last executing test programs: 29m12.630674341s ago: executing program 32 (id=27): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc) r2 = socket$inet6(0xa, 0x3, 0x26) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x9, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x4}, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@private=0xa010102, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x4, 0x401}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) 29m2.578965873s ago: executing program 33 (id=43): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, 0x0) preadv(r2, &(0x7f0000000740)=[{&(0x7f0000000340)=""/162, 0xa2}, {&(0x7f00000007c0)=""/218, 0xda}], 0x2, 0x80000001, 0x3f7a) r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) pipe2$watch_queue(0x0, 0x80) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x0, &(0x7f0000000400), 0x0, 0x5, 0x0, &(0x7f00000002c0), 0x40f00, 0x10, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000480)={0xbd4a, 0x2, 0x7eab, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x8850) r4 = socket$inet_udp(0x2, 0x2, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000140)='wg0\x00', 0x4) connect$inet(r4, &(0x7f00000001c0)={0x2, 0x2, @rand_addr=0x64010101}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x191c) 28m23.926634134s ago: executing program 34 (id=108): mmap$dsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000000, 0x12, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) alarm(0x100000000) sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0) 26m11.569824749s ago: executing program 35 (id=311): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) socket$nl_audit(0x10, 0x3, 0x9) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sched_setattr(0x0, 0x0, 0x0) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000340)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r3, 0x0, 0x0, 0x0, 0x0}) epoll_create1(0x0) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r4, r5, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)}) getsockopt$TIPC_SOCK_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x84, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r2, 0x3b8c, &(0x7f0000000100)={0x30, r6, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0}) 26m4.257490428s ago: executing program 36 (id=317): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xd, 0x400009, 0x8, 0xa}, 0x0) io_uring_enter(0xffffffffffffffff, 0x1ea, 0xe9ad, 0x0, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000000200)={0x4376ea830d56d49d}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000500)={[0x0, 0x100000000, 0x2, 0x0, 0x100000, 0xb, 0x401, 0x2, 0x5, 0x0, 0xfffffffffffffffe, 0x100000001, 0x2], 0x0, 0x281}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 23m26.61135355s ago: executing program 37 (id=595): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setresgid(0xee00, 0xee01, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298) sendto$inet(r3, 0x0, 0x0, 0x24000080, 0x0, 0x0) recvmmsg(r3, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x1, 0x0) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@initdev, @in=@initdev}}, {{@in=@remote}}}, &(0x7f0000000040)=0xe8) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x40402, 0x0) ioctl$TCXONC(r4, 0x540a, 0x0) ioctl$TCXONC(r4, 0x540a, 0x1) setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000000)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa, 0x0, 0x78}, 0x1c) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x0) mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x8000, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'local', '=relative', @val={0x3a, [0x34, 0x2c, 0x37]}}}}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, 0x0, 0xa6c3, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, 0x0, 0x1) syz_open_procfs(0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r6 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r6, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local, 0x4000000}, 0x1c) 14m37.459893262s ago: executing program 38 (id=2847): r0 = socket(0x2, 0x2, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x25, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x202, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x20}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) unlink(0x0) bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) bind$unix(r0, 0x0, 0x0) 14m37.154500917s ago: executing program 39 (id=2849): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54) socket$l2tp6(0xa, 0x2, 0x73) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000006800e97800000000ffdbdf250a00000000000000", @ANYRES32=r4], 0x20}}, 0x0) clock_adjtime(0x0, &(0x7f0000000100)={0x9, 0x6a, 0x55cd, 0x9, 0x48d, 0x5, 0xd, 0x424, 0x40002, 0xffffffffffffffff, 0xf423f, 0x100002, 0x7, 0x2, 0x1000000081, 0x5, 0x0, 0x5, 0x2, 0x9220000000000000, 0x3, 0x0, 0x80000001, 0x0, 0x5, 0x7}) write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) process_mrelease(0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000480)={{0xa, 0x0, 0x9, 0x80000001, 'syz1\x00', 0x5}, 0x0, 0x400, 0x0, 0xffffffffffffffff, 0x2, 0x8d, 'syz1\x00', &(0x7f0000000400)=['jfs\x00', '\\\x00'], 0x6}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x62a5, &(0x7f0000000180)={0x0, 0x36c1, 0x90, 0x1, 0x133}, &(0x7f0000000200), &(0x7f00000002c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) remap_file_pages(&(0x7f00007b7000/0x1000)=nil, 0x1000, 0x3, 0x3ff, 0x40000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fsopen(&(0x7f0000000240)='jfs\x00', 0x1) 11m58.315668168s ago: executing program 9 (id=3215): syz_emit_vhci(0x0, 0xb) mlockall(0x2) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, 0x0, 0x26}, 0x28) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r0 = fsmount(0xffffffffffffffff, 0x0, 0x0) fchdir(r0) prlimit64(0x0, 0xe, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$udambuf(0xffffff9c, 0x0, 0x2) r1 = getpid() sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r4, 0x0, 0xa0028000}, 0x38) 11m53.320209782s ago: executing program 9 (id=3226): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a3000000000200000001d0a05080000000000000000010000000900b8e229010073797a30000000001400000010000100"/104], 0x68}}, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$fuse(0xffffff9c, &(0x7f0000000280), 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @window={0x3, 0x15f, 0xfffd}, @mss={0x2, 0x8}, @sack_perm, @window={0x3, 0x0, 0x7fe}, @window={0x3, 0x5, 0xfffc}, @timestamp, @timestamp], 0x8) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r3, 0x7b2, &(0x7f0000001680)={0x0, 0x1}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r3, 0x7b1, &(0x7f0000000080)={0x0, 0x1}) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0xc7) 11m52.855852006s ago: executing program 9 (id=3228): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000c40)="cbd0", 0x2}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x6, 0x0, 0x6, 0x691}, 0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000003c0)={0x0, 0x1}, 0x8) shutdown(r1, 0x1) 11m52.477067645s ago: executing program 9 (id=3231): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x1, 0x4}, 0xfe}, 0x18) sendmmsg$sock(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="1fee0fd3252ed65c", 0x8}], 0x1}}], 0x1, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r2, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) 11m51.226128188s ago: executing program 1 (id=3237): bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000480)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0}, 0x50) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x4e00, 0x0, 0x730, 0xbdff, 0x10, "feeeff000000001b"}) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"}) r1 = syz_open_pts(r0, 0x8182) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) 11m50.638545213s ago: executing program 9 (id=3239): syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmmsg$inet(r0, 0x0, 0x0, 0x4c040) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x62, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r2) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000002c00)=@buf={0x500, &(0x7f0000002bc0)}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xc9, 0x2ea068d3, 0x0, 0x0, 0x7, 0x0, 0x43, 0x0, 0xffffffffffffdfff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80000, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffbffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3ff, 0x80003, 0x0, 0x0, 0x3, 0x203, 0x0, 0x40000000000, 0x801, 0x0, 0x5241, 0x0, 0x4, 0x5, 0x6, 0x0, 0x40000, 0x767e, 0x80, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x8, 0x0, 0xff, 0x0, 0x0, 0x2000000000000000, 0xa7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x100000001]}) 11m49.607625946s ago: executing program 1 (id=3242): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x1ee6, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000001, 0x35f, 0x0, r1}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240) readv(r5, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140), 0x0) r7 = dup(r6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x0) 11m48.987979259s ago: executing program 9 (id=3244): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0) r3 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0xffffffff, 0x204}, &(0x7f00000001c0)=0x0, &(0x7f0000000440)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r6, &(0x7f0000006380)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r6, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000380)={{}, {0x1, 0x4}, [], {}, [{0x8, 0x3, r7}], {0x10, 0x4}}, 0x2c, 0x2) umount2(&(0x7f0000000340)='./file0\x00', 0x3) io_uring_enter(r3, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f) 11m48.212616402s ago: executing program 1 (id=3246): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x800) bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 11m48.107831357s ago: executing program 0 (id=3248): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000002c0)=[@window, @mss, @mss={0x2, 0x8}, @window, @window={0x3, 0x3, 0x5}, @timestamp, @mss={0x2, 0x9}, @timestamp], 0x2000000000000135) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730", 0x121, 0x805, 0x0, 0x0) 11m47.82053335s ago: executing program 1 (id=3249): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r0, 0x104, 0x7, 0x0, &(0x7f0000000340)) 11m47.707261761s ago: executing program 0 (id=3250): pipe2(&(0x7f0000000040), 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0) syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="040f04be319d71"], 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0) chdir(&(0x7f0000001140)='./file1\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) 11m47.377721328s ago: executing program 1 (id=3251): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)=ANY=[@ANYBLOB="2c0000003e000100fcff070180040020800c000200000000007904f8c4"], 0x2c}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) socket$inet6_sctp(0xa, 0x1, 0x84) openat$userio(0xffffffffffffff9c, &(0x7f0000000280), 0x12c00, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, 0x0, &(0x7f0000000080)='GPL\x00', 0x2}, 0x94) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x4, 0x0, 0x7313, 0x0, 0x0, 0x0, 0x2, 0x23}, 0x0, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x12c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x70}, 0x1, 0x0, 0x0, 0x400c094}, 0x40) r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18) utimensat(r3, 0x0, &(0x7f0000000880)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0) 11m46.533387488s ago: executing program 0 (id=3253): r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r1 = signalfd(r0, &(0x7f0000000040)={[0xf1]}, 0x8) socket$xdp(0x2c, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe75, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0xe8b}, 0x94) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4040, &(0x7f0000000540)={0xc9, 0xf7, r3, 0x1, 0xd7, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) sched_setscheduler(0x0, 0x2, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x2000}}) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) lchown(&(0x7f0000000500)='./file0\x00', 0x0, 0x0) lremovexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='user.incfs.id\x00') r6 = syz_pidfd_open(0x0, 0x0) setns(r6, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout_data(r7, 0x107, 0x16, 0x0, 0x0) close_range(r5, 0xffffffffffffffff, 0x0) 11m46.229119805s ago: executing program 1 (id=3254): syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmmsg$inet(r0, 0x0, 0x0, 0x4c040) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x62, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r2) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000002c00)=@buf={0x500, &(0x7f0000002bc0)}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xc9, 0x2ea068d3, 0x0, 0x0, 0x7, 0x0, 0x43, 0x0, 0xffffffffffffdfff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80000, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffbffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3ff, 0x80003, 0x0, 0x0, 0x3, 0x203, 0x0, 0x40000000000, 0x801, 0x0, 0x5241, 0x0, 0x4, 0x5, 0x6, 0x0, 0x40000, 0x767e, 0x80, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x8, 0x0, 0xff, 0x0, 0x0, 0x2000000000000000, 0xa7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x100000001]}) 11m45.643191168s ago: executing program 0 (id=3256): r0 = openat$tcp_congestion(0xffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$tcp_congestion(r0, &(0x7f0000000100)='reno\x00', 0x5) 11m45.216927185s ago: executing program 0 (id=3257): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000010000"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000008000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={r1, 0x0, 0xdc0, 0x1e4f52c7a5b08e56, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000d00)=""/11, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 11m44.568142953s ago: executing program 0 (id=3259): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00') read$FUSE(r0, 0x0, 0x0) 11m21.316656304s ago: executing program 40 (id=3247): prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x14, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x7ff}, {}, {}, [@tail_call], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r1 = socket$kcm(0x10, 0x3, 0x10) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000980)=r0, 0x4) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0xffffffffffffffff, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x35, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x804) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r5, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x300) 11m21.066215581s ago: executing program 41 (id=3258): r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e24, 0x68, @loopback, 0xc2}]}, &(0x7f0000000180)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000400)={r1, 0x34, "bf7fa159ea60785a5fcfa8d2d836dbcbaacf8bcee9219a5f2bb4a5f2595b038c94e09bad06348991bdef8e91f03028fbe1f85658"}, &(0x7f0000000300)=0x3c) socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0x23, 0x6, 0xfffffffe) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000140)={r1, 0x6, 0x9}, &(0x7f00000001c0)=0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) sysinfo(&(0x7f00000004c0)=""/252) setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) r7 = fsopen(&(0x7f00000000c0)='omfs\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r7, 0x1, 0x0, 0x0, 0x0) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x200000b, 0x20000000ec071, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000300)=@gcm_128={{0x304}, "7c6d8f74584dc700", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "faffffffffffffff"}, 0x28) sendto$inet6(r4, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x4040080) 11m20.822490661s ago: executing program 42 (id=3244): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0) r3 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0xffffffff, 0x204}, &(0x7f00000001c0)=0x0, &(0x7f0000000440)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r6, &(0x7f0000006380)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r6, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000380)={{}, {0x1, 0x4}, [], {}, [{0x8, 0x3, r7}], {0x10, 0x4}}, 0x2c, 0x2) umount2(&(0x7f0000000340)='./file0\x00', 0x3) io_uring_enter(r3, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f) 11m20.575907125s ago: executing program 43 (id=3254): syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmmsg$inet(r0, 0x0, 0x0, 0x4c040) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x62, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r2) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000002c00)=@buf={0x500, &(0x7f0000002bc0)}) r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xc9, 0x2ea068d3, 0x0, 0x0, 0x7, 0x0, 0x43, 0x0, 0xffffffffffffdfff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80000, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffbffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3ff, 0x80003, 0x0, 0x0, 0x3, 0x203, 0x0, 0x40000000000, 0x801, 0x0, 0x5241, 0x0, 0x4, 0x5, 0x6, 0x0, 0x40000, 0x767e, 0x80, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x8, 0x0, 0xff, 0x0, 0x0, 0x2000000000000000, 0xa7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x100000001]}) 11m20.229445214s ago: executing program 44 (id=3259): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00') read$FUSE(r0, 0x0, 0x0) 9m36.067500486s ago: executing program 3 (id=3558): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) r1 = io_uring_setup(0x2237, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000), 0x0}, 0x20) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000000c0)={0x7ff, 0x2, 0x7, 0x5, 0x7}) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) select(0xff44, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, &(0x7f0000000100)={0x77359400}) syz_mount_image$ext4(&(0x7f0000000c40)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x4f33}, 0x18) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r6 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4004000) 9m34.083613183s ago: executing program 3 (id=3563): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000100), 0x2, 0x528, &(0x7f0000000c00)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtquqF8qpQqgSogcOHLYhcaIo9jqKndKEFcoeuSNRiROcOHNA4oDUE3ckDnDjUg5IBVagBgkJVx6PU+ePE2uT2Nv495NG8+eN/b23o3lv9HkzL4CJdSMidiPiSkS8HRFz+fEkX+L17tI576NHD5b2Hj1YSqLdfuufSVbeORZ9n+l4Kv/OYkR8742IHyaHgv4porm9s75Yq1U380PlVn2j3Nzeub1WX1ytrlbvVyp3F+7Ov3rnlcq5tfWF+m8+vBoRv//dFz/44+43ftyp1mxe1t+O89Rt+sx+nI7piPjORQQbg6m8PVce58OP9SHOUxoRn4mIF7P7fy6msqt50MHL9M0R1g4AuAjt9ly05/r3AYDLLs1yYElaynMBs5GmpVI3h/dcXEtrjWbr1kpj6/5yN1d2PWbSlbVadT7PFV6PmWRlbbq6kG339mvVyqH9OxHxbET8rHA1WVn7fkQ0asvjfPABgAn21KHx/z+F7vgPAFxyxU82C+OsBwAwOsVxVwAAGDnjPwBMHuM/AEwe4z8ATB7jPwBMHuM/AEyU7775Zmdp7+Xvv15+Z3trvfHO7eVqc71U31oqLTU2N0qrjcZqrVpaatRP+75ao7Gx8HJsvVtuVZutcnN75169sXW/dS97r/e96sxIWgUAnOTZF97/SxIRu69dzZboe9//qWP18xddO+AipeOuADA2U+OuADA2R2f7AiaFfDxMrv+32+3om7s3Ih7ub/W9DHTgfxF6b6gwqXlD4clz8/NnyP8Dn2ry/zC5Hi//71keLgP5f5hc7XZizn8AmDBy/EBySnn/7//z7b6d4X7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEtpNluStJTPBT4baVoqRTwdEddjJllZq1XnI+KZiPhzYabQ2V+ICPMGAcCnWfr3JJ//6+bcS7OHS68U/lvI1hHxo1+89fN3F1utzYWIK8m/9o+33suPV8ZRfwDgNL1xujeO93z06MFSbxllfT78Vndy0U7cvXzplkzHdLYuZrmGa/9O8v2uzvPK1DnE330YEZ87rv1Jlhu5ns98ejh+J/bTI42fHoifZmXddeff4rPnUBeYNO93+p/Xj7v/0riRrY+//4tZD3V2vf5v70j/l+73f1MD+r8bw8Z4+Q/fPnKwPdctexjxhemIvd6X9/U/vfjJgPgvDRn/r89/6cVBZe1fRtyM49qfHIhVbtU3ys3tndtr9cXV6mr1fqVyd+Hu/Kt3XqmUsxx1uZepPuofr916ZlD8TvuvDYhfPKX9Xx2y/b/639s/+PIJ8b/+leOv/3MnxO+MiV8bMv7itd8WB5V14i8PaP9p1//WkPE/+NvO8pCnAgAj0NzeWV+s1aqbZ98onnhOeh4h1hdrU3HyOT/Jn1LOr10nbBR+/dM3Tj+5cNHVOOtGDCqaelJqeGk2CkOcc/WJqOq4eybgon1y04+7JgAAAAAAAAAAAAAAwCCj+HOicbcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+vjAAAA//+DitLu") creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) fanotify_init(0xf00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x5}) r2 = fanotify_init(0x8, 0x40000) r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) fanotify_mark(r2, 0x1, 0x100018, r3, 0x0) r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000200201005) close_range(r1, 0xffffffffffffffff, 0x0) 9m33.687605504s ago: executing program 3 (id=3566): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000e4030000060a010400000000000000000100000008000b4000000000bc030480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000840301800c000100626974776973650074030280080003400000000208000140000000140800024000000012500305806800028008000180fffffffe0900020073797a300000000008000340000000010900020073797a31000000000900020073797a320000000008000180fffffffb0900020073797a300000000008000180fffffffe08000340000000020900020073797a3200000000a70001006c09036006e24be9a48cbb620114125f07ea1ab8513a1ab20eb61d4a4246c9f7ac8937e820e70fa65fcc17319ca3db0ae70a0838112dac5872e11ebc2ddc20c5ca79f4cb4497397584c4c8d01e9e139a72484129230f35d82c064935525e1a2310f27341b0036ce7ee1108ad5d972ee9cf56f3839cbe025b50b21059dc9731e028e9c02d95d8f951101dd5f179f7a884c4c7337fb1d56552f236b4b06ade871164bcd500640002800900020073797a310000000008000180fffffffb0900020073797a31000000000900020073797a32000000000900020073797a3100000000080001800000000008000340000000010900020073797a31000000000900020073797a3000000000aa000100db85ec8eae5ba8a565310975e527c5f5d60a2e3e1881751d4d4468a4784ee11c9ef600d76c3db867b8039eb9441a2120161ef09ff15a9d57a57c55982f49db8fcb9bb742c0508fcab01d9235a10218d7c3eba60319d9c7103d101dc755975e271ea9bfb2bbfff3c5d8f62009f4e6fe965ada258dbf18a344d66a040d6128cd0f8337d5a43dc450eb79fb4c7df580065976322c87912340ad458b94f72002a8884d3836d2b6b5000014000100c9ab0c5e4e3c8e298806e645996368bb018000000000000000000001080003400000000208000180fffffffc0900020073797a3200000000ef00010052d9fc0fee7bb5b82644e7ecdda879e098bbf83eedb57eb1890629a14c964e4dcd93fec4afd7aa1386e0dd8dc000627451a8a3fcbab94ea5c15b19187e649cd520084c675fbe4893753c58f057a9b34f76814edeadcf58cc86a31ab0e0a514312b619ad250aee2c2634cf6a4db3047035db85a0e"], 0x458}}, 0x0) 9m33.199668328s ago: executing program 3 (id=3569): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 9m32.739584811s ago: executing program 3 (id=3572): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) socket$inet6(0xa, 0x1, 0x8010000000000084) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) socket$inet6_sctp(0xa, 0x5, 0x84) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000200", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value=r4}}, 0x1c) syz_emit_ethernet(0x5ee, &(0x7f0000002880)={@local, @local, @void, {@ipv6={0x8100, @generic={0x0, 0x6, "7409bf", 0x0, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @local}}}}, 0x0) 9m32.313016237s ago: executing program 3 (id=3576): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x0) syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x102300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3) 9m16.995579436s ago: executing program 45 (id=3576): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x0) syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x102300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3) 8m36.679897225s ago: executing program 2 (id=3755): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xff}]}) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x7) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) r4 = io_uring_setup(0x5ed3, &(0x7f0000000100)={0x0, 0x7e5f, 0x0, 0x0, 0x143}) io_uring_register$IORING_UNREGISTER_BUFFERS(r4, 0x1, 0x0, 0x0) 8m35.208046838s ago: executing program 2 (id=3767): r0 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)="180c", 0x2) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 8m33.911651439s ago: executing program 2 (id=3771): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 8m31.501811944s ago: executing program 2 (id=3778): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./bus\x00', 0x0, 0x0) fanotify_init(0x200, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)}) 8m31.07698669s ago: executing program 2 (id=3780): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = syz_io_uring_setup(0x10f, &(0x7f0000000140)={0x0, 0xfad9, 0x0, 0x0, 0xfffffffc}, &(0x7f00000001c0)=0x0, &(0x7f00000000c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x7ff) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000480)="dd61075a45f20c5b7fcfb49f6360c8ca00884e351fbb81e4ff87c3faf3d01756f229a4729067a8", 0x27}], 0x1) 8m29.927135049s ago: executing program 2 (id=3784): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fspick(0xffffffffffffffff, 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0xa) syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[@ANYBLOB="e9beb1dc8bf951430000000008004500007800000000003290780000000000200000004e2000649078420000000000000017a45bf27ff98418a32b561acfa814512911c17336da9e5c3d4d170ae8aa75e996f7910f11fc5b8b0938f2533d3d35e2c58fd9d792de232b6688fcac5449e0e82864694896db6508f8be8d1d00a306d1e36f55fa"], 0x0) r3 = dup(r2) r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x40, 0x9, {}, {0x2, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1}) r5 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c) ftruncate(r5, 0x200004) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CAP_X2APIC_API(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, 0x3}) ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000140)={0x8080000, 0x4, 0x44, 0x1, 0x80000003}) write$apparmor_exec(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000000000000"], 0x8) sendfile(r3, r5, 0x0, 0x80001d00c0d1) 8m14.362527252s ago: executing program 46 (id=3784): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fspick(0xffffffffffffffff, 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0xa) syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[@ANYBLOB="e9beb1dc8bf951430000000008004500007800000000003290780000000000200000004e2000649078420000000000000017a45bf27ff98418a32b561acfa814512911c17336da9e5c3d4d170ae8aa75e996f7910f11fc5b8b0938f2533d3d35e2c58fd9d792de232b6688fcac5449e0e82864694896db6508f8be8d1d00a306d1e36f55fa"], 0x0) r3 = dup(r2) r4 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x40, 0x9, {}, {0x2, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1}) r5 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c) ftruncate(r5, 0x200004) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_CAP_X2APIC_API(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, 0x3}) ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f0000000140)={0x8080000, 0x4, 0x44, 0x1, 0x80000003}) write$apparmor_exec(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000000000000"], 0x8) sendfile(r3, r5, 0x0, 0x80001d00c0d1) 12.947135589s ago: executing program 8 (id=5475): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="02000000040000000800"], 0x50) r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r0, 0x28, 0x6, 0xfffffffffffffffc, &(0x7f0000000000)=0x5e) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1500, &(0x7f0000001900)="$eJzs3Au0TlX3MPA511qb4+TyJLnvuebmSS6LJAklySVJkpA7CUmSJEnikFsSkpDrSXIPuaeTjvv9knvSyStJkpCQZH3jdPn8ey//3vf99//0vWf+xtjjrPnsPdee68zxnGfvPcZ5vuo2vHqjGlXqMzP8O/SvA/z5RxIAJADAIADIAQABAJTNWTZn+v4sGpP+rZOI/yUNZl7pCsSVJP3P2KT/GZv0P2OT/mds0v+MTfqfsUn/MzbpvxAZ2ux8V8uWcTd5/v//OfU/SZbP/wwB/9EO6f9/Gv0vHS39z9ik/xmb9D9jk/5nZMGVLkBcYfL+z9ik/0JkaH/4M+WN56/0M23Z/oVNCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYT4f+C8v8wAwK/jK12XEEIIIYQQQggh/jj+nStdgRBCCCGEEEIIIf73ISjQYCCATJAZEiALJMJVkBWyQXbIATG4GnLCNZALroXckAfyQj7IDwWgIIRAYIEhgkJQGOJwHRSB66EoFIPiUAIclIRScAOUhhuhDNwEZeFmKAe3QHmo8NM5090OleEOqAJ3QlWoBtWhBtwFNeFuqAX3QG24F+rAfVAX7od68ADUhwbQEB6ERtAYmkBTaAbNoQW0hFa/k5+c4+/lPwc94XnoBb0hCfpAX3gB+kF/GAADYRC8CIPhJRgCL8NQGAbD4RUYAa/CSHgNRsFoGAOvw1gYB+NhAkyESZAMb8BkeBOmwFuNs8E0mA4zYCbMgtnwNsyBuTAP3oH5sAAWQnKWxbAElsK7sAzegxR4H5bDB5AKK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fwg7YCbtgN+yBvbAPPoL98DEcgE8gDT/9F/PP/TYfuiMgoEKFBg1mwkyYgAmYiImYFbNidsyOMYxhTsyJuTAX5sbcmBfzYhLmx4JYEAkJGRkLYSGMYxyLYBEsikWxOBZHhw5LYSksjTdiGSyDZbEslsNyWB4rYAW8FW/FSlgJK2NlrIJVsCpWxepYHe/Cu/BurIW1sDbWxjpYB+tiXayH9bA+1seG2BAbYSNsgk2wGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHbAjdsRO2Ak7Y2fsgl2wK3bFbtgNu+Oz+Cw+h8/h8/g89saqqg/2xb7YD/vhAByIA/FFHIwv4Uv4Mg7FYTgcX8FX8FUciWdxFI7GMTgGK6lxOB4nIKtJmIzJmBkm4xScglNxGk7DGTgTZ+FsnI1zcC7OxXdwPi7ABbgIF+ESXIpLcRm+hymYgsvxHKbiClyJq3A1rsHVuA7X4zrciJtwI27BLbgNt+GH+CHuxJ24G3fjXtyLH+FH+DF+jEMxDdPwIB7EQ3gID+NhPIJH8CgexWN4DI/jcTyBJ/AknsLTeArP4Bk8i+fwPABcwAt4ES/iJbyU/uZX6YwyKpPKpBJUgkpUiSqryqqyq+wqpmIqp8qpcqlcKrfKrfKqvCq/yq8KqoKKFClWkSqkCqm4iqsiqogqqoqq4qq4csqpUqqUKq1KqzKqjCqrblbl1C2qvKqg2rpb1a2qkmrnKqs7VBVVRVVV1VR1VUPVUDVVTVVL1VK1VW1VR9VRddX9qp7qgwOwgUrvTCM1DJuo4dhMNVctVEv1Kj6kWquR2Ea1Ve3UI2o0jsIOqrXrqB5XndR47KyeVBPwKdVVTcJu6hnVXT2reqjnVE/VxvVSvdVU7KP6qhnYT/VXA9RANQerqfSOVVcvq+cyD1PD1StqCb6qRqrX1Cg1Wo1Rr6uxapwaryaoiWqSSlZvqMnqTTVFvaWmqmlqupqhZqpZarZ6W81Rc9U89Y6arxaohWqRWqyWqKXqXbVMvadS1PtqufpApaoVaqVapVarNWqtWqfWqw1qo9qkNqstaqvaprarD9UOtVPtUrvVHrVX7VMfqf3qY3VAfaLS1KfqoPqLOqQ+U4fV5+qI+kIdVV+qY+ordVx9rU6ob9RJdUqdVt+qM+o7dVadU+fV9+qC+kFdVD+qS8or0KiV1troQGfSmXWCzqIT9VU6q86ms+scOqav1jn1NTqXvlbn1nl0XpNP59cFdEEdatJWs450IV1Yx/V1uoi+XhfVxXRxXUI7XVKX0jfo0vpGXUbfpMvqm3U5fYsuryvoih70bbqSvl1X1nfoKvpOXVVX09V1DX2Xrqnv1rX0Pbq2vlfX0ffpuvp+XU8/oOvrBrqhflA30o11E91UN9PNdQvdUrfSD+nW+mHdRrfV7fQjur1+VHfQj+mO+nHdST+hO+sndRf9lO6qn9bd9DO6u35W99A/6kva6166t07SfXRf/YLup/vrAXqgHqRf1IP1S3qIflkP1cP0cP2KHqFf1SP1a3qUHq3H6Nf1WD1Oj9cT9EQ9SSfrN/Rk/aaeot/SU/U0PV3P0DP1LD3gl5nm/RP5b/6d/CE/nX2b3q4/1Dv0Tr1L79Z79F69T+/T+/V+fUAf0Gk6TR/UB/UhfUgf1of1EX1EH9VH9TF9TB/Xx/UJfUKf1Kf09/pbfUZ/p8/qc/qc/l5f0Bf0xV9+B2DQKKONMYHJZDKbBJPFJJqrTFaTzWQ3OUzMXG1ymmtMLnOtyW3ymLwmn8lvCpiCJjRkrGETmUKmsImb60wRc70paoqZ4qaEcaakKWVu+B/n/159rUwr09q0Nm1MG9POtDPtTXvTwXQwHU1H08l0Mp1NZ9PFdDFdTVfTzXQz3U1308P0MD1NT9PL9DJJJsn0NS+Yfqa/GWAGmkHmRTPYDDZDzBAz1Aw1w81wM8KMMCPNSDPKjDJjzBgz1ow14814M9FMNMk+h5lsJpspZoqZaqaa6YNymJlmppltZps5Zo6ZZ+aZ+Wa+WWgWmsVmsVlqlpplZplJMSlmuVluUs0Ks8KsMqvMGrPGrDPrzAazwWwym8wWs8Wkmu1mu9lhdphdZpfZY/aYfWaf2W/2mwPmgEkzaeagOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmpDlpTpvT5ow5Y86as+a8OW8umAvmorloLplL6Zd9gQpUYAITZAoyBQlBQpAYJAZZg6xB9iB7EAtiQc4gZ5AruDbIHeQJ8gb5gvxBgaBgEAYU2ICDKCgUFA7iwXVBkeD6oGhQLCgelAhcUDIoFdwQlA5uDMoENwVlg5uDcsEtQfmgQlAxuDW4LagU3B5UDu4IqgR3BlWDakH1oEZwV1AzuDuoFdwT1A7uDeoE9wV1g/uDesEDQf2gQdAweDBoFDQOmgRNg2ZB86BF0DJo9YfO7/3ZPA+7XmHvMCnsE/YNXwj7hf3DAeHAcFD4Yjg4fCkcEr4cDg2HhcPDV8IR4avhyPC1cFQ4OhwTvh6ODceF48MJ4cRwUpgcvhFODt8Mp4RvhVPDaeH0YEY4M5wVzg7fDueEc8N54Tvh/HBBuDBcFC4Ol4T48yUxpITvh8vDD8LUcEW4MlwVrg7XhGvDdeH6cEO4MdwUbg63lB3886HhjnBnuCvcHe4J94b7wo/C/eHH4YHwkzAt/DQ8GP4lPBR+Fh4OPw+PhF+ER8Mvw2PhV+Hx8OvwRPhNeDI8FZ4Ovw3PhN+FZ8Nz4fnw+/BC+EN4MfwxvBT69Iv79I93MmQoE2WiBEqgREqkrJSVslN2ilGMclJOykW5KDflpryUl/JTfipIBSkdE1MhKkRxilMRKkJFqSgVp+LkyFEpKkWlqTSVoTJUlspSOSpH5ak8VaSKdBvdRrfT7XQH3UF30p1UjapRDapBNakm1aJaVJtqUx2qQ3WpLtWjelSf6lNDakiNqBE1oSbUjJpRC2pBragVtabW1IbaUDtqR+2pPXWgDtSROlIn6kSdqTN1oS7UlbpSN+pG3ak79aAe1JN6Ui/qRUmURH2pL/WjfjSABtAgGkSDaTANoSE0lIbScBpOI2gEjaSRNIpG0xh6ncbSOBpPE2giTaJkSqbJNJmm0BSaSlNpOk2nmTSTZtNsmkNzaB7No/k0nxbSQlpMi2kpLaVltIxSKIWW03JKpVRaSStpNa2mtbSW1tN62kgbaTNtpq20lbbTdtpBO2gX7aI9tIf20T7aT/vpAB2gNEqjg3SQDtEhOkyH6QgdoaN0lI7RMTpOx+kEnaCTdJJO02k6Q2foLJ2l83SeLtAPdJF+pEvkKcFmsYn2KpvVZrPZbQ7713Fem8/mtwVsQRva3DbPb2Ky1ha1xWxxW8I6W9KWsjf8TVzeVrAV7a32NlvJ3m4r2/I2C/zXuKa929ay99ja9l5bw971m7iOvc/WtY1tPdvU1rfNbUPb0jayjW0T29Q2s81tC9vStreP2g72MdvRPm472Sf+Jl5m37Pr7Qa70W6y++3H9rz93h6zX9kL9gfby/a2g+yLdrB9yQ6xL9uhdthvYwA7xr5ux9pxdrydYCfaSX8TT7cz7Ew7y862b9s5du7fxEvtu3a+TbEL7SK72C75KU6vKcW+b5fbD2yqXWFX2lV2tV1j19p1/7fWVXaL3Wq32X32I7vD7rS77G67x+79KU5fxwH7iU2zn9qj9kt7yH5mD9vj9oj94qc4fX3H7df2hP3GnrSn7Gn7rT1jv7Nn7bmf1p++9m/tj/aS9RYYWbFmwwFn4sycwFk4ka/irJyNs3MOjvHVnJOv4Vx8LefmPJyX83F+LsAFOWRiy8wRF+LCHOfruAhfz0W5GBfnEuy4JJfiG7g038hl+CYuyzdzOb6Fy3MFrsi38m1ciW/nynwHV+E7uSpX4+pcg+/imnw31+J7uDbfy3X4Pq7L93M9foDrcwNuyA9yI27MTbgpN+Pm3IJbcit+iFvzw9yG23I7foTb86PcgR/jjvw4d+InuDM/yV34Ke7KT3M3foa787Pcg5/jnvw89+LenMR9uC+/wP24Pw/ggTyIX+TB/BIP4Zd5KA/j4fwKj+BXeSS/xqN4NI/h13ksj+PxPIEn8iRO5jd4Mr/JU/gtnsrTeDrP4Jk8i2fz2zyH5/I8fofn8wJeyIt4MS/hpfwuL+P3OIXf5+X8AafyCl7Jq3g1r+G1vI7X8wbeyJt4M2/hrbyNt/OHvIN38i7ezXt4L+/jj3g/f8wH+BNO40/5IP+FD/FnfJg/5yP8BR/lL/kYf8XH+Ws+wd/wST7Fp/lbPsPf8Vk+x+f5e77AP/BF/pEvsWeIMFKRjkwURJmizFFClCVKjK6KskbZouxRjigWXR3ljK6JckXXRrmjPFHeKF+UPyoQFYzCiCIbcRRFhaLCUTy6LioSXR8VjYpFxaMSkYtKRqWiG6LS0Y1RmeimqGx0c1QuuiUqH1WIKka3RrdFlaLbo8rRHVGV6M6oalQtqh7ViO6KakZ3R7Wie6La0b1Rmei+qG50f1QveiCqHzWIGkYPRo2ixlGTqGnULGoetYhaRq2ih6LW0cNRm6ht1C56JGofPRp1iB6LOkaPR52iJy7vLxb8/Gn6V/uToj6R/uUJ2T16cXxJfGn83fiy+Hvxxt1+fjU1viK+Mr4qvjq+Jr42vi6+Pr4hvjG+Kb45viW+Nb4t7n2NzOAw/UYYjAtcJpfZJbgsLtFd5bK6bC67y+Fi7mqX013jcrlrXW6Xx+V1+Vx+V8AVdKEjZx27yBVyhV3cXeeKuOtdUVfMFXclnHMlXSnX0rVyrVxr97Br49q6du4R94h71D3qHkv4pXDX2T3purinXFf3tHvaPeO6u2ddD/ec6+med71cb5fkklxf19f1c/3cADfADXKD3GA32A1xQ9xQN9QNd8PdCDfCjXQj3Sg3yo1xY9xYN9aNd+PdRDfRJbtkN9lNdlPcFDfVTXXT3XQ30810s91sN8fNcfPcPDffzXcL3UK32C12S91St8wtcykuxS13y12qS3Ur3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1waS7NHXQH3SF3yB12n7sj7gt31H3pjrmv3HH3tTvhvnEn3Sl32nl9xn3nzrpz7rz73l1wP7iL7kd3yXmXHHsjNjn2ZmxK7K3Y1Ni02PTYjNjM2KzY7NjbsTmxubF5sXdi82MLYgtji2KLY0tiS2PvxpbF3oulxN6PLY99EEuNrYitjK2KrY6tiXlfYEfkC/nCPu6v80X89b6oL+aL+xLe+ZK+lL/Bl/Y3+jL+Jl/W3+zL+Vt8eV/BV/RNfTPf3LfwLX0r/5Bv7R/2bXxb384/4tv7R30H/5jv6B/3nfwTvrN/0nfxT/mu/mnfzT+z4Jcu+57+ed/L9/ZJvo/v61/w/Xx/P8AP9IP8i36wf8kP8S/7oX6YH+5f8SP8q36kf82P8qP9GP+6H+vH+fF+gp/oJ/lk/4af7N/0U/xbfqqf5qf7GX6mn+Vn+7f9HD/Xz/Pv+Pl+gV/oF/nFfolf6t/1y/x7PsW/75f7D3yqX+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u//Q7/A7/S6/2+/xe/0+/5Hf7z/2B/wnPs1/6g/6v/hD/jN/2H/uj/gv/FH/pT/mv/LH/df+hP/Gn/Sn/Gn/rT/jv/Nn/Tl/3n/vL/gf/EX/o78k/7MmhBBCCPFP0b+zv8/feU39sqXrCwDZduY78tdzbs7987i/2t8pBgCP9+7W4NetQYOkpKRfjk3VEBReBACxy/k/ff/AL/EKaAePQkdoC6X/bn39VcWfrvv+u/njNwMkAmT5NSf99igR/nr+G//B/E3f5d+bfxFA0cKXc9JP9Gt8ef4y/2D+ve1/Z/4snyUDtPkvOVnhcnx5/lLwMDwBHX9zpBBCCCGEEEII8bP+6kL337u/Tb8/z28u52SGy/Hv3Z//jsp/xBqEEEIIIYQQQgjx33vq2R6PPdSxY9su/8mDzH+OMv4EAwSAP0EZMvjzD670XyYhhBBCCCHEH+3yRf+VrkQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi4/v1vCFP/9MFXeo1CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfZ/AgAA///M7VMc") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) unlinkat(r3, &(0x7f0000000000)='./file0\x00', 0x200) 11.669651618s ago: executing program 5 (id=5482): socket$nl_generic(0x10, 0x3, 0x10) openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) r0 = syz_io_uring_setup(0x10f, 0x0, &(0x7f0000000240)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x17, 0x1}) io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0) r2 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240048c1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r4, 0x4) sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc) r5 = getpid() sched_setscheduler(r5, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe0000000071105000000000001d300200000000004704000001"], 0x0}, 0x94) r6 = socket$inet6(0xa, 0x3, 0x38) connect$inet6(r6, &(0x7f0000000300)={0xa, 0x4e21, 0x41200002, @dev={0xfe, 0x80, '\x00', 0x36}, 0xb}, 0x1c) read$FUSE(0xffffffffffffffff, &(0x7f0000004480)={0x2020}, 0x2020) 11.561358471s ago: executing program 8 (id=5483): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x200) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) 11.324978877s ago: executing program 5 (id=5485): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r2, r1, 0x0, 0x1, &(0x7f00000000c0)='\x00'}, 0x30) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r3 = timerfd_create(0x0, 0x0) timerfd_settime(r3, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) ioctl$F2FS_IOC_COMPRESS_FILE(0xffffffffffffffff, 0xf518, 0x0) 11.107702469s ago: executing program 8 (id=5486): mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x808810, &(0x7f0000000340)={[{@filestreams}, {}, {@uqnoenforce}]}, 0x1, 0xb91b, &(0x7f000000d000)="$eJzs3Xts3WX9wPGnXdutkMH4hY7LT2RMBgxkW7dBKQTXdqyjXCqXgR0wobICk47LKLhxLSEkoGIA44WYRYl4jRLFQSQKDiPKxWGMAeIfRALGgMmif4EaQ82355zSHkqzPuV5mrHXK1nP+X5PP08v7/N8T1jITk/nuR0h1IWSwVDtpbe2PvHFdZ1P/vxL929/+K4XHimdbZtVfritfNtevu0Iw4sNn64tnar7+rZHa4uD2tHr7tXYWLNPCJdWrdNSurmpufJ5Q1XKp+dVHq8dOaz5fOnPiL2LD79vW9cbQpgzar4mhLDkPT/oHqqnfXVn+XcSRnWbUX645t3Hhm/rSn9WPBfCiu3hfZ8f06r4Pud0zv74wdP9jewOetpXd1X1byt3rinvx7bqPbgnqn6ev/7QojvLv8Lh59s0JpySnvbOM8IE+/i4/160YKh03awPITSEEGaGEGZNdw8+GO0dy4rX7NrKcTl7Zf/PGe95ceTS1/8dQphbvIyXrhel1wJg99LesWzlOPu/YaL933rHtjftf9j9dbV3LCv2etX+nzXR/t/QuvbF0r5vaylNvTO9PwQAAAAAMK7rttx4ZW9/f98md9xxx52RO9N9ZQJSe3fTT/d3AgAAAAAAAAAAAOyqHP878XT/jAAAAAAAAAAAAADwYdHV3b5zRs2YUzNGHxyyo2/4dvnbPVd8756h9ZXb8sOnj7PkmPf5HxoaGmrduaLyXuwzq94ve1b1cLH+YN3bz5QP26rff7B++Gx9uOSyDf19S4ovtbI+bC4Omot1O+vDvcXB0uJgdX34fnGwbPigMWwvDhZdenX/+uLEqZG/sQ+Xru7BMGNMsTDm2TC6/2D9/O2V2wmWrKxWF8r999//vE1Vj1WM3//d9dvf733J+WBMrv+izZXbCZZ8z/4/6I01vxzvsffvP7J+h/5pjXP9H9Oo+rpfdf2fN86SI/NzX3rmiqL/Y0/etaZ8qm5Xrv+j1l9Z3X948ZHrf7HUKZXrf/HasmpKv4w9UFf37Tsn2v8T96+rvK7XjpodWe2Mk15oLfrvs3Dbn8qn6ifZ/5SJ9n/NvPdcT5ikru4Hh6r2/yT6hyPGWXKkyddePu25ov9PnlnTNOqxyfRfVd1/8cDGaxZft+XGYzds7L287/K+q1qWLD/h+OaW5c2Lh68IpY9T+53sSaa2/4ff/3/0TE0IC0bmFxz/zgVF/7nf7uwpn5o1yf6dE+7/S8Z+r4wyvzY0NITNvQMDm5pLHyuHS0sfS582Tv9JvP5/7KjypzWWb2tCOHBkvuWApgOL/k0zVn2kfKphkv1XT9h/cOTrEmmK+3991cyY/oPPP/izov/8H55f+TuFyb7+nzpR/9pv2f9T1dVd9Rc+H7Ci/1/rFp4YOd7lv//SytH/V/svODdy/DT908rR/4b/P2wgcvx0/dOK61/71K5+ZtG/cfnJt0/6S5ScoX9aOfb/9pNavxs5fqb+aeXo/41jjvtD5Hi3/mnl6H/O4c1vRI5/Uv+0cvT/2/9tuTBy/Cz908rRf/Eht9wcOX62/mnl6D8w+9qmyPFz9E8rR/8naq9fGjl+rv5p5ej/62M3/C5yfI3+aeXov/f8ja9Gjp+nf1o5+p+1tPfuyPHz9U8rR/8HTu57OHL8U/qnlaP/xQc/elnkeI/+aeXo/9Wmn7ZHjq/VP60c/XfUP3FU5PgF+qeVo3/dXo/vGzl+of5p5eh/04Lv/Cdy/CL908rR/5GjH3wlcnyd/mnl6P/miT/eFjn+af3TytF/3nE/+HLk+MX6p5Wj/zWH/fHlyPFL9E8rR//HF734z8jxXv3TytH/tU/8+YHI8c/on1aO/sc0v/Jk5Pil+qeVo/+ajz413r8TtCvW659Wov4NlTtF/637Pd0fuU6f/mnl2P+/rXm2PnL8Mv3TytF/3312zI8cv1z/tHL0f3bhIX+PHL9C/7Ry9A9HHLQjcnyD/mnl6H/h8U0PRY5/Vv+0cvS/v3W/OyLHr9Q/rRz9d86dfUPkeL/+aeXof/hBjWdHjm/UP60c/W9rrD8hcvwq/dPK0f+xhppDI8ev1j+tHP1rl3T9KHL8Gv3TytH/+RVnfiFy/Fr900raf+9S/3sXt78WucIm/dPKsf/Xzlv1dOT4dfqnlaP/Efuujf0X2Qf0TytH/3+EdQdEjl+vf1o5+m+bc/atkeM36J9Wjv63HHre2sjxz7301taZQf9kcvT/xQl33hc5vtn+TytH/00ttz8WOb5F/7Ry9F945D1/iRy/Uf+0cvR/9ai7/xU5fpP+aeXo/82ZX5kdOX6z/mnl6H/+rPuOjhy/Rf+0cvSffeDWlZHjt+qfVo7+vznggfWR47fpDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHcnYJfOhf/Hz4wZO0lZi2Qv2WVJYdCgtFiT7LusoayFqJAtKSTZI0qylIS0W7JUlkpKkTbSSln/1yyPxviMn7r8o/m8Xtc1c7Z7znzP932+5znz3M+5BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA595Go9dbdTAYMf7SQU+7/bYHT7nyyE1HX3XZ0cddfcFhN1407tpVph5/8ypPTGQw9s5WGXPb8HGbjDjxkrOHj7kwfML7nXaaaYbNOBi2dR7V/pv9H8OeZ+jM8CcvDjti3K8nTTf2b59pywsHg8FM/8f91dpo1Bqjx0zeuF9Pdpti/M3jr3/y/Ihxv1bcfDBYcZPBJJ8fz7/HNhi9zvM9hv8FG41aY62J+g/Gdx7bfeL13Wri5/kUh24y7HkN9xzZaNTotce0ntQ63mfvo8c+BwaDEacNBiNOHwxGnDEYjDjz+e7Bc2PUqkuvOuY1f+jyuOoHDb0hSK/vwx5+yyVjvmaMHPd1YsRZQ18LgP8to1ZderWw/qccuj2t/3sevXtD6x/+9601atWlBxO8zx937UFD/76P63+lua648/kbMQAAAPDvevz+y68av69v+GAw92Ci/b1jjf++wLALr7755udtoC8MYT/Z039m4n/MmM5TnzfPYLDrBs/3UHgeTBb7sfmP6d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+xSax/3+modMDprh09fGbLnDL8TutP/GfH3Pd1P/1UT9vJtf9/4Mdh41rOab5joPB4K2j1l1/4cFgsP5Ox98y7+DJ25Yfc9uKM08x/gABC4/9/Y2TuOOhT5OPPVjDtE/ex4Vj73+tJ06fYthEg5jANk8cdc4OGz20zMSnC076cTx5fInr3nT7CUOfZRk+0UaTeq4O3f/QY5m48/ixLzxm7Ivvtcvui++5736L7rjLlttvu/22uy63xDLLL7vkcsssufh2O+687RLjfp/UnI07dMVqz2bOppx4zu4fNeGcTfzYJjVn8zzznI29xx2uuW3WoTkb8W/O2WrPPGfz7Dg01lVGDrYYOzdj/srVRw72GXNhyanGPIXGbzv7mG1fP/PwweDYfz3QMeemevI5OOygHZ+D45aMPx01/nTVeNySSyd13JLB1hPdzwrjTva6cmi7iT9nPf7qZ33ckpVGH7LQmLU40Z///+E/+vr/tF7LD3tyooYOGjJ+m3G9/nWciaFpW2WC40wsl44l81x62njnGf7k8zqNd/zn4oZNNP/P9Lm4wcL3bHH+uMe1ynLj/tTj/3GU/Nqx9r9mL3jKa8fgmV87pvjX2X9du+0Nc0382vHmSQ/xKetiaI6mmmijSb12XPPQiIPG3P/QmCfx2rH2juM/aPyv144xf+1qQ68dY8Y+euTg2DEXlhpzYY2Rg3PHXFh67IVpBlePubDY1rvtvM2YK9Z8+vN24WFP+YHH8LwdPdHz9lkcH2fl6waDla9Oj2vS05ml5+2UzzDe/HnuwTN+nnuhwx9dbzAYzDruq/SYBzlu7P+JNN4RzzzecPyJwTMdf2KwwvLnr/Ycj/fJdTb2uTb+cFFrTuLPPGWdzfS0dXbwFBOsjGf7vmabsP2487M/eW8Xn379QUNzNHKi+5366W8HnvL3DT2W1H/oPd+Ehp82GPZMc7PGs5mbGZ95bp7t+5eF5xt3+zTPMDezzzLbckNzM+XT5yYauv81JjE3E74fntCwgwbTPHVuRox9Dzz/+LkZ/WzmZvrn5nkzbdh+3PkFnrxq48eXXWBobsJcxK//Q/c/+t+dmy2efN7MP/a2eYcPppxysM+We+21x5Ljfh+6uNS43595Da7+bOZy6udmLucc/6oz/OmT8+RVK9y44trPsAajoftf/d+dy3kGw4f+zb1jXN3PCd//6aZ/N/276d9N/276d9O/m/7FJrH/f56h7wsucsPCN0/w8wDbPN/jfZ5N1vv/rz1/w20m3v+/zYbnXzt88ORtz7h/dtw2L8j9s8uNO9l/yaHtJt4/OP7qZ71/9opjLtvkv7R/9j8yvtez+b6h1/9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/sUns/19i6OcAHr9vr7vG7wgdudWoOf7jz1lNJibr/f/j+z5l///Vc4zaavjgyduecf//uG069v/vcce9h7yQ9/8PrVX7//k/6N9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+xSax/3+VoZ8D2PnxWx8Y+nmAm05edbfne7zPs8l1/7///7+X1/9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/sfH7/wcT/beHb/e8iML+//9tk+i/jv7RsEFH/3X1j1rW/3r6Ry3919c/aum/gf5RS/8N9Y9a+r9D/6il/0b6Ry3936l/1NJ/Y/2jlv7v0j9q6b+J/lFL/031j1r6b6Z/1NJ/c/2jlv5b6B+19N9S/6il/1b6Ry39t9Y/aum/jf5RS/9t9Y+e2n8ymKFJ9N9O/6hl/W+vf9TSfwf9o5b+O+oftfR/t/5RS/+d9I9a+u+sf9TSfxf9o5b+u+oftfTfTf+opf/u+kct/d+jf9TSfw/9o5b+e+oftfTfS/+opf979Y9a+r9P/6il/976Ry3999E/aum/r/5RS//99I9a+u+vf9TS/wD9o5b+79c/aun/Af2jlv4H6h+19D9I/6il/8H6Ry39P6h/1NL/EP2jlv6H6h+19P+Q/lFL/w/rH7X0/4j+UUv/w/SPJsP+g9T/cP2jybB/XP9H6B+19P+o/lFL/yP1j1r6H6V/1NL/aP2jlv7H6B+19D/2af2n+a8O64Wqpf/HrP+opf9x+kct/T+uf9TS/3j9o5b+n9A/aun/Sf2jlv4n6B+19D9R/6il/0n6Ry39P6V/1NL/ZP2jlv6f1j9q6X+K/lFL/8/oH7X0P1X/qKX/afpHLf1P1z9q6X+G/lFL/zP1j1r6n6V/1NL/bP2jlv6f1T9q6X+O/lFL/3P1j1r6f07/qKX/efpHLf3P1z9q6f95/aOW/l/QP2rpf4H+UUv/L+oftfS/UP+opf+X9I9a+l+kf9TS/2L9o5b+l+gftfS/VP+opf+X9Y9a+n9F/6il/2X6Ry39v6p/1NL/cv2jlv5f0z9q6X+F/lFL/yv1j1r6X6V/1NL/6/pHLf2v1j9q6f8N/aOW/t/UP2rp/y39o5b+39Y/aun/Hf2jlv7f1T9q6f89/aOW/tfoH7X0v1b/qKX/dfpHLf2v1z9q6f99/aOW/jfoH7X0v1H/qKX/TfpHLf1v1j9q6f8D/aOW/j/UP2rp/yP9o5b+t+gftfS/Vf+opf9t+kct/W/XP2rp/2P9o5b+P9E/aun/U/2jlv536B+19P+Z/lFL/zv1j1r6/1z/qKX/L/SPWvrfpX/U0v+X+kct/X+lf9TS/279o5b+9+gftfT/tf5RS/979Y9a+v9G/6il/2/1j1r6/07/qKX/7/WPWvr/Qf+opf99+kct/e/XP2rp/0f9o5b+D+gftfT/k/5RS/8/6x+19P+L/lFL/7/qH7X0/5v+UUv/v+sftfR/UP+opf9D+kct/f+hf9TS/5/6Ry39H9Y/aun/iP5RS/9H9Y9a+j+mf9TS/3H9o5b+T+gflfQfNtA/auk/TP+opf9w/aOW/lPoH7X0H6F/1NJ/pP5RS/8p9Y9a+k+lf9TSf2r9o5b+00yi/8j/1rheoFr6T2v9Ry39p9M/auk/vf5RS/8Z9I9a+s+of9TS/0X6Ry39Z9I/aun/Yv2jlv4z6x+19H+J/lFL/5fqH7X0n0X/qKX/rPpHLf1n0z9q6T+7/lFL/zn0j1r6z6l/1NL/ZfpHLf1frn/U0n8u/aOW/nPrH7X0f4X+UUv/efSPWvq/Uv+opf+8+kct/efTP2rpP7/+UUv/BfSPWvovqH/U0n8h/aOW/gvrH7X0f5X+UUv/V+sftfRfRP+opf9r9I9a+i+qf9TSfzH9o5b+i+sftfRfQv+opf+S+kct/ZfSP2rpv7T+UUv/ZfSPWvq/Vv+opf+y+kct/ZfTP2rpv7z+UUv/FfSPWvq/Tv+opf+K+kct/V+vf9TS/w36Ry39V9I/aum/sv5RS/9V9I9a+o/SP2rpv6r+UUv/1fSPWvqvXtV/yme9ZUv/N1b1f/Za+o/WP2rpv4b+UUv/NfWPWvqvpX/U0v9N+kct/d+sf9TSf239o5b+b9E/aun/Vv2jlv5v0z9q6f92/aOW/uvoH7X0X1f/qKX/evpHLf3X1z9q6b+B/lFL/w31j1r6v0P/qKX/RvpHLf3fqX/U0n9j/aOW/u/SP2rpv4n+UUv/TfWPWvpvpn/U0n9z/aOW/lvoH7X031L/qKX/VvpHLf231j9q6b+N/lFL/231j1r6b6d/1NJ/e/2jlv476B+19N9R/6il/7v1j1r676R/1NJ/Z/2jlv676B+19N9V/6il/276Ry39d9c/aun/Hv2jlv576B+19N9T/6il/176Ry3936t/1NL/ffpHLf331j9q6b+P/lFL/331j1r676d/1NJ/f/2jlv4H6B+19H+//lFL/w/oH7X0P1D/qKX/QfpHLf0P1j9q6f9B/aOW/ofoH7X0P7Sm/xPjHPjstm7p/6Ga/v+elv4f1j9q6f8R/aOW/ofpH7X0P1z/qKX/EfpHLf0/qn/U0v9I/aOW/kfpH7X0P1r/qKX/MfpHLf2P1T9q6f8x/aOW/sfpH7X0/7j+UUv/4/WPWvp/Qv+opf8n9Y9a+p+gfzT59h8+4bXDTtQ/mnz7P3X9n6R/1NL/U/pHLf1P1j9q6f9p/aOW/qfoH7X0/4z+UUv/U/WPWvqfpn/U0v90/aOW/mfoH7X0P1P/qKX/WfpHLf3P1j9q6f9Z/aOW/ufoH7X0P1f/qKX/5/SPWvqfp3/U0v98/aOW/p/XP2rp/wX9o5b+F+gftfT/ov5RS/8L9Y9a+n9J/6il/0X6Ry39L9Y/aul/if5RS/9L9Y9a+n9Z/6il/1f0j1r6X6Z/1NL/q/pHLf0v1z9q6f81/aOW/lfoH7X0v1L/qKX/VfpHLf2/rn/U0v9q/aOW/t/QP2rp/039o5b+39I/aun/bf2jlv7f0T9q6f9d/aOW/t/TP2rpf43+UUv/a/WPWvpfp3/U0v96/aOW/t/XP2rpf4P+UUv/G/WPWvrfpH/U0v9m/aOW/j/QP2rp/0P9o5b+P9I/aul/i/5RS/9b9Y9a+t+mf9TS/3b9o5b+P9Y/aun/E/2jlv4/1T9q6X+H/lFL/5/pH7X0v1P/qKX/z/WPWvr/Qv+opf9d+kct/X+pf9TS/1f6Ry3979Y/aul/j/5RS/9f6x+19L9X/6il/2/0j1r6/1b/qKX/7/SPWvr/Xv+opf8f9I9a+t+nf9TS/379o5b+f9Q/aun/gP5RS/8/6R+19P+z/lFL/7/oH7X0/6v+UUv/v+kftfT/u/5RS/8H9Y9a+j+kf9TS/x/6Ry39/6l/1NL/Yf2jlv6P6B+19H9U/6il/2P6Ry39H9c/aun/hP5RSf+xZ/V/upb+w/SPJsf+T0wx7uyE/YfrH02O/dP6n0L/qKX/CP2jlv4j9Y9a+k+pf9TSfyr9o5b+U+sftfSfRv+opf+0+kct/afTP2rpP73+UUv/GfSPWvrPqH/U0v9F+kct/WfSP2rp/2L9o5b+M+sftfR/if5RS/+X6h+19J9F/6il/6z6Ry39Z9M/auk/u/5RS/859I9a+s+pf9TS/2X6Ry39X65/1NJ/Lv2jlv5z6x+19H+F/lFL/3n0j1r6v1L/qKX/vPpHLf3n0z9q6T+//lFL/wX0j1r6L6h/1NJ/If2jlv4L6x+19H+V/lFL/1frH7X0X0T/qKX/a/SPWvovqn/U0n8x/aOW/ovrH7X0X0L/qKX/kvpHLf2X0j9q6b+0/lFL/2X0j1r6v1b/qKX/svpHLf2X0z9q6b+8/lFL/xXa+w/PV7f0f117/0lo6b+i/lFL/9frH7X0f4P+UUv/lfSPWvqvrH/U0n8V/aOW/qP0j1r6r6p/1NJ/Nf2jlv6r6x+19H+j/lFL/9H6Ry3919A/aum/pv5RS/+19I9a+r9J/6il/5v1j1r6r61/1NL/LfpHLf3fqn/U0v9t+kct/d+uf9TSfx39o5b+6+oftfRfT/+opf/6+kct/TfQP2rpv6H+UUv/d+gftfTfSP+opf879Y9a+m+s/4ROmmH8mZb+79I/aum/if5RS/9N9Y9a+m+mf9TSf3P9o5b+W+gftfTfUv+opf9W+kct/bfWP2rpv43+UUv/bfWPWvpvp3/U0n97/aOW/jvoH7X031H/qKX/u/WPWvrvpH/U0n9n/aOW/rvoH7X031X/qKX/bvpHLf131z9q6f8e/aOW/nvoH7X031P/qKX/XvpHLf3fq3/U0v99+kct/ffWP2rpv4/+UUv/ffWPWvrvp3/U0n9//aOW/gfoH7X0f7/+UUv/D+gftfQ/UP+opf9B+kct/Q/WP2rp/0H9o5b+h+gftfQ/VP+opf+H9I9a+n9Y/6il/0f0j1r6H6Z/1NL/cP2jlv5H6B+19P+o/lFL/yP1j1r6H6V/1NL/aP2jlv7H6B+19D9W/6il/8f0j1r6H6d/1NL/4/pHLf2P1z9q6f8J/aOW/p/UP2rpf4L+UUv/E/WPWvqfpH/U0v9T+kct/U/WP2rp/2n9o5b+p+gftfT/jP5RS/9T9Y9a+p+mf9TS/3T9o5b+Z+gftfQ/U/+opf9Z+kct/c/WP2rp/1n9o5b+5+gftfQ/V/+opf/n9I9a+p+nf9TS/3z9o5b+n9c/aun/Bf2jlv4X6B+19P+i/lFL/wv1j1r6f0n/qKX/RfpHLf0v1j9q6X+J/lFL/0v1j1r6f1n/qKX/V/SPWvpfpn/U0v+r+kct/S/XP2rp/zX9o5b+V+gftfS/Uv+opf9V+kct/b+uf9TS/2r9o5b+39A/aun/Tf2jlv7f0j9q6f9t/aOW/t/RP2rp/139o5b+39M/aul/jf5RS/9r9Y9a+l+nf9TS/3r9o5b+39c/aul/g/5RS/8b9Y9a+t+kf9TS/2b9o5b+P9A/aun/Q/2jlv4/0j9q6X+L/lFL/1v1j1r636Z/1NL/dv2jlv4/1j9q6f8T/aOW/j/VP2rpf4f+UUv/n+kftfS/U/+opf/P9Y9a+v9C/6il/136Ry39f6l/1NL/V/pHLf3v1j9q6X+P/lFL/1/rH7X0v1f/qKX/b/SPWvr/Vv+opf/v9I9a+v9e/6il/x/0j1r636d/1NL/fv2jlv5/1D9q6f+A/lFL/z/pH7X0/7P+UUv/v+gftfT/q/5RS/+/6R+19P+7/lFL/wf1j1r6P6R/1NL/H/pHLf3/qX/U0v9h/aOW/o/oH7X0f1T/qKX/Y/pHLf0f1z9q6f+E/lFJ/ykG+kct/YfpH7X0H65/1NJ/Cv2jlv4j9I9a+o/UP2rpP6X+UUv/qfSPWvpPrX/U0n8a/aOW/tPqH7X0n07/qKX/9PpHLf1n0D9q6T+j/lFL/xfpH7X0n0n/qKX/i/WPWvrPrH/U0v8l+kct/V+qf9TSfxb9o5b+s+oftfSfTf+opf/s+kct/efQP2rpP6f+UUv/l+kftfR/uf5RS/+59I9a+s+tf9TS/xX6Ry3959E/aun/Sv2jlv7z6h+19J9P/6il//z6Ry39F9A/aum/oP5RS/+F9I9a+i+sf9TS/1X6Ry39X61/1NJ/Ef2jlv6v0T9q6b+o/lFL/8X0j1r6L65/1NJ/Cf2TA1v6Lzmu/1TP17BeqFr6L2X9Ry39l9Y/aum/jP5RS//X6h+19F9W/6il/3L6Ry39l9c/aum/gv5RS//X6R+19F9R/6il/+v1j1r6v0H/qKX/SvpHLf1X1j9q6b+K/lFL/1H6Ry39V9U/aum/mv5RS//V9Y9a+r9R/6il/2j9o5b+a+gftfRfU/+opf9a+kct/d+kf9TS/836Ry3919Y/aun/Fv2jlv5v1T9q6f82/aOW/m/XP2rpv47+UUv/dfWPWvqvp3/U0n99/aOW/hvoH7X031D/qKX/O/SPWvpvpH/U0v+d+kct/TfWP2rp/y79o5b+m+gftfTfVP+opf9m+kct/TfXP2rpv4X+UUv/LfWPWvpvpX/U0n9r/aOW/tvoH7X031b/qKX/dvpHLf231z9q6b+D/lFL/x31j1r6v1v/qKX/TvpHLf131j9q6b+L/lFL/131j1r676Z/1NJ/d/2jlv7v0T9q6b+H/lFL/z31j1r676V/1NL/vfpHLf3fp3/U0n9v/aOW/vvoH7X031f/qKX/fvpHLf331z9q6X+A/lFL//frH7X0/4D+UUv/A/WPWvofpH/U0v9g/aOW/h/UP2rpf4j+UUv/Q/WPWvp/SP+opf+H9Y9a+n9E/6il/2H6Ry39D9c/aul/hP5RS/+P6h+19D9S/6il/1H6Ry39j9Y/aul/jP5RS/9j9Y9a+n9M/6il/3H6Ry39P65/1NL/eP2jlv6f0D9q6f9J/aOW/ifoH7X0P1H/qKX/SfpHLf0/pX/U0v9k/aOW/p/WP2rpf4r+UUv/z+gftfQ/Vf+opf9p+kct/U/XP2rpf4b+UUv/M/WPWvqfpX/U0v9s/aOW/p/VP2rpf47+UUv/c/WPWvp/Tv+opf95+kct/c/XP2rp/3n9o5b+X9A/aul/gf5RS/8v6h+19L9Q/6il/5f0j1r6X6R/1NL/Yv2jlv6X6P8UC84w7rSl/6X6Ry39v6x/1NL/K/pHLf0v0z9q6f9V/aOW/pfrH7X0/5r+UUv/K/SPWvpfqX/U0v8q/aOW/l/XP2rpf7X+UUv/b+gftfT/pv5RS/9v6R+19P+2/lFL/+/oH7X0/67+UUv/7+kftfS/Rv+opf+1+kct/a/T/2mmLOp/vf5RS//v6x+19L9B/6il/436Ry39b9I/aul/s/5RS/8f6B+19P+h/lFL/x/pH7X0v0X/qKX/rfpHLf1v0z9q6X+7/lFL/x/rH7X0/4n+UUv/n+oftfS/Q/+opf/P9I9a+t+pf9TS/+f6Ry39f6F/1NL/Lv2jlv6/1D9q6f8r/aOW/nfrP6ERQ2da+t+jf9TS/9f6Ry3979U/aun/G/2jlv6/1T9q6f87/aOW/r/XP2rp/wf9o5b+9+kftfS/X/+opf8f9Y9a+j+gf9TS/0/6Ry39/6x/1NL/L/pHLf3/qn/U0v9v+kct/f+uf9TS/0H9o5b+D+kftfT/h/5RS/9/6h+19H9Y/6il/yP6Ry39H9U/aun/mP5RS//H9Y9a+j+hf1TSf+znHfV/upb+w/SPWvoP1z9q6T+F/lFL/xH6Ry39R+oftfSfUv+opf9U+kct/afWP2rpP43+UUv/afWPWvpPp3/U0n96/aOW/jPoH7X0n1H/qKX/i/SPWvrPpH/U0v/F+kct/WfWP2rp/xL9o5b+L9U/auk/i/5RS/9Z9Y9a+s+mf9TSf3b9o5b+c+gftfSfU/+opf/L9I9a+r9c/6il/1z6Ry3959Y/aun/Cv2jlv7z6B+19H+l/lFL/3n1j1r6z6d/1NJ/fv2jlv4L6B+19F9Q/6il/0L6Ry39F9Y/aun/Kv2jlv6v1j9q6b+I/lFL/9foH7X0X1T/qKX/YvpHLf0X1z9q6b+E/lFL/yX1j1r6L6V/1NJ/af2jlv7L6B+19H+t/lFL/2X1j1r6L6d/1NJ/ef2jlv4r6B+19H+d/lFL/xX1j1r6v17/aML+Uz3fg3kuTKL/G/SPWtb/SvpHLf1X1j9q6b+K/lFL/1H6Ry39V9U/aum/mv5RS//V9Y9a+r9R/6il/2j9o5b+a+gftfRfU/+opf9a+kct/d+kf9TS/836Ry3919Y/aun/Fv2jlv5v1T9q6f82/aOW/m/XP2rpv47+UUv/dfWPWvqvp3/U0n99/aOW/hvoH7X031D/qKX/O/SPWvpvpH/U0v+d+kct/TfWP2rp/y79o5b+m+gftfTfVP+opf9m+kct/TfXP2rpv4X+UUv/LfWPWvpvpX/U0n9r/aOW/tvoH7X031b/qKX/dvpHLf231z9q6b+D/lFL/x31j1r6v1v/qKX/TvpHLf131j9q6b+L/lFL/131j1r676Z/1NJ/d/2jlv7v0T9q6b+H/lFL/z31j1r676V/1NL/vfpHLf3fp3/U0n9v/aOW/vvoH7X037e+/8XLpmtb+u9X3z9r6b+//lFL/wP0j1r6v1//qKX/B/SPWvofqH/U0v8g/aOW/gfrH7X0/6D+UUv/Q/SPWvofqn/U0v9D+kct/T+sf9TS/yP6Ry39D9M/aul/uP5RS/8j9I9a+n9U/6il/5H6Ry39j9I/aul/tP5RS/9j9I9a+h+rf9TS/2P6Ry39j9M/aun/cf2jlv7H6x+19P+E/lFL/0/qH7X0P0H/qKX/ifpHLf1P0j9q6f8p/aOW/ifrH7X0/7T+UUv/U/SPWvp/Rv+opf+p+kct/U/TP2rpf7r+UUv/M/SPWvqfqX/U0v8s/aOW/mfrH7X0/6z+UUv/c/SPWvqfq3/U0v9z+kct/c/TP2rpf77+UUv/z+sftfT/gv5RS/8L9I9a+n9R/6il/4X6Ry39v6R/1NL/Iv2jlv4X6x+19L9E/6il/6X6Ry39v6x/1NL/K/pHLf0v0z9q6f9V/aOW/pfrH7X0/5r+UUv/K/SPWvpfqX/U0v8q/aOW/l/XP2rpf7X+UUv/b+gftfT/pv5RS/9v6R+19P+2/lFL/+/oH7X0/67+UUv/7+kftfS/Rv+opf+1+kct/a/TP2rpf73+UUv/7+sftfS/Qf+opf+N+kct/W/SP2rpf7P+UUv/H+gftfT/of5RS/8f6R+19L9F/6il/636Ry39b9M/aul/u/5RS/8f6x+19P+J/lFL/5/qH7X0v0P/qKX/z/SPWvrfqX/U0v/n+kct/X+hf9TS/y79o5b+v9Q/aun/K/2jlv536x+19L9H/6il/6/1j1r636t/1NL/N/pHLf1/q3/U0v93+kct/X+vf9TS/w/6Ry3979M/aul/v/5RS/8/6h+19H9A/6il/5/0j1r6/1n/qKX/X/SPWvr/Vf+opf/f9I9a+v9d/6il/4P6Ry39H9I/aun/D/2jlv7/1D9q6f+w/lFL/0f0j1r6P6p/1NL/Mf2jlv6P6x+19H9C/6ik/8iB/lFL/2H6Ry39h+sftfSfQv+opf8I/aOW/iP1j1r6T6l/1NJ/Kv2jlv5T6x+19J9G/6il/7T6Ry39p9M/auk/vf5RS/8Z9I9a+s+of9TS/0X6Ry39Z9I/aun/Yv2jlv4z6x+19H+J/lFL/5fqH7X0n0X/qKX/rPpHLf1n0z9q6T+7/lFL/zn0j1r6z6l/1NL/ZfpHLf1frn/U0n8u/aOW/nPrH7X0f4X+UUv/efSPWvq/Uv+opf+8+kct/efTP2rpP7/+UUv/BfSPWvovqH/U0n8h/aOW/gvrH7X0f5X+UUv/V+sftfRfRP+opf9r9I9a+i+qf9TSfzH9o5b+i+sftfRfQv+opf+S+kct/ZfSP2rpv7T+0WTff+z//DMYuYz+0WTff5yRr9U/aum/rP5RS//l9I9a+i+vf9TSfwX9o5b+r9M/aum/ov5RS//X6x+19H+D/lFL/5X0j1r6r6x/1NJ/Ff2jlv6j9I9a+q+qf9TSfzX9o5b+q+sftfR/o/5RS//R+kct/dfQP2rpv6b+UUv/tfSPWvq/Sf+opf+b9Y9a+q+tf9TS/y36Ry3936p/1NL/bfpHLf3frn/U0n8d/aOW/uvqH7X0X0//qKX/+vpHLf030D9q6b+h/lFL/3foH7X030j/qKX/O/WPWvpvrH/U0v9d+kct/TfRP2rpv6n+UUv/zfSPWvpvrn/U0n+Lp/ef+r86rheolv5bWv9RS/+t9I9a+m+tf9TSfxv9o5b+2+oftfTfTv+opf/2+kct/XfQP2rpv6P+UUv/d+sftfTfSf+opf/O+kct/XfRP2rpv6v+UUv/3fSPWvrvrn/U0v89+kct/ffQP2rpv6f+UUv/vfSPWvq/V/+opf/79I9a+u+tf9TSfx/9o5b+++oftfTfT/+opf/++kct/Q/QP2rp/379o5b+H9A/aul/oP5RS/+D9I9a+h+sf9TS/4P6Ry39D9E/aul/qP5RS/8P6R+19P+w/lFL/4/oH7X0P0z/qKX/4fpHLf2P0D9q6f9R/aOW/kfqH7X0P0r/qKX/0fpHLf2P0T9q6X+s/lFL/4/pH7X0P07/qKX/x/WPWvofr3/U0v8T+kct/T+pf9TS/wT9o5b+J+oftfQ/Sf+opf+n9I9a+p+sf9TS/9P6Ry39T9E/aun/Gf2jlv6n6h+19D9N/6il/+n6Ry39z9A/aul/pv5RS/+z9I9a+p+tf9TS/7P6Ry39z9E/aul/rv5RS//P6R+19D9P/6il//n6Ry39P69/1NL/C/pHLf0v0D9q6f9F/aOW/hfqH7X0/5L+UUv/i/SPWvpfrH/U0v8S/aOW/pfqH7X0/7L+UUv/r+gftfS/TP+opf9X9Y9a+l+uf9TS/2v6Ry39r9A/aul/pf5RS/+r9I9a+n9d/6il/9X6Ry39v6F/1NL/m/pHLf2/pX/U0v/b+kct/b+jf9TS/7v6Ry39v6d/1NL/Gv2jlv7X6h+19L9O/6il//X6Ry39v69/1NL/Bv2jlv436h+19L9J/6il/836Ry39f6B/1NL/h/pHLf1/pH/0lP7P92CeC5Pof4v+Ucv6v1X/qKX/bfpHLf1v1z9q6f9j/aOW/j/RP2rp/1P9o5b+d+gftfT/mf5RS/879Y9a+v9c/6il/y/0j1r636V/1NL/l/pHLf1/pX/U0v9u/aOW/vfoH7X0/7X+UUv/e/WPWvr/Rv+opf9v9Y9a+v9O/6il/+/1j1r6/0H/qKX/ffpHLf3v1z9q6f9H/aOW/g/oH7X0/5P+UUv/P+sftfT/i/5RS/+/6h+19P+b/lFL/7/rH7X0f1D/qKX/Q/pHLf3/oX/U0v+f+kct/R/WP2rp/4j+UUv/R/WPWvo/pn/U0v9x/aOW/k/oH5X0n3Kgf9TSf5j+UUv/4fpHLf2n0D9q6T9C/6il/0j9o5b+U+oftfSfSv+opf/U+kct/afRP2rpP63+UUv/6fSPWvpPr3/U0n8G/aOW/jPqH7X0f5H+UUv/mfSPWvq/WP+opf/M+kct/V+if9TS/6X6Ry39Z9E/auk/q/5RS//Z9I9a+s+uf9TSfw79o5b+c+oftfR/mf5RS/+X6x+19J9L/6il/9z6Ry39X6F/1NJ/Hv2jlv6v1D9q6T+v/lFL//n0j1r6z69/1NJ/Af2jlv4L6h+19F9I/6il/8L6Ry39X6V/1NL/1fpHLf0X0T9q6f8a/aOW/ovqH7X0X0z/aGz/wbDJvv/i+kct638J/aOW/kvqH7X0X0r/qKX/0vpHLf2X0T9q6f9a/aOW/svqH7X0X07/qKX/8vpHLf1X0D9q6f86/aOW/ivqH7X0f73+UUv/N+gftfRfSf+opf/K+kct/VfRP2rpP0r/qKX/qvpHLf1X0z9q6b+6/lFL/zfqH7X0H61/1NJ/Df2jlv5r6h+19F9L/6il/5v0j1r6v1n/qKX/2vpHLf3fon/U0v+t+kct/d+mf9TS/+36Ry3919E/aum/rv5RS//19I9a+q+vf9TSfwP9o5b+G+oftfR/h/5RS/+N9I9a+r9T/6il/8b6Ry3936V/1NJ/E/2jlv6b6h+19N9M/6il/+b6Ry39t9A/aum/pf5RS/+t9I9a+m+tf9TSfxv9o5b+2+oftfTfTv+opf/2+kct/XfQP2rpv6P+UUv/d+sftfTfSf+opf/O+kct/XfRP2rpv6v+UUv/3fSPWvrvrn/U0v89+kct/ffQP2rpv6f+UUv/vfSPWvq/V/+opf/79I9a+u+tf9TSfx/9o5b+++oftfTfT/+opf/++kct/Q/QP2rp/379o5b+H9A/aul/oP5RS/+D9I9a+h+sf9TS/4P6Ry39D9E/aul/qP5RS/8P6R+19P+w/lFL/4/oH7X0P0z/qKX/4fpHLf2P0D9q6f9R/aOW/kfqH7X0P0r/qKX/0fpHLf2P0T9q6X+s/lFL/4/pH7X0P07/qKX/x/WPWvofr3/U0v8T+kct/T+pf9TS/wT9o5b+J+oftfQ/Sf+opf+n9I9a+p+sf9TS/9P6Ry39T9E/miz7nzru7IT9P6N/NFn2H392wv6n6h+19D9N/6il/+n6Ry39z9A/aul/pv5RS/+z9I9a+p+tf9TS/7P6Ry39z9E/aul/rv5RS//P6R+19D9P/6il//n6Ry39P69/1NL/C/pHLf0v0D+Yavzp5N//i/pHLev/Qv2jlv5f0j9q6X+R/lFL/4v1j1r6X6J/1NL/Uv2jlv5f1j9q6f8V/aOW/pfpH7X0/6r+UUv/y/WPWvp/Tf+opf8V+kct/a/UP2rpf5X+UUv/r+sftfS/Wv+opf839I9a+n9T/6il/7f0j1r6f1v/qKX/d/SPWvp/V/+opf/39I9a+l+jf9TS/1r9o5b+1+kftfS/Xv+opf/39Y9a+t+gf9TS/0b9o5b+N+kftfS/Wf+opf8P9I9a+v9Q/6il/4/0j1r636J/1NL/Vv2jlv636R+19L9d/6il/4/1j1r6/0T/qKX/T/WPWvrfoX/U0v9n+kct/e/UP2rp/3P9o5b+v9A/aul/l/5RS/9f6h+19P+V/lFL/7v1j1r636N/1NL/1/pHLf3v1T9q6f8b/aOW/r/VP2rp/zv9o5b+v9c/aun/B/2jlv736R+19L9f/6il/x/1j1r6P6B/1NL/T/pHLf3/rH/U0v8v+kct/f+qf9TS/2/6Ry39/65/1NL/Qf2jlv4P6R+19P+H/lFL/3/qH7X0f1j/qKX/I/pHLf0f1T9q6f9Y6j/8vziuF6iW/o9b/1FL/yf0j0r6TzXQP2rpP0z/qKX/cP2jlv5T6B+19B+hf9TSf6T+UUv/KfWPWvpPpX/U0n9q/aOW/tPoH7X0n1b/qKX/dPpHLf2n1z9q6T+D/lFL/xn1j1r6v0j/qKX/TPpHLf1frH/U0n9m/aOW/i/RP2rp/1L9o5b+s+gftfSfVf+opf9s+kct/WfXP2rpP4f+UUv/OfWPWvq/TP+opf/L9Y9a+s+lf9TSf279o5b+r9A/auk/j/5RS/9X6h+19J9X/6il/3z6Ry3959c/aum/gP5RS/8F9Y9a+i+kf9TSf2H9o5b+r9I/aun/av2jlv6L6B+19H+N/lFL/0X1j1r6L6Z/1NJ/cf2jlv5L6B+19F9S/6il/1L6Ry39l9Y/aum/jP5RS//X6h+19F9W/6il/3L6Ry39l9c/aum/gv5RS//X6R9Nzv0n6D3VivpHk3P/Cdf/659d/9k2/v82sBemlv5vsP6jlv4r6R+19F9Z/6il/yr6Ry39R+kftfRfVf+opf9q+kct/VfXP2rp/0b9o5b+o/WPWvqvoX/U0n9N/aOW/mvpH7X0f5P+UUv/N+sftfRfW/+opf9b9I9a+r9V/6il/9v0j1r6v13/qKX/OvpHLf3X1T9q6b+e/lFL//X1j1r6b6B/1NJ/Q/2jlv7v0D9q6b+R/lFL/3fqH7X031j/qKX/u/SPWvpvon/U0n9T/aOW/pvpH7X031z/qKX/FvpHLf231D9q6b+V/lFL/631j1r6b6N/1NJ/W/2jlv7b6R+19N9e/6il/w76Ry39d9Q/aun/bv2jlv476R+19N9Z/6il/y76Ry39d9U/aum/m/5RS//d9Y9a+r9H/6il/x76Ry3999Q/aum/l/5RS//36h+19H+f/lFL/731j1r676N/1NJ/36f2f2K8//rwXmha+u9n/Uct/ffXP2rpf4D+UUv/9+sftfT/gP5RS/8D9Y9a+h+kf9TS/2D9o5b+H9Q/aul/iP5RS/9D9Y9a+n9I/6il/4f1j1r6f0T/wWD/p1/V0v8w/aOW/ofrH7X0P0L/qKX/R/WPWvofqX/U0v8o/aOW/kfrH7X0P0b/qKX/sfpHLf0/pn/U0v84/aOW/h/XP2rpf7z+UUv/T+gftfT/pP5RS/8T9I9a+p+of9TS/yT9o5b+n9I/aul/sv5RS/9P6x+19D9F/6il/2f0j1r6n6p/1NL/NP2jlv6n6x+19D9D/6il/5n6Ry39z9I/aul/tv5RS//P6h+19D9H/6il/7n6Ry39P6d/1NL/PP2jlv7n6x+19P+8/lFL/y/oH7X0v0D/qKX/F/WPWvpfqH/U0v9L+kct/S/SP2rpf7H+UUv/S/SPWvpfqn/U0v/L+kct/b+if9TS/zL9o5b+X9U/aul/uf5RS/+v6R+19L9C/6il/5X6Ry39r9I/aun/df2jlv5X6x+19P+G/lFL/2/qH7X0/5b+UUv/b+sftfT/jv5RS//v6h+19P+e/lFL/2v0j1r6X6t/1NL/Ov2jlv7X6x+19P++/lFL/xv0j1r636h/1NL/Jv2jlv436x+19P+B/lFL/x/qH7X0/5H+UUv/W/SPWvrfqn/U0v82/aOW/rfrH7X0/7H+UUv/n+gftfT/qf5RS/879I9a+v9M/6il/536Ry39f65/1NL/F/pHLf3v0j9q6f9L/aOW/r/SP2rpf7f+UUv/e/SPWvr/Wv+opf+9+kct/X+jf9TS/7f6Ry39f6d/1NL/9/pHLf3/oH/U0v8+/aOW/vfrH7X0/6P+UUv/B/SPWvr/Sf+opf+f9Y9a+v9F/6il/1/1j1r6/03/qKX/3/WPWvo/qH/U0v8h/aOW/v/QP2rp/0/9o5b+D+sftfR/RP+opf+j+kct/R/TP2rp/7j+UUv/J/SPSvpPPdA/auk/TP+opf9w/aOW/lPoH7X0H6F/1NJ/pP5RS/8p9Y9a+k+lf9TSf2r9o5b+0+gftfSfVv+opf90+kct/afXP2rpP4P+UUv/GfWPWvq/SP+opf9M+kct/V+sf9TSf2b9o5b+L9E/aun/Uv2jlv6z6B+19J9V/6il/2z6Ry39Z9c/auk/h/5RS/859Y9a+r9M/6il/8v1j1r6z6V/1NJ/bv2jlv6v0D9q6T+P/lFL/1fqH7X0n1f/qKX/fPpHLf3n1z9q6b+A/lFL/wX1j1r6L6R/1NJ/Yf2jlv6v0j9q6f9q/aOW/ovoH7X0f43+UUv/RfWPWvovpn/U0n9x/aOW/kvoH7X0X1L/qKX/UvpHLf2X1j9q6b+M/lFL/9fqH7X0X1b/qKX/cvpHLf2X1z9q6b+C/lFL/9fpH7X0X1H/qKX/6/WPWvq/Qf+opf9K+kct/VfWP2rpv4r+UUv/UfpHLf1X1T9q6b+a/lFL/9X1j1r6v1H/qKX/aP2jlv5r6B+19F9T/6il/1r6Ry3936R/1NL/zfpHLf3X1j9q6f8W/aOW/m/VP2rp/zb9o5b+b9c/aum/jv5RS/919Y9a+q+nf9TSf339o5b+G+gftfTfUP+opf879I9a+m+kf9TS/536Ry39N9Y/aun/Lv2jlv6b6B+19N9U/6il/2b6Ry39N9c/aum/hf5RS/8t9Y9a+m+lf9TSf2v9o5b+2+gftfTfVv+opf92+kct/bfXP2rpv4P+UUv/HfWPWvq/W/+opf9O+kct/XfWP2rpv4v+UUv/XfWPWvrvpn/U0n93/aOW/u/RP2rpv4f+UUv/PfWPWvrvpX/U0v+9+kct/d+nf9TSf2/9o5b+++gftfTfV/+opf9++kct/ffXP2rpf4D+UUv/9+sftfT/gP5RS/8D9Y9a+h+kf9TS/2D9o5b+H9Q/aul/iP5RS/9D9Y9a+n9I/6il/4f1j1r6f0T/qKX/YfpHLf0P1z9q6X+E/lFL/4/qH7X0P1L/qKX/UfpHLf2P1j9q6X+M/lFL/2P1j1r6f0z/qKX/cfpHLf0/rn/U0v94/aOW/p/QP2rp/0n9o5b+J+gftfQ/Uf+opf9J+kct/T+lf9TS/2T9o5b+n9Y/aul/iv5RS//P6B+19D9V/6il/2n6Ry39T9c/aul/hv5RS/8z9Y9a+p+lf9TS/2z9o5b+n9U/aul/jv5RS/9z9Y9a+n9O/6il/3n6Ry39z9c/aun/ef2fZoWRPf2/oH/U0v8C/aOW/l/UP2rpf6H+UUv/L+kftfS/SP+opf/F+kct/S/RP2rpf6n+UUv/L+sftfT/iv5RS//L9I9a+n9V/6il/+X6Ry39v6Z/1NL/Cv2jlv5X6h+19L9K/6il/9f1j1r6X61/1NL/G/pHLf2/qX/U0v9b+kct/b+tf9TS/zv6Ry39v6t/1NL/e/pHLf2v0T9q6X+t/lFL/+v0j1r6X69/1NL/+/pHLf1v0D9q6X+j/lFL/5v0j1r636x/1NL/B/pHLf1/qH/U0v9H+kct/W/RP2rpf6v+UUv/2/SPWvrfrn/U0v/H+kct/X+if9TS/6f6Ry3979A/aun/M/2jlv536h+19P+5/lFL/1/oH7X0v0v/qKX/L/WPWvr/Sv+opf/d+kct/e/RP2rp/2v9o5b+9+oftfT/jf5RS//f6h+19P+d/lFL/9/rH7X0/4P+UUv/+/SPWvrfX9T/rkOe/bYt/f9Y1P/f0dL/Af2jlv5/0j9q6f9n/aOW/n/RP2rp/1f9o5b+f9M/aun/d/2jlv4P6h+19H9I/6il/z/0j1r6/1P/qKX/w/pHLf0f0T9q6f+o/lFL/8f0j1r6P65/1NL/Cf2jkv7TDPSPWvoP0z9q6T9c/6il/xT6Ry39R+gftfQfqX/U0n9K/aOW/lPpH7X0n1r/qKX/NPpHLf2n1T9q6T+d/lFL/+n1j1r6z6B/1NJ/Rv2jlv4v0j9q6T+T/lFL/xfrH7X0n1n/qKX/S/SPWvq/VP+opf8s+kct/WfVP2rpP5v+UUv/2fWPWvrPoX/U0n9O/aOW/i/TP2rp/3L9o5b+c+kftfSfW/+opf8r9I9a+s+jf9TS/5X6Ry3959U/auk/n/5RS//59Y9a+i+gf9TSf0H9o5b+C+kftfRfWP+opf+r9I9a+r9a/6il/yL6Ry39X6N/1NJ/Uf2jlv6L6R+19F9c/2iy6w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cEACAAAAIOj/63YECgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcFAAD//zAxKoE=") execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) 10.614676903s ago: executing program 4 (id=5489): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000680)=@base={0xa, 0x16, 0xb4, 0x3}, 0x50) r2 = openat$cgroup_devices(r1, 0x0, 0x2, 0x0) write$cgroup_devices(r2, &(0x7f00000003c0)={'b', ' *:* ', 'r\x00'}, 0x8) write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:4\tw'], 0xa) write$cgroup_devices(r2, &(0x7f0000000580)={'a', ' *:* ', 'w\x00'}, 0x8) 9.599611114s ago: executing program 7 (id=5494): r0 = memfd_create(0x0, 0x3) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x74) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) fcntl$addseals(0xffffffffffffffff, 0x409, 0x8) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000300)) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9) close_range(r3, 0xffffffffffffffff, 0x0) 6.59046638s ago: executing program 6 (id=5496): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @remote, 'vcan0\x00'}}, 0x1e) sendmmsg$sock(r0, &(0x7f0000001c00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="63d0947501ae9e40f114311c54c5e3a7bf8d89265504452eebef57e11c005a1169ea736144a578e0a5c7e020bfaa3fc947ec88bae22e1d29276ed3cffa04", 0x3e}, {&(0x7f0000000180)="0e18076fdcc0a26900af", 0xa}], 0x2}}], 0x2, 0x4c881) 6.424489825s ago: executing program 7 (id=5497): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0x0, 0xb5, 0x3, 0xeffffdff, 0x0, [{0x0, 0x80}, {0x19, 0x5, 0x8, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0x0, 0x3, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0x9}, {}, {0x0, 0x85, 0xbe}, {0x0, 0x6, 0x4}, {0x0, 0x8, 0x0, '\x00', 0xff}, {0x8, 0x6, 0xfe, '\x00', 0x42}, {0x0, 0x2, 0x0, '\x00', 0x4}, {0x0, 0x50}, {0x8b, 0x0, 0x4, '\x00', 0x3}, {0x1, 0x4e}, {0x2, 0x2, 0x4, '\x00', 0xfe}, {0x0, 0x80}, {0x80, 0x0, 0x4, '\x00', 0x4}, {0x0, 0x0, 0x0, '\x00', 0xdd}, {0x1, 0x3, 0x5d, '\x00', 0x3}, {0x80, 0x0, 0x0, '\x00', 0x5}, {0x5, 0x4}, {0x0, 0x40, 0x0, '\x00', 0x70}, {0x1, 0x0, 0xfe, '\x00', 0xe}, {0x10, 0x83, 0xe, '\x00', 0xd}]}}) 6.19791229s ago: executing program 8 (id=5498): r0 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r0, 0x3518, 0xaddf, 0x2, 0x0, 0x0) 6.195312177s ago: executing program 6 (id=5499): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) r2 = io_uring_setup(0x2237, &(0x7f0000000880)={0x0, 0xfffffffc, 0x3018, 0x3, 0x221, 0x0, r1}) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000), 0x0}, 0x20) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f00000000c0)={0x7ff, 0x2, 0x7, 0x5, 0x7}) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000c40)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x4f33}, 0x18) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r7 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r7], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4004000) 6.019734036s ago: executing program 4 (id=5500): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4138ae84, &(0x7f0000000240)=@x86={0x49, 0x3c, 0x5, 0x0, 0x401, 0x0, 0x4, 0x7f, 0xd, 0x6, 0x7, 0x2, 0x0, 0x200, 0x7, 0x1, 0x5, 0xc, 0x9, '\x00', 0x0, 0x100000001}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.763989875s ago: executing program 5 (id=5501): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000005c0), 0x10) recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000940)=[{0x0}], 0x1}, 0x9}, {{&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/213, 0xd5}, {&(0x7f0000000380)=""/226, 0xe2}], 0x2}, 0x9}], 0x2, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0) 5.577606944s ago: executing program 7 (id=5502): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sysinfo(&(0x7f0000000000)=""/196) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r1, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x14, "3eccd8fd0000000000000010000000040100"}) 5.495723818s ago: executing program 8 (id=5503): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}}) 5.367584125s ago: executing program 4 (id=5504): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0x0, 0xb5, 0x3, 0xeffffdff, 0x0, [{0x0, 0x80}, {0x19, 0x5, 0x8, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0x0, 0x3, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0x9}, {}, {0x0, 0x85, 0xbe}, {0x0, 0x6, 0x4}, {0x0, 0x8, 0x0, '\x00', 0xff}, {0x8, 0x6, 0xfe, '\x00', 0x42}, {0x0, 0x2, 0x0, '\x00', 0x4}, {0x0, 0x50}, {0x8b, 0x0, 0x4, '\x00', 0x3}, {0x1, 0x4e}, {0x2, 0x2, 0x4, '\x00', 0xfe}, {0x0, 0x80}, {0x80, 0x0, 0x4, '\x00', 0x4}, {0x0, 0x0, 0x0, '\x00', 0xdd}, {0x1, 0x3, 0x5d, '\x00', 0x3}, {0x80, 0x0, 0x0, '\x00', 0x5}, {0x5, 0x4}, {0x0, 0x40, 0x0, '\x00', 0x70}, {0x1, 0x0, 0xfe, '\x00', 0xe}, {0x10, 0x83, 0xe, '\x00', 0xd}]}}) 5.357270472s ago: executing program 7 (id=5505): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x0) 4.963494708s ago: executing program 6 (id=5506): socket$nl_generic(0x10, 0x3, 0x10) openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) r0 = syz_io_uring_setup(0x10f, 0x0, &(0x7f0000000240)=0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x17, 0x1}) io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0) r2 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240048c1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r4, 0x4) sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc) r5 = getpid() sched_setscheduler(r5, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe0000000071105000000000001d300200000000004704000001"], 0x0}, 0x94) r6 = socket$inet6(0xa, 0x3, 0x38) writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xf338}], 0x1) read$FUSE(0xffffffffffffffff, &(0x7f0000004480)={0x2020}, 0x2020) 3.095581495s ago: executing program 7 (id=5507): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3a8, 0x200, 0x43, 0xa0, 0x0, 0x98, 0x310, 0x178, 0x178, 0x310, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}, {0xff}, 0x9}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x0, 0x4, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}, {[{}, {0xe}], 0x656f58eaf9a1c793}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x0, 0x0, 0x6, 0x4, 0x1, 0x5], 0x11, 0x2}, {0x4, [0x1, 0x1, 0x1, 0x0, 0x0, 0x1], 0x5, 0x4}}}}, {{@uncond, 0x0, 0xe0, 0x110, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x2}}, @common=@unspec=@connlimit={{0x40}, {[0xffffff00, 0xff, 0xffffff00, 0xff000000], 0x3, 0x1, {0x4413}}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x5, 0x8}, {0x1, 0x4, 0x5}, 0xb}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x408) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) r3 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88) 3.02928086s ago: executing program 5 (id=5508): r0 = socket$inet_udp(0x2, 0x2, 0x0) capset(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x108) 2.974995031s ago: executing program 4 (id=5509): r0 = memfd_create(0x0, 0x3) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[], 0x78) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x74) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0) fcntl$addseals(0xffffffffffffffff, 0x409, 0x8) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000540)=0x9) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x3) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e) close_range(r3, 0xffffffffffffffff, 0x0) 2.925032567s ago: executing program 6 (id=5510): r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50) syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, r3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) io_submit(r5, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r4, &(0x7f0000000180)='\x00', 0xfdfe}]) dup3(r0, r1, 0x6700000000000000) 2.906178008s ago: executing program 8 (id=5511): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r2, r1, 0x0, 0x1, &(0x7f00000000c0)='\x00'}, 0x30) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r3 = timerfd_create(0x0, 0x0) timerfd_settime(r3, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) ioctl$F2FS_IOC_COMPRESS_FILE(0xffffffffffffffff, 0xf518, 0x0) 2.128436236s ago: executing program 7 (id=5512): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = fsopen(0x0, 0x1) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) fchdir(r5) syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00') r6 = fanotify_init(0x0, 0x80000) open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x50) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000240)={r3, r5}, 0xc) r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) ioctl$EVIOCSFF(r7, 0x40304580, &(0x7f0000000b40)={0x56, 0x0, 0x8, {0x80c, 0x1}, {0x45, 0x400}, @rumble={0xdd, 0x8}}) write$char_usb(r7, &(0x7f0000000040)="e2", 0x2250) ioctl$EVIOCGKEY(r7, 0x80404518, 0x0) readv(r6, &(0x7f0000000100)=[{&(0x7f0000000040)=""/175, 0xaf}], 0x1) 2.056206157s ago: executing program 5 (id=5513): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000001480)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)=@newtfilter={0xac, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x7c, 0x2, [@TCA_FLOWER_ACT={0x70, 0x3, [@m_connmark={0x6c, 0x1, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x5, 0x5, 0x7, 0x6, 0x12f8000}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x10000, 0x8, 0x1, 0x2, 0x5}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x12}]}}]}, 0xac}}, 0x24000000) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0xe4) 1.774548115s ago: executing program 6 (id=5514): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) accept(r0, 0x0, 0x0) getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) close(0x4) 972.434589ms ago: executing program 4 (id=5515): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sysinfo(&(0x7f0000000000)=""/196) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TCSETS(r1, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x14, "3eccd8fd0000000000000010000000040100"}) 329.554015ms ago: executing program 5 (id=5516): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0) r2 = io_uring_setup(0x2237, &(0x7f0000000880)={0x0, 0xfffffffc, 0x3018, 0x3, 0x221, 0x0, r1}) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000), 0x0}, 0x20) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f00000000c0)={0x7ff, 0x2, 0x7, 0x5, 0x7}) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) select(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000c40)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e60000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x4f33}, 0x18) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r7 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r7], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4004000) 189.196753ms ago: executing program 4 (id=5517): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 6 (id=5518): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000005c0), 0x10) recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000940)=[{0x0}, {0x0}], 0x2}, 0x9}, {{&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/213, 0xd5}, {&(0x7f0000000380)=""/226, 0xe2}], 0x2}, 0x9}], 0x2, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0) kernel console output (not intermixed with test programs): 280][T17123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1539.410636][T17123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1540.482873][T17123] team0: Port device team_slave_0 added [ 1540.529457][T17123] team0: Port device team_slave_1 added [ 1540.654567][T17186] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3837'. [ 1540.665337][T17185] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3837'. [ 1540.683045][T17185] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3837'. [ 1541.452643][ T49] Bluetooth: hci2: command tx timeout [ 1542.567546][T17123] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1542.575000][T17123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1542.601821][T17123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1542.713582][ T49] Bluetooth: hci0: Malformed LE Event: 0x1d [ 1542.736199][T17123] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1542.743477][T17123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1542.769932][T17123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1543.019210][T17123] hsr_slave_0: entered promiscuous mode [ 1543.034607][T17123] hsr_slave_1: entered promiscuous mode [ 1543.042855][T17123] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1543.050556][T17123] Cannot create hsr debugfs directory [ 1543.172177][ T30] audit: type=1326 audit(1751352531.063:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17194 comm="syz.5.3845" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f208a18e929 code=0x0 [ 1543.461398][T17200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1543.551482][ T49] Bluetooth: hci2: command tx timeout [ 1544.270257][T17123] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1544.291775][T17123] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1544.313375][T17123] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1544.336278][T17123] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1544.969848][T17214] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3851'. [ 1545.488224][T17123] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1545.642353][T17123] 8021q: adding VLAN 0 to HW filter on device team0 [ 1545.814123][ T3569] bridge0: port 1(bridge_slave_0) entered blocking state [ 1545.821769][ T3569] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1545.865106][T10477] bridge0: port 2(bridge_slave_1) entered blocking state [ 1545.872746][T10477] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1547.341383][T17235] loop4: detected capacity change from 0 to 512 [ 1547.500460][ T30] audit: type=1326 audit(1751352535.383:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17236 comm="syz.7.3859" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x0 [ 1547.613064][T17235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1547.615272][T17243] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3860'. [ 1547.626419][T17235] ext4 filesystem being mounted at /114/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1547.669492][T17123] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1547.703585][T17241] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1547.843676][ T30] audit: type=1800 audit(1751352535.743:1221): pid=17235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3858" name="bus" dev="loop4" ino=19 res=0 errno=0 [ 1548.107615][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1548.349875][T17250] netlink: 'syz.4.3862': attribute type 4 has an invalid length. [ 1549.665735][T17274] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3870'. [ 1549.702734][T17123] veth0_vlan: entered promiscuous mode [ 1549.769557][T17123] veth1_vlan: entered promiscuous mode [ 1549.999465][T17123] veth0_macvtap: entered promiscuous mode [ 1550.031703][T17123] veth1_macvtap: entered promiscuous mode [ 1550.134667][T17123] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1550.247473][T17278] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1550.283383][T17123] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1550.341499][T17123] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1550.351987][T17123] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1550.352993][T17280] netlink: 'syz.8.3873': attribute type 4 has an invalid length. [ 1550.360880][T17123] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1550.378640][T17123] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1551.637305][ T30] audit: type=1326 audit(1751352539.533:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17289 comm="syz.8.3876" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84fab8e929 code=0x0 [ 1551.831031][T17296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1553.355040][T17314] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3882'. [ 1554.518312][T17324] netlink: 'syz.8.3885': attribute type 4 has an invalid length. [ 1557.403182][T17342] overlayfs: failed to clone upperpath [ 1558.007439][ T30] audit: type=1326 audit(1751352545.913:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17345 comm="syz.8.3891" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84fab8e929 code=0x0 [ 1558.250764][T17348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1558.527275][ T7601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1558.535493][ T7601] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1558.642916][T17350] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3892'. [ 1558.795952][ T8260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1558.807952][ T8260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1559.511152][T17354] loop6: detected capacity change from 0 to 1024 [ 1559.704826][T17354] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1559.717746][T17354] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1559.992904][ T30] audit: type=1800 audit(1751352547.903:1224): pid=17354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3820" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 1560.051769][T17361] netlink: 'syz.7.3895': attribute type 4 has an invalid length. [ 1560.559356][T17123] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1560.966199][T17375] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3902'. [ 1561.096656][T17374] loop6: detected capacity change from 0 to 2048 [ 1561.150862][T17374] EXT4-fs: Ignoring removed mblk_io_submit option [ 1561.162591][T17374] EXT4-fs: Ignoring removed i_version option [ 1561.240832][T17374] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1561.798755][T17123] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1562.237141][ T49] Bluetooth: hci2: unknown advertising packet type: 0x65 [ 1562.237263][ T49] Bluetooth: hci2: Dropping invalid advertising data [ 1562.251714][ T49] Bluetooth: hci2: Malformed LE Event: 0x02 [ 1562.338430][T17394] loop7: detected capacity change from 0 to 1024 [ 1562.431393][T17394] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1562.444490][T17394] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1562.504391][ T30] audit: type=1800 audit(1751352550.413:1225): pid=17394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3910" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1563.545315][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1565.695822][T17409] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3915'. [ 1568.379048][T17401] Set syz1 is full, maxelem 65536 reached [ 1569.175253][T17411] ALSA: mixer_oss: invalid OSS volume '' [ 1569.381167][T17417] syz.6.3916 (17417): drop_caches: 2 [ 1571.443150][T17441] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3929'. [ 1574.576048][ T49] Bluetooth: hci0: Malformed LE Event: 0x1d [ 1575.021938][ T30] audit: type=1326 audit(1751352562.903:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.4.3941" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x0 [ 1575.174698][T17471] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1575.289189][T17475] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3942'. [ 1576.098718][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1579.593661][ T49] Bluetooth: hci2: Malformed LE Event: 0x1d [ 1580.004390][T17504] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3953'. [ 1580.013950][T17504] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3953'. [ 1581.229290][T17509] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3955'. [ 1581.863182][T17512] loop6: detected capacity change from 0 to 32768 [ 1581.871205][T17512] XFS: ikeep mount option is deprecated. [ 1581.945149][T17512] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1582.176359][T17512] XFS (loop6): Ending clean mount [ 1582.226128][T17512] XFS (loop6): Quotacheck needed: Please wait. [ 1582.295980][T17512] XFS (loop6): Quotacheck: Done. [ 1582.378869][T17123] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1586.258132][T17551] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3969'. [ 1586.929441][T17552] loop6: detected capacity change from 0 to 32768 [ 1586.937648][T17552] XFS: ikeep mount option is deprecated. [ 1587.009473][T17552] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1587.129962][ T30] audit: type=1326 audit(1751352575.023:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17562 comm="syz.5.3971" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f208a18e929 code=0x0 [ 1587.361227][T17564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1587.436629][T17552] XFS (loop6): Ending clean mount [ 1587.456776][T17552] XFS (loop6): Quotacheck needed: Please wait. [ 1587.503184][T17552] XFS (loop6): Quotacheck: Done. [ 1587.659832][T17123] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1587.926529][T17574] loop4: detected capacity change from 0 to 1024 [ 1587.995596][T17574] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1588.008522][T17574] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1588.111109][ T30] audit: type=1800 audit(1751352576.013:1228): pid=17574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3973" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1588.759427][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1589.184556][T17597] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3982'. [ 1589.482550][T15506] usb 7-1: new full-speed USB device number 20 using dummy_hcd [ 1589.632431][T15506] usb 7-1: device descriptor read/64, error -71 [ 1589.647691][ T49] Bluetooth: hci0: Malformed LE Event: 0x1d [ 1589.792154][ T30] audit: type=1326 audit(1751352577.693:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17609 comm="syz.8.3989" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84fab8e929 code=0x0 [ 1589.873626][T15506] usb 7-1: new full-speed USB device number 21 using dummy_hcd [ 1590.027175][T15506] usb 7-1: device descriptor read/64, error -71 [ 1590.048891][T17615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1590.148586][T15506] usb usb7-port1: attempt power cycle [ 1590.496223][T15506] usb 7-1: new full-speed USB device number 22 using dummy_hcd [ 1590.525227][T15506] usb 7-1: device descriptor read/8, error -71 [ 1590.611651][T17626] x_tables: duplicate underflow at hook 1 [ 1590.782055][T15506] usb 7-1: new full-speed USB device number 23 using dummy_hcd [ 1590.817291][T15506] usb 7-1: device descriptor read/8, error -71 [ 1590.939686][T15506] usb usb7-port1: unable to enumerate USB device [ 1591.123243][T17631] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3996'. [ 1591.202741][ T49] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 1591.211305][ T49] Bluetooth: hci0: Injecting HCI hardware error event [ 1591.219882][T14192] Bluetooth: hci0: hardware error 0x00 [ 1591.699201][T17641] random: crng reseeded on system resumption [ 1592.292250][ T5849] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 1592.497991][ T5849] usb 5-1: config 0 has an invalid interface number: 106 but max is 0 [ 1592.507312][ T5849] usb 5-1: config 0 has no interface number 0 [ 1592.513883][ T5849] usb 5-1: config 0 interface 106 has no altsetting 0 [ 1592.609945][ T5849] usb 5-1: New USB device found, idVendor=413c, idProduct=8217, bcdDevice=b2.59 [ 1592.620044][ T5849] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1592.632165][ T5849] usb 5-1: Product: syz [ 1592.636568][ T5849] usb 5-1: Manufacturer: syz [ 1592.641391][ T5849] usb 5-1: SerialNumber: syz [ 1592.673898][ T5849] usb 5-1: config 0 descriptor?? [ 1592.836949][ T30] audit: type=1326 audit(1751352580.743:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17661 comm="syz.6.4009" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x0 [ 1592.929210][ T5849] usb 5-1: USB disconnect, device number 6 [ 1593.117836][T17663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1593.282267][T14192] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1595.679954][T17714] random: crng reseeded on system resumption [ 1595.711916][T14192] Bluetooth: hci2: Unable to find connection for big 0x00 [ 1596.600807][ T30] audit: type=1326 audit(1751352584.493:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17722 comm="syz.5.4033" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f208a18e929 code=0x0 [ 1596.704703][T17725] random: crng reseeded on system resumption [ 1596.888819][T17727] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1597.453496][T17736] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4037'. [ 1599.027056][T17755] random: crng reseeded on system resumption [ 1600.526774][ T30] audit: type=1326 audit(1751352588.433:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17771 comm="syz.6.4052" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x0 [ 1600.836187][T17778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1601.982969][T17792] random: crng reseeded on system resumption [ 1604.027165][T17816] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4071'. [ 1604.512237][ T30] audit: type=1326 audit(1751352592.393:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17820 comm="syz.8.4073" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84fab8e929 code=0x0 [ 1604.718414][T17825] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1604.852993][T17828] random: crng reseeded on system resumption [ 1604.942379][T17830] random: crng reseeded on system resumption [ 1605.768766][T17843] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4082'. [ 1605.992965][T17846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4084'. [ 1608.245676][T17878] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4096'. [ 1608.756806][T17881] loop6: detected capacity change from 0 to 32768 [ 1608.813349][T17881] jfs_mount: dbMount failed w/rc = -22 [ 1608.819670][T17881] Mount JFS Failure: -22 [ 1608.824364][T17881] jfs_mount failed w/return code = -22 [ 1609.132286][T17882] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4098'. [ 1609.185390][T17881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4097'. [ 1609.199812][T17881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4097'. [ 1611.967973][T17901] random: crng reseeded on system resumption [ 1615.286121][T17914] loop4: detected capacity change from 0 to 32768 [ 1615.329437][T17914] jfs_mount: dbMount failed w/rc = -22 [ 1615.336390][T17914] Mount JFS Failure: -22 [ 1615.340747][T17914] jfs_mount failed w/return code = -22 [ 1615.708941][T17914] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4109'. [ 1615.752500][T17914] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4109'. [ 1616.952330][T17918] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4111'. [ 1618.052624][T17925] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4114'. [ 1621.958819][T17954] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4125'. [ 1623.114269][T17968] random: crng reseeded on system resumption [ 1626.091881][ T2061] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 1626.322221][ T2061] usb 7-1: Using ep0 maxpacket: 16 [ 1626.375916][ T2061] usb 7-1: config 1 interface 0 altsetting 4 bulk endpoint 0x1 has invalid maxpacket 16 [ 1626.387548][ T2061] usb 7-1: config 1 interface 0 has no altsetting 0 [ 1626.469352][ T2061] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1626.478746][ T2061] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1626.488456][ T2061] usb 7-1: Product: syz [ 1626.493178][ T2061] usb 7-1: Manufacturer: syz [ 1626.497951][ T2061] usb 7-1: SerialNumber: syz [ 1626.639329][T17985] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1626.923965][ T2061] usb 7-1: USB disconnect, device number 24 [ 1627.555869][T17991] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4139'. [ 1629.067697][T18010] random: crng reseeded on system resumption [ 1630.963683][T18019] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4150'. [ 1631.013167][T18019] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4150'. [ 1631.700951][T18026] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4153'. [ 1632.190707][T18035] random: crng reseeded on system resumption [ 1636.711384][T18090] loop7: detected capacity change from 0 to 1024 [ 1636.999529][T18090] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1637.012454][T18090] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1637.103457][ T30] audit: type=1800 audit(1751352625.013:1234): pid=18090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4176" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1637.553135][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1637.640383][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1640.681241][T18126] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4190'. [ 1643.766433][T18146] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4198'. [ 1643.781112][T18146] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4198'. [ 1644.292834][T18153] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4201'. [ 1649.660721][T18177] loop7: detected capacity change from 0 to 32768 [ 1649.725996][T18177] jfs_mount: dbMount failed w/rc = -22 [ 1649.733441][T18177] Mount JFS Failure: -22 [ 1649.737817][T18177] jfs_mount failed w/return code = -22 [ 1650.147270][T18177] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4210'. [ 1650.190354][T18177] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4210'. [ 1652.421732][ T8255] unregister_netdevice: waiting for lo to become free. Usage count = 2 [ 1652.431073][ T8255] ref_tracker: lo@ffff888052480558 has 1/1 users at [ 1652.431073][ T8255] dst_init+0x101/0x370 [ 1652.431073][ T8255] dst_alloc+0x1f2/0x250 [ 1652.431073][ T8255] ip_route_input_rcu+0x349e/0x4a70 [ 1652.431073][ T8255] ip_route_input_noref+0x6f/0xb0 [ 1652.431073][ T8255] ip_rcv_finish_core+0x7c6/0x2070 [ 1652.431073][ T8255] ip_rcv_finish+0x2e3/0x570 [ 1652.431073][ T8255] ip_rcv+0xcb/0x380 [ 1652.431073][ T8255] __netif_receive_skb+0x312/0xac0 [ 1652.431073][ T8255] netif_receive_skb+0x57/0x630 [ 1652.431073][ T8255] tun_rx_batched+0x1df/0x980 [ 1652.431073][ T8255] tun_get_user+0x4ee0/0x6b40 [ 1652.431073][ T8255] tun_chr_write_iter+0x3e9/0x5c0 [ 1652.431073][ T8255] vfs_write+0xb4b/0x1580 [ 1652.431073][ T8255] __x64_sys_write+0x1fb/0x4d0 [ 1652.431073][ T8255] x64_sys_call+0x38c3/0x3db0 [ 1652.431073][ T8255] do_syscall_64+0xd9/0x210 [ 1652.431073][ T8255] [ 1652.710177][T15506] usb 8-1: new full-speed USB device number 16 using dummy_hcd [ 1652.941081][T15506] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1653.128694][T15506] usb 8-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 1653.138369][T15506] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1653.146609][T15506] usb 8-1: Product: syz [ 1653.150899][T15506] usb 8-1: Manufacturer: syz [ 1653.155681][T15506] usb 8-1: SerialNumber: syz [ 1653.363936][T15506] usb 8-1: config 0 descriptor?? [ 1653.635956][T18188] xt_hashlimit: size too large, truncated to 1048576 [ 1660.482446][ T49] Bluetooth: hci2: command 0x0406 tx timeout [ 1662.089476][ T2061] usb 8-1: USB disconnect, device number 16 [ 1662.871405][T18261] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in; [ 1662.871405][T18261] program syz.4.4244 not setting count and/or reply_len properly [ 1663.808706][T18275] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4250'. [ 1664.662752][T18289] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4253'. [ 1664.685033][T18289] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1664.693055][T18289] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1664.717254][T18289] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1664.725991][T18289] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1669.629904][T18312] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4263'. [ 1669.861760][ T2061] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1670.090996][ T2061] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1670.102307][ T2061] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1670.112747][ T2061] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1670.223856][ T2061] usb 5-1: config 0 descriptor?? [ 1670.490558][ T2061] usbhid 5-1:0.0: can't add hid device: -71 [ 1670.497455][ T2061] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1670.607726][ T2061] usb 5-1: USB disconnect, device number 7 [ 1671.752643][ T2061] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1671.786089][T18316] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4265'. [ 1671.810850][T18316] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4265'. [ 1671.962497][ T2061] usb 5-1: Using ep0 maxpacket: 16 [ 1671.998223][ T2061] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1672.009624][ T2061] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 1672.018956][ T2061] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1672.088142][ T2061] usb 5-1: config 0 descriptor?? [ 1672.617285][ T2061] kye 0003:0458:5016.000A: control desc unexpectedly large [ 1672.672751][ T2061] input: HID 0458:5016 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5016.000A/input/input9 [ 1672.853166][ T2061] input: HID 0458:5016 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5016.000A/input/input10 [ 1673.003677][ T2061] kye 0003:0458:5016.000A: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.4-1/input0 [ 1673.393800][ T2061] usb 5-1: USB disconnect, device number 8 [ 1674.914449][T18337] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4274'. [ 1676.330978][T18343] loop4: detected capacity change from 0 to 32768 [ 1676.442750][T18343] jfs_mount: dbMount failed w/rc = -22 [ 1676.449214][T18343] Mount JFS Failure: -22 [ 1676.457126][T18343] jfs_mount failed w/return code = -22 [ 1677.913671][T18343] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4276'. [ 1677.935979][T18343] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4276'. [ 1678.589879][T18366] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4286'. [ 1680.751419][T18383] loop4: detected capacity change from 0 to 32768 [ 1680.846520][T18383] jfs_mount: dbMount failed w/rc = -22 [ 1680.852724][T18383] Mount JFS Failure: -22 [ 1680.860330][T18383] jfs_mount failed w/return code = -22 [ 1681.292725][T18383] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4293'. [ 1681.310899][T18383] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4293'. [ 1684.700328][T18415] loop4: detected capacity change from 0 to 32768 [ 1684.766062][T18415] jfs_mount: dbMount failed w/rc = -22 [ 1684.773230][T18415] Mount JFS Failure: -22 [ 1684.777692][T18415] jfs_mount failed w/return code = -22 [ 1685.152576][T18415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4307'. [ 1685.188057][T18415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4307'. [ 1685.764287][T18427] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1685.771864][T18427] IPv6: NLM_F_CREATE should be set when creating new route [ 1686.063262][T18430] netlink: 'syz.4.4311': attribute type 13 has an invalid length. [ 1686.125448][T18433] loop7: detected capacity change from 0 to 1024 [ 1686.300204][T18433] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1686.312870][T18433] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1686.507172][T18432] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 1686.630846][ T30] audit: type=1800 audit(1751352674.443:1235): pid=18433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4313" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1686.667754][T18442] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4316'. [ 1686.698149][T18430] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1686.776588][T18442] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1686.918028][T18444] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1686.927076][T18444] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1686.942589][T18444] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 1686.968423][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1687.154568][T18442] macvlan2: entered promiscuous mode [ 1687.160138][T18442] macvlan2: entered allmulticast mode [ 1687.168675][T18442] bond1: entered promiscuous mode [ 1687.176647][T18442] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1687.251897][T18442] bond1: left promiscuous mode [ 1689.479159][T18457] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4321'. [ 1689.525718][T18457] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4321'. [ 1693.329701][T18488] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4332'. [ 1693.356310][T18488] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4332'. [ 1695.598378][T18506] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4340'. [ 1695.647554][T18506] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1696.783598][T18513] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4343'. [ 1696.802440][T18513] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4343'. [ 1698.235609][T18539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4353'. [ 1698.316259][T18536] sp0: Synchronizing with TNC [ 1698.988314][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1699.543442][T18544] loop4: detected capacity change from 0 to 32768 [ 1699.600808][T18544] jfs_mount: dbMount failed w/rc = -22 [ 1699.607735][T18544] Mount JFS Failure: -22 [ 1699.612305][T18544] jfs_mount failed w/return code = -22 [ 1699.996324][T18544] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4355'. [ 1700.014930][T18544] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4355'. [ 1700.293054][T18548] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4356'. [ 1700.810892][T18551] loop4: detected capacity change from 0 to 1024 [ 1700.898086][T18551] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1700.910636][T18551] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1700.976100][ T30] audit: type=1800 audit(1751352688.883:1236): pid=18551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4358" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1701.413919][T18558] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 1701.670250][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1702.012995][ T5849] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 1702.144674][T18568] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4365'. [ 1702.665461][ T5849] usb 8-1: config 0 has no interfaces? [ 1702.730434][ T5849] usb 8-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 1702.740174][ T5849] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1702.748451][ T5849] usb 8-1: Product: syz [ 1702.753129][ T5849] usb 8-1: Manufacturer: syz [ 1702.757849][ T5849] usb 8-1: SerialNumber: syz [ 1702.930451][ T5849] usb 8-1: config 0 descriptor?? [ 1703.069752][T18576] sp0: Synchronizing with TNC [ 1703.557702][T18586] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4370'. [ 1703.609687][T18564] program syz.7.4362 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1703.643916][T18564] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1704.533215][T18601] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4377'. [ 1704.964350][T18606] mac80211_hwsim hwsim46 wlan0: entered promiscuous mode [ 1707.720181][T18636] loop4: detected capacity change from 0 to 1024 [ 1707.807293][T18636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1707.819930][T18636] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1707.871882][ T30] audit: type=1800 audit(1751352695.773:1237): pid=18636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4390" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1708.297830][T18642] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4391'. [ 1708.518152][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1710.701344][T15506] usb 8-1: USB disconnect, device number 17 [ 1711.072896][T18668] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4399'. [ 1712.101821][T15506] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 1712.329344][T15506] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1712.340975][T15506] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1712.350376][T15506] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1712.428884][T15506] usb 8-1: config 0 descriptor?? [ 1712.820254][T15506] usbhid 8-1:0.0: can't add hid device: -71 [ 1712.827186][T15506] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1713.272202][T15506] usb 8-1: USB disconnect, device number 18 [ 1715.371749][T15506] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 1716.821454][T18681] Set syz1 is full, maxelem 65536 reached [ 1718.019027][ T5849] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1718.092285][ T5849] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1726.176713][T18725] Set syz1 is full, maxelem 65536 reached [ 1726.291986][ T30] audit: type=1326 audit(1751352714.113:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.314855][ T30] audit: type=1326 audit(1751352714.113:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.338933][ T30] audit: type=1326 audit(1751352714.113:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.361855][ T30] audit: type=1326 audit(1751352714.113:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.384676][ T30] audit: type=1326 audit(1751352714.113:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.407433][ T30] audit: type=1326 audit(1751352714.113:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.431036][ T30] audit: type=1326 audit(1751352714.113:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.453992][ T30] audit: type=1326 audit(1751352714.113:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.476656][ T30] audit: type=1326 audit(1751352714.113:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1726.499392][ T30] audit: type=1326 audit(1751352714.113:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18729 comm="syz.6.4423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 1727.637628][T18747] loop4: detected capacity change from 0 to 1024 [ 1727.862758][T18747] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1727.875829][T18747] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1728.415297][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1729.107562][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88805256c400: rx timeout, send abort [ 1729.608352][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88805256cc00: rx timeout, send abort [ 1729.621737][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88805256c400: abort rx timeout. Force session deactivation [ 1730.117342][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88805256cc00: abort rx timeout. Force session deactivation [ 1730.149527][T18783] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1731.307286][T18794] loop4: detected capacity change from 0 to 1024 [ 1731.476805][T18794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1731.490266][T18794] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1731.627907][ T30] kauditd_printk_skb: 67 callbacks suppressed [ 1731.627960][ T30] audit: type=1800 audit(1751352719.533:1315): pid=18794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4446" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1732.067477][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1733.213364][T18824] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1733.432672][T15506] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 1733.726794][T15506] usb 8-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1733.736451][T15506] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1733.744847][T15506] usb 8-1: Product: syz [ 1733.749277][T15506] usb 8-1: Manufacturer: syz [ 1733.754377][T15506] usb 8-1: SerialNumber: syz [ 1733.920813][T15506] usb 8-1: config 0 descriptor?? [ 1734.169258][T15506] usb-storage 8-1:0.0: USB Mass Storage device detected [ 1734.422598][T18837] netlink: 116 bytes leftover after parsing attributes in process `syz.5.4459'. [ 1734.453050][T15506] usb 8-1: USB disconnect, device number 20 [ 1734.569831][T18838] netlink: 116 bytes leftover after parsing attributes in process `syz.5.4459'. [ 1735.816861][T18846] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4463'. [ 1736.003257][T18848] loop4: detected capacity change from 0 to 1024 [ 1736.092717][T18848] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1736.105398][T18848] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1736.214706][ T30] audit: type=1800 audit(1751352724.123:1316): pid=18848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4462" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1737.001097][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1740.855144][ T5849] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 1742.164663][ T5849] usb 8-1: config 0 has no interfaces? [ 1742.241446][ T5849] usb 8-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 1742.251313][ T5849] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1742.259599][ T5849] usb 8-1: Product: syz [ 1742.264012][ T5849] usb 8-1: Manufacturer: syz [ 1742.268739][ T5849] usb 8-1: SerialNumber: syz [ 1742.391170][ T5849] usb 8-1: config 0 descriptor?? [ 1742.679992][T18886] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4476'. [ 1747.201720][ T30] audit: type=1326 audit(1751352735.103:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1747.342312][ T30] audit: type=1326 audit(1751352735.163:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.365283][ T30] audit: type=1326 audit(1751352735.163:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.387997][ T30] audit: type=1326 audit(1751352735.163:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.410655][ T30] audit: type=1326 audit(1751352735.163:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.434685][ T30] audit: type=1326 audit(1751352735.163:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.457532][ T30] audit: type=1326 audit(1751352735.163:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.480211][ T30] audit: type=1326 audit(1751352735.163:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1747.502985][ T30] audit: type=1326 audit(1751352735.183:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1747.526920][ T30] audit: type=1326 audit(1751352735.183:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18919 comm="syz.4.4491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1749.690993][T15506] usb 8-1: USB disconnect, device number 21 [ 1753.508300][T18976] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4513'. [ 1754.174936][T18984] bridge0: port 1(bridge_slave_0) entered disabled state [ 1754.348066][ T7028] bridge0: port 1(bridge_slave_0) entered blocking state [ 1754.355600][ T7028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1757.607474][T19007] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4526'. [ 1760.438243][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1764.858201][T19070] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4551'. [ 1764.867679][T19070] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4551'. [ 1764.890725][T19070] bond0: entered promiscuous mode [ 1764.896228][T19070] bond_slave_0: entered promiscuous mode [ 1764.903174][T19070] bond_slave_1: entered promiscuous mode [ 1765.092701][T19070] bond0: left promiscuous mode [ 1765.097884][T19070] bond_slave_0: left promiscuous mode [ 1765.104137][T19070] bond_slave_1: left promiscuous mode [ 1766.347612][ T30] kauditd_printk_skb: 165 callbacks suppressed [ 1766.347681][ T30] audit: type=1326 audit(1751352754.253:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19081 comm="syz.4.4556" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x0 [ 1774.295482][T19175] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4594'. [ 1776.362781][T19205] loop7: detected capacity change from 0 to 1024 [ 1776.462511][T19205] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1776.475349][T19205] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1776.568307][ T30] audit: type=1800 audit(1751352764.473:1493): pid=19205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4606" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1777.189217][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1777.883922][ T30] audit: type=1326 audit(1751352765.783:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1777.975874][ T30] audit: type=1326 audit(1751352765.823:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fab8e929 code=0x7ffc0000 [ 1777.999117][ T30] audit: type=1326 audit(1751352765.823:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1778.021549][ C1] vkms_vblank_simulate: vblank timer overrun [ 1778.027953][ T30] audit: type=1326 audit(1751352765.823:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1778.050472][ C1] vkms_vblank_simulate: vblank timer overrun [ 1778.058775][ T30] audit: type=1326 audit(1751352765.823:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1778.081900][ T30] audit: type=1326 audit(1751352765.823:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1778.104398][ C1] vkms_vblank_simulate: vblank timer overrun [ 1778.111052][ T30] audit: type=1326 audit(1751352765.823:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1778.133937][ T30] audit: type=1326 audit(1751352765.823:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1778.158643][ T30] audit: type=1326 audit(1751352765.823:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19224 comm="syz.8.4613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1781.999355][ T30] kauditd_printk_skb: 263 callbacks suppressed [ 1781.999421][ T30] audit: type=1326 audit(1751352769.903:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.113177][ T30] audit: type=1326 audit(1751352769.943:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.138011][ T30] audit: type=1326 audit(1751352769.943:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1782.161155][ T30] audit: type=1326 audit(1751352769.943:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.184084][ T30] audit: type=1326 audit(1751352769.943:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.206829][ T30] audit: type=1326 audit(1751352769.943:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1782.229565][ T30] audit: type=1326 audit(1751352769.963:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.254022][ T30] audit: type=1326 audit(1751352769.963:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.277035][ T30] audit: type=1326 audit(1751352769.963:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1782.299861][ T30] audit: type=1326 audit(1751352769.973:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19278 comm="syz.4.4634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1782.563807][T19288] fuse: Bad value for 'fd' [ 1784.218728][T19313] loop4: detected capacity change from 0 to 2048 [ 1784.239331][T19313] EXT4-fs: Ignoring removed mblk_io_submit option [ 1784.246375][T19313] EXT4-fs: Ignoring removed i_version option [ 1784.342495][T19316] fuse: Bad value for 'fd' [ 1784.361798][T19313] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1784.818715][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1785.291952][T19338] fuse: Bad value for 'fd' [ 1786.520636][T19351] ALSA: mixer_oss: invalid OSS volume '' [ 1786.695479][T19355] sp0: Synchronizing with TNC [ 1787.263807][T19362] fuse: Invalid rootmode [ 1787.652894][ T30] kauditd_printk_skb: 328 callbacks suppressed [ 1787.652966][ T30] audit: type=1400 audit(1751352775.563:2104): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11 pid=19365 comm="syz.7.4670" [ 1787.828363][T19370] fuse: Bad value for 'fd' [ 1788.438511][T19378] ALSA: mixer_oss: invalid OSS volume '' [ 1788.634992][ T30] audit: type=1326 audit(1751352776.533:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1788.657951][ T30] audit: type=1326 audit(1751352776.533:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1788.680714][ T30] audit: type=1326 audit(1751352776.533:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1788.704986][ T30] audit: type=1326 audit(1751352776.543:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1788.729920][ T30] audit: type=1326 audit(1751352776.543:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1789.063077][ T30] audit: type=1326 audit(1751352776.703:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1789.086076][ T30] audit: type=1326 audit(1751352776.703:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1789.111122][ T30] audit: type=1326 audit(1751352776.703:2112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1789.134033][ T30] audit: type=1326 audit(1751352776.703:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0bfe12ab19 code=0x7ffc0000 [ 1789.810408][T19394] random: crng reseeded on system resumption [ 1792.783450][ T8255] unregister_netdevice: waiting for lo to become free. Usage count = 2 [ 1792.793907][ T8255] ref_tracker: lo@ffff888052480558 has 1/1 users at [ 1792.793907][ T8255] dst_init+0x101/0x370 [ 1792.793907][ T8255] dst_alloc+0x1f2/0x250 [ 1792.793907][ T8255] ip_route_input_rcu+0x349e/0x4a70 [ 1792.793907][ T8255] ip_route_input_noref+0x6f/0xb0 [ 1792.793907][ T8255] ip_rcv_finish_core+0x7c6/0x2070 [ 1792.793907][ T8255] ip_rcv_finish+0x2e3/0x570 [ 1792.793907][ T8255] ip_rcv+0xcb/0x380 [ 1792.793907][ T8255] __netif_receive_skb+0x312/0xac0 [ 1792.793907][ T8255] netif_receive_skb+0x57/0x630 [ 1792.793907][ T8255] tun_rx_batched+0x1df/0x980 [ 1792.793907][ T8255] tun_get_user+0x4ee0/0x6b40 [ 1792.793907][ T8255] tun_chr_write_iter+0x3e9/0x5c0 [ 1792.793907][ T8255] vfs_write+0xb4b/0x1580 [ 1792.793907][ T8255] __x64_sys_write+0x1fb/0x4d0 [ 1792.793907][ T8255] x64_sys_call+0x38c3/0x3db0 [ 1792.793907][ T8255] do_syscall_64+0xd9/0x210 [ 1792.793907][ T8255] [ 1793.610930][T19462] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4712'. [ 1795.958188][ T30] kauditd_printk_skb: 93 callbacks suppressed [ 1795.958255][ T30] audit: type=1400 audit(1751352783.863:2207): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11 pid=19484 comm="syz.4.4721" [ 1796.495515][T19495] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4724'. [ 1797.267900][T19502] random: crng reseeded on system resumption [ 1797.575701][T19508] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4730'. [ 1797.914173][T19513] Illegal XDP return value 4294967274 on prog (id 921) dev N/A, expect packet loss! [ 1800.918389][T19545] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1801.035788][T19548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1806.694244][T19586] overlay: ./file0 is not a directory [ 1810.032943][T19603] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4769'. [ 1811.972009][ T5849] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 1812.171767][ T5849] usb 8-1: Using ep0 maxpacket: 8 [ 1812.217250][ T5849] usb 8-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1812.226443][ T5849] usb 8-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1812.235800][ T5849] usb 8-1: config 1 has no interface number 1 [ 1812.243924][ T5849] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1812.343120][ T5849] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1812.352643][ T5849] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1812.360872][ T5849] usb 8-1: Product: syz [ 1812.365445][ T5849] usb 8-1: Manufacturer: syz [ 1812.370260][ T5849] usb 8-1: SerialNumber: syz [ 1812.583177][T19618] netlink: 1624 bytes leftover after parsing attributes in process `syz.5.4775'. [ 1812.739935][ T5849] usb 8-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1812.825821][ T5849] usb 8-1: USB disconnect, device number 22 [ 1816.013671][T19636] bridge4: entered promiscuous mode [ 1817.351789][T15506] usb 8-1: new high-speed USB device number 23 using dummy_hcd [ 1817.602591][T15506] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1817.614251][T15506] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1817.624617][T15506] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1817.638041][T15506] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1817.647433][T15506] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1817.880207][T15506] usb 8-1: config 0 descriptor?? [ 1818.369283][T15506] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 1820.455661][ T5849] usb 8-1: USB disconnect, device number 23 [ 1820.581763][T19683] overlayfs: conflicting lowerdir path [ 1821.907894][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1824.732140][ T5849] usb 8-1: new high-speed USB device number 24 using dummy_hcd [ 1825.182469][ T5849] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1825.193100][ T5849] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1825.202541][ T5849] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1825.300994][ T5849] usb 8-1: config 0 descriptor?? [ 1825.556233][ T5849] pwc: Askey VC010 type 2 USB webcam detected. [ 1825.621993][ T5849] pwc: send_video_command error -71 [ 1825.627453][ T5849] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 1825.635880][ T5849] Philips webcam 8-1:0.0: probe with driver Philips webcam failed with error -71 [ 1825.732045][ T5849] usb 8-1: USB disconnect, device number 24 [ 1826.091874][ T5849] usb 8-1: new high-speed USB device number 25 using dummy_hcd [ 1826.312952][ T5849] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1826.323666][ T5849] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1826.333142][ T5849] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1826.524722][ T5849] usb 8-1: config 0 descriptor?? [ 1826.550084][ T5849] pwc: Askey VC010 type 2 USB webcam detected. [ 1826.969389][ T5849] pwc: recv_control_msg error -32 req 02 val 2b00 [ 1826.992430][ T5849] pwc: recv_control_msg error -32 req 02 val 2700 [ 1827.012851][ T5849] pwc: recv_control_msg error -32 req 02 val 2c00 [ 1827.028888][ T5849] pwc: recv_control_msg error -32 req 04 val 1000 [ 1827.041941][ T5849] pwc: recv_control_msg error -32 req 04 val 1300 [ 1827.089162][ T5849] pwc: recv_control_msg error -32 req 04 val 1400 [ 1827.107523][ T5849] pwc: recv_control_msg error -32 req 02 val 2000 [ 1827.142047][ T5849] pwc: recv_control_msg error -32 req 02 val 2100 [ 1827.179774][ T5849] pwc: recv_control_msg error -32 req 04 val 1500 [ 1827.232957][ T5849] pwc: recv_control_msg error -32 req 02 val 2500 [ 1827.261868][ T5849] pwc: recv_control_msg error -32 req 02 val 2400 [ 1827.476923][ T5849] pwc: recv_control_msg error -71 req 02 val 2900 [ 1827.492664][ T5849] pwc: recv_control_msg error -71 req 02 val 2800 [ 1827.499487][T19706] fuse: Bad value for 'fd' [ 1827.518198][ T5849] pwc: recv_control_msg error -71 req 04 val 1100 [ 1827.538054][ T5849] pwc: recv_control_msg error -71 req 04 val 1200 [ 1827.562496][ T5849] pwc: Registered as video103. [ 1827.569673][ T5849] input: PWC snapshot button as /devices/platform/dummy_hcd.7/usb8/8-1/input/input12 [ 1827.646465][ T5849] usb 8-1: USB disconnect, device number 25 [ 1828.069937][T18691] syzkaller0: tun_net_xmit 76 [ 1828.076230][T18691] syzkaller0: tun_net_xmit 48 [ 1828.092239][T18692] syzkaller0: tun_net_xmit 76 [ 1828.103023][T19715] tipc: Enabling of bearer rejected, failed to enable media [ 1828.232703][T19720] syzkaller0: create flow: hash 3011415034 index 1 [ 1828.235542][T18692] syzkaller0: tun_net_xmit 76 [ 1828.303929][T19710] syzkaller0: delete flow: hash 3011415034 index 1 [ 1830.990338][T19756] loop7: detected capacity change from 0 to 128 [ 1831.508396][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.508396][T10477] loop7: rw=1, sector=145, nr_sectors = 16 limit=128 [ 1831.522679][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.522679][T10477] loop7: rw=1, sector=169, nr_sectors = 8 limit=128 [ 1831.536991][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.536991][T10477] loop7: rw=1, sector=185, nr_sectors = 8 limit=128 [ 1831.550782][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.550782][T10477] loop7: rw=1, sector=201, nr_sectors = 8 limit=128 [ 1831.564621][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.564621][T10477] loop7: rw=1, sector=217, nr_sectors = 8 limit=128 [ 1831.578539][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.578539][T10477] loop7: rw=1, sector=233, nr_sectors = 8 limit=128 [ 1831.676469][T19761] fuse: Unknown parameter 'user_id00000000000000000000' [ 1831.879540][T10477] kworker/u8:32: attempt to access beyond end of device [ 1831.879540][T10477] loop7: rw=1, sector=249, nr_sectors = 8 limit=128 [ 1834.051111][T19793] fuse: Bad value for 'fd' [ 1839.340906][T19826] fuse: Bad value for 'fd' [ 1840.742056][T18692] usb 8-1: new high-speed USB device number 26 using dummy_hcd [ 1840.989506][T18692] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1841.000269][T18692] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1841.009738][T18692] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1841.178780][T18692] usb 8-1: config 0 descriptor?? [ 1841.241955][T18692] pwc: Askey VC010 type 2 USB webcam detected. [ 1841.475133][T18692] pwc: send_video_command error -71 [ 1841.480757][T18692] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 1841.489094][T18692] Philips webcam 8-1:0.0: probe with driver Philips webcam failed with error -71 [ 1841.673713][T18692] usb 8-1: USB disconnect, device number 26 [ 1842.031988][T18692] usb 8-1: new high-speed USB device number 27 using dummy_hcd [ 1842.264450][T18692] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1842.275209][T18692] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1842.284797][T18692] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1842.362512][T18692] usb 8-1: config 0 descriptor?? [ 1842.392135][T18692] pwc: Askey VC010 type 2 USB webcam detected. [ 1842.779433][T18692] pwc: recv_control_msg error -32 req 02 val 2b00 [ 1842.812532][T18692] pwc: recv_control_msg error -32 req 02 val 2700 [ 1842.838214][T18692] pwc: recv_control_msg error -32 req 02 val 2c00 [ 1842.871889][T18692] pwc: recv_control_msg error -32 req 04 val 1000 [ 1842.889665][T18692] pwc: recv_control_msg error -32 req 04 val 1300 [ 1842.922611][T18692] pwc: recv_control_msg error -32 req 04 val 1400 [ 1842.942004][T18692] pwc: recv_control_msg error -32 req 02 val 2000 [ 1842.970045][T18692] pwc: recv_control_msg error -32 req 02 val 2100 [ 1842.991873][T18692] pwc: recv_control_msg error -32 req 04 val 1500 [ 1843.032136][T18692] pwc: recv_control_msg error -32 req 02 val 2500 [ 1843.066655][T18692] pwc: recv_control_msg error -32 req 02 val 2400 [ 1843.261968][ T30] audit: type=1326 audit(1751352831.163:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.301051][T18692] pwc: recv_control_msg error -71 req 02 val 2900 [ 1843.316883][T18692] pwc: recv_control_msg error -71 req 02 val 2800 [ 1843.363534][T18692] pwc: recv_control_msg error -71 req 04 val 1100 [ 1843.390615][ T30] audit: type=1326 audit(1751352831.203:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.413895][ T30] audit: type=1326 audit(1751352831.203:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.436914][ T30] audit: type=1326 audit(1751352831.203:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.459899][ T30] audit: type=1326 audit(1751352831.203:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.484725][ T30] audit: type=1326 audit(1751352831.233:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.507936][ T30] audit: type=1326 audit(1751352831.233:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.531246][ T30] audit: type=1326 audit(1751352831.233:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.554155][ T30] audit: type=1326 audit(1751352831.233:2216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.578803][ T30] audit: type=1326 audit(1751352831.233:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19838 comm="syz.8.4857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f84fab2ab19 code=0x7ffc0000 [ 1843.605724][T18692] pwc: recv_control_msg error -71 req 04 val 1200 [ 1843.652829][T18692] pwc: Registered as video103. [ 1843.659965][T18692] input: PWC snapshot button as /devices/platform/dummy_hcd.7/usb8/8-1/input/input13 [ 1843.728850][T18692] usb 8-1: USB disconnect, device number 27 [ 1845.526789][T19875] loop7: detected capacity change from 0 to 512 [ 1845.547623][T19875] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 1845.580476][T19875] EXT4-fs (loop7): invalid journal inode [ 1845.586631][T19875] EXT4-fs (loop7): can't get journal size [ 1845.649685][T19875] EXT4-fs (loop7): 1 truncate cleaned up [ 1845.657714][T19875] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1848.573545][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1849.356460][T19900] ALSA: mixer_oss: invalid OSS volume 'IGA' [ 1849.840386][T19908] netlink: 'syz.4.4884': attribute type 1 has an invalid length. [ 1849.848693][T19908] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4884'. [ 1850.090691][ T30] kauditd_printk_skb: 190 callbacks suppressed [ 1850.090763][ T30] audit: type=1326 audit(1751352837.993:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19911 comm="syz.7.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1850.121193][ T30] audit: type=1326 audit(1751352837.993:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19911 comm="syz.7.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1850.146383][ T30] audit: type=1326 audit(1751352838.033:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19911 comm="syz.7.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1850.169303][ T30] audit: type=1326 audit(1751352838.033:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19911 comm="syz.7.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1850.192266][ T30] audit: type=1326 audit(1751352838.043:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19911 comm="syz.7.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1850.215204][ T30] audit: type=1326 audit(1751352838.043:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19911 comm="syz.7.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1850.703226][T18692] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1850.903949][T19924] tipc: Enabling of bearer rejected, failed to enable media [ 1850.913423][T18692] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1850.924123][T18692] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1850.933536][T18692] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1850.994129][T18692] usb 5-1: config 0 descriptor?? [ 1851.018356][T18692] pwc: Askey VC010 type 2 USB webcam detected. [ 1851.223572][T18692] pwc: send_video_command error -71 [ 1851.229295][T18692] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 1851.237625][T18692] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71 [ 1851.287293][T18692] usb 5-1: USB disconnect, device number 9 [ 1851.786619][T18692] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1852.026339][T18692] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1852.037109][T18692] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1852.046644][T18692] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1852.187388][T18692] usb 5-1: config 0 descriptor?? [ 1852.244710][T18692] pwc: Askey VC010 type 2 USB webcam detected. [ 1852.640693][T18692] pwc: recv_control_msg error -32 req 02 val 2b00 [ 1852.699861][T18692] pwc: recv_control_msg error -32 req 02 val 2700 [ 1852.744164][T18692] pwc: recv_control_msg error -32 req 02 val 2c00 [ 1852.804173][T18692] pwc: recv_control_msg error -32 req 04 val 1000 [ 1852.863256][T18692] pwc: recv_control_msg error -32 req 04 val 1300 [ 1852.919340][T18692] pwc: recv_control_msg error -32 req 04 val 1400 [ 1852.959907][T18692] pwc: recv_control_msg error -32 req 02 val 2000 [ 1853.023491][T18692] pwc: recv_control_msg error -32 req 02 val 2100 [ 1853.066513][T18692] pwc: recv_control_msg error -32 req 04 val 1500 [ 1853.132451][T18692] pwc: recv_control_msg error -32 req 02 val 2500 [ 1853.192017][T18692] pwc: recv_control_msg error -32 req 02 val 2400 [ 1853.422636][T18692] pwc: recv_control_msg error -71 req 02 val 2900 [ 1853.472851][T18692] pwc: recv_control_msg error -71 req 02 val 2800 [ 1853.533925][T18692] pwc: recv_control_msg error -71 req 04 val 1100 [ 1853.573349][T18692] pwc: recv_control_msg error -71 req 04 val 1200 [ 1853.642893][T18692] pwc: Registered as video103. [ 1853.649972][T18692] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input14 [ 1854.134013][T18692] usb 5-1: USB disconnect, device number 10 [ 1857.193457][T19965] tipc: Enabling of bearer rejected, failed to enable media [ 1858.607272][ T30] audit: type=1326 audit(1751352846.513:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19988 comm="syz.4.4914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1858.631843][ T30] audit: type=1326 audit(1751352846.513:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19988 comm="syz.4.4914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1858.655598][ T30] audit: type=1326 audit(1751352846.513:2416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19988 comm="syz.4.4914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1858.678510][ T30] audit: type=1326 audit(1751352846.523:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19988 comm="syz.4.4914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1860.780900][T19996] loop4: detected capacity change from 0 to 4096 [ 1861.768368][T20011] tipc: Enabling of bearer rejected, failed to enable media [ 1864.502380][ T5849] usb 8-1: new high-speed USB device number 28 using dummy_hcd [ 1865.310771][T20036] overlayfs: missing 'lowerdir' [ 1865.625529][ T5849] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1865.636092][ T5849] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1865.645557][ T5849] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1865.660539][ T5849] usb 8-1: config 0 descriptor?? [ 1865.679339][ T5849] pwc: Askey VC010 type 2 USB webcam detected. [ 1866.637821][ T5849] pwc: send_video_command error -71 [ 1866.643618][ T5849] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 1866.651817][ T5849] Philips webcam 8-1:0.0: probe with driver Philips webcam failed with error -71 [ 1866.665832][ T5849] usb 8-1: USB disconnect, device number 28 [ 1866.867069][T20043] tipc: Enabling of bearer rejected, failed to enable media [ 1867.033046][ T5849] usb 8-1: new high-speed USB device number 29 using dummy_hcd [ 1867.445028][ T5849] usb 8-1: unable to read config index 0 descriptor/all [ 1867.452660][ T5849] usb 8-1: can't read configurations, error -71 [ 1868.532447][ T30] audit: type=1326 audit(1751352856.423:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20064 comm="syz.5.4942" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f208a18e929 code=0x0 [ 1868.741808][T20067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1870.471881][T20076] loop4: detected capacity change from 0 to 32768 [ 1870.506161][T20076] jfs_mount: dbMount failed w/rc = -22 [ 1870.512488][T20076] Mount JFS Failure: -22 [ 1870.516905][T20076] jfs_mount failed w/return code = -22 [ 1871.304090][T20076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4945'. [ 1871.318319][T20076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4945'. [ 1871.679292][T20078] tipc: Started in network mode [ 1871.685208][T20078] tipc: Node identity c23a0a5b6e0e, cluster identity 4711 [ 1871.693870][T20078] tipc: Enabled bearer , priority 0 [ 1871.724344][T20078] syzkaller0: entered promiscuous mode [ 1871.730077][T20078] syzkaller0: entered allmulticast mode [ 1871.826884][T20078] tipc: Resetting bearer [ 1871.844770][T20077] tipc: Resetting bearer [ 1871.884757][T20077] tipc: Disabling bearer [ 1871.921795][ T5849] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 1872.113309][ T5849] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1872.124223][ T5849] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1872.133697][ T5849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1872.205143][ T5849] usb 5-1: config 0 descriptor?? [ 1872.258812][ T5849] pwc: Askey VC010 type 2 USB webcam detected. [ 1872.470131][ T5849] pwc: send_video_command error -71 [ 1872.477105][ T5849] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 1872.485901][ T5849] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71 [ 1872.593281][ T5849] usb 5-1: USB disconnect, device number 11 [ 1873.048368][ T5849] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 1873.103060][T20103] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.4956'. [ 1873.253647][ T5849] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1873.264810][ T5849] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1873.276153][ T5849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1873.444442][ T5849] usb 5-1: config 0 descriptor?? [ 1873.509417][ T5849] pwc: Askey VC010 type 2 USB webcam detected. [ 1873.864317][ T5849] pwc: recv_control_msg error -32 req 02 val 2b00 [ 1873.922114][ T5849] pwc: recv_control_msg error -32 req 02 val 2700 [ 1873.970567][ T5849] pwc: recv_control_msg error -32 req 02 val 2c00 [ 1874.018970][ T5849] pwc: recv_control_msg error -32 req 04 val 1000 [ 1874.079855][ T5849] pwc: recv_control_msg error -32 req 04 val 1300 [ 1874.126129][ T30] audit: type=1326 audit(1751352862.023:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20107 comm="syz.7.4959" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x0 [ 1874.157777][ T5849] pwc: recv_control_msg error -32 req 04 val 1400 [ 1874.197414][ T5849] pwc: recv_control_msg error -32 req 02 val 2000 [ 1874.231944][ T5849] pwc: recv_control_msg error -32 req 02 val 2100 [ 1874.280479][ T5849] pwc: recv_control_msg error -32 req 04 val 1500 [ 1874.309220][ T5849] pwc: recv_control_msg error -32 req 02 val 2500 [ 1874.330710][T20104] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4957'. [ 1874.357433][T20112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1874.384610][T20104] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4957'. [ 1874.462257][ T5849] pwc: recv_control_msg error -32 req 02 val 2400 [ 1874.677202][ T5849] pwc: recv_control_msg error -71 req 02 val 2900 [ 1874.693339][ T5849] pwc: recv_control_msg error -71 req 02 val 2800 [ 1874.713423][ T5849] pwc: recv_control_msg error -71 req 04 val 1100 [ 1874.732884][ T5849] pwc: recv_control_msg error -71 req 04 val 1200 [ 1874.750363][ T5849] pwc: Registered as video103. [ 1874.758000][ T5849] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input15 [ 1874.860658][ T5849] usb 5-1: USB disconnect, device number 12 [ 1875.016045][T20118] tipc: Enabling of bearer rejected, failed to enable media [ 1877.175616][ T30] audit: type=1400 audit(1751352865.083:2420): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11 pid=20134 comm="syz.7.4968" [ 1877.357796][T20135] netlink: 1752 bytes leftover after parsing attributes in process `syz.7.4968'. [ 1878.839792][T20143] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4970'. [ 1878.874572][T20143] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4970'. [ 1878.914551][ T30] audit: type=1326 audit(1751352866.793:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1878.937768][ T30] audit: type=1326 audit(1751352866.793:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1878.960667][ T30] audit: type=1326 audit(1751352866.793:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1879.240296][ T30] audit: type=1326 audit(1751352866.963:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.263397][ T30] audit: type=1326 audit(1751352866.963:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.286544][ T30] audit: type=1326 audit(1751352866.963:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.311390][ T30] audit: type=1326 audit(1751352866.963:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.335065][ T30] audit: type=1326 audit(1751352866.963:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.357807][ T30] audit: type=1326 audit(1751352866.973:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1879.380550][ T30] audit: type=1326 audit(1751352866.973:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1879.403352][ T30] audit: type=1326 audit(1751352866.983:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.427408][ T30] audit: type=1326 audit(1751352866.983:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 1879.450341][ T30] audit: type=1326 audit(1751352866.993:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20148 comm="syz.7.4973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 1879.549762][T20154] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4976'. [ 1880.588338][T20160] loop4: detected capacity change from 0 to 40427 [ 1880.627314][T20160] F2FS-fs (loop4): invalid crc value [ 1881.182156][T20160] F2FS-fs (loop4): Start checkpoint disabled! [ 1881.197524][T20160] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 1883.072738][T10477] kworker/u8:32: attempt to access beyond end of device [ 1883.072738][T10477] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1883.087289][T10477] CPU: 1 UID: 0 PID: 10477 Comm: kworker/u8:32 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(undef) [ 1883.087453][T10477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1883.087574][T10477] Workqueue: writeback wb_workfn (flush-7:4) [ 1883.087730][T10477] Call Trace: [ 1883.087776][T10477] [ 1883.087822][T10477] __dump_stack+0x26/0x30 [ 1883.087967][T10477] dump_stack_lvl+0x1df/0x270 [ 1883.088126][T10477] dump_stack+0x1e/0x25 [ 1883.088265][T10477] f2fs_handle_critical_error+0xa6f/0xc20 [ 1883.088483][T10477] f2fs_stop_checkpoint+0x65/0x80 [ 1883.088664][T10477] f2fs_write_end_io+0xb4b/0x1920 [ 1883.088803][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.088993][T10477] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 1883.089112][T10477] bio_endio+0xe24/0xf80 [ 1883.089277][T10477] submit_bio_noacct+0x214/0x2710 [ 1883.089487][T10477] submit_bio+0x5a9/0x5d0 [ 1883.089646][T10477] f2fs_submit_write_bio+0x92/0x250 [ 1883.089815][T10477] __submit_merged_bio+0x16f/0x6a0 [ 1883.089984][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.090162][T10477] __submit_merged_write_cond+0x458/0x9a0 [ 1883.090354][T10477] f2fs_write_data_pages+0x4bb2/0x5480 [ 1883.090660][T10477] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1883.090819][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.090993][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.091178][T10477] ? __update_load_avg_cfs_rq+0xd7f/0x1010 [ 1883.091373][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.091542][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.091720][T10477] ? __rb_insert_augmented+0x80/0x11b0 [ 1883.091903][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.092069][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.092236][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.092417][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.092581][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.092754][T10477] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1883.092951][T10477] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1883.093132][T10477] do_writepages+0x3ef/0x860 [ 1883.093290][T10477] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1883.093485][T10477] ? queue_io+0x781/0x790 [ 1883.093616][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.093805][T10477] __writeback_single_inode+0x101/0x1190 [ 1883.093969][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.094146][T10477] writeback_sb_inodes+0xaa9/0x1c90 [ 1883.094437][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.094691][T10477] wb_writeback+0x4ce/0xc00 [ 1883.094884][T10477] ? queue_io+0x481/0x790 [ 1883.095064][T10477] wb_workfn+0x397/0x1910 [ 1883.095214][T10477] ? kmsan_get_metadata+0xfb/0x160 [ 1883.095464][T10477] ? __pfx_wb_workfn+0x10/0x10 [ 1883.095589][T10477] process_scheduled_works+0xb8e/0x1d80 [ 1883.095809][T10477] worker_thread+0xedf/0x1590 [ 1883.096011][T10477] kthread+0xd5c/0xf00 [ 1883.096129][T10477] ? __pfx_worker_thread+0x10/0x10 [ 1883.096323][T10477] ? __pfx_kthread+0x10/0x10 [ 1883.096456][T10477] ret_from_fork+0x1e0/0x310 [ 1883.096584][T10477] ? __pfx_kthread+0x10/0x10 [ 1883.096712][T10477] ret_from_fork_asm+0x1a/0x30 [ 1883.096904][T10477] [ 1883.406779][T10477] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1883.467136][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1884.257419][T20179] loop7: detected capacity change from 0 to 32768 [ 1884.330571][T20179] jfs_mount: dbMount failed w/rc = -22 [ 1884.337937][T20179] Mount JFS Failure: -22 [ 1884.343240][T20179] jfs_mount failed w/return code = -22 [ 1884.682660][T20179] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4985'. [ 1884.698177][T20179] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4985'. [ 1885.027434][T20188] loop7: detected capacity change from 0 to 512 [ 1885.095152][T20188] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 1885.148963][T20188] EXT4-fs (loop7): invalid journal inode [ 1885.155110][T20188] EXT4-fs (loop7): can't get journal size [ 1885.265152][T20188] EXT4-fs (loop7): 1 truncate cleaned up [ 1885.273302][T20188] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1885.682492][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1887.751077][T20214] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4997'. [ 1887.768852][T20214] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4997'. [ 1893.299589][T20248] syzkaller1: entered promiscuous mode [ 1893.305445][T20248] syzkaller1: entered allmulticast mode [ 1895.377422][T20262] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5013'. [ 1895.413387][T20262] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5013'. [ 1914.718400][T20498] netlink: 'syz.8.5118': attribute type 4 has an invalid length. [ 1914.893816][T20498] netlink: 'syz.8.5118': attribute type 4 has an invalid length. [ 1915.049451][T20479] Set syz1 is full, maxelem 65536 reached [ 1919.209386][T20533] netlink: 'syz.4.5133': attribute type 4 has an invalid length. [ 1919.327570][T20534] netlink: 'syz.4.5133': attribute type 4 has an invalid length. [ 1920.784731][T20543] netlink: 'syz.8.5137': attribute type 4 has an invalid length. [ 1920.846809][T20546] syz_tun: entered allmulticast mode [ 1920.973812][T20544] syz_tun: left allmulticast mode [ 1921.893057][T20551] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5140'. [ 1922.775613][T20550] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5139'. [ 1922.809609][T20550] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5139'. [ 1922.956310][T20557] netlink: 'syz.4.5146': attribute type 4 has an invalid length. [ 1923.137417][T20565] netlink: 'syz.4.5146': attribute type 4 has an invalid length. [ 1924.219288][T20574] input: syz0 as /devices/virtual/input/input16 [ 1924.253373][T20575] netlink: 'syz.8.5149': attribute type 4 has an invalid length. [ 1924.470072][T20579] syz_tun: entered allmulticast mode [ 1924.582475][T20576] syz_tun: left allmulticast mode [ 1925.126324][T20589] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5156'. [ 1926.309051][T20595] netlink: 'syz.6.5158': attribute type 4 has an invalid length. [ 1926.581225][T20595] netlink: 'syz.6.5158': attribute type 4 has an invalid length. [ 1927.618302][T20610] netlink: 'syz.4.5164': attribute type 4 has an invalid length. [ 1927.679131][T20606] loop7: detected capacity change from 0 to 32768 [ 1927.688033][T20606] btrfs: Deprecated parameter 'usebackuproot' [ 1927.694511][T20606] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1927.710079][T20606] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.5162 (20606) [ 1927.751190][T20606] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1927.762952][T20606] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm [ 1927.772289][T20606] BTRFS info (device loop7): using free-space-tree [ 1927.900562][ T7600] BTRFS warning (device loop7): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 1927.914508][T20606] BTRFS error (device loop7): failed to load root extent [ 1927.922123][T20606] BTRFS warning (device loop7): try to load backup roots slot 1 [ 1927.932464][T10477] BTRFS warning (device loop7): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 1927.946484][T20606] BTRFS warning (device loop7): couldn't read tree root [ 1927.956760][T20606] BTRFS warning (device loop7): try to load backup roots slot 2 [ 1927.973048][ T8249] BTRFS error (device loop7): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 1927.984114][T20606] BTRFS warning (device loop7): couldn't read tree root [ 1927.991339][T20606] BTRFS warning (device loop7): try to load backup roots slot 3 [ 1928.067203][T20606] BTRFS info (device loop7): rebuilding free space tree [ 1928.171049][T20606] BTRFS info (device loop7): checking UUID tree [ 1928.399604][T16521] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1928.562329][T20639] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5169'. [ 1928.621701][ T5849] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 1929.057649][ T5849] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1929.069041][ T5849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1929.081941][ T5849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1929.092356][ T5849] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1929.350313][ T5849] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1929.360050][ T5849] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1929.372043][ T5849] usb 5-1: Manufacturer: syz [ 1929.501943][ T5849] usb 5-1: config 0 descriptor?? [ 1930.065916][ T5849] appleir 0003:05AC:8243.000D: unknown main item tag 0x0 [ 1930.189420][ T5849] appleir 0003:05AC:8243.000D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 1930.278191][ T5849] usb 5-1: USB disconnect, device number 13 [ 1930.747569][T20648] netlink: 'syz.5.5173': attribute type 4 has an invalid length. [ 1930.750687][T20647] bridge0: port 2(bridge_slave_1) entered disabled state [ 1930.764164][T20647] bridge0: port 1(bridge_slave_0) entered disabled state [ 1930.783361][T20647] netlink: 136 bytes leftover after parsing attributes in process `syz.8.5174'. [ 1930.873983][T20651] netlink: 'syz.5.5173': attribute type 4 has an invalid length. [ 1931.253603][T20656] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5175'. [ 1931.263126][T20656] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5175'. [ 1931.283306][T20657] netlink: 'syz.4.5176': attribute type 1 has an invalid length. [ 1931.320249][T20657] netlink: 76 bytes leftover after parsing attributes in process `syz.4.5176'. [ 1931.400115][T20657] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5176'. [ 1931.504974][T20659] syz_tun: entered allmulticast mode [ 1931.600034][T20658] syz_tun: left allmulticast mode [ 1931.974669][T20663] netlink: 'syz.8.5178': attribute type 4 has an invalid length. [ 1933.051748][ T8255] unregister_netdevice: waiting for lo to become free. Usage count = 2 [ 1933.061522][ T8255] ref_tracker: lo@ffff888052480558 has 1/1 users at [ 1933.061522][ T8255] dst_init+0x101/0x370 [ 1933.061522][ T8255] dst_alloc+0x1f2/0x250 [ 1933.061522][ T8255] ip_route_input_rcu+0x349e/0x4a70 [ 1933.061522][ T8255] ip_route_input_noref+0x6f/0xb0 [ 1933.061522][ T8255] ip_rcv_finish_core+0x7c6/0x2070 [ 1933.061522][ T8255] ip_rcv_finish+0x2e3/0x570 [ 1933.061522][ T8255] ip_rcv+0xcb/0x380 [ 1933.061522][ T8255] __netif_receive_skb+0x312/0xac0 [ 1933.061522][ T8255] netif_receive_skb+0x57/0x630 [ 1933.061522][ T8255] tun_rx_batched+0x1df/0x980 [ 1933.061522][ T8255] tun_get_user+0x4ee0/0x6b40 [ 1933.061522][ T8255] tun_chr_write_iter+0x3e9/0x5c0 [ 1933.061522][ T8255] vfs_write+0xb4b/0x1580 [ 1933.061522][ T8255] __x64_sys_write+0x1fb/0x4d0 [ 1933.061522][ T8255] x64_sys_call+0x38c3/0x3db0 [ 1933.061522][ T8255] do_syscall_64+0xd9/0x210 [ 1933.061522][ T8255] [ 1933.718765][T20678] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5183'. [ 1934.424739][ T5849] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 1934.664694][ T5849] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1934.676083][ T5849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1934.687388][ T5849] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1934.697611][ T5849] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1934.899248][T20685] loop7: detected capacity change from 0 to 4096 [ 1934.925896][ T5849] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1934.936046][ T5849] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1934.944641][ T5849] usb 5-1: Manufacturer: syz [ 1935.044291][ T5849] usb 5-1: config 0 descriptor?? [ 1935.159588][T20693] syz_tun: entered allmulticast mode [ 1935.313804][T20692] syz_tun: left allmulticast mode [ 1935.444551][T20697] overlay: ./bus is not a directory [ 1935.497972][ T5849] appleir 0003:05AC:8243.000E: unknown main item tag 0x0 [ 1935.554874][ T5849] appleir 0003:05AC:8243.000E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 1935.604472][T20699] netlink: 'syz.6.5191': attribute type 4 has an invalid length. [ 1935.714454][ T5849] usb 5-1: USB disconnect, device number 14 [ 1935.898357][T20685] loop7: detected capacity change from 0 to 4096 [ 1936.122671][T20685] loop7: detected capacity change from 0 to 256 [ 1936.131879][T20685] vfat: Unknown parameter 'tz”UTC' [ 1936.521852][ T5849] usb 8-1: new high-speed USB device number 31 using dummy_hcd [ 1937.124841][T20709] input: syz0 as /devices/virtual/input/input17 [ 1937.728704][T20713] netlink: 'syz.5.5196': attribute type 1 has an invalid length. [ 1937.766012][ T5849] usb 8-1: device descriptor read/all, error -71 [ 1937.862222][T20714] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5196'. [ 1937.982967][T20713] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5196'. [ 1938.565091][T20719] loop7: detected capacity change from 0 to 1024 [ 1938.850607][T20719] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1938.863497][T20719] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1938.892191][ T30] kauditd_printk_skb: 42 callbacks suppressed [ 1938.892258][ T30] audit: type=1800 audit(1751352926.803:2476): pid=20719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.5199" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1939.018369][T20719] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5199'. [ 1939.060415][T20728] syz_tun: entered allmulticast mode [ 1939.360710][T20727] syz_tun: left allmulticast mode [ 1940.088993][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1940.991831][ T5849] usb 8-1: new high-speed USB device number 33 using dummy_hcd [ 1941.222975][ T5849] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1941.234267][ T5849] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1941.245758][ T5849] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1941.256089][ T5849] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1941.379159][ T5849] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1941.388887][ T5849] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1941.397955][ T5849] usb 8-1: Manufacturer: syz [ 1941.442774][ T5849] usb 8-1: config 0 descriptor?? [ 1941.872148][ T5849] appleir 0003:05AC:8243.000F: unknown main item tag 0x0 [ 1941.935083][ T5849] appleir 0003:05AC:8243.000F: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0 [ 1942.075757][ T5849] usb 8-1: USB disconnect, device number 33 [ 1942.087913][T20746] overlay: ./bus is not a directory [ 1942.105048][T20755] netlink: 'syz.6.5213': attribute type 1 has an invalid length. [ 1942.118192][T20755] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5213'. [ 1942.161365][T20755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5213'. [ 1942.838236][T20762] syz_tun: entered allmulticast mode [ 1942.870802][T20761] loop4: detected capacity change from 0 to 1024 [ 1942.886577][T20760] syz_tun: left allmulticast mode [ 1942.989629][T20761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1943.004125][T20761] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1943.177288][ T30] audit: type=1800 audit(1751352931.083:2477): pid=20761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5215" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1943.279362][T20761] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5215'. [ 1943.321961][T20767] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 1943.854933][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1944.991995][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 1946.451121][T20798] syz_tun: entered allmulticast mode [ 1946.502217][T20795] syz_tun: left allmulticast mode [ 1947.437501][T20809] loop4: detected capacity change from 0 to 512 [ 1947.500888][T20809] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1947.556384][T20809] EXT4-fs (loop4): 1 truncate cleaned up [ 1947.564496][T20809] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1947.576261][T20805] overlay: ./bus is not a directory [ 1947.663084][T20809] syz.4.5234 (pid 20809) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 1948.086661][T20821] loop7: detected capacity change from 0 to 512 [ 1948.270587][T20821] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 1948.459140][T20823] netlink: 'syz.5.5237': attribute type 4 has an invalid length. [ 1948.590217][T20821] EXT4-fs (loop7): 1 truncate cleaned up [ 1948.599407][T20821] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1948.865557][T15441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1949.419167][T16521] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1950.618026][T20840] syz_tun: entered allmulticast mode [ 1950.706835][T20838] syz_tun: left allmulticast mode [ 1951.382659][T20850] loop7: detected capacity change from 0 to 256 [ 1951.498909][T20850] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1952.854071][T20868] loop4: detected capacity change from 0 to 256 [ 1953.961953][T20876] syz_tun: entered allmulticast mode [ 1953.976741][T20874] syz_tun: left allmulticast mode [ 1957.201725][T20908] netlink: 'syz.5.5270': attribute type 1 has an invalid length. [ 1957.267400][T20908] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5270'. [ 1957.830854][T20908] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5270'. [ 1958.102717][T20918] syz_tun: entered allmulticast mode [ 1958.214206][T20917] syz_tun: left allmulticast mode [ 1959.103819][T20925] fuse: Bad value for 'group_id' [ 1959.109017][T20925] fuse: Bad value for 'group_id' [ 1959.819019][T14192] Bluetooth: hci2: unexpected event for opcode 0x2042 [ 1960.783493][T20942] loop4: detected capacity change from 0 to 4096 [ 1960.918169][T20950] syz_tun: entered allmulticast mode [ 1960.989029][T20949] syz_tun: left allmulticast mode [ 1962.942450][T20962] fuse: Bad value for 'group_id' [ 1962.947635][T20962] fuse: Bad value for 'group_id' [ 1963.844201][T14192] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 1963.853209][T14192] Bluetooth: hci2: Injecting HCI hardware error event [ 1963.861089][T14192] Bluetooth: hci2: hardware error 0x00 [ 1964.422079][T20980] syz_tun: entered allmulticast mode [ 1964.458037][T20978] syz_tun: left allmulticast mode [ 1964.722625][T20983] netlink: 'syz.4.5300': attribute type 1 has an invalid length. [ 1964.740762][T20983] netlink: 76 bytes leftover after parsing attributes in process `syz.4.5300'. [ 1964.832811][T20987] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5300'. [ 1965.296987][ T30] audit: type=1326 audit(1751352953.203:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.433318][ T30] audit: type=1326 audit(1751352953.233:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.456766][ T30] audit: type=1326 audit(1751352953.233:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.479688][ T30] audit: type=1326 audit(1751352953.243:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.502983][ T30] audit: type=1326 audit(1751352953.243:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.525923][ T30] audit: type=1326 audit(1751352953.243:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.550660][ T30] audit: type=1326 audit(1751352953.243:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.573787][ T30] audit: type=1326 audit(1751352953.243:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1965.596847][ T30] audit: type=1326 audit(1751352953.243:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1858b8e963 code=0x7ffc0000 [ 1965.619571][ T30] audit: type=1326 audit(1751352953.283:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20991 comm="syz.6.5303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1858b8e963 code=0x7ffc0000 [ 1966.051349][T14192] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1966.648124][T21002] netlink: 'syz.7.5307': attribute type 4 has an invalid length. [ 1966.858498][T21002] netlink: 'syz.7.5307': attribute type 4 has an invalid length. [ 1968.095711][T21014] netlink: 'syz.4.5310': attribute type 4 has an invalid length. [ 1968.213788][T21017] syz_tun: entered allmulticast mode [ 1968.263314][T21014] netlink: 'syz.4.5310': attribute type 4 has an invalid length. [ 1968.363375][T21013] syz_tun: left allmulticast mode [ 1970.120527][T21036] netlink: 'syz.8.5320': attribute type 1 has an invalid length. [ 1970.164103][T21036] netlink: 76 bytes leftover after parsing attributes in process `syz.8.5320'. [ 1971.089428][T21036] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5320'. [ 1971.105930][T21044] netlink: 'syz.7.5322': attribute type 4 has an invalid length. [ 1971.234160][T21047] netlink: 'syz.7.5322': attribute type 4 has an invalid length. [ 1973.040145][T21068] fuse: Bad value for 'fd' [ 1976.736726][T21104] fuse: Bad value for 'fd' [ 1977.110915][T21099] Process accounting resumed [ 1985.086916][T21169] sp0: Synchronizing with TNC [ 1988.593021][T21183] loop4: detected capacity change from 0 to 2048 [ 1988.702948][T21183] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1988.871703][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 1988.871777][ T30] audit: type=1326 audit(1751352976.773:2498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1988.984645][ T30] audit: type=1326 audit(1751352976.823:2499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1989.007558][ T30] audit: type=1326 audit(1751352976.823:2500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1989.031043][ T30] audit: type=1326 audit(1751352976.823:2501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1989.054492][ T30] audit: type=1326 audit(1751352976.823:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1989.077475][ T30] audit: type=1326 audit(1751352976.823:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0bfe18e929 code=0x7ffc0000 [ 1989.102808][ T30] audit: type=1326 audit(1751352976.823:2504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0bfe18e963 code=0x7ffc0000 [ 1989.126076][ T30] audit: type=1326 audit(1751352976.823:2505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0bfe18d3df code=0x7ffc0000 [ 1989.148814][ T30] audit: type=1326 audit(1751352976.963:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0bfe18e9b7 code=0x7ffc0000 [ 1989.171754][ T30] audit: type=1326 audit(1751352977.063:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21181 comm="syz.4.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0bfe18d290 code=0x7ffc0000 [ 1989.308396][ T5849] Process accounting resumed [ 1991.403495][T21199] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5384'. [ 1993.927480][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 1993.927555][ T30] audit: type=1326 audit(1751352981.833:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.052421][ T30] audit: type=1326 audit(1751352981.863:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.076504][ T30] audit: type=1326 audit(1751352981.863:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1858b8d290 code=0x7ffc0000 [ 1994.102277][ T30] audit: type=1326 audit(1751352981.873:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1858b8d290 code=0x7ffc0000 [ 1994.125714][ T30] audit: type=1326 audit(1751352981.873:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.148876][ T30] audit: type=1326 audit(1751352981.873:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.172274][ T30] audit: type=1326 audit(1751352981.893:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.195746][ T30] audit: type=1326 audit(1751352981.903:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.220195][ T30] audit: type=1326 audit(1751352981.903:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1858b8e929 code=0x7ffc0000 [ 1994.243696][ T30] audit: type=1326 audit(1751352981.913:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21231 comm="syz.6.5397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1858b90847 code=0x7ffc0000 [ 1994.344429][T21239] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5400'. [ 1994.773516][T21246] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5404'. [ 1994.784473][T21246] netlink: 36 bytes leftover after parsing attributes in process `syz.8.5404'. [ 1995.602831][T18692] usb 8-1: new high-speed USB device number 34 using dummy_hcd [ 1995.791747][T18692] usb 8-1: Using ep0 maxpacket: 16 [ 1995.820080][T18692] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1995.830607][T18692] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1995.905050][T18692] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1995.914709][T18692] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1995.923459][T18692] usb 8-1: Product: syz [ 1995.927853][T18692] usb 8-1: Manufacturer: syz [ 1995.932790][T18692] usb 8-1: SerialNumber: syz [ 1996.232568][T18692] usb 8-1: 0:2 : does not exist [ 1996.318646][T18692] usb 8-1: 5:0: failed to get current value for ch 0 (-22) [ 1996.408789][T18692] usb 8-1: USB disconnect, device number 34 [ 1997.159585][T21277] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5415'. [ 1999.020035][T21303] loop7: detected capacity change from 0 to 2048 [ 1999.125507][T21303] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 2000.255041][ T30] kauditd_printk_skb: 32 callbacks suppressed [ 2000.255126][ T30] audit: type=1326 audit(1751352988.163:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26ab58e929 code=0x7ffc0000 [ 2000.284740][ T30] audit: type=1326 audit(1751352988.163:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.307585][ T30] audit: type=1326 audit(1751352988.163:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.330519][ T30] audit: type=1326 audit(1751352988.163:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.355453][ T30] audit: type=1326 audit(1751352988.163:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.378505][ T30] audit: type=1326 audit(1751352988.163:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.401321][ T30] audit: type=1326 audit(1751352988.163:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.424250][ T30] audit: type=1326 audit(1751352988.163:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.447089][ T30] audit: type=1326 audit(1751352988.163:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.471786][ T30] audit: type=1326 audit(1751352988.163:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21302 comm="syz.7.5425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f26ab52ab19 code=0x7ffc0000 [ 2000.637831][T21315] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5429'. [ 2002.221165][T21333] loop4: detected capacity change from 0 to 4096 [ 2002.588051][T21344] overlay: ./bus is not a directory [ 2002.733325][T21346] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5441'. [ 2003.109670][T21333] loop4: detected capacity change from 0 to 4096 [ 2003.318736][T21333] loop4: detected capacity change from 0 to 256 [ 2003.355852][T21333] vfat: Unknown parameter 'tz”UTC' [ 2003.681676][T18692] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 2003.887350][T18692] usb 5-1: config 252 has an invalid descriptor of length 0, skipping remainder of the config [ 2003.920784][T18692] usb 5-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=46.29 [ 2003.932412][T18692] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2003.940660][T18692] usb 5-1: Product: syz [ 2003.945623][T18692] usb 5-1: Manufacturer: syz [ 2003.950445][T18692] usb 5-1: SerialNumber: syz [ 2004.064411][T18692] bfusb 5-1:252.0: probe with driver bfusb failed with error -5 [ 2004.263324][T18692] usb 5-1: USB disconnect, device number 15 [ 2005.273862][ T30] kauditd_printk_skb: 542 callbacks suppressed [ 2005.273936][ T30] audit: type=1326 audit(1751352993.183:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.385638][ T30] audit: type=1326 audit(1751352993.213:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.409494][ T30] audit: type=1326 audit(1751352993.223:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.432576][ T30] audit: type=1326 audit(1751352993.223:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.455530][ T30] audit: type=1326 audit(1751352993.223:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.479764][ T30] audit: type=1326 audit(1751352993.223:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.502922][ T30] audit: type=1326 audit(1751352993.223:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.525821][ T30] audit: type=1326 audit(1751352993.223:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.548616][ T30] audit: type=1326 audit(1751352993.223:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2005.573536][ T30] audit: type=1326 audit(1751352993.223:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21359 comm="syz.5.5448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f208a12ab19 code=0x7ffc0000 [ 2006.040981][ T5849] usb 8-1: new high-speed USB device number 35 using dummy_hcd [ 2006.202500][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 2006.213003][ T5849] usb 8-1: Using ep0 maxpacket: 16 [ 2006.288479][ T5849] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2006.298958][ T5849] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 2006.403141][ T5849] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 2006.412660][ T5849] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2006.420899][ T5849] usb 8-1: Product: syz [ 2006.425554][ T5849] usb 8-1: Manufacturer: syz [ 2006.430366][ T5849] usb 8-1: SerialNumber: syz [ 2006.773116][ T5849] usb 8-1: 0:2 : does not exist [ 2006.877149][ T5849] usb 8-1: 5:0: failed to get current value for ch 0 (-22) [ 2006.991908][ T5849] usb 8-1: USB disconnect, device number 35 [ 2007.138692][T21382] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5454'. [ 2010.262185][T18692] IPVS: starting estimator thread 0... [ 2010.361817][T21414] IPVS: using max 240 ests per chain, 12000 per kthread [ 2010.854538][ T30] kauditd_printk_skb: 218 callbacks suppressed [ 2010.854620][ T30] audit: type=1326 audit(1751352998.763:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2010.883999][ T30] audit: type=1326 audit(1751352998.763:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2010.908358][ T30] audit: type=1326 audit(1751352998.763:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2010.931550][ T30] audit: type=1326 audit(1751352998.763:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2010.955320][ T30] audit: type=1326 audit(1751352998.763:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2010.978175][ T30] audit: type=1326 audit(1751352998.763:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2011.002623][ T30] audit: type=1326 audit(1751352998.763:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2011.025821][ T30] audit: type=1326 audit(1751352998.763:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2011.048650][ T30] audit: type=1326 audit(1751352998.763:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2011.071945][ T30] audit: type=1326 audit(1751352998.763:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21407 comm="syz.6.5465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1858b2ab19 code=0x7ffc0000 [ 2011.511993][T21420] loop7: detected capacity change from 0 to 2048 [ 2011.552487][T21420] EXT4-fs: Ignoring removed bh option [ 2011.652242][T21420] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2011.846575][T21420] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 2011.968093][T21420] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 2011.981009][T21420] EXT4-fs (loop7): This should not happen!! Data will be lost [ 2011.981009][T21420] [ 2011.991013][T21420] EXT4-fs (loop7): Total free blocks count 0 [ 2011.997393][T21420] EXT4-fs (loop7): Free/Dirty block details [ 2012.003747][T21420] EXT4-fs (loop7): free_blocks=2415919104 [ 2012.009693][T21420] EXT4-fs (loop7): dirty_blocks=16 [ 2012.015185][T21420] EXT4-fs (loop7): Block reservation details [ 2012.023973][T21420] EXT4-fs (loop7): i_reserved_data_blocks=1 [ 2012.157500][T21422] loop4: detected capacity change from 0 to 40427 [ 2012.452040][T21422] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 2012.740047][T14862] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28 [ 2013.323556][T21437] loop7: detected capacity change from 0 to 128 [ 2013.344363][T21437] vfat: Bad value for 'gid' [ 2013.349140][T21437] vfat: Bad value for 'gid' [ 2014.109094][T21446] netlink: 'syz.5.5476': attribute type 4 has an invalid length. [ 2015.892749][T21471] netlink: 892 bytes leftover after parsing attributes in process `syz.6.5487'. [ 2019.483256][T21486] random: crng reseeded on system resumption [ 2021.099191][T21504] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 2024.019595][T21527] netlink: 'syz.7.5507': attribute type 4 has an invalid length. [ 2024.184087][T21535] random: crng reseeded on system resumption [ 2024.230785][T21534] fuse: Bad value for 'fd' [ 2027.679374][T21552] ===================================================== [ 2027.690390][T21552] BUG: KMSAN: uninit-value in sctp_assoc_bh_rcv+0x34e/0xbc0 [ 2027.698126][T21552] sctp_assoc_bh_rcv+0x34e/0xbc0 [ 2027.703461][T21552] sctp_inq_push+0x2a6/0x350 [ 2027.708286][T21552] sctp_backlog_rcv+0x3c7/0xda0 [ 2027.713471][T21552] sk_backlog_rcv+0x13f/0x420 [ 2027.718360][T21552] __release_sock+0x1d3/0x330 [ 2027.723403][T21552] release_sock+0x6b/0x270 [ 2027.728029][T21552] sctp_wait_for_connect+0x458/0x820 [ 2027.734005][T21552] sctp_sendmsg_to_asoc+0x223a/0x2260 [ 2027.739567][T21552] sctp_sendmsg+0x3910/0x49f0 [ 2027.744593][T21552] inet_sendmsg+0x269/0x2a0 [ 2027.749322][T21552] __sock_sendmsg+0x278/0x3d0 [ 2027.754424][T21552] __sys_sendto+0x593/0x720 [ 2027.759194][T21552] __x64_sys_sendto+0x130/0x200 [ 2027.764426][T21552] x64_sys_call+0x3c0b/0x3db0 [ 2027.769378][T21552] do_syscall_64+0xd9/0x210 [ 2027.774191][T21552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2027.780305][T21552] [ 2027.783246][T21552] Uninit was created at: [ 2027.787735][T21552] __kmalloc_node_track_caller_noprof+0x96d/0x12f0 [ 2027.796919][T21552] kmalloc_reserve+0x22f/0x4b0 [ 2027.802308][T21552] __alloc_skb+0x347/0x7d0 [ 2027.806951][T21552] sctp_packet_transmit+0x18a1/0x46d0 [ 2027.812739][T21552] sctp_outq_flush+0x1c7d/0x67c0 [ 2027.817890][T21552] sctp_outq_uncork+0x9e/0xc0 [ 2027.823011][T21552] sctp_do_sm+0x8c8e/0x9720 [ 2027.827762][T21552] sctp_assoc_bh_rcv+0x88b/0xbc0 [ 2027.833080][T21552] sctp_inq_push+0x2a6/0x350 [ 2027.837912][T21552] sctp_backlog_rcv+0x3c7/0xda0 [ 2027.843112][T21552] sk_backlog_rcv+0x13f/0x420 [ 2027.848052][T21552] __release_sock+0x1d3/0x330 [ 2027.853094][T21552] release_sock+0x6b/0x270 [ 2027.857762][T21552] sctp_wait_for_connect+0x458/0x820 [ 2027.863405][T21552] sctp_sendmsg_to_asoc+0x223a/0x2260 [ 2027.869020][T21552] sctp_sendmsg+0x3910/0x49f0 [ 2027.874393][T21552] inet_sendmsg+0x269/0x2a0 [ 2027.879125][T21552] __sock_sendmsg+0x278/0x3d0 [ 2027.884203][T21552] __sys_sendto+0x593/0x720 [ 2027.888978][T21552] __x64_sys_sendto+0x130/0x200 [ 2027.896551][T21552] x64_sys_call+0x3c0b/0x3db0 [ 2027.901948][T21552] do_syscall_64+0xd9/0x210 [ 2027.906678][T21552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2027.912960][T21552] [ 2027.915434][T21552] CPU: 0 UID: 0 PID: 21552 Comm: syz.4.5517 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(undef) [ 2027.928087][T21552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2027.938550][T21552] ===================================================== [ 2027.945721][T21552] Disabling lock debugging due to kernel taint [ 2027.952142][T21552] Kernel panic - not syncing: kmsan.panic set ... [ 2027.958722][T21552] CPU: 0 UID: 0 PID: 21552 Comm: syz.4.5517 Tainted: G B 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(undef) [ 2027.972674][T21552] Tainted: [B]=BAD_PAGE [ 2027.976950][T21552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 2027.987169][T21552] Call Trace: [ 2027.990557][T21552] [ 2027.993603][T21552] __dump_stack+0x26/0x30 [ 2027.998153][T21552] dump_stack_lvl+0x53/0x270 [ 2028.002931][T21552] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 2028.008961][T21552] dump_stack+0x1e/0x25 [ 2028.013319][T21552] panic+0x4bd/0xd50 [ 2028.017474][T21552] kmsan_report+0x31c/0x320 [ 2028.022185][T21552] ? __msan_warning+0x1b/0x30 [ 2028.027048][T21552] ? sctp_assoc_bh_rcv+0x34e/0xbc0 [ 2028.032368][T21552] ? sctp_inq_push+0x2a6/0x350 [ 2028.037320][T21552] ? sctp_backlog_rcv+0x3c7/0xda0 [ 2028.042555][T21552] ? sk_backlog_rcv+0x13f/0x420 [ 2028.047626][T21552] ? __release_sock+0x1d3/0x330 [ 2028.052658][T21552] ? release_sock+0x6b/0x270 [ 2028.057458][T21552] ? sctp_wait_for_connect+0x458/0x820 [ 2028.063107][T21552] ? sctp_sendmsg_to_asoc+0x223a/0x2260 [ 2028.068820][T21552] ? sctp_sendmsg+0x3910/0x49f0 [ 2028.073827][T21552] ? inet_sendmsg+0x269/0x2a0 [ 2028.078661][T21552] ? __sock_sendmsg+0x278/0x3d0 [ 2028.083686][T21552] ? __sys_sendto+0x593/0x720 [ 2028.088550][T21552] ? __x64_sys_sendto+0x130/0x200 [ 2028.093781][T21552] ? x64_sys_call+0x3c0b/0x3db0 [ 2028.098843][T21552] ? do_syscall_64+0xd9/0x210 [ 2028.103689][T21552] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2028.109931][T21552] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 2028.116457][T21552] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 2028.122715][T21552] ? kmsan_get_metadata+0xfb/0x160 [ 2028.128028][T21552] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 2028.134043][T21552] ? kmsan_get_metadata+0xfb/0x160 [ 2028.139358][T21552] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 2028.145396][T21552] ? sctp_inq_pop+0x15ea/0x19e0 [ 2028.150475][T21552] ? kmsan_get_metadata+0xfb/0x160 [ 2028.155801][T21552] __msan_warning+0x1b/0x30 [ 2028.160497][T21552] sctp_assoc_bh_rcv+0x34e/0xbc0 [ 2028.165670][T21552] ? __pfx_sctp_assoc_bh_rcv+0x10/0x10 [ 2028.171315][T21552] sctp_inq_push+0x2a6/0x350 [ 2028.176104][T21552] sctp_backlog_rcv+0x3c7/0xda0 [ 2028.181137][T21552] ? kmsan_get_metadata+0xfb/0x160 [ 2028.186478][T21552] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 2028.192028][T21552] sk_backlog_rcv+0x13f/0x420 [ 2028.196904][T21552] __release_sock+0x1d3/0x330 [ 2028.201772][T21552] release_sock+0x6b/0x270 [ 2028.206393][T21552] sctp_wait_for_connect+0x458/0x820 [ 2028.211860][T21552] ? __pfx_autoremove_wake_function+0x10/0x10 [ 2028.218182][T21552] sctp_sendmsg_to_asoc+0x223a/0x2260 [ 2028.223748][T21552] ? kmsan_get_metadata+0xfb/0x160 [ 2028.229062][T21552] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 2028.235163][T21552] sctp_sendmsg+0x3910/0x49f0 [ 2028.240021][T21552] ? kmsan_save_stack_with_flags+0x60/0x60 [ 2028.246075][T21552] ? __pfx_sctp_sendmsg+0x10/0x10 [ 2028.251258][T21552] inet_sendmsg+0x269/0x2a0 [ 2028.255935][T21552] __sock_sendmsg+0x278/0x3d0 [ 2028.260805][T21552] __sys_sendto+0x593/0x720 [ 2028.265525][T21552] ? do_futex+0x3a1/0x480 [ 2028.270040][T21552] ? kmsan_get_metadata+0xfb/0x160 [ 2028.275365][T21552] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 2028.281458][T21552] __x64_sys_sendto+0x130/0x200 [ 2028.286558][T21552] x64_sys_call+0x3c0b/0x3db0 [ 2028.291459][T21552] do_syscall_64+0xd9/0x210 [ 2028.296129][T21552] ? irqentry_exit+0x16/0x60 [ 2028.300924][T21552] ? clear_bhb_loop+0x40/0x90 [ 2028.305789][T21552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2028.311854][T21552] RIP: 0033:0x7f0bfe18e929 [ 2028.316408][T21552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2028.336201][T21552] RSP: 002b:00007f0bfef9b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2028.344816][T21552] RAX: ffffffffffffffda RBX: 00007f0bfe3b6080 RCX: 00007f0bfe18e929 [ 2028.352961][T21552] RDX: 000000000000fee4 RSI: 0000200000847fff RDI: 0000000000000007 [ 2028.361065][T21552] RBP: 00007f0bfe210b39 R08: 000020000005ffe4 R09: 000000000000001c [ 2028.369190][T21552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2028.377291][T21552] R13: 0000000000000000 R14: 00007f0bfe3b6080 R15: 00007ffefb30fc98 [ 2028.385463][T21552] [ 2028.388945][T21552] Kernel Offset: disabled [ 2028.393361][T21552] Rebooting in 86400 seconds..