last executing test programs:

27.500725583s ago: executing program 4 (id=504):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf090000000000005509"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000380), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000001"], 0xfe44, 0x0)

27.305511147s ago: executing program 4 (id=506):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xffffa}, 0x2f)
r2 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f0000000180)=[{r1}], 0x1, 0x0, 0x0, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xffffa}, 0x2f)
close(r2)

26.118851486s ago: executing program 4 (id=509):
r0 = io_uring_setup(0x5, &(0x7f00000002c0))
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
bind$bt_l2cap(r2, &(0x7f0000000080), 0xe)
listen(r2, 0x0)
accept4$vsock_stream(r2, 0x0, 0x58, 0x0)
shutdown(r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

25.8071417s ago: executing program 4 (id=512):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatacow}, {@enospc_debug}, {@nossd}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000047c0)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x4c02, &(0x7f0000000140))
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x2, 0x0, &(0x7f0000000000))
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x0, 0x0)

24.041838793s ago: executing program 0 (id=517):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x83, 0x66, 0x7d, 0x10, 0x2040, 0x264, 0x4ed1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x90, 0xf1, 0x9c, 0x0, [], [{{0x9, 0x5, 0x84}}]}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000300)={0x1c, &(0x7f00000001c0)={0x0, 0x0, 0x1, "a5"}, 0x0, 0x0})

23.263327971s ago: executing program 4 (id=522):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
recvfrom$inet(r0, &(0x7f0000000180)=""/85, 0x55, 0x0, 0x0, 0x0)
close(r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

22.487499003s ago: executing program 4 (id=524):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0)
r1 = syz_io_uring_setup(0x7dca, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000004c0)={0x0, 0xec86, 0x0, 0x80000001, 0x214}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000280))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000f, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f00000002c0)=0x4000)

20.961409107s ago: executing program 0 (id=532):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000007580)=@newtaction={0x1bd8, 0x30, 0x200, 0x70bd27, 0x25dfdbfd, {}, [{0x130, 0x1, [@m_ipt={0x12c, 0x16, 0x0, 0x0, {{0x8}, {0xc8, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0xffff0001}, @TCA_IPT_TARG={0xb9, 0x6, {0x26, 'mangle\x00', 0x7, 0xfecc, "6cd863064fbf0fdfac8166b54100ea9948f3656f5c4d5dc123172a0e7da06019494531e0c7f9d9c40fed0715835876d59785e4f8a811cd4af1e17107d8181b3bd533ec1c8938be880f8baacdd6512d02643553a85c66de5250e8c7a20e47b3a00169a25f369a70a2eb40d20286cff496d91b1052c723e2bd3a6da7b0b17a6ff4d63f4fef6b576d54193e7cdfbd646e"}}]}, {0x3d, 0x6, "ae8b9746f9eba79485b9cbb5b8fecd9453e4a1b192fbd9c84adb2bca7a636ec9aaa9df655f0c05edcb932513009f85d543476338e7ce78e176"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}, {0x4}, {0x1a90, 0x1, [@m_ipt={0x1c8, 0x10, 0x0, 0x0, {{0x8}, {0x130, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8}, @TCA_IPT_TARG={0xb1, 0x6, {0x4, 'security\x00', 0x3, 0x5, "2d8400eb842f3df961fcfd8a8139bd3548ca89ffe58c9655ba18686270d3cd39f9a7646962763b8eacec027b0560b817b7f207e53e597f45d72337594db217d8f5eb49492b777dd98cdfc8b73932bd81a353321abfed56698cc12084b9ded956db149654eed308b6c5b61731bf89dff60b89fd1394b289457196890629e056f3e805db22c0fd2d"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_INDEX={0x8, 0x3, 0x3}, @TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_INDEX={0x8, 0x3, 0x6}, @TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_HOOK={0x8, 0x2, 0x4}, @TCA_IPT_INDEX={0x8, 0x3, 0x613}]}, {0x71, 0x6, "32c25fc468ee0594c63d12b3cf787edcc22cb58f47a93ae2a183f4e4cfe031b2a33188e8cbb8e21495008e201c62ba0bd1bd8d7eaeae651ed62ccffa23ab1131b2c847b3948570c179e0369e0c40f36f6e9792e5340a50a2ff79258d95cdd48543f3813ea9b2173792a7da97f4"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ipt={0x124, 0x1, 0x0, 0x0, {{0x8}, {0xc4, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xbd, 0x6, {0x5f3, 'security\x00', 0x2, 0x25, "ea9f2cac8c1aef6627dddf46924499d1fffd57734216622f24ac9c30533268e1ad975114600fa11164fdc4f3b564ca480f3f9b5cdeea8d95544ea0ada5f368187510e0c160dbbcddb38217a7966a0b5114ababf77e58bf7f9e8baa03b117eb1b3bd32f42a20b45cfa44695b0d65aa734e7db2a20edd9a771b7b882029c3d2900c0f9ac7cf598d5d3cd666c0cd626a5005b631c"}}]}, {0x39, 0x6, "f267a52d10c79b6a7150563f3f534712a6e39ad360e950d54ce9e3cdfbac5feab21927f6382c0a1fb4966c7e7cb59e07873eb4b304"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ipt={0x138, 0x1a, 0x0, 0x0, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x35, 0x6, {0xf, 'raw\x00', 0x1, 0x9, "75456c0d8f0c3946df648b"}}]}, {0xd5, 0x6, "9e832cb78a799a17f3257ea7343e505990545a4d00811c707859e12886ab48c2013ad44ed83d20b31a583389462ef26da70522f5bf43ffa4addd8de072854163d2ff2f45b02e1e1d4f62846ab13d4d009d2f80e51c79322a5e11e549043c215005cda4aea18cdfbe4e672bf088f955a56eed8a99a81b789affdd7061feffc9cf85f77704a8b318608460e3041fdab181fa5dc935b94544d31984245ab212523dab7d8bdb318c08de4de2de97e90728ead03ca89c612561904b9f95a75b176d0fcfe7a3a100e43a3e7c6dd50a7cc5a2dd72"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ipt={0x10c, 0x1, 0x0, 0x0, {{0x8}, {0x14, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_HOOK={0x8, 0x2, 0x4}]}, {0xd2, 0x6, "038a345c23e8beb80a5d8b6fd919919a53923de4266adc84f46fd17a44843fba464246a8e052caba7fb5b6d392ebe551b18f90862edd30ee51c74a144d4b61ec62ab8e3c36e02d5ffc0d1f58a16e6585304d655586cffab1a774da6d4f13757b7d76d0c32851a40a8711faef3b1685b03d00d57a88ea8b69c95a7e01e7fa2d67cc6b6482a344c061507e1cc0eac822964c32407134f3c8fd5776bc4d5b72d02c6ff02202219a78766ed47a388c8d3d47e3bfbb9aecb85393d303e4da0e04b61b7ff80b85d8572a0b377fc788ee20"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0xd99eacb8d85491fc}}}}, @m_ipt={0x8c, 0x16, 0x0, 0x0, {{0x8}, {0x4}, {0x61, 0x6, "7b2027c204301d2bc1330cb803106e6be534edeef2d917e77159bd361cff8f3585463e0f1fe7679f90a9c83639ec9dc05106963b271623c2e6fdccc042f745ef3826eaf523eb7c39abff8f11a29f568ad07a4df65c0f4d9cc0b184cb5c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ipt={0x1014, 0x3, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x80000001}]}, {0xfe1, 0x6, "0cf0626192288d400715158f360f20e5da5ce9cff2a56db975bb162bf7c8a47399d51a811ed85973f455ea0d889b11187801dfc0d1d7b72db5f62c4bb033a75b29978db7a50de9ce69ceb1d9f0080c9a1f4ac10ce658939de71e85435af85c1436256c2c4e36bb826d0651f928bdf4102a8d313a3d5aa782cf43284a622c537910b7842495d30b77eae1af36233f9f5158a350136fdd88ea75caf6c2364aa9ed78f4bf195435e66f758ce29a22870b70f829bb8d09c43b8954569bbadb06a4e9851b9392806a51d2ac20d80dde5026f50da7b41ba205e31df42e67dda968fee50a321231b0714710022ae5ee6d2db7f16a0751ac0020bb45c55523228d6644c2a94b2cdca29a649928ac06842462a69ab643d18fc08f36ad99a9837b15675c863b612ce48099194827c5cf8ca7743e7437c126be8ca6ea54622f6c6fbec59be69201eb6a299a32362f9df15ab37d9e0bdeccdc4e18f68c058f5396d46f3d3a4d0b543d89093dcf50ea4390566fc9e97e1657bfe4a3bd0b36bbf9938f410b7dafab174584cd105d8b5ddd48de66e2245effe80faf2fcc52d300d9027a9b20fdc4b1d43f0911656a8f02a955067ba97fe91f66c688ffcc25271e9142302ad7043395b139f5ea85e4624c5886b9e69c3ab0a2882b01fd659f3fc19efaeff550a9e42b2aa64350274b212d1415ce7d3912c71b441fb0f10177dd4b2a4108b0542b83b2adfe969c3946a53be9419f5b3965d3d34beb82677214b18f84bc5320e5132a66132dcc1552158afbe5b899e7bd8c692f8f8ca8bbbf21ffa8d678b601523765721907c7c41b98ad8d9f6b2024f0e8b8343fb4330778ae91f052d5f155bff7abfc402e6f77a636931ba5e3cde3902315aaf5232f2e76f7440b016f881e133d825331d8ddbdfc30ff8ba5071b2b5323f6b08ad7165c853e13818a29f9110d3d4ef68c9fb5bc199bbca1b2b2f383a8ba1d0e72e02562a50352ad87edafffd7bdb50e8b9315bfba4f922d708b6aed1ee72fc0c7ec76509108b3a574a2e8e53a164a6826acc1d409dd8a2171d51d2f94a202877c3d1521d912c1ec23d64c1826268bbbdb5d74e5d870ec692dc46490bcc423ac6d3a085bd7c29afbd7a41ca6ff23eaee66de6bedb845c1d268929ba446da21d11a2ecfd1f97009b862c26101e5a2979c41c13c1903cf232a8dc4e5e3b844a26cc3c608e780605e02b0c2f88669b29104601c57ce6b12d63ef7d6fa53fb59aeeeced0effead53d03c9e21f93440175e76d6daa4c947bf1e09db8e16fd5c8874447af06484a851932ef815c6e1c639b6f79cf501b18fbb6eb073e4dd76b0191b1bd2dbb8ab481f2a1038862231bdf6c6724bfbe96331f5ee953edd5c79e855d40cce7036d2caf00a8cc100cd756ace9246054cba87ad1c6591ed5208ca0a98153277d6dc8e27dcde6323ec713d2c5953d6c7854e7b8b68146b412a51f6971046f182645c400aff8f7eab5dee3b95ef5ad5e663258d403a0ef381908ab9e0afc5731a68dcd08cf70760cc5887eb4e2a064b785e7ff71d1a9d1ece313f9b14acbedbbcf2b23e91e01a4d6b9675390e3cf6506b5a62412e269c4744501d32ec3c86ddefe383c9e31da25bfa4bf6e06726bfc21b9ae54213374eb6f53708b6c1aa46ed037f9563ea4767f481918f6834c1fa8e4c42b47f1c55de339a193ab7c97f6ef5acd0fc7a5f21abc08664399c6d5b155b4a42525ee2dc3ad0f4066ab354d2a0bc967b29605a7501ef04c6fb70b66ba905e5ac2e3303ca7cb094dc2b2099607e1d1e1ca83fc6c09ef0bbe7641607598fa2d22d92f529e47e9015176f19f84a67c5b6ece7f37edd159c58f12929b44d1fd1849723178f9d2d0009164b0d23c4b021c15db3b795f4df83966a76c4cf2a17ec20dc3de5ae16187836e9871c8d50b282898e7f5809df07c1f41b4966c29f68993930d78baf7d4a4812cf2631fe31e9648b74b53903c92273eb61f71c55d72bedbb5ad03b0fa5ef0aed96f03cba89f8daf1ea6cdfb31df0b1795739ed59594688ae3f9999330d72f5b8677548acd72ebe54542a35e07a588ff5929fa36a5a84ce11039e688c365fa39781b735f61c49e42b394000b1b319d9f1ed3aabcab24876963a44701f797edc7d1bc357f82baf24f54a30d68497f975c55abdf2594f581b1320cd38fa347111d5985d142f2374627d8ad8db1454f4b61737482c0fbfbcb3c0a05018e96c735379b46a117f8859ed42ba6aee089a2aee00d68bb5dbb60bb56e7be461d3fb85cdd59f35805de45d8fc2fc6a65c18c793c64a727b375e0277908d70a0bc11d4a48eb4611e1770891eafe9570e28a3efcf6a6000bbb215907cfc8b002f57312bca403761ad8cc1b4a4655982b5c331605bb6275813e67c1d4713870e18af9503bbee3b9f24e9a1734027a617d2a794e5bdd8b2da08385a3289919b695585b7dc29cdf13c58ce0f03873b195cd82862e915aee8d611f5cb5df647e117c543700690e11f9a3fc5510a04bf62c9e2eb8876d006e0d84f819f3b9fc67aaca4d2b63ca938eff118672c74505eb109a2d59a6f4f7750f35cb6f457ebfa4d0e9bab74f24e8bd82ea9cfeb07c522ee900aa8eea5c781a7525217c298e3f9a70ee6eb8844abecb2bf725165ad329d216baaa2172eb41b439b53ddaed8730bc54f294493f1d8f53d3c120fedda5dd66efcb89e9d7b9a23a1570c52e96d9158221ad007fb83f050cf10e2e7fd17bc82c7c6798e95395520e7a3bea02e4076a22927dda734b8e3ca5ea920f8f19445d00b8c9ea69001230da2d1fb4ee02b16d3251ec2ca8c3966dadb25f9fb56e07b30ecef099217ef0aefdd62f1a630bddf3ce82d0dd2775397ff0dfca1ca85490d04feaf02f7228b2e2654ae7fd559c994f8b8fc5d13c2a7c2667e35631d047b20e5091e0aac883f2c0262da37be1f696570989782763b9498b792d442be8b929aaf9e5d09b6ed02816d5f82db44f4727128d725a20240dc6da93ddcd1e4c2c4d8389ca467205b1f91019891e50746e75e64a9f4fb5de9284c1d9124de4604f4f05ba953006e93df635c69cffd1dfba90657eb608b4f55c2b3357a426ef4e88841bd0ed10b59aaaa63fdc98a7e9e48b87e94411dd3b936f216bf144fb99cf6074c9668df73f66ed88f3e4cc9e07efb6924c350ac38b08b449fd77eb0e97bc7fedaf03a333776ba4ba3d6eb96d80f8bc3dcf6410c464acde22f42418affc36ad52338cf9df04f42d319cf5721d31de7dc6c8403075ea80aee6959c579981148a9f13b009b93f1f970808540867dbd4f8e1cbc5e6ea3c288a20d2d3ebba836c196948ecd60bff56f4133819db4da1e1c71ea7bb7539089cd7de391079f483c5ef921d3f2ca112a8910d35e818d6e6120628b42e531771d6d044870f2b109018ba7360f6e5cca85bd38afad00eddbd29df0ef4d5a450e7560e25b3b7b139fe825b0dbe4f7f61969e52d545a87dc5a318dcc81f8bbe5bc83ae468716bd3bdbd43b8b45900ffbbffad7fb0d6a4a782d5865690301e5921407e847cdcc6a5ec9ce49594f83b0193ad62c2578412e8b13d2d969570d1b0a3b32fabaac62e7ce7ed5273856a4bcca8aeb84130316e6002b1e03d1875c509d452508369d6868781ad4b22dbc6810a1bdfeb92dfc0c2bb0b8784c6f8d2659d366103b605b6bab3a71d49dbabef9ab57f0bba18391ea903061d8e4a0d37cabdb4337590740417e3f7f5f671976d92aca4ac304eba4484f7764a205f3e1eac04fdde3d24b775183e49a62dc41479460efee0f5c9906ab5b2a7f186ae117ce96f0c3061a45f0427153ac577528907d9a63fbeb87e24faabe4668845a96e9a31a99f85a3652c6923759b12d0666051e9d231607933f582fb8a24322cb89ffff94fb49a9232408ae8f28be224d65b4bc64e600a7e75b94378c577cc5674fb12af44b5890a8df6af2939d700c6b2b1655de1653e5dd6ea865ed565cc78da5cca7b29073b1ed9ad227669f9d11254077f02bd483a3fd8764da3248f7164de6e10d145952493359057acd152c8077275fb769914a206bdf3736f27349fda87ab10ff5e1a2be9dd0c5e3658003ccbe17d9931a9c1a860a62c69773515d673bc39d79e0796255a17e4569b1d798bd4bf73ef2766431d76452c0c7d801a1d9e0e8fd95f304b266a159b64566f35130bf0f7fd53f56e632575dd78df75b61b8c95fa447d12aedb9697b83474a0682b78d8c6adc6d3bc4716b19b1581f95bad18f91b8fa501440730bebb04ad0b1a3ceca01896e4c6f70f6e1d2c1199c6b0b5c133ca31f01636b618a32870f4b2c3f92763334a9110da54dcdfd39e2cefddf0dc8ed13d23b8aa9f23c648565a1c93a8842d345dc93728b5bbcfb051c9f83f8028a38525d824fec7bfbcb43cf38fc07406f9d7aa1164f2f7e7eab9a33f5e0f805e9ce247ab194c444db08322ef571587135ff1f6dca70dd26d1a0e7bbe390ae179e35642a305fc112bc97db3f0f8e361f84e83bae2bae681b839d7a712a7a5fe51cc92d88c5ec846d47bfce6bf249d64f949fd298fdf3c053ea33444685c8dc45d1828c2bb0828e4f39979f55cd66bad8c23038df022bedf2a50db3c2ceaea888bb7f673b1c4b1f96cce26b454ca9f89712d72629ea3e139d0c12971b754fca1ebfd1d0205f1f658b4cd215426d38b27084a3ba3d72fd4ee353d9ed4555a3a09a296fd64f431957eba0849f614c701ae573ddfbb10551924d3184843e07e4ebf61242c2dac7ed1bae7fc59984355da645683ee4b74382e7c3d78ff2d026a5c16e8010b86eec7eefc85dd99e2dd175ed533100240291158aa1a3837e2f855238d61702a6c20e4e32cac1a3d84e4b80b1c3680625800ec403ceaa21620d78069473f675e540077de7ab648908479656fad70c7c80871a100ce03c7ef6b0ef4c477eba45afc88a90b26e24b016a9d689858a6dab25a6c7cb0888a2002f02a72adde69c5fba195874719f60fa7775aa576bf48fea61edaf5e1273f99dba3346ee83d980106d192e9c94c4f6c267fe1ed680791e3fb70f874541bce924500c9ddee18bc038fb8b6860b6a85ed711274bd86b3e16943c437b179ac2f551ecbef70751aa773cc84bc545c4ae28f1df54efbbb3a6079ba11f3a38d40d7140df35ef30a9c9721b5df62aaee471f66e9f3dfc663837a1c4c9d96c91ccadc587cc6d1bb083a63054d26f9d3b17b70628e91fe8bfea8bb95cdf3a3489a9efb5d6c067c243933c0bba63a7cfeb300f89fde09b098f46f40161170b9f26fc66570eccfe288e6ce49530f7322bee54d7f87eadec2237bd8d7dd9b36a4967c7841f1c6c0a4a749123bfc1d5560688edc5208d3f3e90ed3a52ced80de5b7c09ff52ceb7b91effa3c78bdad6337da23cb6a33c7f9ac8d2d3e187952a96b0cfee08f083b08fdc6eb2c520baa5b678215847b44787a2d7348a7a3cbf9080da756636bb60299dfd5f46116ad8ddf588e9abe57b550a72958efae74719d56a289e8d2d0c0c00d44a4b9da7387d7cc002e9fc420df86834c6ea1b13e7d3c48c0e37982384be3a3e4e1acf0619788140cf2c47d7d3264e918ed3695f7843c05d7b12f78493b8a56f104d4b5fcce8c379717503829b55f5b05c578890b7af071a72ab7af178f7cce1730cafdc714c9d0038a7eff5a3ff53cae7405e19de4c9338857a680085b66ae234e6b1dd480149bb1a87c229937e75ab79afc480939d551d41a0a4797e6829aa73525512"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ipt={0x4bc, 0x13, 0x0, 0x0, {{0x8}, {0x494, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TARG={0x46b, 0x6, {0x9, 'raw\x00', 0x4, 0xfff9, "6853f2eadd99328be2c2b2532e8a34ed75345604cad453f93111b402d716778c7b131aa21e11f6d0affcd4cdb16f5d3cb8f148d8772df1f13e0103ed10d244c87db1d85cd913b0aef46bcb87acd986f9b61dffb5da96a84854a467f320b16c8e6ac561f39a5762ebaca7d79029f9bdea34c95572cc4d20c52485ef7bc11e2c728c0b36f6d9621448696e328e6d7315f5ed03b426bd860085f2d0b2e3843b39d8d21cf5a09d185d72da4367c296291efcfa73c5005c3035b335b8055cf7679ec70507bbcbf0c768716ab20b65209b21173649bd3536c21bb293f541870254be28747ac206fceb3bab21c0e7293fe1c116bca21122e12bfd1cf684e73ba969e64573592620b426fef1c111b460532813e59c3742fbdb614ac16851747873e930ea66968d9eb9125bf5d0669c2f3f97a7f867f079515d7f3b94ce0e43e638894d52c5a29c2e53cd376487ccfbea352aa8aff11c3f0568e61485f83f0873c0295646fba01a42c3d3fedc0e3ebf7adbf376f99da15e85785891a139c677ddaaa17afeb960112c45f29cb153f8ee4ef305df8aed9e02bb8992088459b6ba925a55368f67630637c1127cb0e14958429a3343544b7d97e61994e53ee6e6f24433e3c71e34a263baa45b83ff9a76161e3b43fad64d8070bb51a7324ba55063e8ad22e5dd32be0be7c8b438c72b42b9c11aa0a9dc6a151f3c856515e61f7415fa36ca22426cf799d16bc47e2d3b8531fbcbfd4d2f1bf1ca669e46ce8d804f5a73e634bac625582c144fcd4f98b9dc19cc1846fe411e90407106704b0e095479906f77f8cd00897fd697c056bfd8422cd1f64980043c2fb387aca9c6764505988ed384151002e3071c9f9b71f747ab9237fdf417cb7b52a4e41616cc30eec3419691527ff10cb7437c966e29409d0e94284d08de33ef0238895937e3dab257e6ff2138ce5c3cc6fbdccf3a40fdef243e666ce04eecac6619e1cd695ad154483d78f307c2ad1aac70313d7c8091e6bd771c3ef1cdfbe889152f08c421a88489f1d83d67b586e18376491e66ef9bb9d8ded05bc217d3e1e7e4c96dc8392b97dd253efd54787cf85fb6bc54e2d7ef298737ac2354c61db531f7f501a078b3e641e2286269c55236d6bdbb2e07b8393f8bb47b0f084cf110e28d62d76b7fe38dfb641c21d76f72bce1973c5d411c6ccef17eb871318db47011ac610194dd4d43bf7dd63bdd8ff35d635068aeab9a8887fa65ecb6e66ab14745dee27eea5dd949bc2306202ddf7e6108f05df7720c9c968af2802d384ae6e28608a1fcd103f74fe0f5ccb19a5aa3d58c308b56909c6aa7ae421b29cae7bf797bcb64c2e4c0393cf898fe8fc2274a8cc6a9dcb5cc46691013c3196c6a005f4f7832e88acf1dba585d9b22beb8ef875bfab65b21a47574a073d8e5de1df1a325e43e00db26ea4852746b392691517e36e81ea5dbea791b74f020c07241a9c3f98f46d0513a20bed61ccc6a8fea73fbc019ec9c51859f122afd601d6b5d4012d3a6910e6260525d89a374619df4e57fb0"}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x1bd8}, 0x1, 0x0, 0x0, 0x4c040}, 0x40000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20.577725578s ago: executing program 0 (id=536):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000000cc0)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00000000000000014905d408cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000"], 0x1, 0x266, &(0x7f0000000340)="$eJzs281OE1EYxvGHDwVBmCqKgjG+0Y1uJlCvoCGQGJtokBo/EpNBptp0aEmnwdQYYefW6yAu3ZkYb4CNV+DCHRuXLIxjmKnQlhrDQiba/29zXnJ4mnP6njZn0dl58Ha1XAzdoldXf59pUNrUrpRRvwaU6GuO/XF9Uq02dWMi/+XyvYePbufy+flFs4Xc0s2smY1f+fji1burn+qj99+PfxjSdubJzrfs1+3J7amdH0vPS6GVQqtU6+bZcrVa95YD31ZKYdk1uxv4XuhbqRL6tbb5YlBdW2uYV1kZG1mr+WFoXqVhZb9h9arVaw3znnmlirmua2Mjwp8UthYXvVzaq8DfVavlvDlJ04dmClupLAgAAKSK+38v4/7fC/bu/4+bn9923P8BAAAAAAAAAAAAAAAAAAAAAPgX7EaRE0WR82s8IcVP+ETNv09JGpE0Kum0pDFJ45IcSRlJZySdlTQh6Zyk85ImJV2QdFHSVMtrpb1XHEb/exv97230v7e1PLg7LK2+WS+sF5Ixmc8VVVIgXzNy9D3uZVNSL9zKz89YLKNLqxvN/MZ6YaA9Pytn78B0y88meWvPD8Xnbj+flbN3wLrls13zw7p+rSXvytHnp6oq0Ep8Jg/yr2fN5u7kO/LT8f/971zb17V/rvu7+SR/hPPR8f4Oanow3b1DChsvy14Q+DUKCgqK/SLtbyYch4Omp70SAAAAAAAAAAAAAAAAAMBRHMfPCdPeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnX4GAAD//5KSYE0=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x2, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x275a, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)

20.342827631s ago: executing program 0 (id=537):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x42, &(0x7f00000000c0)=ANY=[@ANYBLOB="6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f646174612c6469736361726400aa19fd46b492dc6cf59d696e6c696e655f64656e7472792c00"], 0x1, 0x54f3, &(0x7f000000ab40)="$eJzs3M9rI+UbAPAn7XZ/f/dbRNDbDixCC5uw6XYXvVXdxR/Ypfjj4EnTZBqym2RKk6a1Jw8exYP/iSh48ujf4MGzt8WD4k1QMjPRrSgITRu7/Xxg8sz75s0zz5tD4ZkpCeDMWkx++akS1+JSRMxHxNWI/LxSHrm1IjwfEdcjYu6Jo1LO/zFxPiIuR8S1cfIiZ6V86/Oboxt3fnzz52++u3Duyhdffz+7XQOz9kJE9LaL871eEbN2ER+W841RJ4+91VEZizd6j8pxVsS9dDPPsNeYrGvk8Xa7WJ9t7w7GcavbaI5ju7OVz2/3iwsORu1JnvwDDxs7+biVbuaxM8jy2D4o6to/KP62HQyGRZ5Wme+jPH0Mh5NYzKf7abGf7Ud5bPaH5XyRN2ul++M4KmN5uWhm3VZex+ZRvun/trc6/d39ZJTuDDpZP7lTq79Yq9+t1neyVjpMV6uNXuvuarLU7o6XVYdpo7fWzrJ2N601s95ystRuNqv1erJ0L93sNPpJvV67XbtVvbNcnt1MXnvwXtJtJUvj+EqnvzvsdAfJVraTFJ9YTlZqt19aTm7Uk3fWN5KNt+/fX99494N77z94ef2NV8tFh8t6nK4mSyu3Vlaq9VvVlfryGdr/J2XRU9w/HEll1gUAnD76f2AWTnv/H/r/qThV/e+krLPa/x/D/uFI9P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfWDwtfvp6fLBbjK+X8/8qpZ8pxJSLmIuK3vzEf5w/lnC/zLPzD+oW/1PBtJfIM42tcKI/LEbFWHr/+/7i/BQAAAHh6ffXx9c+Kbr14WZx1QZyk4qbN3NUPp5SvEhELi4+nlG1u/PLslJLFcxFxLvanlC2/gXVxSsmKW27nppXtX5k/FC4+ESpFmDvRcgAAgBNxuBM42S4EAACAk/TprAtgNioxeZQ5eRac/+f9nw8ELx0aAQAAAKdQZdYFAAAAAMcu7//9/h8AAAA83Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n535yUoeiOACfFvoe74+RGOduxRkswyU4dGhYgJtgCbgFN8AacOYSDBjaEq3BxKS3bSTfl7SX25Afp4TJuZcUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuvRcrOaP91cPbXO2u3bS3A0AAABwzKZYzcsX02r+r75+Vl+6qOdZROQRcax3H8WvRuaozim+eH/xqYaniDJh/xm/6+NvRFzXx+t5198CAAAAnK71YjmruvXqNB26IPpULdrk/28S5WURUUxfEqXl+9NlorDy9z2Ou0Rp5QLWJFFYteQ2TpX2LaPGMPkwZNWQ91oOAADQi2Yn0G8XAgAAQJ9uhy6AYWRx2Mo87AWX/7x/3xD805gBAAAAP1A2dAEAAABA58r+3/P/AAAA4LRVz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS5tiNV8vlrO2OdtdO2nuBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Y3/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbWXj0owYN/ghDSbY1u/dHmYEsRcvEmOfciehQRlHjr/9BzC73UWw57iCAeI/MrmfwAt4TMbJLPB9687w6bed83CSHfeS8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZfLATJ9mhV8Rxee7R5r2lrH+8p888WHsyn7UsjppM+nh4vf4i6reXCAAAAKdHUtX3IYSn6fpC1se9vP5Pq/dkNf9PLxZxVc/vrfurvqr9s/bnHxuvbg/UK8bJLnp9eTy6sD+VztHNckb8u1XYc/ql//3CTn7n82cvSf4NiT9efWWS5vcz+uHhww+7eXjmqBIHAA7rfNWXQfX3UNYP20wMgFOjUyu8q/o/6bWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEATJqvh+SqOQgjznZ0483jz3tJB/YO1J/NVu3L//lr9mtkl0hDC9eXx6EKDc5l1t+/c/WJxPB7daj54I4TQ3uhl8OkU7wmhzQwFhw3i8md9VvI5HkHLv5gAADhx0rJldf3TdH0hOxfNhbD18+76/+1aHKas/zc+u/KoPla9/h82NsPZN1i5+fXg9p277y7fXLwxujH68r2Lw/eHl65evnx1kD8rGXhiAgAAwOF0y1av/+O5/ev/52pxmLL+/+bH4Xf1sRL1/4F2Fv3azgQAAOB0e/nNf/6ODjgfdbvh28WVlVvD4rj9+mJxbCHVZ3ambPX6P5lrOysAAACgCZPVaNf6/7VaHKZc/3/hl9d+q18zCSGcLdf/zy99Nb7W3HRmWhP/Ttz2HAEAAGjX2bLV1//TfP9/vL3lIQ4hvPNWEZcfAzhV/Z989P2v9bHq+/8vNTfFmRT3i/uR9/0QOv22MwIAAOAke65sWbH/V7q+8Pnv5z7p2v8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LT/AgAA//8Yl0ni")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff)
lseek(r0, 0xfffffffffffffffd, 0x3)

18.898746579s ago: executing program 0 (id=544):
prlimit64(0x0, 0xe, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="8400000019001fb2b9409b0d1b809ac00a80a578020000020004000023", 0x1d, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)="130014", 0x3, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x6, @mcast1}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="9000000019001f15b9409b0d1b849ac002", 0x11, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)='\'\x00\x00\x00!', 0x5, 0x0, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

15.486105353s ago: executing program 0 (id=565):
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x5, 0xe}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x5, 0x1ff, 0xffffffff, 0x10000, 0x4}, 0x2, 0x0, 0x6580, 0x0, 0x2, 0x3, 0x1d, 0x2, 0x0, 0xff, {0x5, 0x3, 0x6, 0x5, 0xa, 0x4}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x24, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xb}}}, 0x24}}, 0x0)

13.477855656s ago: executing program 1 (id=575):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_submit(r0, 0x0, 0x0)
read(r1, &(0x7f0000001600)=""/233, 0xe9)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000040), 0x0, 0x4)
ioctl$UFFDIO_COPY(r1, 0x8010aa02, &(0x7f0000000400)={&(0x7f0000272000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x4000})

12.415888138s ago: executing program 1 (id=576):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000140)={0x100, r1}, 0x0)
landlock_restrict_self(r0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
mknod$loop(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0\x00')

12.268774606s ago: executing program 1 (id=577):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000340), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x28011, r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r0, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@map=r2, 0x26, 0x0, 0x0, &(0x7f0000001440)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)

12.214752658s ago: executing program 1 (id=578):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

10.440776788s ago: executing program 2 (id=586):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x22020600)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0xf0b940fd3e14b4a, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @value}, 0x48)

10.388262911s ago: executing program 3 (id=587):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000000)='map_files\x00')
setreuid(0xffffffffffffffff, 0xee00)
setfsuid(0x0)
unlinkat(r2, &(0x7f0000000200)='./file0\x00', 0x0)

10.29834853s ago: executing program 2 (id=588):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5400201fd6eb4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1de50cfd84f94266b87610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a100000000899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c099a6f7594c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824bdadc0522251203aa6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f050d8986a8ccf6405e611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a18971b6389a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a48480900000097b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9717b4112c9e54cbfa504000000d42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5e46a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e3e1052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad621ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000, 0x10}}}, 0x0, 0x0, 0x0, 0x0})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000e00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
mount$fuseblk(0x0, &(0x7f00000000c0)='./file0/../file0/file0\x00', 0x0, 0x40, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1}, 0x50)

10.106629129s ago: executing program 3 (id=589):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x3, 0x0, 0xce})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

10.037788743s ago: executing program 2 (id=590):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
setxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)

10.007336111s ago: executing program 3 (id=591):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x229, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15)

9.857868409s ago: executing program 2 (id=592):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000100)={0x84, @remote, 0x0, 0x0, 'dh\x00'}, 0x2c)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = syz_io_uring_setup(0x690b, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000009200)=[@in={0x2, 0x0, @remote}], 0x10)

9.564299506s ago: executing program 2 (id=593):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000035c0)={0x0, 0x3}, 0x8)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x1}], 0x1)

9.502964001s ago: executing program 3 (id=594):
r0 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r2, &(0x7f0000001a80)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}], 0x1, 0x240080e4)
close(r2)

9.413780172s ago: executing program 3 (id=595):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000008000000f7fffff700"})
r1 = syz_open_pts(r0, 0x0)
r2 = syz_io_uring_setup(0x189d, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x6256, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000280)=0x3)

9.347543944s ago: executing program 1 (id=596):
unshare(0x22040400)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
shutdown(r0, 0x2000000)

9.307445113s ago: executing program 3 (id=597):
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x46}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
unlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

9.26147715s ago: executing program 2 (id=598):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079100000000000007b0a00ff000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740))
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1}, 0x0, 0x0}, 0x20)
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})

0s ago: executing program 1 (id=599):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000180)=0x9, 0x4)
sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004044}, 0x8840)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)

kernel console output (not intermixed with test programs):

bitmap corrupt.
[  157.087119][ T6597] loop3: detected capacity change from 0 to 128
[  157.147454][ T6587] EXT4-fs (loop2): Remounting filesystem read-only
[  157.219703][ T6249] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.444648][   T11] kworker/u8:0: attempt to access beyond end of device
[  157.444648][   T11] loop3: rw=1, sector=145, nr_sectors = 664 limit=128
[  157.516923][ T6574] loop0: detected capacity change from 0 to 32768
[  157.714986][ T6574] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  157.771846][ T6574] XFS (loop0): Ending clean mount
[  157.845229][ T6621] loop3: detected capacity change from 0 to 2048
[  157.880785][ T6621] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  157.991832][   T29] audit: type=1800 audit(1729069873.906:14): pid=6621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.214" name="file1" dev="loop3" ino=1346 res=0 errno=0
[  158.020255][   T29] audit: type=1800 audit(1729069873.906:15): pid=6621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.214" name="file1" dev="loop3" ino=1346 res=0 errno=0
[  158.173668][ T6315] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  158.208793][ T6624] loop3: detected capacity change from 0 to 2048
[  158.313310][ T6606] loop2: detected capacity change from 0 to 32768
[  158.478527][ T6624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.496796][ T6624] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.510682][ T6606] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.727982][ T6606] XFS (loop2): Ending clean mount
[  158.768606][ T6624] fs-verity: sha512 using implementation "sha512-avx2"
[  158.815127][ T6624] fs-verity (loop3, inode 13): Error -28 writing Merkle tree block 1
[  158.826565][ T6624] fs-verity (loop3, inode 13): Error -28 building Merkle tree
[  158.869009][ T6249] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.878685][ T6629] loop0: detected capacity change from 0 to 40427
[  158.903838][ T6629] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  158.912585][ T6629] F2FS-fs (loop0): Image doesn't support compression
[  158.919504][ T6629] F2FS-fs (loop0): Image doesn't support compression
[  158.922955][ T6320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.946759][ T6629] F2FS-fs (loop0): invalid crc value
[  159.090901][ T6642] loop3: detected capacity change from 0 to 512
[  159.097705][ T6629] F2FS-fs (loop0): Found nat_bits in checkpoint
[  159.187022][ T6642] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.219: corrupted in-inode xattr: invalid ea_ino
[  159.219123][ T6642] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.219: couldn't read orphan inode 15 (err -117)
[  159.249100][ T6642] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.309285][ T6320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.377624][ T6629] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  159.445759][   T29] audit: type=1800 audit(1729069875.366:16): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.216" name="bus" dev="loop0" ino=10 res=0 errno=0
[  159.463353][ T6629] syz.0.216: attempt to access beyond end of device
[  159.463353][ T6629] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  159.479703][ T6647] loop3: detected capacity change from 0 to 2048
[  159.509820][ T6629] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x4f6/0x1ca0
[  159.511514][   T29] audit: type=1804 audit(1729069875.416:17): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.216" name="/newroot/1/bus/bus" dev="loop0" ino=10 res=1 errno=0
[  159.523311][ T6629] F2FS-fs (loop0): invalid blkaddr: 9729, type: 6, run fsck to fix.
[  159.551290][   T29] audit: type=1804 audit(1729069875.426:18): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.216" name="/newroot/1/bus/bus" dev="loop0" ino=10 res=1 errno=0
[  159.552285][ T6647] EXT4-fs: Ignoring removed mblk_io_submit option
[  159.582844][ T6629] syz.0.216: attempt to access beyond end of device
[  159.582844][ T6629] loop0: rw=2049, sector=45104, nr_sectors = 64 limit=40427
[  159.633452][ T6315] syz-executor: attempt to access beyond end of device
[  159.633452][ T6315] loop0: rw=2049, sector=45168, nr_sectors = 8 limit=40427
[  159.648322][ T6315] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  159.665418][ T6647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.696861][ T6647] overlayfs: fs on './file0/../file0' does not support file handles, falling back to index=off,nfs_export=off.
[  159.760783][ T6320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.390992][ T6669] loop3: detected capacity change from 0 to 8
[  161.415607][ T6678] loop3: detected capacity change from 0 to 32768
[  161.548760][ T6678] find_entry called with index >= next_index
[  161.555435][ T6678] find_entry called with index >= next_index
[  161.561515][ T6678] find_entry called with index >= next_index
[  161.588770][ T6678] ERROR: (device loop3): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 1
[  161.588770][ T6678] 
[  161.617217][ T6678] ERROR: (device loop3): remounting filesystem as read-only
[  161.624775][ T6678] ERROR: (device loop3): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 3
[  161.624775][ T6678] 
[  161.637944][ T6678] ERROR: (device loop3): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 4
[  161.637944][ T6678] 
[  162.174085][ T6684] loop1: detected capacity change from 0 to 24
[  162.192690][ T6686] loop2: detected capacity change from 0 to 512
[  162.210715][ T6686] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  162.226835][ T6686] EXT4-fs (loop2): #clusters per group too big: 2130739200
[  162.873296][ T6690] syz.0.237 (6690) used greatest stack depth: 17336 bytes left
[  163.412152][ T6707] loop0: detected capacity change from 0 to 4096
[  163.539193][ T6700] loop2: detected capacity change from 0 to 32768
[  163.582126][ T6700] XFS: attr2 mount option is deprecated.
[  163.614569][ T6705] loop1: detected capacity change from 0 to 32768
[  163.650097][ T6700] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  163.727017][ T6700] XFS (loop2): Ending clean mount
[  163.745871][ T6700] XFS (loop2): Quotacheck needed: Please wait.
[  163.815267][ T6705] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  163.854697][ T6700] XFS (loop2): Quotacheck: Done.
[  164.006413][ T6249] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  164.051408][   T29] audit: type=1804 audit(1729069879.966:19): pid=6705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.243" name="/newroot/2/file1/bus" dev="loop1" ino=17059 res=1 errno=0
[  164.159807][ T6705] (syz.1.243,6705,1):ocfs2_get_clusters:606 ERROR: status = -34
[  164.198969][ T6705] (syz.1.243,6705,0):ocfs2_reflink_remap_extent:4528 ERROR: status = -34
[  164.237648][ T6705] (syz.1.243,6705,0):ocfs2_reflink_remap_blocks:4687 ERROR: status = -34
[  164.262575][ T6705] (syz.1.243,6705,0):ocfs2_remap_file_range:2732 ERROR: status = -34
[  164.285716][ T6729] loop0: detected capacity change from 0 to 2048
[  164.312670][   T52] Bluetooth: (null): Invalid header checksum
[  164.332330][ T6729] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.358409][ T6729] EXT4-fs: Ignoring removed orlov option
[  164.371351][   T52] Bluetooth: (null): Invalid header checksum
[  164.377772][ T6729] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  164.396638][   T52] Bluetooth: (null): Invalid header checksum
[  164.489904][ T6729] Bluetooth: (null): Too short H5 packet
[  164.537594][ T6723] loop4: detected capacity change from 0 to 32768
[  164.554194][   T11] Bluetooth: (null): Invalid header checksum
[  164.613774][ T6723] overlayfs: upper fs needs to support d_type.
[  164.621894][ T6723] overlayfs: upper fs does not support tmpfile.
[  164.633325][ T6723] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  164.634244][ T6317] ocfs2: Unmounting device (7,1) on (node local)
[  165.247822][ T3005] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.543444][ T3005] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.573479][ T5240] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  165.617149][ T5240] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  165.627241][ T5240] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  165.637518][ T5240] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  165.668407][ T5240] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  165.682111][ T5240] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  165.898813][ T3005] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.033446][ T3005] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.315890][ T6744] loop1: detected capacity change from 0 to 32768
[  166.334634][ T6744] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.256 (6744)
[  166.421168][ T3005] bridge_slave_1: left allmulticast mode
[  166.435092][ T6744] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  166.466538][ T3005] bridge_slave_1: left promiscuous mode
[  166.496220][ T3005] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.521439][ T6744] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  166.533943][ T6744] BTRFS info (device loop1): using free-space-tree
[  166.534541][ T3005] bridge_slave_0: left allmulticast mode
[  166.557998][ T3005] bridge_slave_0: left promiscuous mode
[  166.563996][ T3005] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.817339][ T6772] loop0: detected capacity change from 0 to 1024
[  166.916281][ T6772] hfsplus: bad catalog entry type
[  166.979822][ T2910] hfsplus: b-tree write err: -5, ino 4
[  166.988101][ T6317] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  167.268051][ T6782] loop2: detected capacity change from 0 to 1024
[  167.304401][ T6783] loop1: detected capacity change from 0 to 1024
[  167.379798][ T6782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.596755][ T6249] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.733422][ T2910] hfsplus: b-tree write err: -5, ino 4
[  167.759987][ T5259] Bluetooth: hci0: command tx timeout
[  167.915213][ T3005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.947294][ T3005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.960181][ T3005] bond0 (unregistering): Released all slaves
[  168.031868][ T6789] bridge_slave_0: left allmulticast mode
[  168.046972][ T6789] bridge_slave_0: left promiscuous mode
[  168.058385][ T6789] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.097220][ T6804] loop1: detected capacity change from 0 to 512
[  168.106792][ T6804] EXT4-fs: Ignoring removed nobh option
[  168.134022][ T6789] bridge_slave_1: left allmulticast mode
[  168.158007][ T6789] bridge_slave_1: left promiscuous mode
[  168.166929][ T6789] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.180822][ T6804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.199464][ T6804] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.210648][ T6789] bond0: (slave bond_slave_0): Releasing backup interface
[  168.238529][ T6804] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.270: bg 0: block 224: padding at end of block bitmap is not set
[  168.264447][ T6789] bond0: (slave bond_slave_1): Releasing backup interface
[  168.268225][ T6804] EXT4-fs (loop1): Remounting filesystem read-only
[  168.326354][ T6789] team0: Port device team_slave_0 removed
[  168.358986][ T6789] team0: Port device team_slave_1 removed
[  168.390472][ T6789] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.397262][ T6317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.418905][ T2927] Quota error (device loop1): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  168.441218][ T2927] Quota error (device loop1): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  168.452689][ T6789] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.499758][ T6789] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.537442][ T6789] batman_adv: batadv0: Removing interface: batadv_slave_1
[  168.615072][ T6790] geneve2: entered promiscuous mode
[  168.620318][ T6790] geneve2: entered allmulticast mode
[  168.639629][ T6790] batman_adv: batadv0: Adding interface: geneve2
[  168.647025][ T6790] batman_adv: batadv0: Interface activated: geneve2
[  168.671618][ T6741] chnl_net:caif_netlink_parms(): no params data found
[  168.847979][ T6828] block nbd0: Device being setup by another task
[  168.878151][ T6824] block nbd0: shutting down sockets
[  169.121417][   T29] audit: type=1326 audit(1729069885.046:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.210411][   T29] audit: type=1326 audit(1729069885.076:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.325570][ T3005] hsr_slave_0: left promiscuous mode
[  169.342655][   T29] audit: type=1326 audit(1729069885.076:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.369142][ T3005] hsr_slave_1: left promiscuous mode
[  169.396752][   T29] audit: type=1326 audit(1729069885.076:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.439340][ T6832] loop1: detected capacity change from 0 to 32768
[  169.456739][ T6842] loop2: detected capacity change from 0 to 2048
[  169.461563][   T29] audit: type=1326 audit(1729069885.076:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.481846][ T6842] EXT4-fs: Ignoring removed nomblk_io_submit option
[  169.492784][ T3005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.500234][ T3005] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.506829][   T29] audit: type=1326 audit(1729069885.076:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.532094][   T11] Bluetooth: (null): Invalid header checksum
[  169.538172][   T11] Bluetooth: (null): Invalid header checksum
[  169.562776][   T29] audit: type=1326 audit(1729069885.076:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.590149][ T6842] EXT4-fs: Ignoring removed orlov option
[  169.608179][ T6832] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  169.608687][ T6842] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  169.617977][ T3005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.632840][ T3043] Bluetooth: (null): Invalid header checksum
[  169.692486][   T29] audit: type=1326 audit(1729069885.076:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.705689][ T6842] Bluetooth: (null): Too short H5 packet
[  169.720840][ T3005] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.746175][ T3005] veth1_macvtap: left promiscuous mode
[  169.752419][ T3005] veth0_macvtap: left promiscuous mode
[  169.758228][ T3005] veth1_vlan: left promiscuous mode
[  169.764692][ T3005] veth0_vlan: left promiscuous mode
[  169.809006][   T29] audit: type=1326 audit(1729069885.076:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  169.838175][ T5259] Bluetooth: hci0: command tx timeout
[  169.845943][ T2910] Bluetooth: (null): Invalid header checksum
[  169.852235][ T2910] Bluetooth: (null): Invalid header checksum
[  169.915108][   T29] audit: type=1326 audit(1729069885.076:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d23d7dff9 code=0x7fc00000
[  170.022105][ T6832] XFS (loop1): Ending clean mount
[  170.035442][ T6832] XFS (loop1): Quotacheck needed: Please wait.
[  170.236554][ T6854] loop0: detected capacity change from 0 to 32768
[  170.339711][ T6832] XFS (loop1): Quotacheck: Done.
[  170.383216][ T6854] JBD2: Ignoring recovery information on journal
[  170.443025][ T6317] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  170.496616][ T6854] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  170.692190][ T6871] syz.0.278 (6871) used greatest stack depth: 15928 bytes left
[  170.845756][ T6315] ocfs2: Unmounting device (7,0) on (node local)
[  171.157210][ T3005] team0 (unregistering): Port device team_slave_1 removed
[  171.170510][ T6879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.282'.
[  171.236066][ T3005] team0 (unregistering): Port device team_slave_0 removed
[  171.779575][ T6741] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.797376][ T6741] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.805003][ T6741] bridge_slave_0: entered allmulticast mode
[  171.812194][ T6741] bridge_slave_0: entered promiscuous mode
[  171.887118][ T6881] bridge_slave_0: left allmulticast mode
[  171.914483][ T5259] Bluetooth: hci0: command tx timeout
[  171.933804][ T6881] bridge_slave_0: left promiscuous mode
[  171.961820][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.012386][ T6881] bridge_slave_1: left allmulticast mode
[  172.024695][ T6881] bridge_slave_1: left promiscuous mode
[  172.030545][ T6881] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.211600][ T6881] bond0: (slave bond_slave_0): Releasing backup interface
[  172.311895][ T6881] bond0: (slave bond_slave_1): Releasing backup interface
[  172.500359][ T6881] team0: Port device team_slave_0 removed
[  172.706620][ T6881] team0: Port device team_slave_1 removed
[  172.803342][ T6881] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.842038][ T6881] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.870531][ T6881] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.899055][ T6881] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.969300][ T6884] geneve2: entered promiscuous mode
[  172.989300][ T6884] geneve2: entered allmulticast mode
[  173.009981][ T6884] batman_adv: batadv0: Adding interface: geneve2
[  173.028829][ T6884] batman_adv: batadv0: Interface activated: geneve2
[  173.051724][ T6741] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.076689][ T5240] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  173.087807][ T5240] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  173.097952][ T5240] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  173.098983][ T6741] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.134522][ T6741] bridge_slave_1: entered allmulticast mode
[  173.150901][ T5240] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  173.160769][ T6741] bridge_slave_1: entered promiscuous mode
[  173.184497][ T5240] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  173.193869][ T5240] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  173.264121][ T6890] netlink: 4 bytes leftover after parsing attributes in process `syz.2.288'.
[  173.345543][ T6741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  173.373331][ T6741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  173.579795][ T6741] team0: Port device team_slave_0 added
[  173.592683][ T6741] team0: Port device team_slave_1 added
[  173.728146][ T6741] batman_adv: batadv0: Adding interface: batadv_slave_0
[  173.761385][ T6741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.817510][ T6923] loop2: detected capacity change from 0 to 64
[  173.830835][ T6741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.884298][ T6741] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.913901][ T6923] syz.2.298: attempt to access beyond end of device
[  173.913901][ T6923] loop2: rw=34817, sector=39, nr_sectors = 125 limit=64
[  173.925965][ T6741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.989551][ T6741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  174.003242][ T5259] Bluetooth: hci0: command tx timeout
[  174.017133][ T6923] syz.2.298: attempt to access beyond end of device
[  174.017133][ T6923] loop2: rw=34817, sector=167, nr_sectors = 1 limit=64
[  174.054993][ T6934] macvlan2: mtu less than device minimum
[  174.077669][ T6923] syz.2.298: attempt to access beyond end of device
[  174.077669][ T6923] loop2: rw=34817, sector=169, nr_sectors = 1 limit=64
[  174.136830][ T6923] syz.2.298: attempt to access beyond end of device
[  174.136830][ T6923] loop2: rw=34817, sector=171, nr_sectors = 7 limit=64
[  174.174023][ T6923] syz.2.298: attempt to access beyond end of device
[  174.174023][ T6923] loop2: rw=34817, sector=179, nr_sectors = 140 limit=64
[  174.284015][ T6741] hsr_slave_0: entered promiscuous mode
[  174.300327][ T6741] hsr_slave_1: entered promiscuous mode
[  174.469703][ T6898] chnl_net:caif_netlink_parms(): no params data found
[  174.699691][ T6927] loop0: detected capacity change from 0 to 32768
[  174.730252][ T6927] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.299 (6927)
[  174.823952][ T6927] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  174.858418][ T6927] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  174.891673][ T6927] BTRFS info (device loop0): using free-space-tree
[  174.949481][ T6898] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.961360][ T6898] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.978937][ T6898] bridge_slave_0: entered allmulticast mode
[  175.015118][ T6898] bridge_slave_0: entered promiscuous mode
[  175.037684][ T6898] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.059518][ T6951] loop1: detected capacity change from 0 to 32768
[  175.070743][ T6898] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.078663][ T6898] bridge_slave_1: entered allmulticast mode
[  175.086772][ T6898] bridge_slave_1: entered promiscuous mode
[  175.125590][ T6951] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  175.189600][ T6898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.257839][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  175.257858][   T29] audit: type=1800 audit(1729069891.176:40): pid=6927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.299" name="file1" dev="loop0" ino=260 res=0 errno=0
[  175.291677][ T5259] Bluetooth: hci5: command tx timeout
[  175.359261][ T3005] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  175.388928][ T6898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.542591][ T6317] ocfs2: Unmounting device (7,1) on (node local)
[  175.546275][ T6315] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  175.556967][ T6898] team0: Port device team_slave_0 added
[  175.567103][ T6898] team0: Port device team_slave_1 added
[  175.615257][ T6898] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.649169][ T6898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.677260][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.691418][ T6898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.729307][ T6898] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.752572][ T6898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.778483][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.906007][ T6898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.124789][ T6898] hsr_slave_0: entered promiscuous mode
[  176.132064][ T6989] loop1: detected capacity change from 0 to 1024
[  176.170217][ T6898] hsr_slave_1: entered promiscuous mode
[  176.190691][ T6898] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.199124][ T6898] Cannot create hsr debugfs directory
[  176.199200][ T6989] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.261662][ T6989] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.280562][ T6741] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  176.291464][ T6741] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  176.300835][ T6741] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  176.370370][ T6741] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  176.419926][ T6317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.743540][ T6991] loop0: detected capacity change from 0 to 40427
[  176.770694][ T6898] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.773934][ T6991] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  176.789764][ T6991] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  176.809695][ T6991] F2FS-fs (loop0): invalid crc value
[  176.850572][ T6991] F2FS-fs (loop0): Found nat_bits in checkpoint
[  176.944625][ T6898] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.960464][ T6991] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  176.967894][ T6991] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  176.994427][ T6741] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.035058][ T6741] 8021q: adding VLAN 0 to HW filter on device team0
[  177.085588][ T6898] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.116242][ T6315] syz-executor: attempt to access beyond end of device
[  177.116242][ T6315] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  177.130831][ T6315] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  177.158163][ T3005] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.165342][ T3005] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.204437][ T3005] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.211630][ T3005] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.264594][ T6898] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.351555][ T5259] Bluetooth: hci5: command tx timeout
[  177.541368][   T46] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  177.640901][ T6898] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  177.668939][ T6898] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  177.684587][ T6741] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.696588][ T6898] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  177.723627][ T6898] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  177.732991][   T46] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[  177.757397][   T46] usb 2-1: config 0 has no interface number 0
[  177.787811][   T46] usb 2-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  177.832748][   T46] usb 2-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  177.849771][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.881151][   T46] usb 2-1: Product: syz
[  177.885368][   T46] usb 2-1: Manufacturer: syz
[  177.889976][   T46] usb 2-1: SerialNumber: syz
[  177.940081][   T46] usb 2-1: config 0 descriptor??
[  177.958018][ T7010] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  177.976268][   T46] usb-storage 2-1:0.20: USB Mass Storage device detected
[  177.994636][ T6898] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.016312][   T46] usb-storage 2-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  178.068986][ T6898] 8021q: adding VLAN 0 to HW filter on device team0
[  178.139972][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.147156][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.230626][   T46] scsi host1: usb-storage 2-1:0.20
[  178.256811][ T2927] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.263972][ T2927] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.278301][   T46] usb 2-1: USB disconnect, device number 3
[  178.399210][ T6741] veth0_vlan: entered promiscuous mode
[  178.452599][ T6741] veth1_vlan: entered promiscuous mode
[  178.558664][ T6741] veth0_macvtap: entered promiscuous mode
[  178.585592][ T6741] veth1_macvtap: entered promiscuous mode
[  178.613854][ T6741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.626564][ T6741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.637865][ T6741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.671450][ T6741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.702873][ T6741] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.730983][ T6741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.748788][ T6741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.760000][ T6741] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.777641][ T6741] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.789886][ T6741] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.830925][ T7022] loop0: detected capacity change from 0 to 32768
[  178.839273][ T6741] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.849943][ T6741] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.858872][ T7022] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.308 (7022)
[  178.872812][ T6741] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.883271][ T6741] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.896181][ T7022] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  178.938547][ T7022] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  178.984876][ T7022] BTRFS info (device loop0): using free-space-tree
[  179.077690][ T6898] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.183954][ T6898] veth0_vlan: entered promiscuous mode
[  179.195321][ T6898] veth1_vlan: entered promiscuous mode
[  179.237626][ T6898] veth0_macvtap: entered promiscuous mode
[  179.261495][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.295727][ T6898] veth1_macvtap: entered promiscuous mode
[  179.308436][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.373025][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.380895][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.416473][ T6898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.434562][ T5259] Bluetooth: hci5: command tx timeout
[  179.441468][ T6898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.462558][ T6898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.473559][ T6898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.484077][ T6898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.494950][ T6898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.506774][ T6898] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.552278][ T6898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.590887][ T6898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.624107][ T6898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.639797][   T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  179.660673][ T6898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.703827][ T6898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.739068][ T6898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.779287][ T6898] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.815043][ T6898] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.824534][ T6898] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.833850][ T6898] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.843549][ T6898] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.853107][ T6315] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  180.203344][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  180.225542][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  180.309454][ T2927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  180.348515][ T2927] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  180.557402][ T7108] hsr0: entered allmulticast mode
[  180.564574][ T7108] hsr_slave_0: entered allmulticast mode
[  180.571311][ T7108] hsr_slave_1: entered allmulticast mode
[  180.636276][ T7108] hsr_slave_0: left promiscuous mode
[  180.719970][ T7108] hsr_slave_1: left promiscuous mode
[  180.726125][ T7075] loop1: detected capacity change from 0 to 40427
[  180.785232][ T7108] hsr0 (unregistering): left allmulticast mode
[  180.791715][ T7075] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[  180.791747][ T7075] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  180.866901][ T7075] F2FS-fs (loop1): Found nat_bits in checkpoint
[  181.067999][ T7075] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  181.093093][ T7075] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  181.153571][   T29] audit: type=1804 audit(1729069897.046:41): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.310" name="/newroot/27/file2/bus" dev="loop1" ino=10 res=1 errno=0
[  181.181640][   T29] audit: type=1804 audit(1729069897.056:42): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.310" name="/newroot/27/file2/bus" dev="loop1" ino=10 res=1 errno=0
[  181.511630][ T5259] Bluetooth: hci5: command tx timeout
[  181.609161][ T6317] syz-executor: attempt to access beyond end of device
[  181.609161][ T6317] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  181.645183][ T7153] input: syz0 as /devices/virtual/input/input6
[  181.653022][ T6317] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  182.206742][ T7170] loop0: detected capacity change from 0 to 4096
[  182.689886][ T7170] NILFS (loop0): invalid segment: Checksum error in segment payload
[  182.740815][ T7170] NILFS (loop0): trying rollback from an earlier position
[  182.769499][ T7170] NILFS (loop0): recovery complete
[  182.867583][ T7180] loop4: detected capacity change from 0 to 32768
[  182.878236][ T7180] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.327 (7180)
[  182.891581][ T7182] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  182.961825][ T7180] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  182.978506][ T7180] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  183.010457][ T7180] BTRFS info (device loop4): using free-space-tree
[  183.253291][   T29] audit: type=1800 audit(1729069899.176:43): pid=7180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.327" name="file1" dev="loop4" ino=260 res=0 errno=0
[  183.550456][ T6741] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  183.787688][ T7206] loop0: detected capacity change from 0 to 4096
[  184.498954][ T5240] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  184.528484][ T5240] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  184.538163][ T5240] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  184.547933][ T5240] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  184.556492][ T5240] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  184.567927][ T5240] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  184.944547][ T7222] chnl_net:caif_netlink_parms(): no params data found
[  185.087793][ T7225] loop0: detected capacity change from 0 to 32768
[  185.187367][ T7225] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  185.293234][ T7225] XFS (loop0): Ending clean mount
[  185.295113][ T7222] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.306091][ T7222] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.314805][ T7222] bridge_slave_0: entered allmulticast mode
[  185.322100][ T7222] bridge_slave_0: entered promiscuous mode
[  185.330411][ T7222] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.338030][ T7222] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.353441][ T7222] bridge_slave_1: entered allmulticast mode
[  185.360721][ T7222] bridge_slave_1: entered promiscuous mode
[  185.413139][ T6315] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  185.429709][ T7222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.441537][   T46] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  185.468853][ T7222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.621273][   T46] usb 5-1: Using ep0 maxpacket: 16
[  185.645468][ T7222] team0: Port device team_slave_0 added
[  185.651735][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  185.669427][ T7222] team0: Port device team_slave_1 added
[  185.671036][   T46] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  185.703835][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.716489][   T46] usb 5-1: Product: syz
[  185.720701][   T46] usb 5-1: Manufacturer: syz
[  185.725553][   T46] usb 5-1: SerialNumber: syz
[  185.735281][   T46] usb 5-1: config 0 descriptor??
[  185.749611][   T46] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  185.760027][   T46] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  185.800487][ T7222] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.821163][ T7222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.848068][ T7222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.863873][ T7222] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.871339][ T7222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.898748][ T7222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.975715][ T7222] hsr_slave_0: entered promiscuous mode
[  185.981970][ T5245] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  185.994222][ T7222] hsr_slave_1: entered promiscuous mode
[  186.018301][ T7222] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.026704][ T7222] Cannot create hsr debugfs directory
[  186.173087][ T5245] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.203565][ T5245] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  186.225578][ T5245] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  186.288699][ T5245] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  186.331323][ T5245] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  186.354256][ T7222] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.365359][   T46] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  186.379768][ T5245] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.398065][ T5245] usb 1-1: config 0 descriptor??
[  186.410304][ T7259] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  186.609607][ T7222] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.641497][ T5259] Bluetooth: hci6: command tx timeout
[  186.761409][ T7267] loop1: detected capacity change from 0 to 32768
[  186.773807][ T7222] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.786281][ T7267] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.348 (7267)
[  186.814189][ T7267] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  186.828235][ T7267] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  186.850871][ T5245] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  186.858810][ T5245] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  186.866475][ T5245] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  186.874751][ T5245] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  186.883283][ T5245] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  186.893849][ T5245] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  186.905343][ T5245] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  186.966658][ T7222] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.042028][   T46] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  187.050759][   T46] em28xx 5-1:0.0: board has no eeprom
[  187.136745][   T46] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  187.137864][ T7267] BTRFS info (device loop1): rebuilding free space tree
[  187.147108][   T46] em28xx 5-1:0.0: dvb set to bulk mode.
[  187.162854][ T1188] em28xx 5-1:0.0: Binding DVB extension
[  187.186113][   T46] usb 5-1: USB disconnect, device number 4
[  187.201967][   T46] em28xx 5-1:0.0: Disconnecting em28xx
[  187.261234][ T7267] BTRFS info (device loop1): disabling free space tree
[  187.268225][ T7267] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  187.280067][ T7267] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  187.342080][ T1188] em28xx 5-1:0.0: Registering input extension
[  187.359399][   T46] em28xx 5-1:0.0: Closing input extension
[  187.438670][ T7222] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  187.443283][   T46] em28xx 5-1:0.0: Freeing device
[  187.463109][ T7222] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  187.483433][ T7222] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  187.524777][ T7222] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  187.723905][ T7222] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.750695][ T7222] 8021q: adding VLAN 0 to HW filter on device team0
[  187.779905][ T6317] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  187.788037][ T2927] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.797494][ T2927] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.853451][ T3005] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.860611][ T3005] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.183484][ T7259] usb 1-1: string descriptor 0 read error: -71
[  188.396171][ T7222] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.503112][ T7222] veth0_vlan: entered promiscuous mode
[  188.711380][ T5259] Bluetooth: hci6: command tx timeout
[  189.081676][  T937] usb 1-1: USB disconnect, device number 6
[  190.812134][ T5259] Bluetooth: hci6: command tx timeout
[  192.871422][ T5259] Bluetooth: hci6: command tx timeout
[  194.001410][ T7313] loop4: detected capacity change from 0 to 32768
[  194.601373][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  194.607668][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  196.862620][ T7313] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/loop4": -EINTR
[  196.867478][ T7222] veth1_vlan: entered promiscuous mode
[  197.026234][ T7222] veth0_macvtap: entered promiscuous mode
[  197.045142][ T7222] veth1_macvtap: entered promiscuous mode
[  197.123196][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.171242][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.211206][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.238107][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.261156][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.290140][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.320900][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.348900][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.381036][ T7222] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.422098][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.461121][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.490133][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.521159][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.551328][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.578955][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.600003][ T5240] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  197.608756][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.620707][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.621152][ T5240] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  197.640875][ T5240] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  197.642091][ T7222] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.711165][ T5240] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  197.723987][ T5240] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  197.741162][ T5240] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  197.864637][ T7222] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.873835][ T7222] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.886314][ T7222] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.895447][ T7222] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.044118][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.173417][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.205526][ T7326] loop1: detected capacity change from 0 to 40427
[  198.230892][ T7326] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  198.239015][ T7338] erspan0: entered promiscuous mode
[  198.257524][ T7338] vlan2: entered promiscuous mode
[  198.259047][ T7326] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  198.276884][ T7338] erspan0: left promiscuous mode
[  198.294229][ T7326] F2FS-fs (loop1): Found nat_bits in checkpoint
[  198.352296][ T7326] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  198.359542][ T7326] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  198.386102][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.462563][ T3005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.472388][   T29] audit: type=1800 audit(1729069914.396:44): pid=7326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.361" name="file0" dev="loop1" ino=10 res=0 errno=0
[  198.501382][ T3005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.624967][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.699907][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.721303][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.920404][ T7332] chnl_net:caif_netlink_parms(): no params data found
[  199.264869][   T35] batman_adv: batadv0: Interface deactivated: geneve2
[  199.433454][ T7345] overlayfs: failed to resolve './file0': -2
[  199.756422][   T35] batman_adv: batadv0: Removing interface: geneve2
[  199.831326][ T5244] Bluetooth: hci7: command tx timeout
[  200.106203][   T35] bond0 (unregistering): Released all slaves
[  200.124403][ T7332] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.142277][ T7332] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.154286][ T7332] bridge_slave_0: entered allmulticast mode
[  200.184739][ T7332] bridge_slave_0: entered promiscuous mode
[  200.213562][ T7332] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.220691][ T7332] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.273908][ T7332] bridge_slave_1: entered allmulticast mode
[  200.280851][ T7332] bridge_slave_1: entered promiscuous mode
[  200.345884][ T7376] loop1: detected capacity change from 0 to 1024
[  200.532518][ T7332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.536352][ T7376] EXT4-fs: Ignoring removed nomblk_io_submit option
[  200.556826][ T7376] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  200.568730][ T7376] EXT4-fs (loop1): Test dummy encryption mode enabled
[  200.569411][ T7332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.603136][ T7376] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003]
[  200.644590][ T7376] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.016580][ T7332] team0: Port device team_slave_0 added
[  201.065013][ T7376] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  201.084664][ T7332] team0: Port device team_slave_1 added
[  201.257548][   T35] veth1_macvtap: left promiscuous mode
[  201.259035][ T6317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.291362][   T35] veth0_macvtap: left promiscuous mode
[  201.297020][   T35] veth1_vlan: left promiscuous mode
[  201.303420][   T35] veth0_vlan: left promiscuous mode
[  201.911582][ T5244] Bluetooth: hci7: command tx timeout
[  202.261276][ T1188] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  202.463677][ T1188] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.476073][ T1188] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  202.505147][ T1188] usb 4-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00
[  202.525546][ T1188] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.548876][ T1188] usb 4-1: config 0 descriptor??
[  203.243532][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.254226][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.262023][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.269811][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.287047][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.295762][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.304934][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.312728][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.325690][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.334006][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.342273][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.350111][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.358736][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.367287][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.375095][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.396542][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.421159][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.432825][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.443707][ T1188] vrc2 0003:07C0:1125.0006: fixing up VRC-2 report descriptor
[  203.454829][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.464391][ T5293] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  203.465586][ T1188] input: HID 07c0:1125 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:07C0:1125.0006/input/input9
[  203.485474][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.515290][ T5245] hid-generic 0000:1000000:0000.0005: unknown main item tag 0x0
[  203.570345][ T5245] hid-generic 0000:1000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  203.626924][ T1188] vrc2 0003:07C0:1125.0006: input,hidraw1: USB HID v0.00 Joystick [HID 07c0:1125] on usb-dummy_hcd.3-1/input0
[  203.633015][ T5293] usb 3-1: config 0 has no interfaces?
[  203.671602][ T5293] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  203.680143][ T1188] usb 4-1: USB disconnect, device number 3
[  203.689051][ T5293] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.719779][ T5293] usb 3-1: config 0 descriptor??
[  203.971273][ T7332] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.999286][ T5244] Bluetooth: hci7: command tx timeout
[  204.011698][ T7332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.053227][ T5293] usb 3-1: USB disconnect, device number 2
[  204.091401][ T7332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.104709][ T7332] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.113847][ T7332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.159498][ T7332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.312060][ T7332] hsr_slave_0: entered promiscuous mode
[  204.347262][ T7332] hsr_slave_1: entered promiscuous mode
[  204.403553][ T7332] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.431946][ T7332] Cannot create hsr debugfs directory
[  205.092031][ T7464] overlayfs: missing 'lowerdir'
[  205.500649][ T7468] loop1: detected capacity change from 0 to 4096
[  205.819458][ T7332] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  205.821705][ T7468] loop1: detected capacity change from 4096 to 0
[  205.826916][ T7475] syz.1.399: attempt to access beyond end of device
[  205.826916][ T7475] loop1: rw=0, sector=32, nr_sectors = 8 limit=0
[  205.896323][ T7332] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  205.934511][ T7332] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  205.974338][ T7478] loop4: detected capacity change from 0 to 4096
[  205.992973][ T7332] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  206.046723][ T7478] NILFS (loop4): invalid segment: Checksum error in segment payload
[  206.072389][ T5244] Bluetooth: hci7: command tx timeout
[  206.077842][ T6317] syz-executor: attempt to access beyond end of device
[  206.077842][ T6317] loop1: rw=0, sector=552, nr_sectors = 8 limit=0
[  206.080272][ T6317] ntfs3(loop1): failed to read volume at offset 0x45000
[  206.131462][ T7478] NILFS (loop4): trying rollback from an earlier position
[  206.177311][ T7332] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.194438][ T7332] 8021q: adding VLAN 0 to HW filter on device team0
[  206.230466][ T7332] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  206.240955][ T7332] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  206.313451][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.320649][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.353739][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.360929][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.425677][ T7478] NILFS (loop4): recovery complete
[  206.441872][ T7489] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  206.516108][   T29] audit: type=1800 audit(1729069922.416:45): pid=7478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.402" name="bus" dev="loop4" ino=13 res=0 errno=0
[  206.593997][ T6317] syz-executor: attempt to access beyond end of device
[  206.593997][ T6317] loop1: rw=2049, sector=32, nr_sectors = 8 limit=0
[  206.648708][ T6317] buffer_io_error: 19 callbacks suppressed
[  206.648728][ T6317] Buffer I/O error on dev loop1, logical block 4, lost sync page write
[  206.691287][ T6317] ntfs3(loop1): ino=3, ntfs_set_state failed, -5.
[  206.734004][ T6317] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  206.741045][ T6317] syz-executor: attempt to access beyond end of device
[  206.741045][ T6317] loop1: rw=2049, sector=32, nr_sectors = 8 limit=0
[  206.817729][ T7332] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.832363][ T6317] Buffer I/O error on dev loop1, logical block 4, lost sync page write
[  206.871891][ T6317] ntfs3(loop1): ino=3, ntfs_set_state failed, -5.
[  206.896998][ T6317] syz-executor: attempt to access beyond end of device
[  206.896998][ T6317] loop1: rw=0, sector=32, nr_sectors = 8 limit=0
[  206.964846][ T7332] veth0_vlan: entered promiscuous mode
[  206.987527][ T3043] kworker/u8:12: attempt to access beyond end of device
[  206.987527][ T3043] loop1: rw=2049, sector=32, nr_sectors = 8 limit=0
[  207.015899][ T7332] veth1_vlan: entered promiscuous mode
[  207.061467][ T3043] Buffer I/O error on dev loop1, logical block 4, lost sync page write
[  207.118937][ T3043] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -5.
[  207.124599][ T7332] veth0_macvtap: entered promiscuous mode
[  207.142937][ T6317] syz-executor: attempt to access beyond end of device
[  207.142937][ T6317] loop1: rw=0, sector=32, nr_sectors = 8 limit=0
[  207.174554][ T7332] veth1_macvtap: entered promiscuous mode
[  207.190406][ T6317] syz-executor: attempt to access beyond end of device
[  207.190406][ T6317] loop1: rw=0, sector=32, nr_sectors = 8 limit=0
[  207.222455][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.266512][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.309032][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.336824][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.369755][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.390612][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.424249][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.458316][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.481160][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.500590][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.536826][ T7332] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.572137][ T7528] loop2: detected capacity change from 64 to 63
[  207.590490][ T7537] netlink: 12 bytes leftover after parsing attributes in process `syz.3.413'.
[  207.625528][ T7537] netlink: 'syz.3.413': attribute type 30 has an invalid length.
[  207.705778][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.718858][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.730686][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.747066][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.766351][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.780425][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.796136][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.816637][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.829594][ T7332] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.848252][ T7332] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.869953][ T7332] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.892781][ T7332] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.931325][ T7332] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.955867][ T7332] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.970933][ T7332] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.120636][ T3043] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.357216][ T3043] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.484149][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  208.522599][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  208.620627][ T3043] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.775659][ T3043] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.845443][ T5259] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  208.859030][ T5259] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  208.868534][ T5259] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  208.887281][ T5259] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  208.888460][ T7553] loop4: detected capacity change from 0 to 4096
[  208.922720][ T5259] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  208.932742][ T5259] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  208.945103][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  208.957431][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  209.474908][ T3043] batman_adv: batadv0: Interface deactivated: geneve2
[  210.359956][ T3043] batman_adv: batadv0: Removing interface: geneve2
[  210.783524][ T3043] bond0 (unregistering): Released all slaves
[  211.009642][ T7582] evm: overlay not supported
[  211.034810][ T5244] Bluetooth: hci2: command tx timeout
[  211.072211][   T29] audit: type=1804 audit(1729069926.996:46): pid=7582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.426" name="/newroot/28/bus/file0" dev="overlay" ino=184 res=1 errno=0
[  211.093692][    C1] vkms_vblank_simulate: vblank timer overrun
[  211.184396][ T7554] chnl_net:caif_netlink_parms(): no params data found
[  211.238764][   T46] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  211.305033][ T7591] loop4: detected capacity change from 0 to 2048
[  211.360387][ T7591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.422706][   T46] usb 4-1: Using ep0 maxpacket: 8
[  211.432887][   T46] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  211.451111][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  211.464743][   T29] audit: type=1326 audit(1729069927.376:47): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=7589 comm="syz.4.429" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe29bb7dff9 code=0x0
[  211.487476][   T46] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  211.500372][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  211.512685][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  211.529318][   T46] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  211.540811][ T3043] hsr_slave_0: left promiscuous mode
[  211.548126][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  211.569308][ T3043] hsr_slave_1: left promiscuous mode
[  211.569794][   T46] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  211.604308][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  211.626378][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  211.662970][   T46] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  211.670116][ T3043] veth1_macvtap: left promiscuous mode
[  211.676135][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  211.700740][ T3043] veth0_macvtap: left promiscuous mode
[  211.705794][   T46] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  211.718138][ T3043] veth1_vlan: left promiscuous mode
[  211.718220][ T3043] veth0_vlan: left promiscuous mode
[  211.765641][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  211.808408][   T46] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  211.850020][   T46] usb 4-1: string descriptor 0 read error: -22
[  211.857135][   T46] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  211.879197][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.905716][   T46] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  212.133896][ T6741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.292795][   T46] usb 4-1: USB disconnect, device number 4
[  212.329398][ T5259] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  212.347340][ T5259] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  212.368664][ T5259] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  212.378881][ T5259] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  212.389640][ T5259] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  212.397232][ T5259] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  212.404622][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  212.584507][    T9] usb 3-1: Using ep0 maxpacket: 16
[  212.601826][    T9] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[  212.630686][    T9] usb 3-1: config 0 has no interface number 0
[  212.697607][    T9] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  212.706915][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.715399][    T9] usb 3-1: Product: syz
[  212.719588][    T9] usb 3-1: Manufacturer: syz
[  212.724985][    T9] usb 3-1: SerialNumber: syz
[  212.748963][    T9] usb 3-1: config 0 descriptor??
[  212.851298][ T5245] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  213.009803][ T5291] usb 3-1: USB disconnect, device number 3
[  213.024234][ T5245] usb 5-1: New USB device found, idVendor=0c45, idProduct=6025, bcdDevice=41.12
[  213.056268][ T5245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.081384][ T5245] usb 5-1: config 0 descriptor??
[  213.088724][ T5245] hub 5-1:0.0: bad descriptor, ignoring hub
[  213.101124][ T5245] hub 5-1:0.0: probe with driver hub failed with error -5
[  213.112032][ T5244] Bluetooth: hci2: command tx timeout
[  213.122529][ T5245] gspca_main: sonixb-2.14.0 probing 0c45:6025
[  213.651601][ T5245] usb 5-1: USB disconnect, device number 5
[  213.774439][   T29] audit: type=1326 audit(1729069929.686:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7643 comm="syz.2.439" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x0
[  214.198061][ T7650] loop4: detected capacity change from 0 to 512
[  214.253155][ T7650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.327280][ T7650] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  214.389478][ T7554] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.430147][ T7554] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.453541][ T7554] bridge_slave_0: entered allmulticast mode
[  214.475783][ T7554] bridge_slave_0: entered promiscuous mode
[  214.481482][ T5244] Bluetooth: hci3: command tx timeout
[  214.500706][ T7554] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.545815][ T7554] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.566519][ T6741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.609220][ T7554] bridge_slave_1: entered allmulticast mode
[  214.627404][ T7554] bridge_slave_1: entered promiscuous mode
[  214.864221][ T7554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.898006][ T7554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.925164][ T7662] loop4: detected capacity change from 0 to 256
[  215.122819][ T7669] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 325119 (only 8 groups)
[  215.201847][ T5244] Bluetooth: hci2: command tx timeout
[  215.235683][ T7554] team0: Port device team_slave_0 added
[  215.256743][ T7554] team0: Port device team_slave_1 added
[  215.309519][ T7554] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.325588][ T7554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.368445][ T7554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.424952][ T7554] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.461194][ T7554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.506073][ T7554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.682136][ T7679] loop3: detected capacity change from 32768 to 0
[  215.730622][ T7554] hsr_slave_0: entered promiscuous mode
[  215.786427][ T6320] jfs_flush_journal: synclist not empty
[  215.807550][ T7554] hsr_slave_1: entered promiscuous mode
[  215.832938][ T7554] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  215.840552][ T7554] Cannot create hsr debugfs directory
[  215.848258][ T6320] metapage: ffff88807f190ba0: 00001000 00000000 00003bfc 00000000
[  215.853106][ T1188] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  215.869326][ T6320] metapage: ffff88807f190bb0: 7e271010 ffff8880 5feb1228 ffff8880
[  215.884016][ T6320] metapage: ffff88807f190bc0: 00000004 00000000 00000000 00000000
[  215.907022][ T6320] metapage: ffff88807f190bd0: 79a0e000 ffff8880 0000002c 00000000
[  215.952272][ T6320] metapage: ffff88807f190be0: 00000000 dead4ead ffffffff 00000000
[  216.006006][ T6320] metapage: ffff88807f190bf0: ffffffff ffffffff 9a53ad40 ffffffff
[  216.019124][ T6320] metapage: ffff88807f190c00: 93cef830 ffffffff 00000000 00000000
[  216.041150][ T6320] metapage: ffff88807f190c10: 8c4370c0 ffffffff 00000200 00000000
[  216.052284][ T1188] usb 5-1: Using ep0 maxpacket: 16
[  216.069783][ T1188] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.087924][ T7622] chnl_net:caif_netlink_parms(): no params data found
[  216.111509][ T1188] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  216.129864][ T6320] metapage: ffff88807f190c20: 7f190c20 ffff8880 7f190c20 ffff8880
[  216.151502][ T1188] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  216.160587][ T1188] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.184005][ T6320] metapage: ffff88807f190c30: 01e68380 ffffea00 2fa30000 ffff8880
[  216.196794][ T1188] usb 5-1: config 0 descriptor??
[  216.202162][ T6320] metapage: ffff88807f190c40: 00001000 00003df0 00000000 00000000
[  216.252146][ T6320] metapage: ffff88807f190c50: 5feb1000 ffff8880
[  216.258488][ T6320] page: ffffea0001e68380: 00fff4000000422c ffffea000092d448
[  216.284055][ T3043] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.290483][ T6320] page: ffffea0001e68390: ffffea00019f6188 0000000000000000
[  216.305836][ T6320] page: ffffea0001e683a0: 000000000000002c ffff88807f190ba0
[  216.331455][ T6320] page: ffffea0001e683b0: 00000001ffffffff ffff888022b18000
[  216.391421][ T6320] metapage: ffff88807e271000: 00001000 00000000 00003ca4 00000000
[  216.414058][ T6320] metapage: ffff88807e271010: 7e271108 ffff8880 7f190bb0 ffff8880
[  216.436555][ T6320] metapage: ffff88807e271020: 00000004 00000000 00000000 00000000
[  216.445362][ T6320] metapage: ffff88807e271030: 28683000 ffff8880 0000001c 00000000
[  216.455702][ T6320] metapage: ffff88807e271040: 00000000 dead4ead ffffffff 00000000
[  216.464851][ T6320] metapage: ffff88807e271050: ffffffff ffffffff 9a53ad40 ffffffff
[  216.475974][ T6320] metapage: ffff88807e271060: 93cef830 ffffffff 00000000 00000000
[  216.502554][ T6320] metapage: ffff88807e271070: 8c4370c0 ffffffff 00000200 00000000
[  216.515538][ T3043] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.542286][ T6320] metapage: ffff88807e271080: 7e271080 ffff8880 7e271080 ffff8880
[  216.559980][ T5244] Bluetooth: hci3: command tx timeout
[  216.579309][ T6320] metapage: ffff88807e271090: 00a1a0c0 ffffea00 2fa30000 ffff8880
[  216.638046][ T6320] metapage: ffff88807e2710a0: 00001000 000044c4 00000000 00000000
[  216.657229][ T3043] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.693613][ T6320] metapage: ffff88807e2710b0: 5feb1000 ffff8880
[  216.734419][ T6320] page: ffffea0000a1a0c0: 00fff5800000423c ffffea0001a27d88
[  216.761438][ T6320] page: ffffea0000a1a0d0: ffffea000092d448 0000000000000000
[  216.781588][ T6320] page: ffffea0000a1a0e0: 000000000000001c ffff88807e271000
[  216.801308][ T6320] page: ffffea0000a1a0f0: 00000001ffffffff ffff888022b18000
[  216.808978][ T6320] metapage: ffff88807e2710f8: 00001000 00000000 00003e38 00000000
[  216.820459][ T6320] metapage: ffff88807e271108: 5feb1228 ffff8880 7e271010 ffff8880
[  216.826135][ T3043] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.833578][ T6320] metapage: ffff88807e271118: 00000004 00000000 00000000 00000000
[  216.846903][ T6320] metapage: ffff88807e271128: 5963e000 ffff8880 00000030 00000000
[  216.854964][ T6320] metapage: ffff88807e271138: 00000000 dead4ead ffffffff 00000000
[  216.863828][ T6320] metapage: ffff88807e271148: ffffffff ffffffff 9a53ad40 ffffffff
[  216.871961][ T6320] metapage: ffff88807e271158: 93cef830 ffffffff 00000000 00000000
[  216.880357][ T6320] metapage: ffff88807e271168: 8c4370c0 ffffffff 00000200 00000000
[  216.888392][ T6320] metapage: ffff88807e271178: 7e271178 ffff8880 7e271178 ffff8880
[  216.896569][ T6320] metapage: ffff88807e271188: 01658f80 ffffea00 2fa30000 ffff8880
[  216.904583][ T6320] metapage: ffff88807e271198: 00001000 000044c4 00000000 00000000
[  216.912797][ T6320] metapage: ffff88807e2711a8: 5feb1000 ffff8880
[  216.919196][ T6320] page: ffffea0001658f80: 00fff5000000423c ffffea000079de48
[  216.941195][ T6320] page: ffffea0001658f90: ffff88805c16d240 0000000000000000
[  216.959406][ T6320] page: ffffea0001658fa0: 0000000000000030 ffff88807e2710f8
[  216.977730][ T6320] page: ffffea0001658fb0: 00000001ffffffff ffff888022b18000
[  217.011358][ T6320] syz-executor: attempt to access beyond end of device
[  217.011358][ T6320] loop3: rw=1, sector=256, nr_sectors = 8 limit=0
[  217.064301][ T1188] letsketch 0003:6161:4D15.0007: Device info: Д
[  217.070670][ T7622] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.086854][ T7622] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.111400][ T7622] bridge_slave_0: entered allmulticast mode
[  217.121760][ T6320] metapage_write_end_io: I/O error
[  217.134391][ T7622] bridge_slave_0: entered promiscuous mode
[  217.158230][ T7622] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.176501][ T7622] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.183986][ T7622] bridge_slave_1: entered allmulticast mode
[  217.204655][ T6320] syz-executor: attempt to access beyond end of device
[  217.204655][ T6320] loop3: rw=0, sector=104, nr_sectors = 8 limit=0
[  217.212542][ T7622] bridge_slave_1: entered promiscuous mode
[  217.264901][ T1188] letsketch 0003:6161:4D15.0007: Device info: 헶
[  217.272267][ T5244] Bluetooth: hci2: command tx timeout
[  217.353549][ T6320] Read error 10 at 0xd000
[  217.358020][ T6320] read_mapping_page failed!
[  217.374905][ T6320] diWriteSpecial: failed to read aggregate inode extent!
[  217.388509][ T6320] syz-executor: attempt to access beyond end of device
[  217.388509][ T6320] loop3: rw=1, sector=176, nr_sectors = 8 limit=0
[  217.407172][ T6320] metapage_write_end_io: I/O error
[  217.412620][ T6320] syz-executor: attempt to access beyond end of device
[  217.412620][ T6320] loop3: rw=0, sector=88, nr_sectors = 8 limit=0
[  217.426519][ T6320] Read error 10 at 0xb000
[  217.430951][ T6320] read_mapping_page failed!
[  217.437114][ T6320] diWriteSpecial: failed to read aggregate inode extent!
[  217.465498][ T1188] letsketch 0003:6161:4D15.0007: Device info: Г
[  217.538808][ T6320] syz-executor: attempt to access beyond end of device
[  217.538808][ T6320] loop3: rw=1, sector=72, nr_sectors = 8 limit=0
[  217.585597][ T7622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.633644][ T7622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.669766][ T6320] metapage_write_end_io: I/O error
[  217.725237][ T6320] syz-executor: attempt to access beyond end of device
[  217.725237][ T6320] loop3: rw=0, sector=88, nr_sectors = 8 limit=0
[  217.870554][ T3043] bridge_slave_1: left allmulticast mode
[  217.878991][ T3043] bridge_slave_1: left promiscuous mode
[  217.899135][ T6320] Read error 10 at 0xb000
[  217.904046][ T1188] usb 5-1: Max retries (5) exceeded reading string descriptor 2
[  217.908354][ T3043] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.929737][ T1188] letsketch 0003:6161:4D15.0007: probe with driver letsketch failed with error -71
[  217.960551][ T6320] read_mapping_page failed!
[  217.978557][ T3043] bridge_slave_0: left allmulticast mode
[  217.991669][ T1188] usb 5-1: USB disconnect, device number 6
[  218.000627][ T3043] bridge_slave_0: left promiscuous mode
[  218.025632][ T6320] diWriteSpecial: failed to read aggregate inode extent!
[  218.036049][ T3043] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.101476][ T6320] syz-executor: attempt to access beyond end of device
[  218.101476][ T6320] loop3: rw=1, sector=128, nr_sectors = 8 limit=0
[  218.290645][ T6320] metapage_write_end_io: I/O error
[  218.296000][ T6320] syz-executor: attempt to access beyond end of device
[  218.296000][ T6320] loop3: rw=0, sector=88, nr_sectors = 8 limit=0
[  218.309252][ T6320] Read error 10 at 0xb000
[  218.314482][ T6320] read_mapping_page failed!
[  218.319481][ T6320] diWriteSpecial: failed to read aggregate inode extent!
[  218.501606][ T7753] loop4: detected capacity change from 0 to 1024
[  218.549633][ T7753] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.605966][ T1188] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  218.632788][ T5244] Bluetooth: hci3: command tx timeout
[  218.651328][ T1188] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  218.697889][ T1188] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  218.777437][ T7760] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  218.902775][ T6741] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.354912][ T3043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  219.368104][ T3043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  219.417032][ T3043] bond0 (unregistering): Released all slaves
[  219.441252][ T5291] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  219.612664][ T5291] usb 5-1: config 0 has no interfaces?
[  219.621504][ T5291] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  219.630584][ T5291] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.657106][ T5291] usb 5-1: Product: syz
[  219.672821][ T5291] usb 5-1: Manufacturer: syz
[  219.677473][ T5291] usb 5-1: SerialNumber: syz
[  219.686391][ T7622] team0: Port device team_slave_0 added
[  219.703168][ T5291] usb 5-1: config 0 descriptor??
[  219.774866][ T7622] team0: Port device team_slave_1 added
[  219.885827][ T7622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.898484][ T7622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.916711][    T9] usb 5-1: USB disconnect, device number 7
[  219.936320][ T7622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.953920][ T7622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.973889][ T7622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.007173][ T7622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.154610][ T7622] hsr_slave_0: entered promiscuous mode
[  220.171715][ T7622] hsr_slave_1: entered promiscuous mode
[  220.181192][ T7622] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  220.188785][ T7622] Cannot create hsr debugfs directory
[  220.237444][ T3043] hsr_slave_0: left promiscuous mode
[  220.248634][ T3043] hsr_slave_1: left promiscuous mode
[  220.258911][ T3043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.270816][ T3043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  220.278977][ T3043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.286792][ T3043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  220.311659][ T3043] veth1_macvtap: left promiscuous mode
[  220.317217][ T3043] veth0_macvtap: left promiscuous mode
[  220.323372][ T3043] veth1_vlan: left promiscuous mode
[  220.328738][ T3043] veth0_vlan: left promiscuous mode
[  220.723514][ T5244] Bluetooth: hci3: command tx timeout
[  221.213966][ T3043] team0 (unregistering): Port device team_slave_1 removed
[  221.304682][ T3043] team0 (unregistering): Port device team_slave_0 removed
[  222.207820][ T7802] netlink: 12 bytes leftover after parsing attributes in process `syz.3.484'.
[  222.219343][ T7554] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  222.241825][ T7554] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  222.271908][ T7554] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  222.321830][ T7554] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  222.863509][ T7554] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.930485][ T7554] 8021q: adding VLAN 0 to HW filter on device team0
[  222.944856][ T7825] netlink: 12 bytes leftover after parsing attributes in process `syz.3.491'.
[  222.971990][ T7827] loop4: detected capacity change from 0 to 256
[  222.978988][ T7827] exfat: Deprecated parameter 'namecase'
[  223.000491][ T7825] netlink: 'syz.3.491': attribute type 1 has an invalid length.
[  223.020001][ T7827] exfat: Deprecated parameter 'utf8'
[  223.027051][ T7825] netlink: 8 bytes leftover after parsing attributes in process `syz.3.491'.
[  223.039562][ T7827] exfat: Deprecated parameter 'utf8'
[  223.055043][ T2471] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.062243][ T2471] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.100092][ T7827] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010495, chksum : 0x07243141, utbl_chksum : 0xe619d30d)
[  223.106565][ T2471] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.119332][ T2471] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.458123][ T7622] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  223.505083][ T7622] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  223.560347][ T7622] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  223.596758][ T7622] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  223.723171][ T7554] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.934035][ T7554] veth0_vlan: entered promiscuous mode
[  224.011825][ T7554] veth1_vlan: entered promiscuous mode
[  224.027816][ T7622] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.157863][ T7622] 8021q: adding VLAN 0 to HW filter on device team0
[  224.206615][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.213807][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.281658][ T7554] veth0_macvtap: entered promiscuous mode
[  224.290493][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.297662][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.418379][ T7874] netlink: 'syz.4.497': attribute type 21 has an invalid length.
[  224.445084][ T7874] IPv6: NLM_F_CREATE should be specified when creating new route
[  224.552907][ T7554] veth1_macvtap: entered promiscuous mode
[  224.639070][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.656278][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.668709][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.687038][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.699675][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.724088][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.742935][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.759694][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.778375][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  224.817551][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.837311][ T7554] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.867235][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.879711][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.915955][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.957038][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.997621][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  225.032266][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.042010][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.069619][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  225.085053][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.100991][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.112309][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.122254][ T7554] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  225.134009][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.143885][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.152139][ T7554] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.165613][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.175153][ T7554] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.188875][ T7893] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  225.225094][ T7554] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.238400][ T7554] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.250186][ T7554] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.259478][ T7554] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.268864][ T7900] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(18)
[  225.276007][ T7900] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  225.316202][ T7900] vhci_hcd vhci_hcd.0: Device attached
[  225.326460][ T7902] vhci_hcd: connection closed
[  225.334843][   T35] vhci_hcd: stop threads
[  225.363756][   T35] vhci_hcd: release socket
[  225.398117][   T35] vhci_hcd: disconnect device
[  225.461589][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.488923][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.568527][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  225.584878][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.650643][ T7622] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.794732][ T7622] veth0_vlan: entered promiscuous mode
[  225.807155][ T7622] veth1_vlan: entered promiscuous mode
[  225.828375][ T7622] veth0_macvtap: entered promiscuous mode
[  225.838664][ T7622] veth1_macvtap: entered promiscuous mode
[  225.856278][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.866975][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.876930][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.887454][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.897556][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.908193][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.918245][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.929080][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.939897][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.951041][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.960946][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.971545][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.982816][ T7622] batman_adv: batadv0: Interface activated: batadv_slave_0
[  225.995317][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.005809][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.015688][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.026178][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.036937][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.048025][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.058145][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.070920][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.081250][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.091961][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.102078][ T7622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.112800][ T7622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.124158][ T7622] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.193597][ T7622] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.211538][ T7622] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.220299][ T7622] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.229122][ T7622] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.278692][ T5291] kernel write not supported for file /input/mouse0 (pid: 5291 comm: kworker/0:4)
[  226.376141][  T937] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  226.419385][ T2910] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.465924][ T2910] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.526891][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.552394][  T937] usb 2-1: Using ep0 maxpacket: 32
[  226.568923][  T937] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.583202][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.610549][  T937] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.640016][  T937] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  226.680238][  T937] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  226.713586][  T937] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  226.751858][  T937] usb 2-1: Product: syz
[  226.756774][  T937] usb 2-1: Manufacturer: syz
[  226.770956][  T937] usb 2-1: SerialNumber: syz
[  226.774821][ T5245] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  226.809529][  T937] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input10
[  226.825228][ T5245] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  227.133051][  T937] usb 2-1: USB disconnect, device number 4
[  227.389997][  T937] appletouch 2-1:1.0: input: appletouch disconnected
[  227.463802][ T7955] hsr0: entered promiscuous mode
[  227.499908][ T7955] hsr_slave_0: left promiscuous mode
[  227.524698][ T7955] hsr_slave_1: left promiscuous mode
[  227.645734][ T7955] hsr0 (unregistering): left promiscuous mode
[  227.708632][ T7938] loop4: detected capacity change from 0 to 32768
[  227.719688][ T7962] UHID_CREATE from different security context by process 188 (syz.3.513), this is not allowed.
[  227.754723][ T7938] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.512 (7938)
[  227.840464][ T7938] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  227.872617][ T7938] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  227.907525][ T7938] BTRFS info (device loop4): using free-space-tree
[  228.195501][ T7932] overlayfs: failed to resolve './file1': -2
[  228.301683][ T7938] loop4: detected capacity change from 32768 to 0
[  228.318364][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.318364][ T3043] loop4: rw=6145, sector=10440, nr_sectors = 8 limit=0
[  228.368579][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.368579][ T3043] loop4: rw=6145, sector=10448, nr_sectors = 8 limit=0
[  228.441420][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.441420][ T3043] loop4: rw=6145, sector=10456, nr_sectors = 8 limit=0
[  228.525190][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.525190][ T3043] loop4: rw=6145, sector=10464, nr_sectors = 8 limit=0
[  228.590374][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.590374][ T3043] loop4: rw=6145, sector=13440, nr_sectors = 8 limit=0
[  228.611655][   T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  228.640654][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.640654][ T3043] loop4: rw=6145, sector=13448, nr_sectors = 8 limit=0
[  228.689653][    C1] Unknown status report in ack skb
[  228.705332][ T3043] kworker/u8:12: attempt to access beyond end of device
[  228.705332][ T3043] loop4: rw=6145, sector=13456, nr_sectors = 8 limit=0
[  228.762115][ T3043] BTRFS: error (device loop4) in btrfs_commit_transaction:2524: errno=-5 IO failure (Error while writing out transaction)
[  228.775671][ T3043] BTRFS info (device loop4 state E): forced readonly
[  228.791833][   T25] usb 1-1: Using ep0 maxpacket: 16
[  228.802555][ T3043] BTRFS warning (device loop4 state E): Skipping commit of aborted transaction.
[  228.821509][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  228.821640][ T3043] BTRFS error (device loop4 state EA): Transaction aborted (error -5)
[  228.860735][   T25] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  228.868934][ T3043] BTRFS: error (device loop4 state EA) in cleanup_transaction:2017: errno=-5 IO failure
[  228.900590][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.914074][ T3043] BTRFS info (device loop4 state EA): cannot satisfy tickets, dumping space info
[  228.923837][ T3043] BTRFS info (device loop4 state EA): space_info DATA+METADATA has 1789952 free, is not full
[  228.934228][ T3043] BTRFS info (device loop4 state EA): space_info total=3276800, used=53248, pinned=0, reserved=0, may_use=1433600, readonly=0 zone_unusable=0
[  228.940324][   T25] usb 1-1: Product: syz
[  228.973837][   T29] audit: type=1800 audit(1729069944.896:49): pid=7938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.512" name="file2" dev="loop4" ino=261 res=0 errno=0
[  229.004020][   T25] usb 1-1: Manufacturer: syz
[  229.010109][   T25] usb 1-1: SerialNumber: syz
[  229.085367][ T6741] BTRFS info (device loop4 state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  229.381380][   T25] usb 1-1: config 0 descriptor??
[  229.400185][   T25] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  229.409775][   T25] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  229.534448][ T7967] loop1: detected capacity change from 0 to 40427
[  229.591336][ T7967] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x1fffff
[  229.647558][ T7967] F2FS-fs (loop1): invalid crc value
[  229.692026][ T7967] F2FS-fs (loop1): Found nat_bits in checkpoint
[  229.871391][ T7967] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  229.897807][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.011093][ T7554] syz-executor: attempt to access beyond end of device
[  230.011093][ T7554] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  230.038574][   T25] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  230.069955][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.089539][ T7554] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  230.103888][ T5344] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  230.114047][ T7554] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  230.227895][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.273131][ T5344] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  230.293436][ T5344] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  230.320492][ T5344] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  230.343424][ T5344] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.395802][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.396808][ T8016] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  230.504776][ T5344] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  230.693652][   T25] em28xx 1-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  230.722699][   T25] em28xx 1-1:0.0: board has no eeprom
[  230.774516][ T5344] usb 4-1: USB disconnect, device number 5
[  230.792893][   T35] bridge_slave_1: left allmulticast mode
[  230.798637][   T35] bridge_slave_1: left promiscuous mode
[  230.811392][   T25] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  230.832545][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.843120][   T25] em28xx 1-1:0.0: dvb set to bulk mode.
[  230.857030][ T5259] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  230.873051][ T5259] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  230.882629][ T5259] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  230.891549][ T5259] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  230.902747][ T5259] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  230.910040][ T5259] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  230.925770][   T35] bridge_slave_0: left allmulticast mode
[  230.957583][   T25] usb 1-1: USB disconnect, device number 7
[  230.989104][   T35] bridge_slave_0: left promiscuous mode
[  230.990030][   T25] em28xx 1-1:0.0: Disconnecting em28xx
[  231.000642][   T46] em28xx 1-1:0.0: Binding DVB extension
[  231.009789][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.032219][ T8031] overlayfs: refusing to follow metacopy origin for (/file0)
[  231.122421][   T46] em28xx 1-1:0.0: Registering input extension
[  231.149372][   T25] em28xx 1-1:0.0: Closing input extension
[  231.202269][   T25] em28xx 1-1:0.0: Freeing device
[  231.784860][ T8066] loop0: detected capacity change from 0 to 128
[  232.457419][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.490252][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.523901][   T35] bond0 (unregistering): Released all slaves
[  232.944069][ T8074] loop0: detected capacity change from 0 to 40427
[  232.956657][ T5244] Bluetooth: hci0: command tx timeout
[  233.028510][ T8074] F2FS-fs (loop0): Found nat_bits in checkpoint
[  233.178882][ T8074] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  233.191273][   T35] hsr_slave_0: left promiscuous mode
[  233.207139][   T35] hsr_slave_1: left promiscuous mode
[  233.232957][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.240489][ T8098] loop1: detected capacity change from 0 to 512
[  233.252457][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.270913][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.298904][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.312821][ T8098] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.344680][ T8098] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.392761][ T7622] F2FS-fs (loop0): Inconsistent error blkaddr:5633, sit bitmap:0
[  233.397170][   T35] veth1_macvtap: left promiscuous mode
[  233.404083][ T7622] CPU: 1 UID: 0 PID: 7622 Comm: syz-executor Not tainted 6.12.0-rc3-next-20241016-syzkaller #0
[  233.416332][ T7622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  233.426384][ T7622] Call Trace:
[  233.429657][ T7622]  <TASK>
[  233.432585][ T7622]  dump_stack_lvl+0x241/0x360
[  233.437274][ T7622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.442476][ T7622]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  233.448380][ T7622]  ? validate_chain+0x11e/0x5920
[  233.453317][ T7622]  __f2fs_is_valid_blkaddr+0xd4d/0x1460
[  233.458864][ T7622]  f2fs_map_blocks+0xdd4/0x4f10
[  233.463714][ T7622]  ? mark_lock+0x9a/0x360
[  233.468076][ T7622]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  233.473361][ T7622]  ? xa_load+0x2dd/0x350
[  233.477781][ T7622]  ? __pfx_xa_load+0x10/0x10
[  233.482368][ T7622]  ? cgroup_rstat_updated+0x13b/0xc60
[  233.487740][ T7622]  ? folio_index+0xab/0x350
[  233.492243][ T7622]  f2fs_mpage_readpages+0xcae/0x2140
[  233.497551][ T7622]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  233.503272][ T7622]  ? __folio_batch_add_and_move+0x81a/0xf00
[  233.509163][ T7622]  ? __pfx_lock_release+0x10/0x10
[  233.514181][ T7622]  ? rcu_is_watching+0x15/0xb0
[  233.518970][ T7622]  ? f2fs_readahead+0x184/0x340
[  233.523822][ T7622]  read_pages+0x17e/0x840
[  233.528154][ T7622]  ? percpu_ref_put+0x19/0x180
[  233.532921][ T7622]  ? __pfx_read_pages+0x10/0x10
[  233.537769][ T7622]  ? filemap_add_folio+0x26d/0x650
[  233.542883][ T7622]  ? __pfx_filemap_add_folio+0x10/0x10
[  233.548346][ T7622]  page_cache_ra_unbounded+0x774/0x8a0
[  233.553819][ T7622]  f2fs_readdir+0x5b9/0xbf0
[  233.558326][ T7622]  ? __pfx___might_resched+0x10/0x10
[  233.563624][ T7622]  ? __pfx_f2fs_readdir+0x10/0x10
[  233.568643][ T7622]  ? trace_contention_end+0x3c/0x120
[  233.573927][ T7622]  ? iterate_dir+0x20c/0x800
[  233.578516][ T7622]  ? fdget_pos+0x254/0x320
[  233.582934][ T7622]  ? end_current_label_crit_section+0x151/0x180
[  233.589170][ T7622]  ? common_file_perm+0x1a6/0x210
[  233.594194][ T7622]  iterate_dir+0x571/0x800
[  233.598611][ T7622]  __se_sys_getdents64+0x1d3/0x4a0
[  233.603729][ T7622]  ? __pfx___se_sys_getdents64+0x10/0x10
[  233.609355][ T7622]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  233.615337][ T7622]  ? __pfx_filldir64+0x10/0x10
[  233.620100][ T7622]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  233.626436][ T7622]  ? exc_page_fault+0x590/0x8c0
[  233.631295][ T7622]  ? do_syscall_64+0xb6/0x230
[  233.635967][ T7622]  do_syscall_64+0xf3/0x230
[  233.640488][ T7622]  ? clear_bhb_loop+0x35/0x90
[  233.645191][ T7622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.651093][ T7622] RIP: 0033:0x7f637cdb0193
[  233.655530][ T7622] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 42 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  233.675251][ T7622] RSP: 002b:00007ffc8dc926b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  233.683675][ T7622] RAX: ffffffffffffffda RBX: 0000555571b17600 RCX: 00007f637cdb0193
[  233.691818][ T7622] RDX: 0000000000008000 RSI: 0000555571b17600 RDI: 0000000000000005
[  233.699782][ T7622] RBP: 0000555571b175d4 R08: 0000000000000000 R09: 0000000000000000
[  233.707751][ T7622] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  233.715734][ T7622] R13: 0000000000000010 R14: 0000555571b175d0 R15: 00007ffc8dc94960
[  233.723729][ T7622]  </TASK>
[  233.743183][   T35] veth0_macvtap: left promiscuous mode
[  233.748826][   T35] veth1_vlan: left promiscuous mode
[  233.771520][   T35] veth0_vlan: left promiscuous mode
[  233.782703][ T7622] F2FS-fs (loop0): Inconsistent error blkaddr:5633, sit bitmap:0
[  233.790532][ T7622] CPU: 0 UID: 0 PID: 7622 Comm: syz-executor Not tainted 6.12.0-rc3-next-20241016-syzkaller #0
[  233.800872][ T7622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  233.810933][ T7622] Call Trace:
[  233.814209][ T7622]  <TASK>
[  233.817139][ T7622]  dump_stack_lvl+0x241/0x360
[  233.821836][ T7622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.827045][ T7622]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  233.832951][ T7622]  ? __pfx_f2fs_lookup_read_extent_cache_block+0x10/0x10
[  233.839980][ T7622]  __f2fs_is_valid_blkaddr+0xd4d/0x1460
[  233.845536][ T7622]  f2fs_get_read_data_page+0x41a/0x8f0
[  233.850999][ T7622]  ? __pfx_f2fs_get_read_data_page+0x10/0x10
[  233.857018][ T7622]  ? f2fs_put_page+0x214/0x640
[  233.861779][ T7622]  f2fs_find_data_page+0x94/0x360
[  233.866798][ T7622]  f2fs_readdir+0x5ce/0xbf0
[  233.871391][ T7622]  ? __pfx___might_resched+0x10/0x10
[  233.876692][ T7622]  ? __pfx_f2fs_readdir+0x10/0x10
[  233.881713][ T7622]  ? trace_contention_end+0x3c/0x120
[  233.887008][ T7622]  ? iterate_dir+0x20c/0x800
[  233.891609][ T7622]  ? fdget_pos+0x254/0x320
[  233.896037][ T7622]  ? end_current_label_crit_section+0x151/0x180
[  233.902277][ T7622]  ? common_file_perm+0x1a6/0x210
[  233.907306][ T7622]  iterate_dir+0x571/0x800
[  233.911730][ T7622]  __se_sys_getdents64+0x1d3/0x4a0
[  233.916856][ T7622]  ? __pfx___se_sys_getdents64+0x10/0x10
[  233.922491][ T7622]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  233.928476][ T7622]  ? __pfx_filldir64+0x10/0x10
[  233.933243][ T7622]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  233.939572][ T7622]  ? exc_page_fault+0x590/0x8c0
[  233.944428][ T7622]  ? do_syscall_64+0xb6/0x230
[  233.949104][ T7622]  do_syscall_64+0xf3/0x230
[  233.954042][ T7622]  ? clear_bhb_loop+0x35/0x90
[  233.958715][ T7622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.964625][ T7622] RIP: 0033:0x7f637cdb0193
[  233.969035][ T7622] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 42 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  233.988743][ T7622] RSP: 002b:00007ffc8dc926b8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  233.997173][ T7622] RAX: ffffffffffffffda RBX: 0000555571b17600 RCX: 00007f637cdb0193
[  234.005145][ T7622] RDX: 0000000000008000 RSI: 0000555571b17600 RDI: 0000000000000005
[  234.013116][ T7622] RBP: 0000555571b175d4 R08: 0000000000000000 R09: 0000000000000000
[  234.021093][ T7622] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  234.029063][ T7622] R13: 0000000000000010 R14: 0000555571b175d0 R15: 00007ffc8dc94960
[  234.037137][ T7622]  </TASK>
[  234.145061][ T2927] kworker/u8:8: attempt to access beyond end of device
[  234.145061][ T2927] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  234.159589][ T2927] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  234.166867][ T2927] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  234.173833][ T2927] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  234.180722][ T2927] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  234.240617][ T7554] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.038590][ T5244] Bluetooth: hci0: command tx timeout
[  235.388113][   T35] team0 (unregistering): Port device team_slave_1 removed
[  235.443479][   T35] team0 (unregistering): Port device team_slave_0 removed
[  236.033397][ T8128] netlink: 12 bytes leftover after parsing attributes in process `syz.1.550'.
[  236.043077][ T8128] netlink: 'syz.1.550': attribute type 29 has an invalid length.
[  236.055852][ T8139] bridge_slave_1: left allmulticast mode
[  236.062020][ T8139] bridge_slave_1: left promiscuous mode
[  236.068124][ T8139] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.432124][   T29] audit: type=1326 audit(1729069952.356:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.527498][ T8027] chnl_net:caif_netlink_parms(): no params data found
[  236.622679][   T29] audit: type=1326 audit(1729069952.536:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.755450][   T29] audit: type=1326 audit(1729069952.596:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.777957][   T29] audit: type=1326 audit(1729069952.656:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.824912][   T29] audit: type=1326 audit(1729069952.716:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.886554][   T29] audit: type=1326 audit(1729069952.776:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.912833][   T29] audit: type=1326 audit(1729069952.836:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  236.953211][ T8027] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.960352][ T8027] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.973275][ T8027] bridge_slave_0: entered allmulticast mode
[  236.980308][ T8027] bridge_slave_0: entered promiscuous mode
[  236.991567][   T29] audit: type=1326 audit(1729069952.896:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  237.031527][ T8027] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.038667][ T8027] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.085423][ T8027] bridge_slave_1: entered allmulticast mode
[  237.091703][   T29] audit: type=1326 audit(1729069952.956:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  237.130062][ T5244] Bluetooth: hci0: command tx timeout
[  237.137152][ T8027] bridge_slave_1: entered promiscuous mode
[  237.165532][   T29] audit: type=1326 audit(1729069953.016:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.2.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817c97dff9 code=0x7fc00000
[  237.277823][ T8027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.343592][ T8027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.445395][ T8027] team0: Port device team_slave_0 added
[  237.591833][ T5244] Bluetooth: hci1: command 0x0406 tx timeout
[  237.613716][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.685299][ T8027] team0: Port device team_slave_1 added
[  237.846391][ T5244] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  237.863438][ T5244] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  237.872695][ T5244] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  237.881817][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.892859][ T5244] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  237.903905][ T5244] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  237.922174][ T5244] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  237.968790][ T8027] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.984875][ T8027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.020911][ T8027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.099363][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.159940][ T8027] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.170854][ T8027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.196916][ T8027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.230478][  T937] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  238.388990][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.401144][  T937] usb 4-1: Using ep0 maxpacket: 8
[  238.417822][  T937] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  238.441898][  T937] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  238.466735][  T937] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  238.478037][  T937] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  238.496265][ T8027] hsr_slave_0: entered promiscuous mode
[  238.519277][ T8027] hsr_slave_1: entered promiscuous mode
[  238.563123][  T937] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  238.586237][  T937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.681335][ T1188] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  238.899975][   T35] bridge_slave_1: left allmulticast mode
[  238.906979][  T937] usb 4-1: usb_control_msg returned -32
[  238.909737][ T1188] usb 3-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[  238.924760][  T937] usbtmc 4-1:16.0: can't read capabilities
[  238.927754][ T1188] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.940267][ T1188] usb 3-1: Product: syz
[  238.940588][   T35] bridge_slave_1: left promiscuous mode
[  238.950199][ T1188] usb 3-1: Manufacturer: syz
[  238.960765][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.978962][   T35] bridge_slave_0: left allmulticast mode
[  238.980592][ T1188] usb 3-1: SerialNumber: syz
[  238.987263][   T35] bridge_slave_0: left promiscuous mode
[  238.995707][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.021857][ T1188] usb 3-1: config 0 descriptor??
[  239.043939][ T1188] usb 3-1: ucan: probing device on interface #0
[  239.059955][ T1188] usb 3-1: ucan: invalid EP count (0)
[  239.066582][ T1188] usb 3-1: ucan: probe failed; try to update the device firmware
[  239.191732][ T5259] Bluetooth: hci0: command tx timeout
[  239.602720][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.614963][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.625856][   T35] bond0 (unregistering): Released all slaves
[  239.842715][ T1188] usb 3-1: USB disconnect, device number 4
[  239.993037][ T5259] Bluetooth: hci3: command tx timeout
[  240.165199][ T8194] chnl_net:caif_netlink_parms(): no params data found
[  240.206561][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.215360][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.223874][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.233116][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.268263][   T35] veth1_macvtap: left promiscuous mode
[  240.282611][   T35] veth0_macvtap: left promiscuous mode
[  240.288393][   T35] veth1_vlan: left promiscuous mode
[  240.294962][   T35] veth0_vlan: left promiscuous mode
[  240.341265][ T1188] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  240.611117][ T1188] usb 2-1: Using ep0 maxpacket: 32
[  240.628008][ T1188] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  240.659660][ T1188] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.674575][ T1188] usb 2-1: config 0 descriptor??
[  240.719015][ T1188] gspca_main: nw80x-2.14.0 probing 055f:d001
[  240.999989][ T5344] usb 4-1: USB disconnect, device number 6
[  241.145029][ T8255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  241.479468][   T35] team0 (unregistering): Port device team_slave_1 removed
[  241.571323][   T35] team0 (unregistering): Port device team_slave_0 removed
[  242.071723][ T5259] Bluetooth: hci3: command tx timeout
[  242.378720][ T1188] gspca_nw80x: reg_w err -71
[  242.400125][ T1188] nw80x 2-1:0.0: probe with driver nw80x failed with error -71
[  242.415745][ T1188] usb 2-1: USB disconnect, device number 5
[  242.646221][  T937] IPVS: starting estimator thread 0...
[  242.680398][ T8282] IPVS: dh: SCTP 172.20.20.187:0 - no destination available
[  242.760905][ T8283] IPVS: using max 19 ests per chain, 45600 per kthread
[  244.171271][ T5259] Bluetooth: hci3: command tx timeout
[  246.751187][ T5259] Bluetooth: hci3: command tx timeout
[  252.299862][ T4908] ==================================================================
[  252.307977][ T4908] BUG: KASAN: slab-use-after-free in bpf_trace_run2+0xfa/0x540
[  252.315547][ T4908] Read of size 8 at addr ffff8880233f5618 by task dhcpcd/4908
[  252.323017][ T4908] 
[  252.325373][ T4908] CPU: 0 UID: 101 PID: 4908 Comm: dhcpcd Not tainted 6.12.0-rc3-next-20241016-syzkaller #0
[  252.335366][ T4908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  252.345433][ T4908] Call Trace:
[  252.348725][ T4908]  <TASK>
[  252.351669][ T4908]  dump_stack_lvl+0x241/0x360
[  252.356359][ T4908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.361578][ T4908]  ? __pfx__printk+0x10/0x10
[  252.366190][ T4908]  ? _printk+0xd5/0x120
[  252.370375][ T4908]  ? __virt_addr_valid+0x183/0x530
[  252.375502][ T4908]  ? __virt_addr_valid+0x183/0x530
[  252.380637][ T4908]  print_report+0x169/0x550
[  252.385161][ T4908]  ? __virt_addr_valid+0x183/0x530
[  252.390285][ T4908]  ? __virt_addr_valid+0x183/0x530
[  252.395410][ T4908]  ? __virt_addr_valid+0x45f/0x530
[  252.400537][ T4908]  ? __phys_addr+0xba/0x170
[  252.405058][ T4908]  ? bpf_trace_run2+0xfa/0x540
[  252.409841][ T4908]  kasan_report+0x143/0x180
[  252.414361][ T4908]  ? bpf_trace_run2+0xfa/0x540
[  252.419147][ T4908]  bpf_trace_run2+0xfa/0x540
[  252.423753][ T4908]  ? __pfx_lock_release+0x10/0x10
[  252.428787][ T4908]  ? __pfx_bpf_trace_run2+0x10/0x10
[  252.434011][ T4908]  ? __might_fault+0xc6/0x120
[  252.438701][ T4908]  ? trace_sys_enter+0x9d/0x150
[  252.443572][ T4908]  __bpf_trace_sys_enter+0x38/0x60
[  252.448703][ T4908]  trace_sys_enter+0xd9/0x150
[  252.453393][ T4908]  syscall_trace_enter+0xf8/0x150
[  252.458441][ T4908]  do_syscall_64+0xcc/0x230
[  252.462954][ T4908]  ? clear_bhb_loop+0x35/0x90
[  252.467635][ T4908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.473518][ T4908] RIP: 0033:0x7efe1e509ad5
[  252.477931][ T4908] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83
[  252.497531][ T4908] RSP: 002b:00007fffebdca760 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  252.505948][ T4908] RAX: ffffffffffffffda RBX: 000056245189de30 RCX: 00007efe1e509ad5
[  252.513928][ T4908] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000562451894e00
[  252.521888][ T4908] RBP: 00007fffebddade0 R08: 0000000000000008 R09: 0000000000000000
[  252.529846][ T4908] R10: 00007fffebddade0 R11: 0000000000000246 R12: 0000000000000000
[  252.537806][ T4908] R13: 00005624376d7610 R14: 00000000ffffffff R15: 0000562451a33440
[  252.545776][ T4908]  </TASK>
[  252.548778][ T4908] 
[  252.551096][ T4908] Allocated by task 8291:
[  252.555419][ T4908]  kasan_save_track+0x3f/0x80
[  252.560107][ T4908]  __kasan_kmalloc+0x98/0xb0
[  252.564702][ T4908]  __kmalloc_cache_noprof+0x243/0x390
[  252.570067][ T4908]  bpf_raw_tp_link_attach+0x2a0/0x6e0
[  252.575431][ T4908]  bpf_raw_tracepoint_open+0x177/0x1f0
[  252.580884][ T4908]  __sys_bpf+0x3c0/0x810
[  252.585135][ T4908]  __x64_sys_bpf+0x7c/0x90
[  252.589540][ T4908]  do_syscall_64+0xf3/0x230
[  252.594029][ T4908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.599905][ T4908] 
[  252.602221][ T4908] Freed by task 8293:
[  252.606202][ T4908]  kasan_save_track+0x3f/0x80
[  252.610880][ T4908]  kasan_save_free_info+0x40/0x50
[  252.615903][ T4908]  __kasan_slab_free+0x59/0x70
[  252.620667][ T4908]  kfree+0x1a0/0x460
[  252.624547][ T4908]  rcu_core+0xaaa/0x17a0
[  252.628778][ T4908]  handle_softirqs+0x2c5/0x980
[  252.633534][ T4908]  __irq_exit_rcu+0xf4/0x1c0
[  252.638119][ T4908]  irq_exit_rcu+0x9/0x30
[  252.642363][ T4908]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  252.647982][ T4908]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  252.653958][ T4908] 
[  252.656281][ T4908] Last potentially related work creation:
[  252.661990][ T4908]  kasan_save_stack+0x3f/0x60
[  252.666656][ T4908]  __kasan_record_aux_stack+0xac/0xc0
[  252.672038][ T4908]  call_rcu+0x167/0xa70
[  252.676188][ T4908]  bpf_link_release+0x78/0x90
[  252.680857][ T4908]  __fput+0x23c/0xa50
[  252.684824][ T4908]  task_work_run+0x24f/0x310
[  252.689399][ T4908]  do_exit+0xa2f/0x28e0
[  252.693544][ T4908]  do_group_exit+0x207/0x2c0
[  252.698122][ T4908]  get_signal+0x16a3/0x1740
[  252.702621][ T4908]  arch_do_signal_or_restart+0x96/0x860
[  252.708175][ T4908]  syscall_exit_to_user_mode+0xc9/0x370
[  252.713733][ T4908]  do_syscall_64+0x100/0x230
[  252.718390][ T4908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.724268][ T4908] 
[  252.726576][ T4908] The buggy address belongs to the object at ffff8880233f5600
[  252.726576][ T4908]  which belongs to the cache kmalloc-128 of size 128
[  252.740631][ T4908] The buggy address is located 24 bytes inside of
[  252.740631][ T4908]  freed 128-byte region [ffff8880233f5600, ffff8880233f5680)
[  252.754337][ T4908] 
[  252.756662][ T4908] The buggy address belongs to the physical page:
[  252.763091][ T4908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x233f5
[  252.771857][ T4908] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  252.778962][ T4908] page_type: f5(slab)
[  252.782934][ T4908] raw: 00fff00000000000 ffff88801ac41a00 ffffea0000a495c0 dead000000000002
[  252.791517][ T4908] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[  252.800083][ T4908] page dumped because: kasan: bad access detected
[  252.806508][ T4908] page_owner tracks the page as allocated
[  252.812220][ T4908] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6488, tgid 6488 (dhcpcd-run-hook), ts 153491438161, free_ts 152302168037
[  252.832176][ T4908]  post_alloc_hook+0x1f3/0x230
[  252.836932][ T4908]  get_page_from_freelist+0x3123/0x3270
[  252.842488][ T4908]  __alloc_pages_noprof+0x292/0x710
[  252.847674][ T4908]  alloc_slab_page+0x59/0x120
[  252.852349][ T4908]  allocate_slab+0x5a/0x2f0
[  252.856863][ T4908]  ___slab_alloc+0xcd1/0x14b0
[  252.861540][ T4908]  __slab_alloc+0x58/0xa0
[  252.865864][ T4908]  __kmalloc_node_noprof+0x2ee/0x4d0
[  252.871143][ T4908]  allocate_slab+0xb6/0x2f0
[  252.875631][ T4908]  ___slab_alloc+0xcd1/0x14b0
[  252.880308][ T4908]  __slab_alloc+0x58/0xa0
[  252.884643][ T4908]  kmem_cache_alloc_noprof+0x268/0x380
[  252.890093][ T4908]  vm_area_dup+0x27/0x290
[  252.894410][ T4908]  copy_mm+0xc94/0x1f80
[  252.898552][ T4908]  copy_process+0x1845/0x3d50
[  252.903247][ T4908]  kernel_clone+0x226/0x8f0
[  252.907777][ T4908] page last free pid 6461 tgid 6461 stack trace:
[  252.914102][ T4908]  free_unref_folios+0xf12/0x18d0
[  252.919120][ T4908]  folios_put_refs+0x76c/0x860
[  252.923880][ T4908]  free_pages_and_swap_cache+0x5c8/0x690
[  252.929518][ T4908]  tlb_flush_mmu+0x3a3/0x680
[  252.934104][ T4908]  tlb_finish_mmu+0xd4/0x200
[  252.938683][ T4908]  exit_mmap+0x496/0xc40
[  252.942917][ T4908]  __mmput+0x115/0x390
[  252.946978][ T4908]  exit_mm+0x220/0x310
[  252.951044][ T4908]  do_exit+0x9b2/0x28e0
[  252.955204][ T4908]  do_group_exit+0x207/0x2c0
[  252.959794][ T4908]  __x64_sys_exit_group+0x3f/0x40
[  252.964815][ T4908]  x64_sys_call+0x2634/0x2640
[  252.969501][ T4908]  do_syscall_64+0xf3/0x230
[  252.973988][ T4908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.979870][ T4908] 
[  252.982175][ T4908] Memory state around the buggy address:
[  252.987791][ T4908]  ffff8880233f5500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  252.995834][ T4908]  ffff8880233f5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  253.003894][ T4908] >ffff8880233f5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  253.011952][ T4908]                             ^
[  253.016814][ T4908]  ffff8880233f5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  253.024860][ T4908]  ffff8880233f5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[  253.032911][ T4908] ==================================================================
[  253.042782][ T4908] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  253.050012][ T4908] CPU: 0 UID: 101 PID: 4908 Comm: dhcpcd Not tainted 6.12.0-rc3-next-20241016-syzkaller #0
[  253.060008][ T4908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  253.070109][ T4908] Call Trace:
[  253.073399][ T4908]  <TASK>
[  253.076340][ T4908]  dump_stack_lvl+0x241/0x360
[  253.081034][ T4908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.086254][ T4908]  ? __pfx__printk+0x10/0x10
[  253.090870][ T4908]  ? vscnprintf+0x5d/0x90
[  253.095227][ T4908]  panic+0x349/0x880
[  253.099148][ T4908]  ? check_panic_on_warn+0x21/0xb0
[  253.104274][ T4908]  ? __pfx_panic+0x10/0x10
[  253.108704][ T4908]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  253.114597][ T4908]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  253.120486][ T4908]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  253.126894][ T4908]  ? print_report+0x502/0x550
[  253.131578][ T4908]  check_panic_on_warn+0x86/0xb0
[  253.136504][ T4908]  ? bpf_trace_run2+0xfa/0x540
[  253.141292][ T4908]  end_report+0x77/0x160
[  253.145549][ T4908]  kasan_report+0x154/0x180
[  253.150062][ T4908]  ? bpf_trace_run2+0xfa/0x540
[  253.154815][ T4908]  bpf_trace_run2+0xfa/0x540
[  253.159396][ T4908]  ? __pfx_lock_release+0x10/0x10
[  253.164407][ T4908]  ? __pfx_bpf_trace_run2+0x10/0x10
[  253.169601][ T4908]  ? __might_fault+0xc6/0x120
[  253.174268][ T4908]  ? trace_sys_enter+0x9d/0x150
[  253.179141][ T4908]  __bpf_trace_sys_enter+0x38/0x60
[  253.184241][ T4908]  trace_sys_enter+0xd9/0x150
[  253.188906][ T4908]  syscall_trace_enter+0xf8/0x150
[  253.193924][ T4908]  do_syscall_64+0xcc/0x230
[  253.198430][ T4908]  ? clear_bhb_loop+0x35/0x90
[  253.203099][ T4908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.208989][ T4908] RIP: 0033:0x7efe1e509ad5
[  253.213393][ T4908] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83
[  253.232991][ T4908] RSP: 002b:00007fffebdca760 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  253.241492][ T4908] RAX: ffffffffffffffda RBX: 000056245189de30 RCX: 00007efe1e509ad5
[  253.249475][ T4908] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000562451894e00
[  253.257448][ T4908] RBP: 00007fffebddade0 R08: 0000000000000008 R09: 0000000000000000
[  253.265413][ T4908] R10: 00007fffebddade0 R11: 0000000000000246 R12: 0000000000000000
[  253.273373][ T4908] R13: 00005624376d7610 R14: 00000000ffffffff R15: 0000562451a33440
[  253.281349][ T4908]  </TASK>
[  253.284604][ T4908] Kernel Offset: disabled
[  253.288918][ T4908] Rebooting in 86400 seconds..