xbe/0x3b0
[  622.268490][T11340]  ? __x64_sys_mount+0x20/0xc0
[  622.268510][T11340]  do_syscall_64+0xfa/0x3b0
[  622.268526][T11340]  ? lockdep_hardirqs_on+0x9c/0x150
[  622.268553][T11340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  622.268580][T11340]  ? clear_bhb_loop+0x60/0xb0
[  622.268604][T11340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  622.268621][T11340] RIP: 0033:0x7f04cb19014a
[  622.268640][T11340] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  622.268657][T11340] RSP: 002b:00007f04cbfb5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  622.268677][T11340] RAX: ffffffffffffffda RBX: 00007f04cbfb5ef0 RCX: 00007f04cb19014a
[  622.268691][T11340] RDX: 0000200000037f40 RSI: 00002000000008c0 RDI: 00007f04cbfb5eb0
[  622.268703][T11340] RBP: 0000200000037f40 R08: 00007f04cbfb5ef0 R09: 0000000001010084
[  622.268715][T11340] R10: 0000000001010084 R11: 0000000000000246 R12: 00002000000008c0
[  622.268738][T11340] R13: 00007f04cbfb5eb0 R14: 0000000000037f14 R15: 0000200000000480
[  622.268767][T11340]  </TASK>
[  622.582033][T11340] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  622.597925][T11340] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  623.156943][T11353] loop1: detected capacity change from 0 to 128
[  624.653251][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  624.775707][T11346] loop6: detected capacity change from 0 to 262144
[  624.927899][T11346] F2FS-fs (loop6): invalid crc value
[  624.965437][T11353] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  625.600404][T11346] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  625.621108][T11353] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  625.630489][T11346] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  626.469226][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1208'.
[  626.478123][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1208'.
[  626.523357][T11371] FAULT_INJECTION: forcing a failure.
[  626.523357][T11371] name failslab, interval 1, probability 0, space 0, times 0
[  626.596849][T11371] CPU: 1 UID: 0 PID: 11371 Comm: syz.3.1209 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  626.596881][T11371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  626.596894][T11371] Call Trace:
[  626.596903][T11371]  <TASK>
[  626.596923][T11371]  dump_stack_lvl+0x189/0x250
[  626.596951][T11371]  ? __pfx____ratelimit+0x10/0x10
[  626.596983][T11371]  ? __pfx_dump_stack_lvl+0x10/0x10
[  626.597006][T11371]  ? __pfx__printk+0x10/0x10
[  626.597041][T11371]  ? __pfx___might_resched+0x10/0x10
[  626.597058][T11371]  ? fs_reclaim_acquire+0x7d/0x100
[  626.597085][T11371]  should_fail_ex+0x414/0x560
[  626.597118][T11371]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  626.597137][T11371]  should_failslab+0xa8/0x100
[  626.597170][T11371]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  626.597188][T11371]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  626.597217][T11371]  ? shmem_alloc_inode+0x28/0x40
[  626.597240][T11371]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  626.597259][T11371]  shmem_alloc_inode+0x28/0x40
[  626.597278][T11371]  alloc_inode+0x6a/0x1b0
[  626.597300][T11371]  new_inode+0x22/0x170
[  626.597326][T11371]  shmem_get_inode+0x346/0xe90
[  626.597357][T11371]  __shmem_file_setup+0x163/0x300
[  626.597390][T11371]  __se_sys_memfd_create+0x308/0x780
[  626.597420][T11371]  do_syscall_64+0xfa/0x3b0
[  626.597439][T11371]  ? lockdep_hardirqs_on+0x9c/0x150
[  626.597470][T11371]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.597491][T11371]  ? clear_bhb_loop+0x60/0xb0
[  626.597516][T11371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.597536][T11371] RIP: 0033:0x7f04cb18e9a9
[  626.597553][T11371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.597572][T11371] RSP: 002b:00007f04cbfb5e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  626.597593][T11371] RAX: ffffffffffffffda RBX: 00000000000002d2 RCX: 00007f04cb18e9a9
[  626.597607][T11371] RDX: 00007f04cbfb5ef0 RSI: 0000000000000000 RDI: 00007f04cb2116fc
[  626.597620][T11371] RBP: 0000200000000bc0 R08: 00007f04cbfb5bb7 R09: 00007f04cbfb5e40
[  626.597634][T11371] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000100
[  626.597646][T11371] R13: 00007f04cbfb5ef0 R14: 00007f04cbfb5eb0 R15: 0000200000000240
[  626.597679][T11371]  </TASK>
[  626.909406][T11373] loop5: detected capacity change from 0 to 8
[  626.920931][T11371] loop3: detected capacity change from 0 to 512
[  626.950734][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1212'.
[  627.020777][T11373] SQUASHFS error: zlib decompression failed, data probably corrupt
[  627.029092][T11373] SQUASHFS error: Failed to read block 0x9b: -5
[  627.035371][T11373] SQUASHFS error: Unable to read metadata cache entry [99]
[  627.042640][T11373] SQUASHFS error: Unable to read inode 0x127
[  628.316763][T11371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  628.338679][T11371] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  628.596445][ T5847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.607867][T11387] tipc: Started in network mode
[  628.622062][T11387] tipc: Node identity 4e9d88e5034d, cluster identity 4711
[  628.671504][T11387] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  628.680841][T11387] syzkaller0: entered promiscuous mode
[  628.680866][T11387] syzkaller0: entered allmulticast mode
[  628.698115][T11384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1211'.
[  628.799260][T11387] tipc: Resetting bearer <eth:syzkaller0>
[  628.835524][T11383] tipc: Resetting bearer <eth:syzkaller0>
[  628.873680][T11394] FAULT_INJECTION: forcing a failure.
[  628.873680][T11394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  628.897579][T11394] CPU: 0 UID: 0 PID: 11394 Comm: syz.3.1216 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  628.897609][T11394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  628.897622][T11394] Call Trace:
[  628.897630][T11394]  <TASK>
[  628.897639][T11394]  dump_stack_lvl+0x189/0x250
[  628.897668][T11394]  ? __pfx____ratelimit+0x10/0x10
[  628.897699][T11394]  ? __pfx_dump_stack_lvl+0x10/0x10
[  628.897729][T11394]  ? __pfx__printk+0x10/0x10
[  628.897762][T11394]  should_fail_ex+0x414/0x560
[  628.897791][T11394]  _copy_from_user+0x2d/0xb0
[  628.897812][T11394]  get_user_ifreq+0x6c/0x180
[  628.897837][T11394]  sock_ioctl+0x6dd/0x790
[  628.897862][T11394]  ? __pfx_sock_ioctl+0x10/0x10
[  628.897888][T11394]  ? __fget_files+0x3a0/0x420
[  628.897905][T11394]  ? __fget_files+0x2a/0x420
[  628.897926][T11394]  ? bpf_lsm_file_ioctl+0x9/0x20
[  628.897949][T11394]  ? __pfx_sock_ioctl+0x10/0x10
[  628.897973][T11394]  __se_sys_ioctl+0xfc/0x170
[  628.897999][T11394]  do_syscall_64+0xfa/0x3b0
[  628.898014][T11394]  ? lockdep_hardirqs_on+0x9c/0x150
[  628.898040][T11394]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.898058][T11394]  ? clear_bhb_loop+0x60/0xb0
[  628.898079][T11394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.898095][T11394] RIP: 0033:0x7f04cb18e9a9
[  628.898111][T11394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.898126][T11394] RSP: 002b:00007f04cbfb6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  628.898144][T11394] RAX: ffffffffffffffda RBX: 00007f04cb3b5fa0 RCX: 00007f04cb18e9a9
[  628.898158][T11394] RDX: 0000200000000340 RSI: 00000000000089f1 RDI: 0000000000000005
[  628.898169][T11394] RBP: 00007f04cbfb6090 R08: 0000000000000000 R09: 0000000000000000
[  628.898179][T11394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  628.898189][T11394] R13: 0000000000000000 R14: 00007f04cb3b5fa0 R15: 00007ffda8604df8
[  628.898214][T11394]  </TASK>
[  629.094251][    C0] vkms_vblank_simulate: vblank timer overrun
[  629.619152][T11400] loop2: detected capacity change from 0 to 32768
[  629.930778][ T5909] tipc: Node number set to 1305512165
[  630.076003][T11383] tipc: Disabling bearer <eth:syzkaller0>
[  630.135026][T11400] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  630.143583][T11400] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  630.199560][T11400] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  630.216859][ T5909] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  630.258314][ T5909] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  630.431598][T11407] loop5: detected capacity change from 0 to 256
[  630.478171][ T5909] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 219ms
[  630.511752][ T5909] gfs2: fsid=syz:syz.0: jid=0: Done
[  630.517071][T11400] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  630.624740][T11412] loop3: detected capacity change from 0 to 128
[  630.928476][T11412] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  631.319411][T11412] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  632.289708][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1223'.
[  632.298667][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1223'.
[  632.441030][T11421] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1224'.
[  633.369426][T11423] loop1: detected capacity change from 0 to 128
[  633.427564][T11423] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  633.460840][T11423] ext4 filesystem being mounted at /239/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  634.852326][T11436] loop3: detected capacity change from 0 to 32768
[  634.859640][T11436] bcachefs: bch2_fs_parse_param() Error parsing option sb: option_value
[  635.658762][T11439] loop2: detected capacity change from 0 to 256
[  635.665743][T11439] exfat: Unknown parameter '€'
[  635.805466][ T5852] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  635.867428][T11432] loop2: detected capacity change from 0 to 1024
[  635.904882][   T30] audit: type=1800 audit(1753245518.690:69): pid=11432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1225" name="file2" dev="loop2" ino=21 res=0 errno=0
[  636.646157][T11449] netlink: 'syz.1.1230': attribute type 12 has an invalid length.
[  636.654743][T11449] netlink: 'syz.1.1230': attribute type 29 has an invalid length.
[  636.663289][T11449] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1230'.
[  636.680636][T11449] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1230'.
[  637.791414][T11458] loop3: detected capacity change from 0 to 128
[  637.932040][T11455] loop1: detected capacity change from 0 to 256
[  637.950421][T11458] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  638.111543][T11455] exfat: Unknown parameter '€'
[  638.135660][T11458] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  638.853535][T11453] loop1: detected capacity change from 0 to 1024
[  638.957772][T11445] loop5: detected capacity change from 0 to 32768
[  639.044136][   T30] audit: type=1800 audit(1753245521.830:70): pid=11453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1234" name="file2" dev="loop1" ino=21 res=0 errno=0
[  640.408491][ T5917] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[  640.538455][T11479] FAULT_INJECTION: forcing a failure.
[  640.538455][T11479] name failslab, interval 1, probability 0, space 0, times 0
[  640.596807][T11479] CPU: 0 UID: 0 PID: 11479 Comm: syz.5.1240 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  640.596838][T11479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  640.596851][T11479] Call Trace:
[  640.596860][T11479]  <TASK>
[  640.596869][T11479]  dump_stack_lvl+0x189/0x250
[  640.596897][T11479]  ? __pfx____ratelimit+0x10/0x10
[  640.596930][T11479]  ? __pfx_dump_stack_lvl+0x10/0x10
[  640.596954][T11479]  ? __pfx__printk+0x10/0x10
[  640.596987][T11479]  ? __pfx___might_resched+0x10/0x10
[  640.597011][T11479]  should_fail_ex+0x414/0x560
[  640.597046][T11479]  should_failslab+0xa8/0x100
[  640.597079][T11479]  kmem_cache_alloc_noprof+0x73/0x3c0
[  640.597103][T11479]  ? getname_flags+0xb8/0x540
[  640.597122][T11479]  getname_flags+0xb8/0x540
[  640.597141][T11479]  __x64_sys_renameat2+0xba/0xe0
[  640.597158][T11479]  do_syscall_64+0xfa/0x3b0
[  640.597174][T11479]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.597187][T11479]  ? asm_sysvec_call_function_single+0x1a/0x20
[  640.597202][T11479]  ? clear_bhb_loop+0x60/0xb0
[  640.597219][T11479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.597233][T11479] RIP: 0033:0x7f37dbf8e9a9
[  640.597246][T11479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.597263][T11479] RSP: 002b:00007f37dceb2038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  640.597283][T11479] RAX: ffffffffffffffda RBX: 00007f37dc1b6080 RCX: 00007f37dbf8e9a9
[  640.597298][T11479] RDX: ffffffffffffff9c RSI: 0000200000002200 RDI: ffffffffffffff9c
[  640.597311][T11479] RBP: 00007f37dceb2090 R08: 0000000000000002 R09: 0000000000000000
[  640.597324][T11479] R10: 00002000000021c0 R11: 0000000000000246 R12: 0000000000000001
[  640.597336][T11479] R13: 0000000000000000 R14: 00007f37dc1b6080 R15: 00007ffc44644878
[  640.597367][T11479]  </TASK>
[  640.598522][   T43] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  640.613623][ T5917] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  641.000577][ T5917] usb 7-1: config 0 has no interface number 0
[  641.006922][ T5917] usb 7-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  641.016674][ T5917] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.036656][T11487] binder: 11483:11487 ioctl c0306201 200000000040 returned -22
[  641.044447][   T43] usb 2-1: Using ep0 maxpacket: 16
[  641.056764][ T5917] usb 7-1: config 0 descriptor??
[  641.062052][ T5857] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  641.084176][   T43] usb 2-1: unable to get BOS descriptor or descriptor too short
[  641.112828][ T5917] usb 7-1: selecting invalid altsetting 1
[  641.134926][ T5917] dvb_ttusb_budget: ttusb_init_controller: error
[  641.157103][ T5917] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  641.157109][   T43] usb 2-1: config 6 has an invalid interface number: 6 but max is 0
[  641.157135][   T43] usb 2-1: config 6 has no interface number 0
[  641.231044][ T5857] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  641.251140][ T5857] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  641.283012][   T43] usb 2-1: config 6 interface 6 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  641.325215][ T5857] usb 3-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  641.398017][ T5857] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.407508][   T43] usb 2-1: New USB device found, idVendor=0675, idProduct=0200, bcdDevice= a.a8
[  641.429274][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.459246][ T5857] usb 3-1: config 0 descriptor??
[  641.460637][   T43] usb 2-1: Product: syz
[  641.531879][   T43] usb 2-1: Manufacturer: syz
[  641.548287][   T43] usb 2-1: SerialNumber: syz
[  641.635425][ T5917] DVB: Unable to find symbol cx22700_attach()
[  641.873050][ T5917] DVB: Unable to find symbol tda10046_attach()
[  641.920080][ T5917] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  642.001496][ T5857] hkems 0003:2006:0118.0005: item fetching failed at offset 5/7
[  642.010390][ T5917] usb 7-1: USB disconnect, device number 6
[  642.037983][ T5857] hkems 0003:2006:0118.0005: parse failed
[  642.063116][ T5857] hkems 0003:2006:0118.0005: probe with driver hkems failed with error -22
[  642.249241][ T5857] usb 3-1: USB disconnect, device number 16
[  642.669107][T11494] loop6: detected capacity change from 0 to 256
[  642.697484][T11494] exfat: Unknown parameter '€'
[  642.799687][   T43] cxacru 2-1:6.6: cxacru_bind: interface has incorrect endpoints
[  642.884482][T11492] loop6: detected capacity change from 0 to 1024
[  642.928800][   T43] cxacru 2-1:6.6: usbatm_usb_probe: bind failed: -19!
[  643.053592][   T43] usb 2-1: USB disconnect, device number 9
[  643.546740][T11500] loop2: detected capacity change from 0 to 2048
[  643.980783][T11503] loop1: detected capacity change from 0 to 256
[  644.010027][T11503] exfat: Unknown parameter '€'
[  644.085718][T11503] loop1: detected capacity change from 0 to 1024
[  644.135619][T11500] hpfs: hpfs_map_sector(): read error
[  644.152147][   T30] audit: type=1326 audit(1753245526.890:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11496 comm="syz.6.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d378e9a9 code=0x7fc00000
[  644.362787][   T30] audit: type=1800 audit(1753245527.150:72): pid=11502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1246" name="file2" dev="loop1" ino=21 res=0 errno=0
[  644.723437][T11507] loop2: detected capacity change from 0 to 256
[  644.775450][T11507] FAT-fs (loop2): bogus sectors per cluster 223
[  644.781929][T11507] FAT-fs (loop2): Can't find a valid FAT filesystem
[  645.289044][T11512] IPv6: NLM_F_CREATE should be specified when creating new route
[  645.309499][T11512] IPv6: Can't replace route, no match found
[  645.899171][ T5917] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  646.597269][ T5917] usb 3-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice=db.e9
[  646.611636][ T5917] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  646.784037][T11525] loop1: detected capacity change from 0 to 256
[  646.801886][T11525] exfat: Unknown parameter '€'
[  646.924075][ T5917] usb 3-1: config 0 descriptor??
[  646.942112][ T5917] pcwd_usb: This driver only supports 1 device
[  646.958066][T11525] loop1: detected capacity change from 0 to 1024
[  647.022941][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1250'.
[  647.032488][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1250'.
[  648.658005][T11535] netlink: 'syz.6.1254': attribute type 12 has an invalid length.
[  648.666061][T11535] netlink: 'syz.6.1254': attribute type 29 has an invalid length.
[  648.674166][T11535] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1254'.
[  648.683538][T11535] netlink: 59 bytes leftover after parsing attributes in process `syz.6.1254'.
[  649.231335][T11538] netlink: 'syz.1.1255': attribute type 12 has an invalid length.
[  649.239952][T11538] netlink: 'syz.1.1255': attribute type 29 has an invalid length.
[  649.247915][T11538] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1255'.
[  649.257767][T11538] netlink: 59 bytes leftover after parsing attributes in process `syz.1.1255'.
[  649.614120][ T5857] usb 3-1: USB disconnect, device number 17
[  650.772530][T11553] loop1: detected capacity change from 0 to 256
[  650.788226][T11553] exfat: Unknown parameter '€'
[  651.220218][T11553] loop1: detected capacity change from 0 to 1024
[  651.565592][T11559] loop2: detected capacity change from 0 to 32768
[  651.813001][T11559] (syz.2.1261,11559,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  651.830031][T11559] (syz.2.1261,11559,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  651.833397][T11557] loop6: detected capacity change from 0 to 4096
[  651.853702][   T30] audit: type=1800 audit(1753245534.640:73): pid=11549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1259" name="file2" dev="loop1" ino=21 res=0 errno=0
[  652.474465][T11559] JBD2: Ignoring recovery information on journal
[  652.580157][T11559] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  652.608760][T11540] loop5: detected capacity change from 0 to 32768
[  652.630673][T11540] XFS: noikeep mount option is deprecated.
[  652.641364][T11559] FAULT_INJECTION: forcing a failure.
[  652.641364][T11559] name failslab, interval 1, probability 0, space 0, times 0
[  652.655162][T11559] CPU: 1 UID: 0 PID: 11559 Comm: syz.2.1261 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  652.655192][T11559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  652.655206][T11559] Call Trace:
[  652.655214][T11559]  <TASK>
[  652.655223][T11559]  dump_stack_lvl+0x189/0x250
[  652.655251][T11559]  ? __pfx____ratelimit+0x10/0x10
[  652.655282][T11559]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.655304][T11559]  ? __pfx__printk+0x10/0x10
[  652.655334][T11559]  ? __pfx___might_resched+0x10/0x10
[  652.655354][T11559]  ? fs_reclaim_acquire+0x7d/0x100
[  652.655379][T11559]  should_fail_ex+0x414/0x560
[  652.655410][T11559]  should_failslab+0xa8/0x100
[  652.655443][T11559]  kmem_cache_alloc_noprof+0x73/0x3c0
[  652.655470][T11559]  ? getname_kernel+0x5a/0x2f0
[  652.655497][T11559]  getname_kernel+0x5a/0x2f0
[  652.655522][T11559]  kern_path+0x1d/0x50
[  652.655547][T11559]  lookup_bdev+0xc0/0x280
[  652.655569][T11559]  ? __pfx_lookup_bdev+0x10/0x10
[  652.655592][T11559]  ? getname_flags+0x1e5/0x540
[  652.655617][T11559]  __se_sys_quotactl+0x231/0x950
[  652.655652][T11559]  ? fput+0xa0/0xd0
[  652.655679][T11559]  ? __pfx___se_sys_quotactl+0x10/0x10
[  652.655709][T11559]  ? __pfx_ksys_write+0x10/0x10
[  652.655736][T11559]  ? rcu_is_watching+0x15/0xb0
[  652.655762][T11559]  ? do_syscall_64+0xbe/0x3b0
[  652.655786][T11559]  do_syscall_64+0xfa/0x3b0
[  652.655805][T11559]  ? lockdep_hardirqs_on+0x9c/0x150
[  652.655836][T11559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.655855][T11559]  ? clear_bhb_loop+0x60/0xb0
[  652.655888][T11559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.655908][T11559] RIP: 0033:0x7f4e8358e9a9
[  652.655926][T11559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.655943][T11559] RSP: 002b:00007f4e843ea038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  652.655966][T11559] RAX: ffffffffffffffda RBX: 00007f4e837b5fa0 RCX: 00007f4e8358e9a9
[  652.655981][T11559] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffff80000600
[  652.655995][T11559] RBP: 00007f4e843ea090 R08: 0000000000000000 R09: 0000000000000000
[  652.656008][T11559] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  652.656020][T11559] R13: 0000000000000000 R14: 00007f4e837b5fa0 R15: 00007fff60eb5c88
[  652.656053][T11559]  </TASK>
[  652.708597][T11540] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/loop5": -EINTR
[  652.807670][T11557] FAULT_INJECTION: forcing a failure.
[  652.807670][T11557] name failslab, interval 1, probability 0, space 0, times 0
[  652.840911][T11568] tipc: Started in network mode
[  652.923030][T11557] CPU: 1 UID: 0 PID: 11557 Comm: syz.6.1262 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  652.923063][T11557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  652.923075][T11557] Call Trace:
[  652.923084][T11557]  <TASK>
[  652.923092][T11557]  dump_stack_lvl+0x189/0x250
[  652.923123][T11557]  ? __pfx____ratelimit+0x10/0x10
[  652.923153][T11557]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.923176][T11557]  ? __pfx__printk+0x10/0x10
[  652.923211][T11557]  ? __pfx___might_resched+0x10/0x10
[  652.923232][T11557]  ? fs_reclaim_acquire+0x7d/0x100
[  652.923262][T11557]  should_fail_ex+0x414/0x560
[  652.923302][T11557]  should_failslab+0xa8/0x100
[  652.923339][T11557]  kmem_cache_alloc_noprof+0x73/0x3c0
[  652.923373][T11557]  ? alloc_empty_file+0x55/0x1d0
[  652.923406][T11557]  alloc_empty_file+0x55/0x1d0
[  652.923435][T11557]  path_openat+0x107/0x3830
[  652.923465][T11557]  ? arch_stack_walk+0xfc/0x150
[  652.923524][T11557]  ? kasan_save_track+0x4f/0x80
[  652.923554][T11557]  ? kasan_save_track+0x3e/0x80
[  652.923581][T11557]  ? __kasan_slab_alloc+0x6c/0x80
[  652.923609][T11557]  ? getname_flags+0xb8/0x540
[  652.923634][T11557]  ? __pfx_path_openat+0x10/0x10
[  652.923662][T11557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.923709][T11557]  do_filp_open+0x1fa/0x410
[  652.923738][T11557]  ? __lock_acquire+0xab9/0xd20
[  652.923775][T11557]  ? __pfx_do_filp_open+0x10/0x10
[  652.923831][T11557]  ? _raw_spin_unlock+0x28/0x50
[  652.923872][T11557]  ? alloc_fd+0x64c/0x6c0
[  652.923908][T11557]  do_sys_openat2+0x121/0x1c0
[  652.923946][T11557]  ? __pfx_do_sys_openat2+0x10/0x10
[  652.923975][T11557]  ? ksys_write+0x22a/0x250
[  652.924011][T11557]  ? __pfx_ksys_write+0x10/0x10
[  652.924041][T11557]  ? rcu_is_watching+0x15/0xb0
[  652.924069][T11557]  __x64_sys_openat+0x138/0x170
[  652.924104][T11557]  do_syscall_64+0xfa/0x3b0
[  652.924127][T11557]  ? lockdep_hardirqs_on+0x9c/0x150
[  652.924160][T11557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.924183][T11557]  ? clear_bhb_loop+0x60/0xb0
[  652.924211][T11557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.924233][T11557] RIP: 0033:0x7fd5d378e9a9
[  652.924255][T11557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.924274][T11557] RSP: 002b:00007fd5d452b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  652.924298][T11557] RAX: ffffffffffffffda RBX: 00007fd5d39b5fa0 RCX: 00007fd5d378e9a9
[  652.924316][T11557] RDX: 0000000000000040 RSI: 000020000000c380 RDI: ffffffffffffff9c
[  652.924332][T11557] RBP: 00007fd5d452b090 R08: 0000000000000000 R09: 0000000000000000
[  652.924347][T11557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  652.924359][T11557] R13: 0000000000000000 R14: 00007fd5d39b5fa0 R15: 00007fffe238a7a8
[  652.924395][T11557]  </TASK>
[  653.260934][T11568] tipc: Node identity 2aca7322c0ec, cluster identity 4711
[  653.269291][T11568] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  653.405447][T11569] syzkaller0: entered promiscuous mode
[  653.468418][T11575] FAULT_INJECTION: forcing a failure.
[  653.468418][T11575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  653.482299][T11575] CPU: 0 UID: 0 PID: 11575 Comm: syz.1.1265 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  653.482327][T11575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  653.482339][T11575] Call Trace:
[  653.482347][T11575]  <TASK>
[  653.482356][T11575]  dump_stack_lvl+0x189/0x250
[  653.482384][T11575]  ? irqentry_exit+0x74/0x90
[  653.482405][T11575]  ? __pfx_dump_stack_lvl+0x10/0x10
[  653.482437][T11575]  ? dump_stack+0x9/0x20
[  653.482465][T11575]  should_fail_ex+0x414/0x560
[  653.482497][T11575]  _copy_from_user+0x2d/0xb0
[  653.482525][T11575]  csum_and_copy_from_iter_full+0x1e1/0x1eb0
[  653.482551][T11575]  ? irqentry_exit+0x74/0x90
[  653.482587][T11575]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  653.482612][T11575]  ? trace_irq_disable+0x37/0x110
[  653.482640][T11575]  ? preempt_schedule_irq+0xde/0x150
[  653.482670][T11575]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  653.482713][T11575]  ip_generic_getfrag+0x12f/0x2b0
[  653.482743][T11575]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  653.482787][T11575]  __ip_append_data+0x213b/0x40c0
[  653.482833][T11575]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  653.482882][T11575]  ? __pfx___ip_append_data+0x10/0x10
[  653.482922][T11575]  ip_append_data+0x10e/0x190
[  653.482952][T11575]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  653.482986][T11575]  udp_sendmsg+0x541/0x2170
[  653.483019][T11575]  ? preempt_schedule_irq+0xb5/0x150
[  653.483059][T11575]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  653.483089][T11575]  ? __pfx_udp_sendmsg+0x10/0x10
[  653.483131][T11575]  ? preempt_schedule_irq+0xde/0x150
[  653.483161][T11575]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  653.483203][T11575]  ? lockdep_hardirqs_on+0x9c/0x150
[  653.483246][T11575]  ? inet_sendmsg+0x29c/0x370
[  653.483281][T11575]  __sock_sendmsg+0x19c/0x270
[  653.483316][T11575]  __sys_sendto+0x3bd/0x520
[  653.483341][T11575]  ? __pfx___sys_sendto+0x10/0x10
[  653.483360][T11575]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  653.483395][T11575]  ? __fget_files+0x3a0/0x420
[  653.483429][T11575]  ? ksys_write+0x22a/0x250
[  653.483462][T11575]  ? __pfx_ksys_write+0x10/0x10
[  653.483499][T11575]  __x64_sys_sendto+0xde/0x100
[  653.483525][T11575]  do_syscall_64+0xfa/0x3b0
[  653.483547][T11575]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.483567][T11575]  ? asm_sysvec_call_function_single+0x1a/0x20
[  653.483587][T11575]  ? clear_bhb_loop+0x60/0xb0
[  653.483613][T11575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.483632][T11575] RIP: 0033:0x7f06b378e9a9
[  653.483651][T11575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  653.483669][T11575] RSP: 002b:00007f06b15d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  653.483691][T11575] RAX: ffffffffffffffda RBX: 00007f06b39b6080 RCX: 00007f06b378e9a9
[  653.483706][T11575] RDX: 000000000000fdbe RSI: 0000200000000100 RDI: 0000000000000003
[  653.483718][T11575] RBP: 00007f06b15d5090 R08: 0000000000000000 R09: 0000000011000a00
[  653.483731][T11575] R10: 0000000004004084 R11: 0000000000000246 R12: 0000000000000001
[  653.483743][T11575] R13: 0000000000000000 R14: 00007f06b39b6080 R15: 00007ffec891d028
[  653.483781][T11575]  </TASK>
[  653.488695][T11569] syzkaller0: entered allmulticast mode
[  653.684106][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  653.914251][T11567] tipc: Resetting bearer <eth:syzkaller0>
[  654.074874][ T5917] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  654.343226][T11567] tipc: Disabling bearer <eth:syzkaller0>
[  654.358971][ T5909] tipc: Node number set to 3928388386
[  654.370255][ T5917] usb 7-1: Using ep0 maxpacket: 16
[  654.387505][ T5917] usb 7-1: config index 0 descriptor too short (expected 59154, got 18)
[  654.427140][ T5917] usb 7-1: config 0 has an invalid interface number: 0 but max is -1
[  654.442617][T11580] bond0: option updelay: invalid value (18446744073709551609)
[  654.457567][ T5917] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 0
[  654.499944][T11580] bond0: option updelay: allowed values 0 - 2147483647
[  654.774726][ T5917] usb 7-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  655.105976][ T5917] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  655.143527][ T5917] usb 7-1: Product: syz
[  655.147770][ T5917] usb 7-1: Manufacturer: syz
[  655.178591][ T5917] usb 7-1: SerialNumber: syz
[  655.200201][ T5917] usb 7-1: config 0 descriptor??
[  655.261822][ T5917] ssu100 7-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  655.432453][T11591] loop2: detected capacity change from 0 to 128
[  655.512671][T11591] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  655.524336][T11593] openvswitch: netlink: Message has 4 unknown bytes.
[  655.583192][T11591] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  655.631720][T11595] loop5: detected capacity change from 0 to 512
[  655.876171][ T5917] ssu100 7-1:0.0: probe with driver ssu100 failed with error -110
[  656.211447][T11595] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  656.317782][ T6908] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  656.408600][ T5962] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  656.480669][T11608] loop2: detected capacity change from 0 to 256
[  656.590753][ T5962] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  656.605866][T11608] syzkaller0: entered promiscuous mode
[  656.614960][T11608] syzkaller0: entered allmulticast mode
[  656.632437][ T5962] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  656.663234][ T5962] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  656.681462][ T5962] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  656.710756][ T5962] usb 2-1: SerialNumber: syz
[  656.978712][ T5909] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  656.993909][T11617] loop2: detected capacity change from 0 to 256
[  657.006760][T11617] exfat: Unknown parameter '€'
[  657.532419][ T5962] usb 2-1: 0:2 : does not exist
[  657.537671][ T5962] usb 2-1: unit 5: unexpected type 0x0c
[  657.631696][ T5962] usb 2-1: USB disconnect, device number 10
[  657.662228][ T5909] usb 6-1: Using ep0 maxpacket: 32
[  657.683512][ T5909] usb 6-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  657.699820][ T5909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.754179][ T5909] usb 6-1: Product: syz
[  657.768847][ T5909] usb 6-1: Manufacturer: syz
[  657.773601][ T5909] usb 6-1: SerialNumber: syz
[  657.792589][   T43] usb 7-1: USB disconnect, device number 7
[  657.819489][ T5909] usb 6-1: config 0 descriptor??
[  657.869347][ T5896] udevd[5896]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  657.925928][T11628] loop6: detected capacity change from 0 to 256
[  657.967000][T11628] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  658.000656][T11628] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  658.031172][T11630] loop3: detected capacity change from 0 to 64
[  658.094401][T11628] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  658.306774][T11635] loop2: detected capacity change from 0 to 256
[  658.334544][T11635] exfat: Unknown parameter '€'
[  658.390056][T11637] loop1: detected capacity change from 0 to 128
[  658.410290][T11636] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  658.421693][T11636] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  658.455792][T11637] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  658.521943][T11637] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  659.201116][ T5909] peak_usb 6-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels)
[  659.228541][ T5909] peak_usb 6-1:0.0 can0: sending command failure: -22
[  659.238674][ T5909] peak_usb 6-1:0.0 can0: sending command failure: -22
[  659.550740][ T5909] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -22
[  659.653632][ T5909] usb 6-1: USB disconnect, device number 14
[  659.731388][T11648] loop1: detected capacity change from 0 to 256
[  659.798178][T11644] loop2: detected capacity change from 0 to 4096
[  660.910580][T11644] ntfs3(loop2): ino=0, "file0" failed to extend initialized size to 8fecc.
[  660.932537][T11656] FAULT_INJECTION: forcing a failure.
[  660.932537][T11656] name failslab, interval 1, probability 0, space 0, times 0
[  661.022178][T11656] CPU: 0 UID: 0 PID: 11656 Comm: syz.2.1286 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  661.022207][T11656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  661.022220][T11656] Call Trace:
[  661.022227][T11656]  <TASK>
[  661.022237][T11656]  dump_stack_lvl+0x189/0x250
[  661.022266][T11656]  ? __pfx____ratelimit+0x10/0x10
[  661.022297][T11656]  ? __pfx_dump_stack_lvl+0x10/0x10
[  661.022321][T11656]  ? __pfx__printk+0x10/0x10
[  661.022354][T11656]  ? __pfx___might_resched+0x10/0x10
[  661.022373][T11656]  ? fs_reclaim_acquire+0x7d/0x100
[  661.022399][T11656]  should_fail_ex+0x414/0x560
[  661.022435][T11656]  should_failslab+0xa8/0x100
[  661.022468][T11656]  kmem_cache_alloc_noprof+0x73/0x3c0
[  661.022497][T11656]  ? alloc_empty_file+0x55/0x1d0
[  661.022526][T11656]  alloc_empty_file+0x55/0x1d0
[  661.022551][T11656]  path_openat+0x107/0x3830
[  661.022577][T11656]  ? arch_stack_walk+0xfc/0x150
[  661.022630][T11656]  ? kasan_save_track+0x4f/0x80
[  661.022656][T11656]  ? kasan_save_track+0x3e/0x80
[  661.022681][T11656]  ? __kasan_slab_alloc+0x6c/0x80
[  661.022708][T11656]  ? getname_flags+0xb8/0x540
[  661.022729][T11656]  ? __pfx_path_openat+0x10/0x10
[  661.022754][T11656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.022797][T11656]  do_filp_open+0x1fa/0x410
[  661.022823][T11656]  ? __lock_acquire+0xab9/0xd20
[  661.022864][T11656]  ? __pfx_do_filp_open+0x10/0x10
[  661.022915][T11656]  ? _raw_spin_unlock+0x28/0x50
[  661.022943][T11656]  ? alloc_fd+0x64c/0x6c0
[  661.022975][T11656]  do_sys_openat2+0x121/0x1c0
[  661.023004][T11656]  ? __pfx_do_sys_openat2+0x10/0x10
[  661.023030][T11656]  ? ksys_write+0x22a/0x250
[  661.023062][T11656]  ? __pfx_ksys_write+0x10/0x10
[  661.023097][T11656]  __x64_sys_creat+0x8f/0xc0
[  661.023127][T11656]  do_syscall_64+0xfa/0x3b0
[  661.023146][T11656]  ? lockdep_hardirqs_on+0x9c/0x150
[  661.023176][T11656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.023196][T11656]  ? clear_bhb_loop+0x60/0xb0
[  661.023221][T11656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.023241][T11656] RIP: 0033:0x7f4e8358e9a9
[  661.023259][T11656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.023277][T11656] RSP: 002b:00007f4e843c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  661.023299][T11656] RAX: ffffffffffffffda RBX: 00007f4e837b6080 RCX: 00007f4e8358e9a9
[  661.023314][T11656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000580
[  661.023326][T11656] RBP: 00007f4e843c9090 R08: 0000000000000000 R09: 0000000000000000
[  661.023339][T11656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  661.023351][T11656] R13: 0000000000000001 R14: 00007f4e837b6080 R15: 00007fff60eb5c88
[  661.023382][T11656]  </TASK>
[  661.035817][T11659] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  662.040708][T11660] loop3: detected capacity change from 0 to 4096
[  662.073094][T11665] loop2: detected capacity change from 0 to 128
[  662.199597][T11665] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  662.233035][T11660] ntfs3(loop3): ino=0, "file0" failed to extend initialized size to 8fecc.
[  662.273252][T11665] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  663.081463][T11674] loop5: detected capacity change from 0 to 256
[  663.121713][T11674] exfat: Unknown parameter '€'
[  663.129454][ T5917] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  663.392495][T11670] loop5: detected capacity change from 0 to 1024
[  663.539818][ T5917] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  663.878431][ T5917] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  663.894318][   T30] audit: type=1800 audit(1753245546.680:74): pid=11670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1296" name="file2" dev="loop5" ino=21 res=0 errno=0
[  663.954018][ T5917] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  663.963718][T11677] loop6: detected capacity change from 0 to 128
[  664.021713][ T5917] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  664.031408][T11677] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  664.102953][ T5917] usb 2-1: config 0 descriptor??
[  664.165137][T11677] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  664.888596][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  665.278639][    T9] usb 6-1: Using ep0 maxpacket: 16
[  665.887999][    T9] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  665.899880][    T9] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  665.912552][T11691] loop3: detected capacity change from 0 to 64
[  665.918962][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  665.926162][    T9] usb 6-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  665.940658][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.957634][    T9] usb 6-1: config 0 descriptor??
[  666.212698][T11691] FAULT_INJECTION: forcing a failure.
[  666.212698][T11691] name failslab, interval 1, probability 0, space 0, times 0
[  666.368990][T11691] CPU: 0 UID: 0 PID: 11691 Comm: syz.3.1303 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  666.369023][T11691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  666.369036][T11691] Call Trace:
[  666.369045][T11691]  <TASK>
[  666.369055][T11691]  dump_stack_lvl+0x189/0x250
[  666.369081][T11691]  ? __pfx____ratelimit+0x10/0x10
[  666.369112][T11691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  666.369133][T11691]  ? __pfx__printk+0x10/0x10
[  666.369165][T11691]  ? __pfx___might_resched+0x10/0x10
[  666.369182][T11691]  ? fs_reclaim_acquire+0x7d/0x100
[  666.369206][T11691]  should_fail_ex+0x414/0x560
[  666.369238][T11691]  should_failslab+0xa8/0x100
[  666.369269][T11691]  kmem_cache_alloc_noprof+0x73/0x3c0
[  666.369296][T11691]  ? alloc_empty_file+0x55/0x1d0
[  666.369323][T11691]  alloc_empty_file+0x55/0x1d0
[  666.369346][T11691]  path_openat+0x107/0x3830
[  666.369372][T11691]  ? arch_stack_walk+0xfc/0x150
[  666.369427][T11691]  ? kasan_save_track+0x4f/0x80
[  666.369453][T11691]  ? kasan_save_track+0x3e/0x80
[  666.369477][T11691]  ? __kasan_slab_alloc+0x6c/0x80
[  666.369505][T11691]  ? getname_flags+0xb8/0x540
[  666.369527][T11691]  ? __pfx_path_openat+0x10/0x10
[  666.369552][T11691]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.369595][T11691]  do_filp_open+0x1fa/0x410
[  666.369627][T11691]  ? __lock_acquire+0xab9/0xd20
[  666.369659][T11691]  ? __pfx_do_filp_open+0x10/0x10
[  666.369710][T11691]  ? _raw_spin_unlock+0x28/0x50
[  666.369737][T11691]  ? alloc_fd+0x64c/0x6c0
[  666.369769][T11691]  do_sys_openat2+0x121/0x1c0
[  666.369798][T11691]  ? __pfx_do_sys_openat2+0x10/0x10
[  666.369824][T11691]  ? ksys_write+0x22a/0x250
[  666.369856][T11691]  ? __pfx_ksys_write+0x10/0x10
[  666.369882][T11691]  ? rcu_is_watching+0x15/0xb0
[  666.369907][T11691]  __x64_sys_openat+0x138/0x170
[  666.369938][T11691]  do_syscall_64+0xfa/0x3b0
[  666.369957][T11691]  ? lockdep_hardirqs_on+0x9c/0x150
[  666.369986][T11691]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.370005][T11691]  ? clear_bhb_loop+0x60/0xb0
[  666.370029][T11691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.370049][T11691] RIP: 0033:0x7f04cb18e9a9
[  666.370067][T11691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  666.370084][T11691] RSP: 002b:00007f04cbfb6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  666.370106][T11691] RAX: ffffffffffffffda RBX: 00007f04cb3b5fa0 RCX: 00007f04cb18e9a9
[  666.370120][T11691] RDX: 0000000000143042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  666.370134][T11691] RBP: 00007f04cbfb6090 R08: 0000000000000000 R09: 0000000000000000
[  666.370147][T11691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  666.370159][T11691] R13: 0000000000000000 R14: 00007f04cb3b5fa0 R15: 00007ffda8604df8
[  666.370189][T11691]  </TASK>
[  668.575723][T11699] loop2: detected capacity change from 0 to 64
[  668.713126][   T30] audit: type=1800 audit(1753245551.500:75): pid=11699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1304" name="file1" dev="loop2" ino=18 res=0 errno=0
[  668.743012][    T9] holtek_kbd 0003:04D9:A055.0006: unknown main item tag 0x0
[  668.750552][    T9] holtek_kbd 0003:04D9:A055.0006: unknown main item tag 0x0
[  668.758040][    T9] holtek_kbd 0003:04D9:A055.0006: unknown main item tag 0x0
[  668.787437][    T9] holtek_kbd 0003:04D9:A055.0006: unknown main item tag 0x0
[  668.805054][    T9] holtek_kbd 0003:04D9:A055.0006: hidraw0: USB HID v0.00 Device [HID 04d9:a055] on usb-dummy_hcd.5-1/input0
[  669.282467][ T5917] usb 2-1: string descriptor 0 read error: -71
[  670.882898][T11711] loop3: detected capacity change from 0 to 128
[  670.928053][T11711] EXT4-fs: Ignoring removed nobh option
[  671.167454][T11720] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1309'.
[  671.393980][ T5917] usb 2-1: USB disconnect, device number 11
[  671.513984][T11706] loop5: detected capacity change from 0 to 32768
[  671.659571][T11711] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  671.949233][T11711] ext4 filesystem being mounted at /265/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  673.754076][ T5847] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  673.886595][    T9] usb 6-1: USB disconnect, device number 15
[  674.259137][T11733] loop1: detected capacity change from 0 to 128
[  674.282052][T11733] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  674.325652][T11733] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  674.394664][T11735] loop2: detected capacity change from 0 to 512
[  674.899368][T11735] ext4: Unknown parameter '€'
[  675.209482][T11745] FAULT_INJECTION: forcing a failure.
[  675.209482][T11745] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  675.295374][T11748] netlink: 'syz.3.1314': attribute type 1 has an invalid length.
[  675.303377][T11745] CPU: 1 UID: 0 PID: 11745 Comm: syz.2.1315 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  675.303404][T11745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  675.303418][T11745] Call Trace:
[  675.303427][T11745]  <TASK>
[  675.303435][T11745]  dump_stack_lvl+0x189/0x250
[  675.303465][T11745]  ? __pfx____ratelimit+0x10/0x10
[  675.303494][T11745]  ? __pfx_dump_stack_lvl+0x10/0x10
[  675.303517][T11745]  ? __pfx__printk+0x10/0x10
[  675.303544][T11745]  ? __might_fault+0xb0/0x130
[  675.303585][T11745]  should_fail_ex+0x414/0x560
[  675.303618][T11745]  _copy_from_user+0x2d/0xb0
[  675.303652][T11745]  video_usercopy+0x354/0x14f0
[  675.303684][T11745]  ? __pfx___video_do_ioctl+0x10/0x10
[  675.303705][T11745]  ? __pfx_video_usercopy+0x10/0x10
[  675.303738][T11745]  ? __fget_files+0x2a/0x420
[  675.303762][T11745]  ? __fget_files+0x2a/0x420
[  675.303780][T11745]  ? __fget_files+0x3a0/0x420
[  675.303804][T11745]  v4l2_ioctl+0x18a/0x1e0
[  675.303825][T11745]  ? __pfx_v4l2_ioctl+0x10/0x10
[  675.303844][T11745]  __se_sys_ioctl+0xfc/0x170
[  675.303875][T11745]  do_syscall_64+0xfa/0x3b0
[  675.303893][T11745]  ? lockdep_hardirqs_on+0x9c/0x150
[  675.303923][T11745]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  675.303943][T11745]  ? clear_bhb_loop+0x60/0xb0
[  675.303967][T11745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  675.303986][T11745] RIP: 0033:0x7f4e8358e9a9
[  675.304003][T11745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  675.304020][T11745] RSP: 002b:00007f4e843ea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  675.304041][T11745] RAX: ffffffffffffffda RBX: 00007f4e837b5fa0 RCX: 00007f4e8358e9a9
[  675.304056][T11745] RDX: 0000200000000000 RSI: 00000000c0405602 RDI: 0000000000000003
[  675.304068][T11745] RBP: 00007f4e843ea090 R08: 0000000000000000 R09: 0000000000000000
[  675.304081][T11745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  675.304092][T11745] R13: 0000000000000000 R14: 00007f4e837b5fa0 R15: 00007fff60eb5c88
[  675.304122][T11745]  </TASK>
[  675.626985][T11751] loop1: detected capacity change from 0 to 2048
[  675.784684][T11746] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  676.049504][T11746] cgroup: Need name or subsystem set
[  676.310090][ T1149] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  676.389831][T11748] 8021q: adding VLAN 0 to HW filter on device bond1
[  676.550660][   T49] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  676.821555][T11772] rtc_cmos 00:00: Alarms can be up to one day in the future
[  676.875711][T11772] rtc_cmos 00:00: Alarms can be up to one day in the future
[  676.988520][   T43] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[  677.111328][T11777] tmpfs: Unknown parameter 'usrquotae'
[  677.205695][   T43] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7
[  677.554555][T11766] loop2: detected capacity change from 0 to 32768
[  677.768296][T11785] loop1: detected capacity change from 0 to 128
[  677.978774][T11785] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  678.051079][T11785] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  679.610567][   T43] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  680.048498][   T43] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  680.156449][T11795] loop1: detected capacity change from 0 to 2048
[  680.204201][   T43] usb 6-1: can't set config #1, error -71
[  680.220906][   T43] usb 6-1: USB disconnect, device number 16
[  680.745283][T11797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1329'.
[  680.754335][T11797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1329'.
[  680.835309][T11795] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.864086][T11809] FAULT_INJECTION: forcing a failure.
[  680.864086][T11809] name failslab, interval 1, probability 0, space 0, times 0
[  680.886714][T11808] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  680.918479][T11809] CPU: 0 UID: 0 PID: 11809 Comm: syz.6.1332 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  680.918509][T11809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  680.918523][T11809] Call Trace:
[  680.918531][T11809]  <TASK>
[  680.918539][T11809]  dump_stack_lvl+0x189/0x250
[  680.918568][T11809]  ? __pfx____ratelimit+0x10/0x10
[  680.918600][T11809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  680.918623][T11809]  ? __pfx__printk+0x10/0x10
[  680.918657][T11809]  ? __pfx___might_resched+0x10/0x10
[  680.918683][T11809]  should_fail_ex+0x414/0x560
[  680.918718][T11809]  should_failslab+0xa8/0x100
[  680.918752][T11809]  kmem_cache_alloc_noprof+0x73/0x3c0
[  680.918782][T11809]  ? getname_flags+0xb8/0x540
[  680.918809][T11809]  getname_flags+0xb8/0x540
[  680.918836][T11809]  __x64_sys_execveat+0xad/0xe0
[  680.918870][T11809]  do_syscall_64+0xfa/0x3b0
[  680.918889][T11809]  ? lockdep_hardirqs_on+0x9c/0x150
[  680.918919][T11809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.918939][T11809]  ? clear_bhb_loop+0x60/0xb0
[  680.918965][T11809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.918984][T11809] RIP: 0033:0x7fd5d378e9a9
[  680.919003][T11809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.919021][T11809] RSP: 002b:00007fd5d15f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  680.919042][T11809] RAX: ffffffffffffffda RBX: 00007fd5d39b6080 RCX: 00007fd5d378e9a9
[  680.919057][T11809] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a
[  680.919069][T11809] RBP: 00007fd5d15f6090 R08: 0000000000001000 R09: 0000000000000000
[  680.919082][T11809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  680.919093][T11809] R13: 0000000000000000 R14: 00007fd5d39b6080 R15: 00007fffe238a7a8
[  680.919124][T11809]  </TASK>
[  680.932892][T11808] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  680.942777][T11795] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  681.310318][ T6425] ------------[ cut here ]------------
[  681.317762][ T6425] kernel BUG at fs/ext4/inode.c:2808!
[  681.358428][ T6425] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  681.364838][ T6425] CPU: 1 UID: 0 PID: 6425 Comm: kworker/u8:10 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[  681.376584][ T6425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  681.386662][ T6425] Workqueue: writeback wb_workfn (flush-7:1)
[  681.392676][ T6425] RIP: 0010:ext4_do_writepages+0x4607/0x4610
[  681.398862][ T6425] Code: c6 c0 77 9e 8b e8 c9 f8 93 ff 90 0f 0b e8 51 78 4c ff 4c 89 f7 48 c7 c6 a0 7b 9e 8b e8 b2 f8 93 ff 90 0f 0b e8 3a 78 4c ff 90 <0f> 0b 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90
[  681.418764][ T6425] RSP: 0018:ffffc9000ebbecc0 EFLAGS: 00010293
[  681.424868][ T6425] RAX: ffffffff827338d6 RBX: 0000006210000000 RCX: ffff8880252d1e00
[  681.432855][ T6425] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000
[  681.440839][ T6425] RBP: ffffc9000ebbf0f0 R08: ffff88805211c347 R09: 1ffff1100a423868
[  681.448821][ T6425] R10: dffffc0000000000 R11: ffffed100a423869 R12: 0000000000000001
[  681.456798][ T6425] R13: ffffc9000ebbf140 R14: 0000004000000000 R15: dffffc0000000000
[  681.464777][ T6425] FS:  0000000000000000(0000) GS:ffff888125ce3000(0000) knlGS:0000000000000000
[  681.473715][ T6425] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  681.480308][ T6425] CR2: 0000001b326ea000 CR3: 00000000519c4000 CR4: 00000000003526f0
[  681.488321][ T6425] Call Trace:
[  681.491641][ T6425]  <TASK>
[  681.494593][ T6425]  ? kasan_quarantine_put+0xdd/0x220
[  681.499897][ T6425]  ? irqentry_exit+0x74/0x90
[  681.504513][ T6425]  ? lockdep_hardirqs_on+0x9c/0x150
[  681.509733][ T6425]  ? rb_event_length+0x45/0x400
[  681.514601][ T6425]  ? __sanitizer_cov_trace_switch+0xb3/0x130
[  681.520606][ T6425]  ? __pfx_ext4_do_writepages+0x10/0x10
[  681.526192][ T6425]  ? look_up_lock_class+0x74/0x170
[  681.531348][ T6425]  ? register_lock_class+0x51/0x320
[  681.536582][ T6425]  ? __lock_acquire+0xab9/0xd20
[  681.541465][ T6425]  ? rcu_read_lock_any_held+0xb3/0x120
[  681.546960][ T6425]  ext4_writepages+0x205/0x350
[  681.551741][ T6425]  ? __pfx_ext4_writepages+0x10/0x10
[  681.557051][ T6425]  ? do_raw_spin_unlock+0x122/0x240
[  681.562270][ T6425]  ? __pfx_ext4_writepages+0x10/0x10
[  681.567573][ T6425]  do_writepages+0x32b/0x550
[  681.572182][ T6425]  ? reacquire_held_locks+0x127/0x1d0
[  681.577567][ T6425]  ? writeback_sb_inodes+0x384/0x1010
[  681.583010][ T6425]  __writeback_single_inode+0x145/0xff0
[  681.588580][ T6425]  ? do_raw_spin_unlock+0x122/0x240
[  681.593887][ T6425]  writeback_sb_inodes+0x6c7/0x1010
[  681.599111][ T6425]  ? bpf_trace_run4+0x19c/0x4a0
[  681.603991][ T6425]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  681.609658][ T6425]  ? rcu_is_watching+0x15/0xb0
[  681.614535][ T6425]  wb_writeback+0x43b/0xaf0
[  681.619089][ T6425]  ? queue_io+0x311/0x590
[  681.623438][ T6425]  ? __pfx_wb_writeback+0x10/0x10
[  681.628488][ T6425]  ? _raw_spin_unlock_irq+0x23/0x50
[  681.633721][ T6425]  wb_workfn+0x409/0xef0
[  681.637984][ T6425]  ? __pfx_wb_workfn+0x10/0x10
[  681.642772][ T6425]  ? __lock_acquire+0xab9/0xd20
[  681.647643][ T6425]  ? process_scheduled_works+0x9ef/0x17b0
[  681.653386][ T6425]  ? _raw_spin_unlock_irq+0x23/0x50
[  681.658603][ T6425]  ? process_scheduled_works+0x9ef/0x17b0
[  681.664341][ T6425]  ? process_scheduled_works+0x9ef/0x17b0
[  681.670083][ T6425]  process_scheduled_works+0xade/0x17b0
[  681.675657][ T6425]  ? __pfx_process_scheduled_works+0x10/0x10
[  681.681674][ T6425]  worker_thread+0x8a0/0xda0
[  681.686285][ T6425]  kthread+0x70e/0x8a0
[  681.690372][ T6425]  ? __pfx_worker_thread+0x10/0x10
[  681.695519][ T6425]  ? __pfx_kthread+0x10/0x10
[  681.700133][ T6425]  ? _raw_spin_unlock_irq+0x23/0x50
[  681.705350][ T6425]  ? lockdep_hardirqs_on+0x9c/0x150
[  681.710568][ T6425]  ? __pfx_kthread+0x10/0x10
[  681.715182][ T6425]  ret_from_fork+0x3f9/0x770
[  681.719871][ T6425]  ? __pfx_ret_from_fork+0x10/0x10
[  681.725001][ T6425]  ? __switch_to_asm+0x39/0x70
[  681.729879][ T6425]  ? __switch_to_asm+0x33/0x70
[  681.734661][ T6425]  ? __pfx_kthread+0x10/0x10
[  681.739269][ T6425]  ret_from_fork_asm+0x1a/0x30
[  681.744059][ T6425]  </TASK>
[  681.747099][ T6425] Modules linked in:
[  681.751820][ T6425] ---[ end trace 0000000000000000 ]---
[  681.766165][ T6425] RIP: 0010:ext4_do_writepages+0x4607/0x4610
[  681.772397][ T6425] Code: c6 c0 77 9e 8b e8 c9 f8 93 ff 90 0f 0b e8 51 78 4c ff 4c 89 f7 48 c7 c6 a0 7b 9e 8b e8 b2 f8 93 ff 90 0f 0b e8 3a 78 4c ff 90 <0f> 0b 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90
[  681.792275][ T6425] RSP: 0018:ffffc9000ebbecc0 EFLAGS: 00010293
[  681.798477][ T6425] RAX: ffffffff827338d6 RBX: 0000006210000000 RCX: ffff8880252d1e00
[  681.806593][ T6425] RDX: 0000000000000000 RSI: 0000004000000000 RDI: 0000000000000000
[  681.815331][ T6425] RBP: ffffc9000ebbf0f0 R08: ffff88805211c347 R09: 1ffff1100a423868
[  681.823464][ T6425] R10: dffffc0000000000 R11: ffffed100a423869 R12: 0000000000000001
[  681.834951][ T6425] R13: ffffc9000ebbf140 R14: 0000004000000000 R15: dffffc0000000000
[  681.843419][ T6425] FS:  0000000000000000(0000) GS:ffff888125be3000(0000) knlGS:0000000000000000
[  681.898248][ T6425] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  682.009461][ T6425] CR2: 000000110c44d80c CR3: 000000007be22000 CR4: 00000000003526f0
[  682.018067][ T6425] Kernel panic - not syncing: Fatal exception
[  682.024499][ T6425] Kernel Offset: disabled
[  682.028833][ T6425] Rebooting in 86400 seconds..