last executing test programs:

5m36.380847076s ago: executing program 3 (id=142):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0x1, 0xfffffffc}, 0x50)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000003c0), &(0x7f0000000080)=@udp=r1, 0x1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b7040000000000008500000033"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r2, r4, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x1a, &(0x7f0000000340)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x2f}, @remote, @val={@void, {0x812d, 0x1, 0x1, 0x4}}, {@llc={0x4, {@snap={0x0, 0x0, "c0", "118190", 0xa00}}}}}, 0x0)

5m36.159067743s ago: executing program 3 (id=144):
syz_open_dev$usbfs(&(0x7f0000000000), 0xffff, 0x100)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@private1, 0x800, 0x0, 0x103, 0x1, 0x0, 0x4}, 0x20)
syz_mount_image$exfat(&(0x7f0000002bc0), &(0x7f0000000880)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x1004002, &(0x7f0000000240)=ANY=[@ANYBLOB='utf8,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',fmask=00000000000000000000377,dmask=00000000000000000000357,discard,iocharset=cp437,errors=continue,discard,\x00'], 0x1, 0x1533, &(0x7f0000006800)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k0uiyTJJUkuSZIkSW4JSZIjCYkht6QhCcllSC5DSC4Tk8b9fr8kJEmTJCG5Jev/mZi/OnX+55xfnfz+Z57v5/N+Zj2z3mftZ88z73733vPyTZehNRrVrNqAiOAPwYtfEgAgFgAGAsA1ABAAQNm4snEZ89klJvyxjbA/10PJV7oCdiVx/7M27n/Wxv3P2rj/WRv3P2vj/mdt3P+sjfvPWFa2eXr+a/mRdR98/z8r4/f//yLpJcd+sbbk9V0BYv7VFO7////wD+Ry//9rBf/Kk7j/WRv3P6uKvdIFsP8F+PWfFWT7hzPc/6yN+89YVvbLe8GxcOXvR//VD4j8J/8G4ntd/Clf+f38h/vPGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4z9Bc74yxQAZI6vdF2MMcYYY4wxxhj78/hsV7oCxhhjjDHGGGOM/echCJCgIIAYyAaxkB1ygACIyZy/FuLgOsgN10MeyAv5ID/EQwEoCBoMWCAIoRAUhijcAEXgRigKxaA4lAAHJaEU3ASl4WYoA7dAWbgVysFtUB4qQEWoBLdDZbgDqsCdUBXugmpQHWpATbgbasE9UBvuhTpwH9SF+6EePAD14UFoAA9BQ3gYGsEj0BgehSbQFJpBc2jxP8p/AXrAi9ATekEC9IY+8BL0hX7QHwbAQHgZBsErMBhehUQYAkPhNRgGr8NweANGwEgYBW/CaHgLxsBYGAfjIQkmwER4GybBOzAZpsBUmAbJMB1mwLswE2bBbHgP5sD7MBfmwXxYACnwASyERZAKH8Ji+AjSYAkshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFbbAddsBO+Bh2wSewG/bAXvgU9sFn/2b+6b/L74qAgAIFKlQYgzEYi7GYA3NgTsyJuTAXRjCCcRiHuTE35sE8mA/zYTzGY0EsiAYNEhIWwkIYxSgWwSJYFIticSyODh2WwlJYGm/GMlgGy2JZLIflsDxWwApYCSthZayMVbAKVsWqWA2rYQ2sgXfj3dgba2NtrIN1sC7Wzbw9hQ2wATbEhtgIG2FjbIxNsAk2w2bYAltgS2yJrbAVtsE22BbbYjtsh+2xPXbADtgRO2In7ISdsTN2wS7YFbtht/QXsgG+iC9iL6wmemMf7IN9MTFbfxyAA/BlHISv4Cv4KibiEByKr+Fr+DoOx1M44sJIHIWjsLJ4C8fgWCQxHpMwCSfiRJyEk3AyTsEpOA2TcTrOwBk4E2fhLHwP5+D7+D7Ow3m4AFMwBRfiIkzFVFyMpzENl+BSXIbLcQUux1W4GlfhWlyHa3EDbsBNuAm34BbchttwB+7Aj1EB4Ce4B/dgIu7Dfbgf9+MBPIAH8SCmYzoewkN4GA/jETyCR/EoHsPjeAKP40k8iafwNJ7BM3gOz+F5fC7+q4YfF1uTCCKDEkrEiBgRK2JFDpFD5BQ5RS6RS0RERMSJOJFb5BZ5RB6RT+QT8SJeFBQFhRFGkAgzjhQiKqKiiCgiioqiorgoLpxwopQoJUqL0qKMKCPKiltFOXGbKC8qiNaukqgkKos2roq4U1QVVUU1UV3UEDVFTVFL1BK1RW1RR9QRdUVdUU88IOqL3tgfHxIZnWkkhmBjMRSbiKZCXjpCtRTDsZVoLdqIJ8RIHIHtREvXXjwtOogx2FH8TYzFZ0VnMR67iOdFV9FNdBcviB6ilespeonJ2Fv0EdOwr+gn+osBYiZWF+/hnOw1xKsiUQwRQ8VrYgG+LoaLN8QIMVKMEm+K0eItMUaMFePEeJEkJoiJ4m0xSbwjJospYqqYJpLFdDFDvCtmillitnhPzBHvi7linpgvFogU8YFYKBaJVPGhWCw+EmliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Ck+FrvEJ2K32CP2ik/FPvGZ2C8+FwfEF+Kg+FKki6/EIfG1OCy+EUfEt+Ko+E4cE8fFCfG9OCl+EKfEaXFGnBXnxI/ivPhJXBBegEQppJRKBjJGZpOxMrvMIa+SOWWQefyXcfI6mVteL/PIvDKfzC/jZQFZUGpppJUkQ1lIFpZReYMsIm+URWUxWVyWkE6WlKXkTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiF7dRTVaXNWRNebdMgHtkbXmvrCPvk3Xl/bKefEDWlw/KBvIh2VA+LBvJR2Rj+ahsIpvKZrK5bCEfky3l47KVbC3byCdkW/mkbCefku3l07KD9Jd+RZ6VneVzsot8XnaV3WR3+ZO8IL3sKXtJ6A2yj3xJ9pX9ZH85QA6UL8tB8hU5WL4qE+UQOVS+JofJ1+Vw+YYcIUfKUfJNOVq+JcfIsXKcHC+T5AQ5Ub4tJ8l35GQ5RU6V02SynC77X1pptpT/NP/t38kf/PPWN8nNcovcKrfJ7XKH3Ck/lrvkLrlb7pZ75V65T+6T++V+eUAekAflQZku0+UheUgeloflEXlEHpVH5TF5XJ6V38uT8gd5Sp6Wp+VZeU6ek+cv/QxAoRJKKqUCFaOyqViVXeVQV6mc6mqVS12jIupaFaeuU7nV9SqPyqvyqfwqXhVQBZVWRllFKlSFVGEVVTfgpV8YVVyVUE6VVKXUTf9OviqiblRFVbFf5WfWl/AP6muhWqiWqqVqpVqpNqqNaqvaqnaqnWqv2qsOqoPqqDqqTqqT6qw6qy6qi+qquqruqrvqoXqonqqnSlAJqo96SfVV/VR/NUANVC+LjH0YrAarRJWohqqhapgapoar4WqEGqFGqVFqtBqtxqgxapwap5JUkpqoJqpJapKarCarqWqqSlbJaoaaoWaqmWq2mq3mqDlqrpqr5qv5KkWlqIVqoUpVqWqxWqzS1BK1RC1Ty9QKtUKtUqvUGrVGrVPr1Aa1QaWpzWqz2qq2qu1qu9qpdqpdapfarXarvWqv2qf2qf1qvzqgDqiD6qBKV+nqkDqkDqvD6og6oo6qo+qYOqZOqBPqpDqpTqlT6ow6o86pc+q8Oq8uqAsZp32BCESgAhXEBDFBbBAb5AhyBDmDnEGuIFcQCSJBXBAX5A6uD/IEeYN8Qf4gPigQFAx0YAIbiEtNjwY3BEWCG4OiQbGgeFAicEHJoFRwU1A6uDkoE9wSlA1uDcoFtwXlgwpBxaBScHtQObgjqBLcGVQN7gqqBdWDGkHN4O6gVnBPUDu4N6gT3BfUDe4P6gUPBPWDB4MGwUNBw+DhoFHwSNA4eDRoEjQNmgXNgxZ/6vren8r7uOupe+kE3Vv30S/pvrqf7q8H6IH6ZT1Iv6IH61d1oh6ih+rX9DD9uh6u39Aj9Eg9Sr+pR+u39Bg9Vo/T43WSnqAn6rf1JP2Onqyn6Kl6mk7W0/UM/a6eqWfp2fo9PUe/r+fqeXq+XqBT9Ad6oV6kU/WHerH+SKfpJXqpXqaX6xV6pV6lV+s1eq1ep9frDXqj3qQ36y16q96mt+sdeqf+WO/Sn+jdeo/eqz/V+/Rner/+XB/QX+iD+kudrr/Sh/TX+rD+Rh/R3+qj+jt9TB/XZfT3+qT+QZ/Sp/UZfVaf0z/q8/onfUH7jJP7jLd3o4wyMSbGxJpYk8PkMDlNTpPL5DIREzFxJs7kNrlNHpPH5DP5TLyJNwVNQZOBDJlCppCJmqgpYoqYoqaoKW6KG2ecKWVKmdKmtCljypiypqwpZ8qZ8qa8qWgqmtvN7eYOc4e509xp7jJ3meqmuqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlmmpkWpoVpaVqaVqaVaWPamLamrWln2pn2pr3pYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6mgSTYPqYPqav6Wv6m/5moBloBplBZrAZbBJNohlqhpphZpgZboabEWakGZVxomreMmPMWDPOjDdJJslMNBPNJDPJTDaTzVQz1SSbZDPDzDAzzUwz28w2c8wcM9fMNfPNfJNiUsxCs9CkmlSz2Cw2aSbNLDVLzXKz3Kw0K81qs9qsNWvNelhvNpqNZrPZbLaarWa72W52mp1ml9lldpvdZq/Za/aZfWa/2W8OmAPmoDlo0k26OWQOmcPmsDlijpij5qg5Zo6ZE+aEOWlOmlPmlDljzphzJu+l90tvYm12m8NeZXPaq20ue439+zifzW/jbQFb0Gqbx+b9VWystUVtMVvclrDOlrSl7E2/icvbCrairWRvt5XtHbbKb+Ja9h5b295r69j7bE1796/iuvZ+W88+YusjAtimtqFtbhvZR2xj+6htYpvaZra5bWuftO3sU7a9fdp2sM/8Jl5oF9nVdo1da9fZ3XaPPWPP2sP2G3vO/mh72l52oH3ZDrKv2MH2VZtoh/wmHmXftKPtW3aMHWvH2fG/iafaaTbZTrcz7Lt2pp31mzjFfmDn2FQ7186z8+2Cn+OMmlLth3ax/cim2QCW2mV2uV1hV9pV/7fWZXaD3Wg32V32E7vVbrPb7Q67M/NE2O6xe+2ndp/9zB6yX9sD9gt70B6x6farn+OM/Ttiv7VH7Xf2mD1uT9jv7Un7g8rMztj37+1P9oL1FggJSJKigGIoG8VSdspBV1FOuppy0TUUoWspjq6j3HQ95aG8lI/yUzwVoIKkyZAlopAKUWGK0g2UWV5xKkGOSlIpuolK081Uhm6hsnQrlaPbqDxVoIpUiW6nynQHVaE7qSrdRdWoOtWgmnQ31aJ7qDbdS3XoPqpL91M9eoDq04PUgB6ihvQwNaJHqDE9Sk2oKTWj5tSCHqOW9Di1otbUhp6gtvQktaOnqD09TR3oGepIf6NO9Cx1pueoCz1PXakbdacXqAe9SD2pFyVQb+pDL1Ff6kf9aQANpJdpEL1Cg+lVSqQhNJReo2H0Og2nN2gEjaRR9CaNprdoDI2lcTSekmgCTaS3aRK9Q5NpCk2laZRM02kGvUszaRbNpvdoDr1Pc2kezacFlEIf0EJaRKn0IS2mjyiNltBSWkbLaQWtpFW0mtbQWlpH62kDbaRNtJm20FbaRttpB+2kj2kXfUK7aQ/tpU9pH31G++lzOkBf0EH6ktLpKzpEX9Nh+oaO0Le+F31Hx+g4naDv6ST9QKfoNJ2hs3SOfqTz9BNdIE8QYihCGaowCGPCbGFsmD3MEV4V5gyvDnOF14SR8NowLrwuzB1eH+YJ84b5wvxhfFggLBjq0IQ2pDAMC4WFw2h4Q1gkvDEsGhYLi4clQheWDEuFN4Wlw5vDMuEtYdnw1rBceFtYPqwQPnJfpfD2sHJ4R1glvDOsGt4VVgurhzXCmuHdYa3wnrB2eG9YJ7wvLBPeH9YLHwjrhw+GDcKHwobhw2Gj8JGwcfho2CRsGjYLm4ctwsfCluHjYauwddgmvCpsGz4ZtgufCtuHT4cdwmd+nr9/Ueb8E7+ZTwh7h33Cl8KXQu/vlfOjC6Ip0Q+iC6OLoqnRD6OLox9F06JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18wGDp1w0ikXuBiXzcW67C6Hu8rldFe7XO4aF3HXujh3ncvtrnd5XF6Xz+V38a6AK+i0M846cqEr5Aq7qLvBFXE3uqKumCvuSjjnSrpSrrlr4Vq4lu5x18q1dm3cE+4J96R70j3lnnJPuw7uGdfR/c11cs+6zu4595x73nV13Vx394Lr4SbkuviaTHB9XB/X1/V1/V1/N9ANdIPcIDfYDXaJLtENdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOJbkkN9FNdJPcJDfZTXZT3VSX7JLdDDfDzXQzXeVZF7cy18118918l+JS3EKXcc6Y6ha7xS7Npbmlbqlb7pa7lW6lW+1Wu7VurVvv1ruNbqPb7Da7rW6r2+62u51up9vldrnd/pqLi7p9br/b7w64A+6g+9Klu6/cIfe1O+y+cUfct+6o+84dc8fdCfe9O+l+cKfcaXfGnXXn3I/uvPvJXXDeJUUmRCZG3o5MirwTmRyZEpkamRZJjkyPzIi8G5kZmRWZHXkvMifyfmRuZF5kfmRBJCXyQWRhZFEkNfJhZHHko0haZElkaWRZZHlkRcT7AltDX8gX9lF/gy/ib/RFfTFf3Jfwzpf0pfxNvvTFutO8v9WX87f58r6Cr+gf9U18U9/MN/ct/GO+pX/ct/KtfRv/hG/rn/Tt/FO+vX/ad/DP+I7+b76Tf9Z39s/5Lv5539V38939C76Hf9H39L18gu/t+/iXfF/fz/f3A/xA/7If5F/xg/2rPtEP8UP9a36Yf90P92/4EX6kHxXzph+deYkM432Sn+An+rf9JP+On+yn+Kl+mk/20/0M/66f6Wf52f49P8e/7+f6eX6+X+BT/Ad+oV/kU/2HfrH/yKf5JZk3jf1Kv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9zv8Tv+x3+U/8bv9Hr/Xf+r3+c/8fv+5P+C/8Af9lz7df+UP+a/9Yf+NP+K/9Uf9d/6YP+5P+O/9Sf+DP+VP+zP+rD/nf/Tn/U/+Av+bNcYYY4yxf8mEy0Px65mLt/N7/06O+MWT+wDA1dvyp/9yPuOMcn2ei+N+Ij424+vTvbo8lPmoVi0hIeHSc9MkBIXnAWT+JSjDzx89uBQvgTbwJLSH1lD6d+vvJ7qdo3+yfvRWgBy/yMkoKDO+vP7nAJjwO+s/9sSoheXCM3H/j/XnARQtfDknO1yOl0Cbn++vtIYy/6D+vC3/Sf3Zv0gCaPWLnJxwOb5cfyl4HJ6B9r96JmOMMcYYY4wxdlE/UbFT5vVn5ic+f+/6PF5dzskGl+N/dn3OGGOMMcYYY4yxK+/Zbt2feqx9+9ad/v1Blf9R1r88aAz/qZV58LsD7wEyv6MA4A8uCJAxkH/lXmz5S7aVeOml8/dTy8/6AP53tPLPGFzhAxNjjDHGGGPsT3f5pP/X31dXqiDGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYywL+iv+O7ErvY+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYlfZ/AgAA//+1tfsI")
msgget$private(0x0, 0x193)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4)

5m34.792083874s ago: executing program 3 (id=150):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20020000)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
sendfile(r2, r1, 0x0, 0x578410eb)

5m33.895522081s ago: executing program 3 (id=154):
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000100)={0x0, 0xba, "91082c92f0ad8d5ab1a33e95b6753b4161d58bcc6f84e226dca7420d517efc16154d01e518378a1803b9d7556f4c98ef70a3ba54263476aec1e43e1d4f46117ad5e02f1252db643b8625de14c590f50020d0cb9891628ae5eadea6d6b576d7dcc17ae77156c9784dcb7e614200a0b3a423445d749ffb5b351edbbb3504440fe5c2a67412ba45d38825e22b317e51e90270349575a42be9ebaed52a16da5e14274371c463a3ff6c0cd607ff36085c93ab0e3f054d58470d80d879"}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000001a80)=""/4102, &(0x7f00000001c0)=0x1006)

5m33.795636925s ago: executing program 3 (id=155):
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000fe857108480b0730644f010203010902120001000000000904"], 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)

5m30.438871767s ago: executing program 3 (id=158):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
getsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x8, 0x0, &(0x7f0000004440))
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, 0x0, 0x8c, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)

5m15.043250854s ago: executing program 32 (id=158):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
getsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x8, 0x0, &(0x7f0000004440))
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, 0x0, 0x8c, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)

4m25.288024506s ago: executing program 1 (id=269):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20040845}, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000001480))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48048}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000014c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m24.467691011s ago: executing program 1 (id=274):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x30, r1, 0x207, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x8, 0x8, 0x0, 0x1, [{0x4}]}]}, 0x30}}, 0x0)

4m21.84699425s ago: executing program 1 (id=275):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000500)={'vlan0\x00', @random="013701352ebf"})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
syz_pidfd_open(r1, 0x0)
ptrace$peekuser(0x3, r1, 0xffffffffffffffff)
read(0xffffffffffffffff, 0x0, 0x0)

4m21.329779516s ago: executing program 1 (id=277):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xdf}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x1000c957}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)

4m20.536177511s ago: executing program 1 (id=279):
mkdirat(0xffffffffffffff9c, 0x0, 0x1d7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x2cf2, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10a, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r3, @ANYBLOB="08000100"], 0x90}}, 0x0)
syz_usb_connect(0x4, 0x36, 0x0, 0x0)

4m17.173141642s ago: executing program 1 (id=285):
syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f000012d000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f000012d000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x9315, 0x1d080, 0x0, 0x37a})
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x9315, 0x1d080, 0x0, 0x37a})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x20004080)
getresuid(0x0, &(0x7f0000000200), &(0x7f0000000280))
getuid()
mount$tmpfs(0x0, 0x0, 0x0, 0x84022, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/xfrm_stat\x00')
readv(r2, &(0x7f0000000780)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r3, 0x5, 0xe, 0x0, &(0x7f00000000c0)="469dc2d342e2b7000091000000000bcf48f3ac4e19a56ceb0b42c0", 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x22)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, 0x0, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x4a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440))
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000)

4m1.418675251s ago: executing program 33 (id=285):
syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f000012d000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f000012d000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x9315, 0x1d080, 0x0, 0x37a})
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x9315, 0x1d080, 0x0, 0x37a})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x20004080)
getresuid(0x0, &(0x7f0000000200), &(0x7f0000000280))
getuid()
mount$tmpfs(0x0, 0x0, 0x0, 0x84022, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/xfrm_stat\x00')
readv(r2, &(0x7f0000000780)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r3, 0x5, 0xe, 0x0, &(0x7f00000000c0)="469dc2d342e2b7000091000000000bcf48f3ac4e19a56ceb0b42c0", 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x22)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, 0x0, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x4a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440))
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000)

19.766263636s ago: executing program 4 (id=728):
syz_open_dev$radio(&(0x7f00000000c0), 0x1, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x5, 0x0, 0x0)
timerfd_create(0x0, 0x0)
syz_open_dev$media(&(0x7f0000000040), 0x7fdffffe, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
pselect6(0x40, &(0x7f0000000240)={0x0, 0x9, 0x1ff, 0x7d, 0x0, 0x8000, 0xffffffffffffffb6, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0x4, 0x9, 0x2, 0x8, 0x80000006}, 0x0, 0x0)

19.447010766s ago: executing program 4 (id=730):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ptrace$ARCH_SHSTK_DISABLE(0x1e, r0, 0x0, 0x5002)
r1 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
ioctl$SNDCTL_SEQ_CTRLRATE(r1, 0xc0045103, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r6, 0x1, 0x8, 0x0, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r7 = accept(r4, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r6, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)

18.005016389s ago: executing program 4 (id=732):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TTY_SET(r3, 0x0, 0x80)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setparam(r0, &(0x7f00000006c0)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_route(0x10, 0x3, 0x0)
epoll_create(0x7)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
fchmod(0xffffffffffffffff, 0x29)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x0, 0x0}, 0x10)
syz_emit_ethernet(0x52, &(0x7f00000003c0)={@broadcast, @link_local, @val={@val={0x88a8, 0x4, 0x0, 0x1}, {0x8100, 0x0, 0x1, 0x2}}, {@ipv6={0x86dd, @tcp={0xa, 0x6, "eba828", 0x14, 0x6, 0xff, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], {{0x4e20, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x1, 0x0, 0x0, 0x7}}}}}}}, 0x0)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

16.854980374s ago: executing program 4 (id=734):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x104}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000480), 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xbc}}, 0x0)

15.810264146s ago: executing program 4 (id=736):
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000300)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x4000001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="4800000010001f"], 0x48}}, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

15.398500909s ago: executing program 4 (id=737):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0}, 0x94)
socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ioperm(0x5, 0x6, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x20008000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @private=0xa010100}, 0x0, 0x1, 0x4, 0x2}}, 0x26)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000580)=""/102392, 0x18ff8)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x41000000, 0x0, 0x0, 0x0, 0x0, 0x0)

14.682552192s ago: executing program 5 (id=739):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYRES64], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
syz_usb_disconnect(r0)

12.49589175s ago: executing program 0 (id=742):
fspick(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x18, r4, 0x1, 0x70bd25, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x808)

11.282704198s ago: executing program 2 (id=744):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x104}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000480), 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xbc}}, 0x0)

11.282518288s ago: executing program 5 (id=745):
r0 = socket(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'veth0_to_batadv\x00', &(0x7f0000000080)=@ethtool_cmd={0x4e, 0x40, 0x1ff, 0x3, 0x6, 0x4c, 0x4, 0xb, 0x6, 0x0, 0x9, 0x10001, 0xaff0, 0xa8, 0xac, 0x5, [0xb, 0x8]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x7, &(0x7f0000000000), 0x4)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
r3 = syz_open_procfs(0x0, 0x0)
pread64(r3, &(0x7f00000000c0)=""/144, 0x90, 0x2f)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_GUEST_MEMFD(r5, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0x0, r6})
ioctl$KVM_PRE_FAULT_MEMORY(0xffffffffffffffff, 0xc040aed5, 0x0)
close(r6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x14}}, 0x0)

11.281890368s ago: executing program 0 (id=746):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
r0 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
fallocate(r0, 0x0, 0x0, 0x1001f0)
open(&(0x7f00000001c0)='./file1\x00', 0x101000, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
write$cgroup_devices(r1, &(0x7f0000000100)={'b', ' *:* ', 'm\x00'}, 0x8)
unlink(&(0x7f0000000000)='./file1\x00')

10.23498991s ago: executing program 2 (id=747):
mkdirat(0xffffffffffffff9c, 0x0, 0x1d7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x2cf2, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x10a, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r4], 0x90}}, 0x0)
syz_usb_connect(0x4, 0x36, 0x0, 0x0)

7.088331859s ago: executing program 5 (id=748):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
socket$kcm(0x29, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0xffc0}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)

7.04467528s ago: executing program 0 (id=749):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ptrace$ARCH_SHSTK_DISABLE(0x1e, r0, 0x0, 0x5002)
r1 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
ioctl$SNDCTL_SEQ_CTRLRATE(r1, 0xc0045103, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = accept(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
recvfrom(r5, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)

6.387782481s ago: executing program 5 (id=750):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x40, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x100e}]}, 0x40}}, 0x0)

6.322353603s ago: executing program 5 (id=751):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2fb, &(0x7f0000000180)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOl0hpYypQVGivD9JGQOc+6h93aG5Nym7dad148LOUvL6RUJxpQERES2RUYkKK6AcwzacVRavZCLg98+/n/r7r0b6UxmckapqfTspZRSanj03ZNncWfY+oBsjjzY+pr6svn35r9bP2cf5S2Vt1SxVFG6mit9ruhzpqEW8lZBU2raNHTLUPmiZZQb+VIjnzNLi4tVpRcXhhKLZcOylF6sqoJRVZWSqpSrKvRQzxeVpmlqKCHoJrsyM6OnD1k87/Nk8JuUy2k9JCLxPZnsSl8mBAAA+qq9/w+K8rP/Xz23URm8vTbs9P/rUa/+//Knxt/a1f/HRMSz/3cf37P/1+v9f1h67f/3dkRny5H6f5wMo9E9pwLNsJ4sp/WE8/9re3l/dcwO6P8BAAAAAAAAAAAAAAAAAAAAAPgTbNdqyVqtlnSP7k89FxOR1t/bhETk6vHPGH7qdP0Hul9/nALND+6Fh0XMV0vZpWzj6AzYEBFTDBmTpPyw7wdHPXY/eaTqRuS9uezULy9lQ3YmnZO8XT8uyYi019dqU9czk+OqYXd9RBKt9SlJyl/e9SnP+qhcON9Sr0lSPsxLSUxZsOfRrH8+rtS1m5m2+rg9DgAAAACA00BTOzz375rWKd+o39lft78+EGrur8c89+dh+S/c37UDAAAAAHBWWNWnBd00jfI+QVy6j2kEkR7GtAfhgww+QOCusNcq970MPk+jt8B98F2pmHPS96clcICnpUMQlMNUjdZXo466Cvdlo05jZHqi51WI+Hkp/3nz9rt/98aVtViXlR4+CO1/A0Sct38BAAAAOEWaTb97ZqK/EwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Aw6ju+36/caAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJPiVwAAAP//FZkC4A==")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
kcmp(0x0, 0x0, 0x0, r3, r3)
modify_ldt$write2(0x11, &(0x7f00000004c0)={0x9, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
ioprio_set$pid(0x1, r0, 0x0)

5.961053224s ago: executing program 2 (id=752):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00"/14], 0x48)
creat(&(0x7f0000000c00)='./file0\x00', 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xf, 0x4, 0x4, 0x16, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
socket$inet6(0xa, 0x3, 0x1)

5.503298968s ago: executing program 0 (id=753):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000062c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2022012, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000069fa6b079a848a500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba5234400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b60dd7710000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048636662867d08f50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x20, 0x0, 0x80000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r2, 0x40806685, &(0x7f0000000240)={0x4, 0xffffffffffffffff, 'id1\x00'})

3.239055649s ago: executing program 0 (id=754):
fspick(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x18, r4, 0x1, 0x70bd25, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x808)

1.527819242s ago: executing program 2 (id=755):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x104}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000480), 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0xbc}}, 0x0)

582.739432ms ago: executing program 5 (id=756):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
syncfs(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socket$nl_generic(0x10, 0x3, 0x10)

553.123552ms ago: executing program 0 (id=757):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
r0 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
fallocate(r0, 0x0, 0x0, 0x1001f0)
open(&(0x7f00000001c0)='./file1\x00', 0x101000, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
write$cgroup_devices(r1, &(0x7f0000000100)={'b', ' *:* ', 'm\x00'}, 0x8)
unlink(&(0x7f0000000000)='./file1\x00')

477.414415ms ago: executing program 2 (id=758):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
pwritev(r0, &(0x7f0000000480)=[{&(0x7f00000001c0)="e7", 0x1}], 0x1, 0x2, 0x80)
socket(0x2, 0x80805, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
bind$inet(r1, &(0x7f00000002c0)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_int(r1, 0x0, 0x17, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200"/69], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000000)
socket$kcm(0xf, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2, 0x6}}}}}}, 0x0)

2.04676ms ago: executing program 2 (id=759):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rmdir(&(0x7f0000000040)='./file0/../file0/file0\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r2=>0x0}, 0x2020)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0xfffffffffffffff5, r2, {0x7, 0x2d, 0x0, 0x0, 0xfffc, 0x0, 0x2a7e, 0x6, 0x0, 0x0, 0x40}}, 0x50)

0s ago: executing program 34 (id=737):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0}, 0x94)
socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ioperm(0x5, 0x6, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x20008000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @private=0xa010100}, 0x0, 0x1, 0x4, 0x2}}, 0x26)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000580)=""/102392, 0x18ff8)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x41000000, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.107' (ED25519) to the list of known hosts.
syzkaller login: [   73.134929][ T5761] cgroup: Unknown subsys name 'net'
[   73.246094][ T5761] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   74.915322][ T5761] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.495443][ T5775] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.522417][ T5784] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.528334][ T5775] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.533302][ T5784] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   76.543677][ T5780] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.545504][ T5782] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.552381][ T5780] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.561380][ T5784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.570910][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   76.575833][ T5784] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.581951][ T5786] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   76.587605][ T5782] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.603498][ T5782] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.611392][ T5784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   76.619757][ T5782] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   76.628552][ T5784] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   76.635984][ T5775] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   76.642608][ T5786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.643536][ T5784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   76.652185][ T5786] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.665942][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   76.666019][ T5786] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.685397][ T5784] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.685428][ T5786] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.161511][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   77.219068][ T5779] chnl_net:caif_netlink_parms(): no params data found
[   77.239971][ T5776] chnl_net:caif_netlink_parms(): no params data found
[   77.386290][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   77.403417][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.410753][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.418298][ T5772] bridge_slave_0: entered allmulticast mode
[   77.425506][ T5772] bridge_slave_0: entered promiscuous mode
[   77.475392][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.483124][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.490705][ T5772] bridge_slave_1: entered allmulticast mode
[   77.497662][ T5772] bridge_slave_1: entered promiscuous mode
[   77.521865][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.529210][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.536648][ T5779] bridge_slave_0: entered allmulticast mode
[   77.543982][ T5779] bridge_slave_0: entered promiscuous mode
[   77.572789][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.582700][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.590360][ T5776] bridge_slave_0: entered allmulticast mode
[   77.597162][ T5776] bridge_slave_0: entered promiscuous mode
[   77.606800][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.614046][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.621351][ T5776] bridge_slave_1: entered allmulticast mode
[   77.630908][ T5776] bridge_slave_1: entered promiscuous mode
[   77.638213][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.645341][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.652759][ T5779] bridge_slave_1: entered allmulticast mode
[   77.659679][ T5779] bridge_slave_1: entered promiscuous mode
[   77.723399][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.736112][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.751005][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.778660][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.819933][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.843617][ T5772] team0: Port device team_slave_0 added
[   77.873014][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.884114][ T5772] team0: Port device team_slave_1 added
[   77.901657][ T5779] team0: Port device team_slave_0 added
[   77.912058][ T5779] team0: Port device team_slave_1 added
[   77.918940][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.926199][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.933847][ T5774] bridge_slave_0: entered allmulticast mode
[   77.941013][ T5774] bridge_slave_0: entered promiscuous mode
[   77.949430][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.956642][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.964249][ T5774] bridge_slave_1: entered allmulticast mode
[   77.971222][ T5774] bridge_slave_1: entered promiscuous mode
[   78.037642][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.044629][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.071979][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.094429][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.101840][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.127969][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.142147][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.150130][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.176334][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.189618][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.196689][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.223646][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.238100][ T5776] team0: Port device team_slave_0 added
[   78.246524][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.260898][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.297290][ T5776] team0: Port device team_slave_1 added
[   78.328160][ T5774] team0: Port device team_slave_0 added
[   78.354793][ T5774] team0: Port device team_slave_1 added
[   78.421774][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.428871][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.455134][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.471080][ T5772] hsr_slave_0: entered promiscuous mode
[   78.478654][ T5772] hsr_slave_1: entered promiscuous mode
[   78.486488][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.493935][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.520479][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.538364][ T5779] hsr_slave_0: entered promiscuous mode
[   78.547293][ T5779] hsr_slave_1: entered promiscuous mode
[   78.554168][ T5779] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.562133][ T5779] Cannot create hsr debugfs directory
[   78.568742][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.575889][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.602070][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.620121][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.627116][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.656115][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.668460][ T5085] Bluetooth: hci1: command tx timeout
[   78.747905][ T5085] Bluetooth: hci3: command tx timeout
[   78.752012][ T5778] Bluetooth: hci0: command tx timeout
[   78.753896][ T5085] Bluetooth: hci2: command tx timeout
[   78.833430][ T5774] hsr_slave_0: entered promiscuous mode
[   78.840557][ T5774] hsr_slave_1: entered promiscuous mode
[   78.846922][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.855397][ T5774] Cannot create hsr debugfs directory
[   78.895712][ T5776] hsr_slave_0: entered promiscuous mode
[   78.902105][ T5776] hsr_slave_1: entered promiscuous mode
[   78.908943][ T5776] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.916849][ T5776] Cannot create hsr debugfs directory
[   79.235399][ T5772] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.258490][ T5772] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.270551][ T5772] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.281009][ T5772] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.366681][ T5779] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.381342][ T5779] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.401384][ T5779] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.414379][ T5779] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.499285][ T5776] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.510568][ T5776] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.526710][ T5776] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.538863][ T5776] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.611942][ T5774] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.625372][ T5774] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.636833][ T5774] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.647305][ T5774] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.785568][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.837460][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   79.861587][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.896184][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.908340][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.915903][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.945047][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.952330][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.973984][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.992893][ T5779] 8021q: adding VLAN 0 to HW filter on device team0
[   80.025509][ T5776] 8021q: adding VLAN 0 to HW filter on device team0
[   80.046991][ T3490] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.054194][ T3490] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.080557][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   80.094346][ T3490] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.101632][ T3490] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.112566][ T3490] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.119765][ T3490] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.169859][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.177329][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.187072][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.194260][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.230693][ T1079] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.237845][ T1079] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.386507][ T5774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.675005][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.748987][ T5085] Bluetooth: hci1: command tx timeout
[   80.812711][ T5772] veth0_vlan: entered promiscuous mode
[   80.829381][ T5085] Bluetooth: hci2: command tx timeout
[   80.834869][ T5085] Bluetooth: hci0: command tx timeout
[   80.841230][ T5786] Bluetooth: hci3: command tx timeout
[   80.868166][ T5772] veth1_vlan: entered promiscuous mode
[   80.932367][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.979764][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.994259][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.050817][ T5772] veth0_macvtap: entered promiscuous mode
[   81.065256][ T5772] veth1_macvtap: entered promiscuous mode
[   81.097654][ T5774] veth0_vlan: entered promiscuous mode
[   81.142188][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.161818][ T5776] veth0_vlan: entered promiscuous mode
[   81.174571][ T5774] veth1_vlan: entered promiscuous mode
[   81.183837][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.205689][ T5772] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.215018][ T5772] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.225923][ T5772] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.236349][ T5772] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.257009][ T5776] veth1_vlan: entered promiscuous mode
[   81.270384][ T5779] veth0_vlan: entered promiscuous mode
[   81.334285][ T5779] veth1_vlan: entered promiscuous mode
[   81.404771][ T5776] veth0_macvtap: entered promiscuous mode
[   81.443649][ T5776] veth1_macvtap: entered promiscuous mode
[   81.473864][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.483432][ T5774] veth0_macvtap: entered promiscuous mode
[   81.489597][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.504335][ T5774] veth1_macvtap: entered promiscuous mode
[   81.512699][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.527488][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.541951][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.575148][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.586928][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.598376][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.609376][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.621242][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.652484][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.663480][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.675128][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.693110][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.705068][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.715787][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.726496][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.738896][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.754207][ T5774] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.763522][ T5774] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.772847][ T5774] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.782112][ T5774] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.804606][ T5776] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.813633][ T3490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.823440][ T3490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.827801][ T5776] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.839975][ T5776] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.849170][ T5776] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.874007][ T5779] veth0_macvtap: entered promiscuous mode
[   81.888053][ T5779] veth1_macvtap: entered promiscuous mode
[   81.964803][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.975629][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.986231][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.997251][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.008064][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.019836][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.033929][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.065108][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.076616][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.087952][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.098687][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.109487][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.120556][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.133098][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.183839][ T5779] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.198718][ T5779] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.209481][ T5779] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.218362][ T5779] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.262409][ T4795] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.289171][ T4795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.356046][ T3490] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.368754][ T3490] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.403130][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.435999][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.497467][ T3490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.553210][ T3490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.584576][ T1069] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.627902][ T1069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.749650][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.790348][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.828783][ T5085] Bluetooth: hci1: command tx timeout
[   82.908743][ T5085] Bluetooth: hci0: command tx timeout
[   82.914206][ T5085] Bluetooth: hci3: command tx timeout
[   82.921430][ T5786] Bluetooth: hci2: command tx timeout
[   83.349617][ T5851] syz.0.1[5851]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   83.416217][ T5851] loop0: detected capacity change from 0 to 256
[   83.470405][ T5851] exfat: Deprecated parameter 'utf8'
[   83.608577][ T5851] exFAT-fs (loop0): bogus number of FAT structure
[   83.656958][ T5851] exFAT-fs (loop0): failed to read boot sector
[   83.677134][ T5851] exFAT-fs (loop0): failed to recognize exfat type
[   84.241875][ T5860] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[   86.815612][ T5879] loop2: detected capacity change from 0 to 764
[   87.051355][   T28] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   87.301528][   T28] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   87.344554][   T28] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   87.387641][   T28] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[   87.396950][   T28] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   87.408567][   T28] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[   87.444274][   T28] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   87.467092][   T28] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   87.506914][   T28] usb 2-1: Product: syz
[   87.531372][   T28] usb 2-1: Manufacturer: syz
[   87.546381][ T5879] process 'syz.2.9' launched './file0' with NULL argv: empty string added
[   87.674023][   T28] cdc_wdm 2-1:1.0: skipping garbage
[   87.680142][   T28] cdc_wdm 2-1:1.0: skipping garbage
[   87.730608][   T28] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[   87.736811][   T28] cdc_wdm 2-1:1.0: Unknown control protocol
[   88.506820][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.513947][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.520713][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.527458][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.534644][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.541322][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.547738][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.554567][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.564010][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.570811][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.577188][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.583940][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.590607][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.597332][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.604068][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.610709][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.617251][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.623879][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.630283][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[   88.637005][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[   88.647135][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   88.656076][    T8] usb 2-1: USB disconnect, device number 2
[   88.705665][ T5902] loop5: detected capacity change from 0 to 7
[   88.757986][ T5903] binder: 5896:5903 ioctl c0285840 200000000000 returned -22
[   89.403033][ T5902] Dev loop5: unable to read RDB block 7
[   89.477676][ T5902]  loop5: unable to read partition table
[   89.483491][ T5902] loop5: partition table beyond EOD, truncated
[   89.508295][ T5902] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[   90.161797][ T5890] loop0: detected capacity change from 0 to 32768
[   90.234849][ T5890] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.10 (5890)
[   91.817542][    C0] sched: RT throttling activated
[   92.350003][   T23] cfg80211: failed to load regulatory.db
[   92.438945][ T5923] syz.1.14 uses obsolete (PF_INET,SOCK_PACKET)
[   98.144217][ T5954] lo speed is unknown, defaulting to 1000
[   98.152154][ T5954] lo speed is unknown, defaulting to 1000
[   98.160389][ T5954] lo speed is unknown, defaulting to 1000
[   98.170794][ T5954] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   98.183596][ T5954] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   98.208570][ T5954] lo speed is unknown, defaulting to 1000
[   98.216554][ T5954] lo speed is unknown, defaulting to 1000
[   98.223976][ T5954] lo speed is unknown, defaulting to 1000
[   98.230726][ T5954] lo speed is unknown, defaulting to 1000
[   98.237395][ T5954] lo speed is unknown, defaulting to 1000
[  101.578138][ T5980] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  103.064720][ T6000] hsr0: entered promiscuous mode
[  104.958399][ T6020] (null): rxe_set_mtu: Set mtu to 256
[  104.967912][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  104.985871][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  104.997605][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  105.328909][ T6020] infiniband syz2: set active
[  105.333875][ T6020] infiniband syz2: added vxcan1
[  105.340677][ T6020] syz2: rxe_create_cq: returned err = -12
[  105.346699][ T6020] infiniband syz2: Couldn't create ib_mad CQ
[  105.352883][ T6020] infiniband syz2: Couldn't open port 1
[  105.373013][ T6020] RDS/IB: syz2: added
[  105.377403][ T6020] smc: adding ib device syz2 with port count 1
[  105.383902][ T6020] smc:    ib device syz2 port 1 has pnetid 
[  105.391966][   T28] vxcan1 speed is unknown, defaulting to 1000
[  105.409249][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  105.524317][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  105.554775][   T23] vxcan1 speed is unknown, defaulting to 1000
[  105.708850][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  105.839586][ T6020] vxcan1 speed is unknown, defaulting to 1000
[  106.368489][ T6031] Zero length message leads to an empty skb
[  107.537821][ T6046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.48'.
[  107.547174][ T6046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.48'.
[  108.450423][ T6056] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  108.539668][ T6040] loop2: detected capacity change from 0 to 32768
[  108.548783][ T6040] =======================================================
[  108.548783][ T6040] WARNING: The mand mount option has been deprecated and
[  108.548783][ T6040]          and is ignored by this kernel. Remove the mand
[  108.548783][ T6040]          option from the mount to silence this warning.
[  108.548783][ T6040] =======================================================
[  108.628254][ T6040] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  108.713630][ T6040] JBD2: Ignoring recovery information on journal
[  108.884262][ T6040] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  109.548904][ T6040] netdevsim netdevsim2: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  110.833956][ T6067] lo speed is unknown, defaulting to 1000
[  110.921859][ T6067] vxcan1 speed is unknown, defaulting to 1000
[  111.030716][ T5776] ocfs2: Unmounting device (7,2) on (node local)
[  114.289172][ T6100] loop2: detected capacity change from 0 to 512
[  114.888024][ T5765] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  116.247655][  T787] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  117.494744][  T787] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  117.507960][  T787] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  117.513690][ T6117] lo speed is unknown, defaulting to 1000
[  117.527794][  T787] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  117.529169][ T6117] vxcan1 speed is unknown, defaulting to 1000
[  117.536991][  T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.617491][  T787] usb 3-1: config 0 descriptor??
[  117.977803][ T6115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.032170][ T6115] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.070667][ T6115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.55'.
[  118.166639][ T6115] syz_tun: entered promiscuous mode
[  118.197965][ T6115] macvtap1: entered promiscuous mode
[  118.203662][ T6115] macvtap1: entered allmulticast mode
[  119.073390][ T6115] syz_tun: entered allmulticast mode
[  119.116483][ T6118] netlink: 8 bytes leftover after parsing attributes in process `syz.2.55'.
[  119.153253][ T6118] syz_tun: left allmulticast mode
[  119.161087][ T6118] syz_tun: left promiscuous mode
[  119.179158][ T6120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.54'.
[  119.188440][ T6120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.54'.
[  119.245064][  T788] usb 3-1: USB disconnect, device number 2
[  122.614038][ T6153] loop2: detected capacity change from 0 to 16
[  122.677755][ T6153] erofs: (device loop2): mounted with root inode @ nid 36.
[  124.491974][ T6162] netlink: 28 bytes leftover after parsing attributes in process `syz.0.69'.
[  124.501075][ T6162] netlink: 28 bytes leftover after parsing attributes in process `syz.0.69'.
[  127.564644][ T6181] loop0: detected capacity change from 0 to 64
[  129.390235][ T6196] mmap: syz.2.80 (6196) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  131.179092][ T6197] loop0: detected capacity change from 0 to 32768
[  132.488523][ T6226] netlink: 28 bytes leftover after parsing attributes in process `syz.1.82'.
[  132.497710][ T6226] netlink: 28 bytes leftover after parsing attributes in process `syz.1.82'.
[  133.283474][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  133.304144][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  133.452649][ T6231] loop3: detected capacity change from 0 to 256
[  133.468578][ T6231] exfat: Deprecated parameter 'utf8'
[  133.515493][ T6231] exFAT-fs (loop3): bogus number of FAT structure
[  133.523640][ T6231] exFAT-fs (loop3): failed to read boot sector
[  133.531161][ T6231] exFAT-fs (loop3): failed to recognize exfat type
[  133.858390][ T6234] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  138.412468][ T6258] loop0: detected capacity change from 0 to 256
[  138.426149][ T6258] exfat: Deprecated parameter 'utf8'
[  138.464539][ T6258] exFAT-fs (loop0): bogus number of FAT structure
[  138.482113][ T6258] exFAT-fs (loop0): failed to read boot sector
[  138.502399][ T6258] exFAT-fs (loop0): failed to recognize exfat type
[  138.715265][ T6263] loop1: detected capacity change from 0 to 2048
[  139.642176][ T6263] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  139.737845][ T6267] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  140.324607][ T6263] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  140.408309][ T6263] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  140.926426][ T6263] UDF-fs: error (device loop1): udf_read_inode: (ino 1347) failed !bh
[  143.231947][ T6286] syzkaller0: entered promiscuous mode
[  143.244548][ T6286] syzkaller0: entered allmulticast mode
[  144.654794][ T6301] loop2: detected capacity change from 0 to 256
[  144.670548][ T6301] exfat: Deprecated parameter 'utf8'
[  144.686430][ T6301] exFAT-fs (loop2): bogus number of FAT structure
[  144.761601][ T6301] exFAT-fs (loop2): failed to read boot sector
[  144.768733][ T6301] exFAT-fs (loop2): failed to recognize exfat type
[  144.816890][ T5787] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  146.748274][ T6311] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  147.040587][ T6310] lo speed is unknown, defaulting to 1000
[  147.086239][ T6310] vxcan1 speed is unknown, defaulting to 1000
[  150.095317][  T787] IPVS: starting estimator thread 0...
[  150.177681][   T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  150.219463][ T6341] IPVS: using max 18 ests per chain, 43200 per kthread
[  151.794992][ T6346] loop1: detected capacity change from 0 to 256
[  151.807609][   T23] usb 4-1: Using ep0 maxpacket: 32
[  151.817702][   T23] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  151.837674][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.845730][   T23] usb 4-1: Product: syz
[  151.850006][   T23] usb 4-1: Manufacturer: syz
[  151.854742][   T23] usb 4-1: SerialNumber: syz
[  151.862307][   T23] usb 4-1: config 0 descriptor??
[  151.866993][ T6346] exfat: Deprecated parameter 'utf8'
[  151.897616][ T6346] exFAT-fs (loop1): bogus number of FAT structure
[  151.904156][ T6346] exFAT-fs (loop1): failed to read boot sector
[  151.927628][ T6346] exFAT-fs (loop1): failed to recognize exfat type
[  151.986760][ T5765] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  152.270008][   T23] RobotFuzz Open Source InterFace, OSIF 4-1:0.0: version d4.15 found at bus 004 address 002
[  152.412108][ T6352] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  152.718586][ T6334] i2c i2c-1: adapter quirk: no zero length (addr 0x0009, size 0, read)
[  152.787904][   T23] usb 4-1: USB disconnect, device number 2
[  154.405757][   T27] audit: type=1326 audit(2000000067.060:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.3.131" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0f69d9ce59 code=0x0
[  157.637113][    T8] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  157.993991][    T8] usb 2-1: config 17 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  158.025940][    T8] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  158.045264][    T8] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  158.064716][    T8] usb 2-1: Manufacturer: syz
[  158.513588][ T6386] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  158.622549][    T8] aiptek 2-1:17.0: interface has no int in endpoints, but must have minimum 1
[  159.053280][ T6403] loop3: detected capacity change from 0 to 256
[  159.075466][ T6403] exfat: Deprecated parameter 'utf8'
[  159.108500][ T6403] exfat: Deprecated parameter 'utf8'
[  159.180819][ T6403] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  159.809308][ T6412] overlayfs: overlapping lowerdir path
[  160.179722][ T5814] usb 2-1: USB disconnect, device number 3
[  161.557671][    T8] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  161.697868][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  161.768699][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  161.836203][    T8] usb 1-1: not running at top speed; connect to a high speed hub
[  161.923198][    T8] usb 1-1: config 10 has an invalid interface number: 137 but max is 0
[  161.949752][    T9] usb 4-1: Using ep0 maxpacket: 8
[  162.012689][    T8] usb 1-1: config 10 has no interface number 0
[  162.111738][    T9] usb 4-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  162.132971][    T8] usb 1-1: config 10 interface 137 has no altsetting 0
[  162.224884][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.295385][    T8] usb 1-1: New USB device found, idVendor=1fe1, idProduct=5456, bcdDevice=65.a7
[  162.331996][    T9] usb 4-1: Product: syz
[  162.374517][    T9] usb 4-1: Manufacturer: syz
[  162.383431][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.434469][    T9] usb 4-1: SerialNumber: syz
[  162.471733][    T8] usb 1-1: Product: syz
[  162.520300][    T8] usb 1-1: Manufacturer: syz
[  162.552911][ T6427] loop1: detected capacity change from 0 to 32768
[  162.561966][    T9] usb 4-1: config 0 descriptor??
[  162.591736][    T8] usb 1-1: SerialNumber: syz
[  162.809019][    T9] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  162.982412][    T9] pctv452e: pctv452e_power_ctrl: 1
[  162.982412][    T9] 
[  163.169334][    T9] usb 4-1: selecting invalid altsetting 3
[  163.319339][    T9] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  163.319339][    T9] 
[  163.566231][    T9] dvb-usb: bulk message failed: -22 (5/0)
[  163.601691][ T6427] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  163.772678][    T8] dw2102: su3000_identify_state
[  163.889615][    T8] dvb-usb: found a 'GOTVIEW Satellite HD' in warm state.
[  163.920954][ T6427] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop1": -EINTR
[  163.989285][ T6427] XFS (loop1): log mount failed
[  164.014077][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  164.053167][    T8] dw2102: su3000_power_ctrl: 1, initialized 0
[  164.176661][    T8] dvb-usb: bulk message failed: -22 (2/0)
[  164.191568][    T9] dvbdev: DVB: registering new adapter (Technotrend TT Connect S2-3600)
[  164.391821][    T9] usb 4-1: media controller created
[  164.564977][    T8] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  164.599369][    T9] dvb-usb: bulk message failed: -22 (8/0)
[  164.654284][    T9] pctv452e: I2C error -22; AA 01  A0 01 14 -> aa 01 31 04 a0 01 14
[  164.731150][    T8] dvb-usb: GOTVIEW Satellite HD error while loading driver (-19)
[  164.739358][    T9] dvb-usb: MAC address reading failed.
[  164.818025][    T8] usb 1-1: USB disconnect, device number 2
[  164.879159][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  165.330862][    T9] DVB: Unable to find symbol stb0899_attach()
[  165.337104][    T9] dvb-usb: no frontend was attached by 'Technotrend TT Connect S2-3600'
[  166.217699][    T9] rc_core: IR keymap rc-tt-1500 not found
[  166.247358][    T9] Registered IR keymap rc-empty
[  166.287929][    T9] rc rc0: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0
[  166.311839][    T9] input: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0/input6
[  166.361615][    T9] dvb-usb: schedule remote query interval to 100 msecs.
[  166.381774][    T9] pctv452e: pctv452e_power_ctrl: 0
[  166.381774][    T9] 
[  166.406762][    T9] dvb-usb: Technotrend TT Connect S2-3600 successfully initialized and connected.
[  166.468479][    T9] usb 4-1: USB disconnect, device number 3
[  166.728798][    T9] dvb-usb: Technotrend TT Connect S2-3600 successfully deinitialized and disconnected.
[  167.469090][ T6480] virtio-fs: tag </dev/md0> not found
[  168.739829][ T6486] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  172.048395][ T6493] syz.0.171: vmalloc error: size 9223372036854775807, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  172.065582][ T6493] CPU: 0 PID: 6493 Comm: syz.0.171 Not tainted syzkaller #0
[  172.073009][ T6493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  172.083103][ T6493] Call Trace:
[  172.086417][ T6493]  <TASK>
[  172.089392][ T6493]  dump_stack_lvl+0x18c/0x250
[  172.094120][ T6493]  ? show_regs_print_info+0x20/0x20
[  172.099451][ T6493]  ? load_image+0x420/0x420
[  172.104015][ T6493]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  172.110566][ T6493]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  172.117217][ T6493]  warn_alloc+0x246/0x340
[  172.121615][ T6493]  ? zone_watermark_ok_safe+0x230/0x230
[  172.127522][ T6493]  ? __mutex_trylock_common+0x159/0x260
[  172.133115][ T6493]  __vmalloc_node_range+0x126/0x1330
[  172.138542][ T6493]  ? tomoyo_path_number_perm+0x217/0x620
[  172.144497][ T6493]  ? rcu_is_watching+0x15/0xb0
[  172.149324][ T6493]  ? trace_contention_end+0x39/0xe0
[  172.154619][ T6493]  ? __mutex_lock+0x315/0xcc0
[  172.159432][ T6493]  ? tomoyo_path_number_perm+0x5b4/0x620
[  172.165222][ T6493]  ? dvb_dvr_do_ioctl+0x79/0x220
[  172.170216][ T6493]  ? tomoyo_path_number_perm+0x217/0x620
[  172.176014][ T6493]  ? free_vm_area+0x50/0x50
[  172.180579][ T6493]  ? dvb_dvr_do_ioctl+0x12e/0x220
[  172.185834][ T6493]  vmalloc+0x79/0x90
[  172.189781][ T6493]  ? dvb_dvr_do_ioctl+0x12e/0x220
[  172.194862][ T6493]  dvb_dvr_do_ioctl+0x12e/0x220
[  172.199777][ T6493]  dvb_usercopy+0x195/0x2b0
[  172.204334][ T6493]  ? dvb_dvr_release+0x3e0/0x3e0
[  172.209578][ T6493]  ? dvb_generic_ioctl+0xb0/0xb0
[  172.214587][ T6493]  ? dvb_dvr_poll+0x230/0x230
[  172.219343][ T6493]  dvb_dvr_ioctl+0x29/0x30
[  172.223996][ T6493]  __se_sys_ioctl+0xfd/0x170
[  172.228658][ T6493]  do_syscall_64+0x55/0xb0
[  172.233125][ T6493]  ? clear_bhb_loop+0x40/0x90
[  172.237945][ T6493]  ? clear_bhb_loop+0x40/0x90
[  172.242807][ T6493]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  172.248758][ T6493] RIP: 0033:0x7fec0bf9ce59
[  172.253221][ T6493] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.272965][ T6493] RSP: 002b:00007fec0cd87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  172.281470][ T6493] RAX: ffffffffffffffda RBX: 00007fec0c215fa0 RCX: 00007fec0bf9ce59
[  172.289625][ T6493] RDX: 7fffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000005
[  172.297737][ T6493] RBP: 00007fec0c032d6f R08: 0000000000000000 R09: 0000000000000000
[  172.305825][ T6493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  172.306169][ T6489] loop2: detected capacity change from 0 to 40427
[  172.314681][ T6493] R13: 00007fec0c216038 R14: 00007fec0c215fa0 R15: 00007ffec6e89ec8
[  172.314737][ T6493]  </TASK>
[  172.315293][ T6493] Mem-Info:
[  172.335832][ T6493] active_anon:10877 inactive_anon:0 isolated_anon:0
[  172.335832][ T6493]  active_file:14953 inactive_file:40230 isolated_file:0
[  172.335832][ T6493]  unevictable:768 dirty:35 writeback:0
[  172.335832][ T6493]  slab_reclaimable:10260 slab_unreclaimable:95104
[  172.335832][ T6493]  mapped:25677 shmem:6400 pagetables:581
[  172.335832][ T6493]  sec_pagetables:0 bounce:0
[  172.335832][ T6493]  kernel_misc_reclaimable:0
[  172.335832][ T6493]  free:1336384 free_pcp:10910 free_cma:0
[  172.382558][ T6493] Node 0 active_anon:43508kB inactive_anon:0kB active_file:59812kB inactive_file:160712kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102708kB dirty:140kB writeback:0kB shmem:24064kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10660kB pagetables:2324kB sec_pagetables:0kB all_unreclaimable? no
[  172.415795][ T6493] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  172.447128][ T6493] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  172.474855][ T6493] lowmem_reserve[]: 0 2521 2522 2522 2522
[  172.480784][ T6493] Node 0 DMA32 free:1442684kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:43472kB inactive_anon:0kB active_file:59812kB inactive_file:159888kB unevictable:1536kB writepending:140kB present:3129332kB managed:2586944kB mlocked:0kB bounce:0kB free_pcp:19028kB local_pcp:17416kB free_cma:0kB
[  172.489330][ T6489] F2FS-fs (loop2): invalid crc value
[  172.512151][ T6493] lowmem_reserve[]: 0 0 0 0 0
[  172.512211][ T6493] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  172.553268][ T6493] lowmem_reserve[]: 0 0 0 0 0
[  172.558202][ T6493] Node 1 Normal free:3887488kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:24608kB local_pcp:15776kB free_cma:0kB
[  172.587979][ T6493] lowmem_reserve[]: 0 0 0 0 0
[  172.592852][ T6493] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  172.606084][ T6493] Node 0 DMA32: 870*4kB (UME) 913*8kB (UME) 806*16kB (UME) 515*32kB (UME) 319*64kB (UME) 62*128kB (UME) 30*256kB (UM) 14*512kB (ME) 19*1024kB (UME) 4*2048kB (UM) 325*4096kB (UM) = 1442208kB
[  172.625220][ T6493] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  172.637356][ T6493] Node 1 Normal: 236*4kB (UME) 50*8kB (UME) 50*16kB (UME) 65*32kB (UME) 26*64kB (UME) 7*128kB (UME) 3*256kB (UME) 0*512kB 1*1024kB (E) 2*2048kB (UE) 946*4096kB (M) = 3887488kB
[  172.655310][ T6493] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  172.665111][ T6493] Node 0 hugepages_total=7 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[  172.674654][ T6493] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  172.684371][ T6493] Node 1 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  172.688854][ T6489] F2FS-fs (loop2): Found nat_bits in checkpoint
[  172.693750][ T6493] 61682 total pagecache pages
[  172.704983][ T6493] 0 pages in swap cache
[  172.709340][ T6493] Free swap  = 124728kB
[  172.713531][ T6493] Total swap = 124996kB
[  172.717796][ T6493] 2097051 pages RAM
[  172.721648][ T6493] 0 pages HighMem/MovableOnly
[  172.726375][ T6493] 416929 pages reserved
[  172.730732][ T6493] 0 pages cma reserved
[  174.071736][ T6489] F2FS-fs (loop2): Start checkpoint disabled!
[  174.152528][ T6489] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  174.554741][ T6511] loop1: detected capacity change from 0 to 32768
[  174.682147][ T6511] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  174.688783][ T6518] 9pnet_fd: Insufficient options for proto=fd
[  174.930874][   T27] audit: type=1804 audit(2000000087.630:3): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.169" name="/newroot/52/file0/file0" dev="loop2" ino=10 res=1 errno=0
[  175.057355][ T6511] XFS (loop1): Ending clean mount
[  175.088147][ T6511] XFS (loop1): Quotacheck needed: Please wait.
[  175.299185][ T6511] XFS (loop1): Quotacheck: Done.
[  176.209003][   T27] audit: type=1800 audit(2000000088.560:4): pid=6529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.176" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=4430 res=0 errno=0
[  176.495064][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  176.821557][   T59] kworker/u4:4: attempt to access beyond end of device
[  176.821557][   T59] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  176.859452][   T59] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  176.884702][   T59] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  178.040117][    T8] libceph: connect (1)[c::]:6789 error -101
[  178.047116][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  178.108218][    T8] libceph: connect (1)[c::]:6789 error -101
[  178.129504][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  179.979650][    T8] libceph: connect (1)[c::]:6789 error -101
[  179.980251][ T6537] ceph: No mds server is up or the cluster is laggy
[  180.020202][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  180.081220][ T6546] loop0: detected capacity change from 0 to 2048
[  180.143925][ T6546] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  180.294221][ T6548] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  180.344012][ T6550] 9pnet_fd: Insufficient options for proto=fd
[  181.917815][ T5786] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  181.927151][ T5786] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  182.033778][ T5786] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  182.125538][ T6567] netlink: 32 bytes leftover after parsing attributes in process `syz.2.192'.
[  182.268773][ T5786] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  182.319247][ T5786] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  182.332538][ T5786] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  182.629192][ T5085] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  182.650232][ T5085] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  182.666792][ T5085] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  182.689222][ T5085] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  182.697472][ T5085] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  182.705222][ T5085] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  182.796015][ T6574] 9pnet_fd: Insufficient options for proto=fd
[  182.884783][ T6565] lo speed is unknown, defaulting to 1000
[  182.929145][ T6565] vxcan1 speed is unknown, defaulting to 1000
[  184.749879][ T5085] Bluetooth: hci4: command tx timeout
[  186.166991][ T6584] loop0: detected capacity change from 0 to 128
[  186.982873][ T5085] Bluetooth: hci4: command tx timeout
[  188.674441][ T6565] chnl_net:caif_netlink_parms(): no params data found
[  189.087688][ T5085] Bluetooth: hci4: command tx timeout
[  189.840530][ T6565] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.878103][ T6565] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.909206][ T6565] bridge_slave_0: entered allmulticast mode
[  189.955824][ T6565] bridge_slave_0: entered promiscuous mode
[  189.974677][ T6565] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.000005][ T6565] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.007305][ T6565] bridge_slave_1: entered allmulticast mode
[  190.044418][ T6565] bridge_slave_1: entered promiscuous mode
[  190.219165][ T6565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.241165][ T6565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.476963][ T5085] Bluetooth: hci4: command tx timeout
[  191.629542][ T6565] team0: Port device team_slave_0 added
[  191.851566][ T6565] team0: Port device team_slave_1 added
[  192.270549][ T6565] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.301041][ T6565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.339272][ T5813] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  192.354588][ T6565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.368564][ T6565] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.375679][ T6565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.403852][ T6565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.544917][ T6565] hsr_slave_0: entered promiscuous mode
[  192.553055][ T5813] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  192.567676][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.578652][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.600377][ T6565] hsr_slave_1: entered promiscuous mode
[  192.612169][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.621735][ T6565] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  192.633386][ T6565] Cannot create hsr debugfs directory
[  192.642654][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.657680][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.699827][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.728082][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.742613][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.754217][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.764020][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.773539][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.794929][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.805806][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.817801][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.852817][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.869027][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.887702][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.908605][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.927277][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.946704][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  192.967683][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.985229][ T5813] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  192.995657][ T5813] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  193.021575][ T5813] usb 1-1: config 0 interface 0 has no altsetting 0
[  193.045368][ T5813] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  193.065890][ T5813] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  193.086211][ T5813] usb 1-1: Product: syz
[  193.090677][ T5813] usb 1-1: Manufacturer: syz
[  193.095316][ T5813] usb 1-1: SerialNumber: syz
[  193.113505][ T5813] usb 1-1: config 0 descriptor??
[  193.142886][ T6565] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  193.151015][ T5813] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  193.167300][ T6635] loop1: detected capacity change from 0 to 32768
[  193.170975][ T6565] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  193.209519][ T6565] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  193.227313][ T6635] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  193.257774][ T6565] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  193.264683][ T6635] JBD2: Ignoring recovery information on journal
[  193.356038][ T6635] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  193.444345][ T6565] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.583007][ T6565] 8021q: adding VLAN 0 to HW filter on device team0
[  194.062714][ T3490] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.070163][ T3490] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.103546][ T6640] loop2: detected capacity change from 0 to 128
[  194.151116][    T9] usb 1-1: USB disconnect, device number 3
[  194.163058][ T3490] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.170341][ T3490] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.198682][    T9] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  194.238710][ T6640] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  194.324782][ T5772] ocfs2: Unmounting device (7,1) on (node local)
[  194.629262][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  194.635820][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  195.493307][ T6565] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.836344][ T6658] loop1: detected capacity change from 0 to 256
[  195.859874][ T6658] exfat: Deprecated parameter 'utf8'
[  195.891292][ T6658] exFAT-fs (loop1): bogus number of FAT structure
[  195.906428][ T6658] exFAT-fs (loop1): failed to read boot sector
[  195.936970][ T6658] exFAT-fs (loop1): failed to recognize exfat type
[  196.393385][ T6658] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  196.592912][ T6670] (null): rxe_set_mtu: Set mtu to 1024
[  197.097259][ T6565] veth0_vlan: entered promiscuous mode
[  197.372072][ T6565] veth1_vlan: entered promiscuous mode
[  197.532690][ T6565] veth0_macvtap: entered promiscuous mode
[  197.618422][ T6565] veth1_macvtap: entered promiscuous mode
[  197.668491][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.694542][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.725447][ T6670] infiniband syz1: set active
[  197.727531][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.747595][ T6670] infiniband syz1: added bond0
[  197.750617][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.763864][ T6670] syz1: rxe_create_cq: returned err = -12
[  197.772500][ T6670] infiniband syz1: Couldn't create ib_mad CQ
[  197.786117][ T6670] infiniband syz1: Couldn't open port 1
[  197.789428][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.830062][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.852564][ T6670] RDS/IB: syz1: added
[  197.858395][ T6670] smc: adding ib device syz1 with port count 1
[  197.864711][ T6670] smc:    ib device syz1 port 1 has pnetid 
[  197.867356][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.889778][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.903400][ T6565] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.969585][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.009007][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.046380][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.082365][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.109239][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.182249][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.192599][ T6565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.206714][ T6565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.288651][ T6565] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.462226][ T6565] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.507071][ T6565] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.545906][ T6565] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.645433][ T6565] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.282547][ T6688] lo speed is unknown, defaulting to 1000
[  199.290366][ T6688] vxcan1 speed is unknown, defaulting to 1000
[  199.623017][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.680855][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.109002][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.274344][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.966888][ T6698] loop4: detected capacity change from 0 to 64
[  201.898215][ T6703] loop4: detected capacity change from 0 to 256
[  201.936749][ T6703] exfat: Deprecated parameter 'utf8'
[  201.981482][ T6703] exFAT-fs (loop4): bogus number of FAT structure
[  202.009780][ T6703] exFAT-fs (loop4): failed to read boot sector
[  202.016105][ T6703] exFAT-fs (loop4): failed to recognize exfat type
[  202.979611][ T6707] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  204.355899][ T6696] Set syz1 is full, maxelem 65536 reached
[  205.194609][ T6718] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  205.453926][ T6724] netlink: 'syz.0.228': attribute type 4 has an invalid length.
[  206.469463][ T6718] x_tables: duplicate underflow at hook 1
[  206.586069][ T6730] Bluetooth: MGMT ver 1.22
[  207.128429][ T6736] loop1: detected capacity change from 0 to 256
[  209.190453][ T6736] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d)
[  210.013406][ T6814] loop0: detected capacity change from 0 to 256
[  210.074400][ T6814] exfat: Deprecated parameter 'utf8'
[  210.120030][ T6814] exFAT-fs (loop0): bogus number of FAT structure
[  210.153988][ T6814] exFAT-fs (loop0): failed to read boot sector
[  210.199334][ T6814] exFAT-fs (loop0): failed to recognize exfat type
[  210.314536][ T6817] loop1: detected capacity change from 0 to 4096
[  213.277090][ T6819] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  213.434106][ T6817] NILFS (loop1): error -4 creating segctord thread
[  217.758496][ T6840] capability: warning: `syz.4.243' uses deprecated v2 capabilities in a way that may be insecure
[  220.515532][   T27] audit: type=1326 audit(2000000133.230:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b74b9ce59 code=0x7ffc0000
[  220.624546][   T27] audit: type=1326 audit(2000000133.230:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b74b9ce59 code=0x7ffc0000
[  220.762021][   T27] audit: type=1326 audit(2000000133.270:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b74b5d68e code=0x7ffc0000
[  221.360595][   T27] audit: type=1326 audit(2000000133.270:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b74b9ce59 code=0x7ffc0000
[  221.387380][   T27] audit: type=1326 audit(2000000133.270:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b74b9ce59 code=0x7ffc0000
[  221.480422][ T6863] netlink: 20 bytes leftover after parsing attributes in process `syz.1.253'.
[  221.646991][   T27] audit: type=1326 audit(2000000133.280:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f3b74b9ce59 code=0x7ffc0000
[  221.767685][   T27] audit: type=1326 audit(2000000133.280:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.251" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b74b9ce59 code=0x7ffc0000
[  222.095512][ T6872] loop1: detected capacity change from 0 to 512
[  222.112647][ T6872] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  222.127175][ T6872] EXT4-fs (loop1): orphan cleanup on readonly fs
[  222.143481][ T6872] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4059: comm syz.1.256: Allocating blocks 41-42 which overlap fs metadata
[  222.162819][ T6872] Quota error (device loop1): write_blk: dquota write failed
[  222.170891][ T6872] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  222.180423][ T6872] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4059: comm syz.1.256: Allocating blocks 41-42 which overlap fs metadata
[  222.196860][ T6872] Quota error (device loop1): write_blk: dquota write failed
[  222.204908][ T6872] EXT4-fs error (device loop1): ext4_acquire_dquot:6953: comm syz.1.256: Failed to acquire dquot type 1
[  222.220373][ T6872] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  222.239048][ T6872] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #12: comm syz.1.256: corrupted inode contents
[  222.254418][ T6872] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #12: comm syz.1.256: mark_inode_dirty error
[  222.269239][ T6872] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #12: comm syz.1.256: corrupted inode contents
[  222.284061][ T6872] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.256: mark_inode_dirty error
[  222.297113][ T6872] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #12: comm syz.1.256: corrupted inode contents
[  222.313419][ T6872] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  222.326638][ T6872] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #12: comm syz.1.256: corrupted inode contents
[  222.340882][ T6872] EXT4-fs error (device loop1): ext4_truncate:4301: inode #12: comm syz.1.256: mark_inode_dirty error
[  222.353418][ T6872] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  222.363581][ T6872] EXT4-fs (loop1): 1 truncate cleaned up
[  222.371512][ T6872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  222.507215][ T6857] loop0: detected capacity change from 0 to 32768
[  222.582946][ T6857] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  222.609789][ T6857] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  222.628849][ T6857] BTRFS info (device loop0): allowing degraded mounts
[  222.644369][ T6857] BTRFS info (device loop0): turning on flush-on-commit
[  222.660598][ T6857] BTRFS info (device loop0): max_inline at 0
[  222.673582][ T6857] BTRFS info (device loop0): setting nodatasum
[  222.687613][ T6857] BTRFS info (device loop0): turning on sync discard
[  222.709078][ T6857] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  222.734217][ T6857] BTRFS info (device loop0): trying to use backup root at mount time
[  222.757600][ T6857] BTRFS info (device loop0): using free space tree
[  222.823876][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.939579][ T6857] BTRFS info (device loop0): enabling ssd optimizations
[  222.998080][ T6896] loop1: detected capacity change from 0 to 256
[  223.024314][ T6896] exfat: Deprecated parameter 'utf8'
[  223.053008][ T6896] exFAT-fs (loop1): bogus number of FAT structure
[  223.076622][ T6896] exFAT-fs (loop1): failed to read boot sector
[  223.098944][ T6896] exFAT-fs (loop1): failed to recognize exfat type
[  223.479535][ T6900] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  225.605900][ T5779] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  226.192981][ T6911] loop1: detected capacity change from 0 to 64
[  226.782814][ T6914] loop1: detected capacity change from 0 to 128
[  226.808671][ T6914] EXT4-fs: Ignoring removed nobh option
[  226.985200][ T6914] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  227.049396][ T6914] ext4 filesystem being mounted at /74/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  227.410743][ T6926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.267'.
[  227.420050][ T6926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.267'.
[  228.237592][ T5814] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  228.439543][ T5814] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  228.461369][ T5814] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping
[  228.491486][ T5814] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  228.499517][ T6929] loop4: detected capacity change from 0 to 64
[  228.509480][ T5814] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.519363][ T5814] usb 1-1: Product: syz
[  228.523581][ T5814] usb 1-1: Manufacturer: syz
[  228.528304][ T5814] usb 1-1: SerialNumber: syz
[  228.536479][ T5814] usb 1-1: config 0 descriptor??
[  228.545952][ T6921] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  228.568709][ T6921] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  228.801842][ T5814] usb 1-1: ucan: probing device on interface #0
[  228.852533][ T5814] usb 1-1: ucan: invalid EP count (1)
[  228.858153][ T5814] usb 1-1: ucan: probe failed; try to update the device firmware
[  229.865153][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  229.926984][ T6935] loop4: detected capacity change from 0 to 128
[  229.955098][ T6935] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  229.973320][ T6935] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.141429][    T9] usb 1-1: USB disconnect, device number 4
[  230.843933][ T6565] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.338213][    T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  231.708039][    T9] usb 1-1: Using ep0 maxpacket: 16
[  231.845055][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  232.057136][    T9] usb 1-1: New USB device found, idVendor=15c2, idProduct=0045, bcdDevice=1f.20
[  232.194620][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.339949][    T9] usb 1-1: Product: syz
[  232.405541][    T9] usb 1-1: Manufacturer: syz
[  232.468763][    T9] usb 1-1: SerialNumber: syz
[  232.631247][    T9] usb 1-1: config 0 descriptor??
[  233.203749][ T6945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.239553][ T6945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  233.323735][    T9] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  233.378144][    T9] imon 1-1:0.0: unable to initialize intf0, err -19
[  233.408774][    T9] imon:imon_probe: failed to initialize context!
[  233.415308][    T9] imon 1-1:0.0: unable to register, err -19
[  233.449120][    T9] usb 1-1: USB disconnect, device number 5
[  235.139033][ T6974] netlink: 28 bytes leftover after parsing attributes in process `syz.1.279'.
[  235.148235][ T6974] netlink: 28 bytes leftover after parsing attributes in process `syz.1.279'.
[  235.756626][ T6976] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  235.875798][ T6976] overlayfs: failed to look up (tracing) for ino (-66)
[  240.508500][ T6990] loop4: detected capacity change from 0 to 32768
[  240.532448][ T6990] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.287 (6990)
[  240.579409][ T6990] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  240.590185][ T6990] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  240.599167][ T6990] BTRFS info (device loop4): using free space tree
[  241.570465][ T6990] BTRFS info (device loop4): enabling ssd optimizations
[  241.577783][ T6990] BTRFS info (device loop4): auto enabling async discard
[  241.621629][ T6986] lo speed is unknown, defaulting to 1000
[  241.651851][ T6986] vxcan1 speed is unknown, defaulting to 1000
[  242.472207][ T7016] loop2: detected capacity change from 0 to 512
[  242.543883][ T7016] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a80ec029, mo2=0002]
[  242.552751][ T7016] System zones: 0-2, 18-18, 34-35
[  242.601069][ T7016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.614283][ T7016] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  245.102594][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.331625][ T6565] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  245.633950][ T5787] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop4 scanned by udevd (5787)
[  246.902763][ T7032] netlink: 28 bytes leftover after parsing attributes in process `syz.2.293'.
[  246.912173][ T7032] netlink: 28 bytes leftover after parsing attributes in process `syz.2.293'.
[  252.272865][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  254.888232][ T7062] loop2: detected capacity change from 0 to 2048
[  254.955616][ T7062] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  254.976116][ T7062] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  255.058511][ T7062] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  256.032632][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  256.052543][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  256.161428][ T5778] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  256.184241][ T5778] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  256.194206][ T5778] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  256.204156][ T5778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  256.213195][ T5778] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  256.221678][ T5778] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  256.291048][ T5085] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  256.310918][ T5085] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  256.319057][ T5085] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  256.327310][ T5085] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  256.336271][ T5085] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  256.368098][ T5085] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  256.768032][ T5772] syz-executor (5772) used greatest stack depth: 19976 bytes left
[  256.795636][ T7067] lo speed is unknown, defaulting to 1000
[  256.951759][ T6787] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.024213][ T7067] vxcan1 speed is unknown, defaulting to 1000
[  257.160208][ T6787] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.982726][ T6787] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.159458][ T6787] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.505752][ T7078] netlink: 8 bytes leftover after parsing attributes in process `syz.0.304'.
[  258.514911][ T5085] Bluetooth: hci3: command tx timeout
[  258.635101][ T7078] bridge1: entered promiscuous mode
[  258.642551][ T7078] bridge1: entered allmulticast mode
[  259.212996][ T7087] netlink: 14 bytes leftover after parsing attributes in process `syz.2.306'.
[  259.356395][ T7087] infiniband syz1: set down
[  259.497927][ T5813] syz1: rxe_query_port: returned err = -19
[  259.508090][ T5813] infiniband syz1: ib_query_port failed (-19)
[  259.508148][ T7087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.529947][ T6797] smc: removing ib device syz1
[  259.596924][ T7087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.677615][ T7087] bond0 (unregistering): Released all slaves
[  260.587647][ T5085] Bluetooth: hci3: command tx timeout
[  262.678466][ T5085] Bluetooth: hci3: command tx timeout
[  264.747724][ T5085] Bluetooth: hci3: command tx timeout
[  265.563864][ T7067] chnl_net:caif_netlink_parms(): no params data found
[  266.367752][ T7067] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.387963][ T7067] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.405036][ T7067] bridge_slave_0: entered allmulticast mode
[  266.424962][ T7067] bridge_slave_0: entered promiscuous mode
[  266.449456][ T7067] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.465329][ T7067] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.490103][ T7067] bridge_slave_1: entered allmulticast mode
[  266.535980][ T7067] bridge_slave_1: entered promiscuous mode
[  267.274115][ T7067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.476115][ T6787] hsr_slave_0: left promiscuous mode
[  268.191375][ T6787] hsr_slave_1: left promiscuous mode
[  268.257108][ T6787] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  268.350272][ T6787] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.119159][ T6787] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.197867][ T6787] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.262723][ T6787] bridge_slave_1: left allmulticast mode
[  271.293454][ T6787] bridge_slave_1: left promiscuous mode
[  271.327365][ T6787] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.380237][ T6787] bridge_slave_0: left allmulticast mode
[  271.397928][ T6787] bridge_slave_0: left promiscuous mode
[  271.403765][ T6787] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.640784][ T6787] veth1_macvtap: left promiscuous mode
[  271.647037][ T6787] veth0_macvtap: left promiscuous mode
[  271.686243][ T6787] veth1_vlan: left promiscuous mode
[  271.703486][ T6787] veth0_vlan: left promiscuous mode
[  273.814676][ T7174] loop2: detected capacity change from 0 to 32768
[  273.909336][ T7174] JBD2: Ignoring recovery information on journal
[  274.043413][ T7174] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  274.103377][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  274.103392][   T27] audit: type=1804 audit(2000000186.830:12): pid=7174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.320" name="/newroot/91/file1/file1" dev="loop2" ino=17059 res=1 errno=0
[  274.185891][   T27] audit: type=1804 audit(2000000186.830:13): pid=7174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.320" name="/newroot/91/file1/file1" dev="loop2" ino=17059 res=1 errno=0
[  274.409235][ T6787] team0 (unregistering): Port device team_slave_1 removed
[  274.545056][ T6787] team0 (unregistering): Port device team_slave_0 removed
[  274.738882][ T6787] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  274.868537][ T6787] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  275.283038][ T7191] loop4: detected capacity change from 0 to 32768
[  275.341434][ T7191] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.325 (7191)
[  275.362323][ T7191] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  275.385748][ T7191] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  275.404401][ T7191] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  275.416091][ T7191] BTRFS info (device loop4): trying to use backup root at mount time
[  275.425247][ T7191] BTRFS info (device loop4): setting nodatasum
[  275.433421][ T7191] BTRFS info (device loop4): force zlib compression, level 3
[  275.441537][ T7191] BTRFS info (device loop4): turning on flush-on-commit
[  275.455339][ T7191] BTRFS info (device loop4): enabling disk space caching
[  275.480631][ T7191] BTRFS error (device loop4): cannot disable free space tree
[  275.503515][ T7191] BTRFS error (device loop4): open_ctree failed: -22
[  275.573323][ T7153] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by udevd (7153)
[  277.993325][ T6787] bond0 (unregistering): Released all slaves
[  279.725385][ T7067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.991910][ T2170] lo speed is unknown, defaulting to 1000
[  280.211308][ T7067] team0: Port device team_slave_0 added
[  280.232911][ T7067] team0: Port device team_slave_1 added
[  280.361794][ T7067] batman_adv: batadv0: Adding interface: batadv_slave_0
[  280.392144][ T7067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.493446][ T7067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  280.548800][ T7067] batman_adv: batadv0: Adding interface: batadv_slave_1
[  280.556081][ T7067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.642951][ T7067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.802935][ T7067] hsr_slave_0: entered promiscuous mode
[  280.840885][ T7067] hsr_slave_1: entered promiscuous mode
[  281.572642][ T6787] IPVS: stop unused estimator thread 0...
[  282.121224][ T7067] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  282.152718][ T7067] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  282.211793][ T7067] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  282.252291][ T7067] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  282.726778][ T5776] ocfs2: Unmounting device (7,2) on (node local)
[  282.732895][ T7067] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.776059][ T7067] 8021q: adding VLAN 0 to HW filter on device team0
[  282.809482][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.816880][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.881904][ T6787] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.889574][ T6787] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.939074][ T7230] netlink: 12 bytes leftover after parsing attributes in process `syz.4.333'.
[  282.975326][ T7230] vlan2: entered promiscuous mode
[  282.992312][ T7230] bridge0: entered promiscuous mode
[  285.553369][ T7067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.170794][ T7067] veth0_vlan: entered promiscuous mode
[  287.261011][ T7067] veth1_vlan: entered promiscuous mode
[  287.356326][ T7067] veth0_macvtap: entered promiscuous mode
[  287.393608][ T7067] veth1_macvtap: entered promiscuous mode
[  287.444536][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.463693][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.507317][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.547908][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.590332][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.629695][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.667373][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.687775][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.721904][ T7067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  287.767950][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.827576][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.877088][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.907562][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.965723][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.014830][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.047030][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.074383][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.096463][ T7067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.122264][ T7067] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.227587][ T7067] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.236374][ T7067] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.268342][ T7067] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.977598][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.985622][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.154069][ T6794] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.191188][ T6794] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.680866][ T7324] netlink: 14 bytes leftover after parsing attributes in process `syz.4.348'.
[  290.856570][ T7328] netlink: 'syz.5.349': attribute type 1 has an invalid length.
[  291.284182][ T7338] hsr0: entered promiscuous mode
[  291.637171][ T2170] IPVS: starting estimator thread 0...
[  291.858921][ T7346] IPVS: using max 17 ests per chain, 40800 per kthread
[  292.530797][ T7354] loop5: detected capacity change from 0 to 128
[  292.572637][ T7354] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  292.637686][ T7354] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  292.818434][ T7358] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  292.843777][ T7358] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  295.002313][   T27] audit: type=1800 audit(2000000207.730:14): pid=7373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.355" name="file2" dev="loop5" ino=13 res=0 errno=0
[  295.288565][ T7067] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  298.707743][  T788] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  298.938987][  T788] usb 3-1: unable to get BOS descriptor or descriptor too short
[  298.988251][  T788] usb 3-1: config 1 has an invalid interface number: 31 but max is 1
[  298.996417][  T788] usb 3-1: config 1 has no interface number 1
[  299.139376][  T788] usb 3-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  299.324599][  T788] usb 3-1: too many endpoints for config 1 interface 31 altsetting 99: 101, using maximum allowed: 30
[  299.530878][  T788] usb 3-1: config 1 interface 31 altsetting 99 has 0 endpoint descriptors, different from the interface descriptor's value: 101
[  300.438957][  T788] usb 3-1: config 1 interface 0 has no altsetting 0
[  300.445951][  T788] usb 3-1: config 1 interface 31 has no altsetting 0
[  300.457394][  T788] usb 3-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  300.488276][  T788] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.518426][  T788] usb 3-1: Product: syz
[  300.542972][  T788] usb 3-1: Manufacturer: syz
[  300.597592][  T788] usb 3-1: SerialNumber: syz
[  300.880622][  T788] smsusb:smsusb_probe: board id=8, interface number 0
[  300.916813][  T788] smsusb:smsusb_probe: board id=8, interface number 31
[  300.940316][  T788] usb 3-1: USB disconnect, device number 3
[  302.136389][ T7465] loop5: detected capacity change from 0 to 64
[  307.429337][ T7513] syz.5.387: attempt to access beyond end of device
[  307.429337][ T7513] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[  307.442810][ T7513] syz.5.387: attempt to access beyond end of device
[  307.442810][ T7513] nbd5: rw=0, sector=120, nr_sectors = 8 limit=0
[  307.455850][ T7513] Mount JFS Failure: -5
[  309.688723][ T7534] kernel profiling enabled (shift: 5)
[  309.795506][ T7515] loop4: detected capacity change from 0 to 32768
[  309.854633][ T7515] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  309.909777][ T7515] JBD2: Ignoring recovery information on journal
[  310.099651][ T7515] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  310.357022][ T7515] netdevsim netdevsim4: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  310.979564][ T6565] ocfs2: Unmounting device (7,4) on (node local)
[  311.682735][ T7567] loop4: detected capacity change from 0 to 2048
[  311.693058][ T7567] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  311.703775][ T7567] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  311.716430][ T7567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  313.368572][ T7580] vxcan1 speed is unknown, defaulting to 1000
[  313.551167][ T7587] loop5: detected capacity change from 0 to 256
[  313.590125][ T7587] exfat: Deprecated parameter 'utf8'
[  313.676547][ T7587] exFAT-fs (loop5): bogus number of FAT structure
[  313.725186][ T7587] exFAT-fs (loop5): failed to read boot sector
[  313.755581][ T7587] exFAT-fs (loop5): failed to recognize exfat type
[  313.866003][ T7587] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  316.980187][ T7613] loop2: detected capacity change from 0 to 256
[  316.998989][ T7613] exfat: Deprecated parameter 'utf8'
[  317.037572][ T7613] exFAT-fs (loop2): bogus number of FAT structure
[  317.061517][ T7613] exFAT-fs (loop2): failed to read boot sector
[  317.097495][ T7613] exFAT-fs (loop2): failed to recognize exfat type
[  317.377647][ T7619] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  317.628580][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  317.635772][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  318.295756][ T7625] loop0: detected capacity change from 0 to 512
[  318.327213][ T7625] EXT4-fs: Ignoring removed bh option
[  318.370975][ T7625] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  318.415820][ T7628] loop2: detected capacity change from 0 to 2048
[  318.487852][ T7628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.553919][ T7625] EXT4-fs (loop0): 1 truncate cleaned up
[  318.583187][ T7625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.607666][ T7628] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.050779][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.060543][ T7640] loop5: detected capacity change from 0 to 128
[  319.086382][ T7640] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  321.272334][   T27] audit: type=1800 audit(2000000233.980:15): pid=7642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.414" name="file0" dev="loop2" ino=13 res=0 errno=0
[  321.476630][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.882316][   T27] audit: type=1804 audit(2000000234.610:16): pid=7640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.415" name="/newroot/19/file1/bus" dev="loop5" ino=115 res=1 errno=0
[  323.251093][ T7666] netlink: 44 bytes leftover after parsing attributes in process `syz.0.420'.
[  323.447026][ T7666] netlink: 20 bytes leftover after parsing attributes in process `syz.0.420'.
[  323.596846][ T7672] netlink: 28 bytes leftover after parsing attributes in process `syz.2.421'.
[  324.932965][ T7676] loop0: detected capacity change from 0 to 4096
[  325.974714][ T7679] loop2: detected capacity change from 0 to 32768
[  326.088543][ T7679] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  326.090744][ T7679] JBD2: Ignoring recovery information on journal
[  326.217901][ T7691] loop5: detected capacity change from 0 to 4096
[  326.283599][ T7679] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  326.490308][ T7707] netdevsim netdevsim2: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  326.771950][ T7691] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  326.901229][ T5776] ocfs2: Unmounting device (7,2) on (node local)
[  327.050649][ T7691] ntfs3: loop5: Failed to load $Extend (-22).
[  327.122968][ T7691] ntfs3: loop5: Failed to initialize $Extend.
[  329.098131][ T5814] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  329.327785][ T5814] usb 1-1: Using ep0 maxpacket: 32
[  329.361573][ T5814] usb 1-1: unable to get BOS descriptor or descriptor too short
[  329.429803][ T5814] usb 1-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  329.459864][ T5814] usb 1-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice= 0.09
[  329.469655][ T5814] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  329.478598][ T5814] usb 1-1: SerialNumber: syz
[  329.510865][ T5814] usb 1-1: NDI device with a latency value of 1
[  329.622015][ T7730] netlink: 44 bytes leftover after parsing attributes in process `syz.5.431'.
[  329.644742][ T7730] netlink: 20 bytes leftover after parsing attributes in process `syz.5.431'.
[  330.448956][    C1] hrtimer: interrupt took 57608 ns
[  331.029592][ T5814] ftdi_sio 1-1:6.0: FTDI USB Serial Device converter detected
[  331.643678][ T5814] usb 1-1: Detected SIO
[  331.740767][ T5814] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  331.843018][ T5814] usb 1-1: USB disconnect, device number 6
[  331.892664][ T5814] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  331.932802][ T5814] ftdi_sio 1-1:6.0: device disconnected
[  332.368450][ T7749] vxcan1 speed is unknown, defaulting to 1000
[  335.736812][ T7761] vxcan1 speed is unknown, defaulting to 1000
[  335.873970][ T7768] vxcan1 speed is unknown, defaulting to 1000
[  336.631330][ T7786] netlink: 8 bytes leftover after parsing attributes in process `syz.0.443'.
[  336.644516][ T7786] netlink: 12 bytes leftover after parsing attributes in process `syz.0.443'.
[  336.658479][ T7786] netlink: 20 bytes leftover after parsing attributes in process `syz.0.443'.
[  339.409374][ T7828] netlink: 8 bytes leftover after parsing attributes in process `syz.4.452'.
[  339.427660][ T7828] netlink: 12 bytes leftover after parsing attributes in process `syz.4.452'.
[  339.448422][ T7828] netlink: 20 bytes leftover after parsing attributes in process `syz.4.452'.
[  340.142320][ T7848] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  340.151965][ T7848] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  340.161268][ T7848] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  340.170409][ T7848] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  341.068399][ T7848] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  341.077960][ T7848] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  341.086926][ T7848] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  341.096018][ T7848] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  343.302705][ T7867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.462'.
[  343.323025][ T7868] netlink: 8 bytes leftover after parsing attributes in process `syz.5.461'.
[  343.336084][ T7867] bridge1: entered promiscuous mode
[  343.341709][ T7868] netlink: 12 bytes leftover after parsing attributes in process `syz.5.461'.
[  343.351350][ T7867] bridge1: entered allmulticast mode
[  343.361445][ T7860] vxcan1 speed is unknown, defaulting to 1000
[  343.384303][ T7868] netlink: 20 bytes leftover after parsing attributes in process `syz.5.461'.
[  345.427809][ T5833] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  345.441101][ T7882] loop5: detected capacity change from 0 to 32768
[  345.453314][ T7882] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.466 (7882)
[  345.545106][ T7882] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  345.578221][ T7882] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  345.617233][ T7882] BTRFS info (device loop5): using free space tree
[  345.643550][ T5833] usb 1-1: config 2 has an invalid interface number: 88 but max is 0
[  345.676502][ T5833] usb 1-1: config 2 has no interface number 0
[  345.683206][ T5833] usb 1-1: config 2 interface 88 altsetting 7 endpoint 0x6 has invalid maxpacket 256, setting to 64
[  345.694671][ T5833] usb 1-1: config 2 interface 88 altsetting 7 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  345.807809][ T5833] usb 1-1: config 2 interface 88 has no altsetting 0
[  345.857673][ T7882] BTRFS info (device loop5): enabling ssd optimizations
[  345.869633][ T5833] usb 1-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  345.909360][ T7882] BTRFS info (device loop5): auto enabling async discard
[  345.930160][ T5833] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.950401][ T5833] usb 1-1: Product: syz
[  345.954643][ T5833] usb 1-1: Manufacturer: syz
[  345.979184][ T5833] usb 1-1: SerialNumber: syz
[  345.994702][ T7900] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  346.003150][ T7900] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  346.106648][ T7067] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  346.232724][ T7900] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  346.261375][ T7900] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  346.454281][ T7192] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop5 scanned by udevd (7192)
[  347.470679][ T5833] asix 1-1:2.88 (unnamed net_device) (uninitialized): invalid hw address, using random
[  347.660399][ T5833] asix 1-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  347.804999][ T5833] asix 1-1:2.88 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  347.936208][ T5833] asix: probe of 1-1:2.88 failed with error -71
[  348.017059][ T5833] usb 1-1: USB disconnect, device number 7
[  348.083345][ T7153] udevd[7153]: setting owner of /dev/bus/usb/001/007 to uid=0, gid=0 failed: No such file or directory
[  348.099175][ T7939] netlink: 8 bytes leftover after parsing attributes in process `syz.2.474'.
[  348.181226][ T7939] netlink: 20 bytes leftover after parsing attributes in process `syz.2.474'.
[  350.190162][ T7953] vxcan1 speed is unknown, defaulting to 1000
[  351.029277][ T7963] loop2: detected capacity change from 0 to 128
[  351.065074][ T7963] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  352.333554][ T7974] netlink: 8 bytes leftover after parsing attributes in process `syz.5.486'.
[  352.344284][ T7974] netlink: 20 bytes leftover after parsing attributes in process `syz.5.486'.
[  357.129052][ T8015] loop5: detected capacity change from 0 to 1024
[  357.805011][ T8024] loop4: detected capacity change from 0 to 164
[  360.843465][ T8052] netlink: 8 bytes leftover after parsing attributes in process `syz.4.508'.
[  360.979088][ T8052] bridge1: entered promiscuous mode
[  360.986686][ T8052] bridge1: entered allmulticast mode
[  365.400042][ T8077] overlayfs: missing 'workdir'
[  369.225997][ T8099] vxcan1 speed is unknown, defaulting to 1000
[  369.361730][ T8108] overlayfs: missing 'workdir'
[  372.062129][ T8114] vxcan1 speed is unknown, defaulting to 1000
[  373.220968][ T8137] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.358943][ T8139] overlayfs: missing 'workdir'
[  375.859615][ T8150] syz.4.541 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  377.765485][ T8160] vxcan1 speed is unknown, defaulting to 1000
[  378.828890][ T8167] loop5: detected capacity change from 0 to 128
[  378.866731][ T8167] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  378.923067][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  378.929598][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  379.171663][ T8172] netlink: 'syz.4.546': attribute type 2 has an invalid length.
[  379.540330][   T27] audit: type=1800 audit(2000000292.260:17): pid=8167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.544" name="file1" dev="loop5" ino=94 res=0 errno=0
[  379.574640][ T8176] overlayfs: failed to clone upperpath
[  381.379910][ T8185] 0x000000000005-0x000004000008 : ""
[  381.407811][ T8185] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1fffb
[  381.501730][ T8185] ftl_cs: FTL header corrupt!
[  381.607726][ T8186] loop0: detected capacity change from 0 to 8192
[  382.482346][ T8195] syz_tun: entered allmulticast mode
[  382.606248][ T8194] syz_tun: left allmulticast mode
[  382.776818][ T8183] netdevsim netdevsim2: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  384.609731][ T8213] overlayfs: failed to clone upperpath
[  395.004219][ T8270] vxcan1 speed is unknown, defaulting to 1000
[  397.612163][ T5814] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  397.807863][ T5814] usb 5-1: Using ep0 maxpacket: 8
[  397.834683][ T5814] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  397.857533][ T5814] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.896353][ T5814] usb 5-1: Product: syz
[  397.908366][ T5814] usb 5-1: Manufacturer: syz
[  397.913211][ T5814] usb 5-1: SerialNumber: syz
[  397.985492][ T5814] usb 5-1: config 0 descriptor??
[  398.216348][ T5814] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  398.593841][ T8282] netdevsim netdevsim2: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  398.663309][ T5814] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  398.695585][ T5814] usb 5-1: USB disconnect, device number 2
[  401.109726][ T8292] vxcan1 speed is unknown, defaulting to 1000
[  402.842084][ T8306] vxcan1 speed is unknown, defaulting to 1000
[  405.160182][    T9] libceph: connect (1)[c::]:6789 error -101
[  405.202293][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  405.328613][ T8318] ceph: No mds server is up or the cluster is laggy
[  405.425047][ T8311] loop4: detected capacity change from 0 to 32768
[  405.562781][ T8311] JBD2: Ignoring recovery information on journal
[  406.097958][ T8311] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  406.831178][   T27] audit: type=1804 audit(2000000319.560:18): pid=8311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.593" name="/newroot/101/file1/file1" dev="loop4" ino=17059 res=1 errno=0
[  406.907674][   T27] audit: type=1804 audit(2000000319.590:19): pid=8311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.593" name="/newroot/101/file1/file1" dev="loop4" ino=17059 res=1 errno=0
[  406.947784][ T8315] netdevsim netdevsim2: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  409.469748][ T8352] loop0: detected capacity change from 0 to 128
[  409.603300][ T8352] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  409.776956][ T8352] ext4 filesystem being mounted at /146/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  411.102214][ T5779] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  413.567624][ T6565] ocfs2: Unmounting device (7,4) on (node local)
[  413.834425][ T8368] loop0: detected capacity change from 0 to 8192
[  416.017719][ T2170] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  416.207652][ T2170] usb 5-1: Using ep0 maxpacket: 16
[  416.617911][ T2170] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  416.717777][ T2170] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  416.741348][ T2170] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.750221][ T2170] usb 5-1: Product: syz
[  416.754434][ T2170] usb 5-1: Manufacturer: syz
[  416.787722][ T2170] usb 5-1: SerialNumber: syz
[  416.795949][ T2170] usb 5-1: config 0 descriptor??
[  416.815819][ T2170] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  416.831284][ T2170] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  417.067932][ T8383] 9pnet_fd: Insufficient options for proto=fd
[  417.603145][ T8389] overlayfs: failed to clone upperpath
[  417.618796][ T2170] em28xx 5-1:0.0: chip ID is em2765
[  418.624722][ T2170] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  418.656296][ T2170] em28xx 5-1:0.0: board has no eeprom
[  420.027447][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.117453][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.327454][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.337456][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.377453][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.427437][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.477439][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.567443][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  420.847445][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  421.120219][ T8376] em28xx 5-1:0.0: writing to i2c device at 0x8 failed (error=-5)
[  421.177477][ T2170] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  421.185570][ T2170] em28xx 5-1:0.0: dvb set to bulk mode.
[  421.197867][ T5814] em28xx 5-1:0.0: Binding DVB extension
[  421.264607][    T9] usb 5-1: USB disconnect, device number 3
[  421.285061][    T9] em28xx 5-1:0.0: Disconnecting em28xx
[  421.401230][ T5814] em28xx 5-1:0.0: Registering input extension
[  421.608197][    T9] em28xx 5-1:0.0: Closing input extension
[  421.635038][ T8401] loop5: detected capacity change from 0 to 8192
[  422.583855][    T9] em28xx 5-1:0.0: Freeing device
[  422.979024][ T8415] 9pnet_fd: Insufficient options for proto=fd
[  423.260414][ T8418] loop0: detected capacity change from 0 to 256
[  423.483397][ T8418] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  423.817081][   T27] audit: type=1800 audit(2000000336.430:20): pid=8421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.622" name="file1" dev="loop0" ino=1048603 res=0 errno=0
[  429.144999][ T8454] loop0: detected capacity change from 0 to 4096
[  429.167016][ T8454] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  429.287616][ T8454] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  429.981865][ T8456] loop5: detected capacity change from 0 to 32768
[  430.094156][ T8456] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  430.117268][ T8456] JBD2: Ignoring recovery information on journal
[  431.080616][ T8456] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  431.274892][ T8477] netdevsim netdevsim5: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  431.869124][ T7067] ocfs2: Unmounting device (7,5) on (node local)
[  433.298263][ T5833] IPVS: starting estimator thread 0...
[  433.398044][ T8495] IPVS: using max 32 ests per chain, 76800 per kthread
[  433.901769][ T8497] loop5: detected capacity change from 0 to 8192
[  436.142781][ T8508] vxcan1 speed is unknown, defaulting to 1000
[  436.699742][ T8512] loop4: detected capacity change from 0 to 32768
[  436.732786][ T8512] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  436.830935][ T8512] JBD2: Ignoring recovery information on journal
[  436.936589][ T8512] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  437.379879][ T8524] netdevsim netdevsim4: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  439.201311][ T8529] overlayfs: failed to clone upperpath
[  439.265080][ T6565] ocfs2: Unmounting device (7,4) on (node local)
[  440.355320][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  440.362023][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  440.373761][ T8539] loop5: detected capacity change from 0 to 8192
[  440.418195][ T5832] libceph: connect (1)[c::]:6789 error -101
[  440.424475][ T5832] libceph: mon0 (1)[c::]:6789 connect error
[  440.684820][ T8552] loop4: detected capacity change from 0 to 256
[  440.701249][ T8552] exfat: Deprecated parameter 'utf8'
[  440.714555][ T5832] libceph: connect (1)[c::]:6789 error -101
[  440.723860][ T8552] exfat: Deprecated parameter 'namecase'
[  440.732704][ T5832] libceph: mon0 (1)[c::]:6789 connect error
[  440.747703][ T8552] exfat: Deprecated parameter 'namecase'
[  440.792024][ T8552] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc232f927, utbl_chksum : 0xe619d30d)
[  440.899567][ T8552] overlay: filesystem on ./bus not supported
[  441.987356][ T2170] libceph: connect (1)[c::]:6789 error -101
[  441.993461][ T2170] libceph: mon0 (1)[c::]:6789 connect error
[  442.010309][ T8543] ceph: No mds server is up or the cluster is laggy
[  442.060186][ T8554] vxcan1 speed is unknown, defaulting to 1000
[  445.129895][ T8566] loop4: detected capacity change from 0 to 32768
[  445.189289][ T8566] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  445.261683][ T8566] JBD2: Ignoring recovery information on journal
[  445.391569][ T8566] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  445.735136][ T8573] netdevsim netdevsim4: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  446.551939][ T6565] ocfs2: Unmounting device (7,4) on (node local)
[  446.657975][ T8579] loop5: detected capacity change from 0 to 8192
[  449.132747][ T8596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.673'.
[  449.444590][ T8596] bridge2: entered promiscuous mode
[  449.451210][ T8596] bridge2: entered allmulticast mode
[  450.116906][ T8602] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  451.216803][ T8600] vxcan1 speed is unknown, defaulting to 1000
[  452.252818][ T8614] loop0: detected capacity change from 0 to 8192
[  458.356936][ T8648] overlayfs: overlapping lowerdir path
[  460.446511][ T8665] loop5: detected capacity change from 0 to 32768
[  460.483774][ T8665] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  460.535170][ T8665] XFS (loop5): Ending clean mount
[  460.548112][ T8665] XFS (loop5): Quotacheck needed: Please wait.
[  460.691704][ T8665] XFS (loop5): Quotacheck: Done.
[  461.417899][   T27] audit: type=1800 audit(2000000373.780:21): pid=8682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.694" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=4430 res=0 errno=0
[  461.769161][ T7067] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  464.925503][ T8700] vxcan1 speed is unknown, defaulting to 1000
[  465.759918][ T8702] loop4: detected capacity change from 0 to 8192
[  468.769001][    T9] libceph: connect (1)[c::]:6789 error -101
[  468.777752][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  469.080541][    T9] libceph: connect (1)[c::]:6789 error -101
[  469.086848][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  469.504447][ T8733] ceph: No mds server is up or the cluster is laggy
[  470.052740][ T8722] loop4: detected capacity change from 0 to 32768
[  470.898026][ T8722] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  470.899773][ T8722] (syz.4.709,8722,0):ocfs2_initialize_super:2285 ERROR: status = -12
[  470.959987][ T8722] (syz.4.709,8722,0):ocfs2_fill_super:1178 ERROR: status = -12
[  472.826832][ T8765] vxcan1 speed is unknown, defaulting to 1000
[  474.934962][ T8780] loop0: detected capacity change from 0 to 512
[  475.053978][ T8780] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  475.096165][ T8780] ext4 filesystem being mounted at /174/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  475.460915][ T5779] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.468190][    T9] libceph: connect (1)[c::]:6789 error -101
[  479.511109][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  479.541585][ T8816] netlink: 40 bytes leftover after parsing attributes in process `syz.4.736'.
[  479.561204][    T9] libceph: connect (1)[c::]:6789 error -101
[  479.588193][ T8812] ceph: No mds server is up or the cluster is laggy
[  479.612651][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  480.250754][ T8823] vxcan1 speed is unknown, defaulting to 1000
[  480.947693][  T788] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  481.149665][  T788] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  481.191014][  T788] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  481.243063][  T788] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  481.461184][  T788] usb 6-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  482.338254][  T788] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  482.347731][  T788] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  482.355899][  T788] usb 6-1: Product: syz
[  482.360893][  T788] usb 6-1: Manufacturer: syz
[  482.377244][ T8829] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  482.402399][  T788] cdc_wdm 6-1:1.0: skipping garbage
[  482.444078][  T788] cdc_wdm 6-1:1.0: skipping garbage
[  482.475161][  T788] cdc_wdm: probe of 6-1:1.0 failed with error -22
[  482.658187][  T788] usb 6-1: USB disconnect, device number 2
[  487.875875][ T8856] netlink: 28 bytes leftover after parsing attributes in process `syz.2.747'.
[  487.885255][ T8856] netlink: 44 bytes leftover after parsing attributes in process `syz.2.747'.
[  491.938500][ T8878] loop5: detected capacity change from 0 to 128
SYZFAIL: posix_spawnp failed
 (errno 2: No such file or directory)
[  495.291034][ T8899] fuse: Bad value for 'fd'
[  496.383196][ T6791] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.546016][ T6791] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.662259][ T6791] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  496.761858][ T6791] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  497.892391][ T6791] hsr_slave_0: left promiscuous mode
[  497.900078][ T6791] hsr_slave_1: left promiscuous mode
[  497.908996][ T6791] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  497.916619][ T6791] batman_adv: batadv0: Removing interface: batadv_slave_0
[  497.924854][ T6791] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  497.932492][ T6791] batman_adv: batadv0: Removing interface: batadv_slave_1
[  497.942292][ T6791] bridge_slave_1: left allmulticast mode
[  497.949303][ T6791] bridge_slave_1: left promiscuous mode
[  497.955004][ T6791] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.965586][ T6791] bridge_slave_0: left allmulticast mode
[  497.974780][ T6791] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.003356][ T6791] veth1_macvtap: left promiscuous mode
[  498.009103][ T6791] veth0_macvtap: left promiscuous mode
[  498.014948][ T6791] veth1_vlan: left promiscuous mode
[  498.020753][ T6791] veth0_vlan: left promiscuous mode
[  498.872595][ T6791] team0 (unregistering): Port device team_slave_1 removed
[  498.936473][ T6791] team0 (unregistering): Port device team_slave_0 removed
[  498.994554][ T6791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  499.055310][ T6791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  499.542881][ T6791] bond0 (unregistering): Released all slaves
[  499.994114][ T6791] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.071981][ T6791] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.135863][ T6791] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.194931][ T6791] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.396233][ T6791] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.503482][ T6791] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.576550][ T6791] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.673697][ T6791] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.801364][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  501.807820][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  502.421575][ T6791] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.509363][ T6791] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.581113][ T6791] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.679343][ T6791] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0