last executing test programs:

7.460909189s ago: executing program 4 (id=548):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)

7.240123598s ago: executing program 4 (id=553):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020e1ff2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000a000000b703000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000808500000004"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r0}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'tunl0\x00', 0x0})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=@newsa={0xf0, 0x10, 0x0, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {}, @in6=@empty}}, 0xf0}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r4}, 0x10)
r5 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x0, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@map=r7, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="5200030007"], 0xd)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r9, &(0x7f0000000200), 0x43400)

7.120086683s ago: executing program 4 (id=554):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x83c0550b, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r2, 0x5b01, 0x0)

5.882715113s ago: executing program 2 (id=563):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x9f)

5.442541071s ago: executing program 2 (id=567):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x10000, &(0x7f0000001900)=ANY=[], 0xfd, 0x222, &(0x7f00000016c0)="$eJzs2k2LW2UUB/Bz25HWKdNEfKMF8UE3urk0Wblw0UFaEAOKNoIK0lvnRkMyyZAbBiLSzs6tH8G1uHQnSL/AbPwEXbibzSy7EK+0KZ0X4mIQJ9j5/TY5cPKH5+FcLmdx9979YXPQq/JeMY1zWRYr12MnHmbRjHNxPuZ24u277zx47ZPPPv9gvdO58XFKN9dvtdoppcuv//bFdz+/cX966dNfLv96IXabX+7tt//YfWX3yt5ft77pV6lfpdF4mop0ZzyeFneGZdroV4M8pY+GZVGVqT+qysmRfm843tqapWK0sba6NSmrKhWjWRqUszQdp+lkloqvi/4o5Xme1laDf6P708O6jv36udtR1/XzP8al+7H2IBqRvZCyF69nL9/OXt3JruzXdWPZR+U/Yf5nm/mfbeZ/th1a6i5GbH6/3d3uzn/n/fVe9GMYZVyLRvwZjx6TJ+b1zfc7N66lx5qRNu89yd/b7p4/mm9FI5qL8615Ph3NX4jVw/l2NOKlxfn2wvzFeOvNQ/k8GvH7VzGOYWzEo+xB/m4rpfc+7BzLX338PwCAZ02enlq4v+X5P/Xn+RPsh8f2q5W4urLcuxNRzb4dFMNhOVEoFIqnxbLfTJyGg6Ev+yQAAAAAAAAAAACcxGl8TrjsOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w9/BwAA///8j/If")
pipe2$9p(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

4.693215671s ago: executing program 2 (id=570):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
ptrace$ARCH_SHSTK_ENABLE(0x1e, 0x0, 0x1, 0x5001)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregset(0x4205, r0, 0x201, &(0x7f00000000c0)={0x0})

4.535968617s ago: executing program 2 (id=572):
r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000003c0)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@nossd}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000000)={{}, {@void, @actul_num={@void}}})

4.017386478s ago: executing program 4 (id=577):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000040)=0xfffffffc)

3.647006323s ago: executing program 1 (id=579):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0x13, &(0x7f00000001c0)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRESHEX=0x0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90)
syz_emit_ethernet(0x8a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaac4bc9cac968686dd6000000000541100"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x5, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/131, 0x83}}], 0x400000000000205, 0x40002041, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000400)='io\x00')
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
getpid()
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(r4, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_emit_ethernet(0x32, &(0x7f0000000280)={@link_local, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @multicast1}, {{0x0, 0x6558, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d8621b", 0x0, "2c0c0e"}}}}}}, 0x0)
ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffefffb, 0x0, "da6cd1122d1d837f65d3fe6ba6439cddec04ed"})
lseek(r2, 0x8, 0x0)

3.543933787s ago: executing program 3 (id=580):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x3, 0xf000, 0x2000, &(0x7f00003ec000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)

3.396134313s ago: executing program 1 (id=581):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000240)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "e4"}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

3.238616969s ago: executing program 3 (id=582):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r0, &(0x7f0000000980)='./file0\x00', 0x0)

2.445206921s ago: executing program 1 (id=584):
gettid()
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, &(0x7f0000000400)=@in={0x2, 0x0, @broadcast}, &(0x7f00000000c0)=0x80, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000001840)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000780)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x0, @empty}], 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="e9", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x7c, &(0x7f0000000340)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000000040)=0x90)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2.287162428s ago: executing program 3 (id=586):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000780)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000900)=""/200, 0xc8}, {0x0}, {0x0}, {&(0x7f0000000440)=""/123, 0xfffffe34}, {&(0x7f00000004c0)=""/203, 0xcb}, {&(0x7f0000000000)=""/149, 0x95}], 0x6, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}], 0x1, 0x0, 0x0)

2.061245997s ago: executing program 0 (id=587):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000008c0)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv6=@icmpv6={0x0, 0x6, "54d9b0", 0x39, 0x3a, 0x0, @mcast2, @private1, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [{0x0, 0x2, "b0dcc4a3616748a199e53d96e28516"}]}}}}}, 0x73)

1.923677202s ago: executing program 1 (id=588):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000000)={[{@errors_continue}]}, 0x1, 0x4be, &(0x7f0000000a00)="$eJzs3c9vG1UeAPCv7SZN0uz2x+5h28O22lbqQtW4TdQkQr30hIRUQO2BYxUSNypx4ih2ShPlkEoc4I6gEifEoX8Agis9cewVeoIzUgUhJUKikpHHdppfLgbSWMp8PtLUb+ZN/X0v1vdp5o3HE0Bqnar9k4noj4iHEXG4vrp5h1P1l7WVpfHakolq9fqPmWS/1ZWl8eauzf93KCKWI6InIq69GvF2Znvc8sLi1FixWJhrrOcr07P58sLi+VvTY5OFycLM0MjgyOjw8MjopV3r63t3rrzx0S9X3v/sm/vfvZP54kytWf2Nuo392E31rnfF0Q3bDkTE5RcRrANyjf70droh/CW1z+9fEXE6yf/DkUs+TSANqtVq9Wn1YKvq5Sqwb2WTY+BMdiAi6uVsdmCgfgz/7+jLFkvlyrmbpfmZifqx8pHoyt68VSxcaJwrHImuTG39YlJ+tj64ZX0oIjkG/jDXm6wPjJeKE3s71AFbHNqS/09y9fwHUsIpP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q/pJf8hveQ/pJf8h/SS/5BKb169Wluqa4373yduL8xPlW6fnyiUpwam58cHxktzswOTpdJkcs/O9B+9X7FUmh2Kmfk7+UqhXMmXFxZvTJfmZyo3kvv6bxS69qRXQDuOnnzwKBMRy6/0JktNd6NOrsL+Vq1motP3IAOdkev0AAR0jKk/SC/n+MAOP9G7SU+ritndbwuwN7LPii1THNifzh53/Q/Syvw/pJf5f0gvx/iA+X9In2ynGwB0TH+L53/9Y8Ozuy5ExD8j4ttc18Hms76A/SD7Q6bVPOCZiO7Mr8klgu6IePeT6x/fGatU5i7Wtv+0vr1yr7F9sP2o3bvWfqBdzTxt5jEAkF6rK0vjzWUv4z6+Uj/5qMVdayz1mgONucme5Bpl32pm0zlKy3OWP2n5bkT8J+LJytJ4c2lGqD/vvH7lo281ty3+scZrpv4WSXsPJM9Nj7a/Tv134h/fEP+/G+Kf2IW/C6TBg9r4c2H7+HewkdOxnn+bx5/+XfruRHP8W9s2/mXXx79ci/HvZJsxLuffWm0Z/27EiR3jN+P1JLG2xq+17Wyb8b/+4OeHreqqn9bfZ6f4TbVSvjI9my8vLJ5PfkdusjAzNDI4Mjo8PDJ6KZ/MUeebM9XbPfrf06+e1/++FvF36n/3hja91Gb/f7v35blTz4n//9M7f/7Hdojf1BsRL7cZ/7XPv7/Wqq4Wf6JF/7Mt4mcilmvbhtqMf/3+49fb3BUA2APlhcWpsWKxMKegoKCwXuj0yAS8aM+SvtMtAQAAAAAAAAAAANq1F18n7nQfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g98DAAD//3wG2HA=")
lchown(&(0x7f0000000080)='./file1\x00', 0xee01, 0xffffffffffffffff)

1.855141105s ago: executing program 0 (id=589):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r6, 0x200004)
read$FUSE(r5, &(0x7f00000023c0)={0x2020}, 0xfffffe9f)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)

1.515760489s ago: executing program 4 (id=590):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="4dc07f947163300c", 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="a1", 0x1}, {&(0x7f0000000280)="5991f1eb35b0cc", 0x7}], 0x2}}], 0x1, 0x0)

1.514258869s ago: executing program 2 (id=591):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)

651.599173ms ago: executing program 3 (id=592):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000dc0)={[{@type={'type', 0x3d, "cc296dd2"}}, {@umask={'umask', 0x3d, 0x4b}}, {@nobarrier}, {@uid}, {@nls={'nls', 0x3d, 'maccroatian'}}, {@gid}, {@gid}, {@force}]}, 0x3, 0x5d3, &(0x7f00000006c0)="$eJzs3c9rHOcZB/Dv7MqyZIOzSewk/QEVLpQSU1vS2nUKharFFB1MSegllxxEvY6F106QNkXJobjFf0h6UK/p2fTgg8+95yTosVDoJSB6cZnZ2dXGlmUpkbTr+PPB78777jvzzDuPZ152ZgUb4KW1/H5OPEyR5QvXN8r21ma7u7XZvjOoJzmZpFH9y1RZ/VfSvJ/MpV/yvSRFHa541n7e++DBV1+2vzjdbzXqUq3f3Gu7/blXlyzVg1w6xHiPvnW8YniEZdBrg+CT4PHz/fcId988wtgcQPGM/4tWcirJTD0PDE7cxvGO7vBNzAUIAAAAR+iV7WxnI2fGPQ4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4kdS//1/UpTGoz6UY/P7/dP1e6voL7eG4BwAAAAAAAAAAh+BH29nORs4M2o+L6jv/81XjbPV6Op9kPZ2s5WI2spJeelnLQpLWSKDpjZVeb21hH1su7rrl4vEcLwAAAAAAAAB8R/0lyzvf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCQokmZ/UZWzg3orjakkM0mmy/XuJf8Y1F9kD8c9AAAAADgGr2xnOxs5M2g/Lqp7/jeq+/6ZfJK76WU1vXTTyY3qWUD/rr+xtdnubm2275Tl6bi//s+BhlFFTP/Zw+57nq/WODfcYjm/ze9zIXN5N2tZzR+zkl46mcu1qraSIq366UVrMM7dx7v0tda7zxvrW9VIZnMzq9XYLuYP+Sjd3EijOoZqnb33+OcyO8WvavvM0Y16WSTFD+ojmwytKiMnhhmZr3NfZuPVvTNxwPPkyT0tpDF8BnX2CHJ+ql6WOZ+Z6Jwvjpx9b+ydieT89a3mre7d27durl+YnEP6hp7MRHskE2++VJmYrrPRn0UPNluer7Y9k9X8Lh/lRjq5kqu5ksv5edpZyNXqWhvk9dw+rrXGwa61H/+0rryWFLP95YQo8/rqSF5HZ7pW1Tf6zk6WXjv8GWnq+3WlmRRTwzFNgiczMXq+vL53Jv76uHxd7969vXZr5eN97u8n9bKcm09O1Nw8XZ+9U1Xr62dH2ff6rn0LVd/ZYV/jqb5zw77nXanT9We4pyMtVn1v7trXrvreGunb7VMOABPv1Nunpmf/PfvP2c9n78/emr0+85uT75z84XROPJp60Px742+NXxZv5/P8aef+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+ObWP/3s9kq321lTUVFRGVbGPTNxHC717nx8af3Tz362emflw86HnbvvLF5evLxw9covLt1c7Xbm+6/jHiVHZeeiH/dIAAAAAAAAAAAAOIjj+HPScR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL47l93PiYYoszF+cL9tbm+1uWQb1nTUbSabK5f+S5v1kLv2S1ki44ln7ee+DB1992f7i9E6sxmD95l7b7c+9umSpHuTSIcZ79K3jFcMjLINeGwSHcft/AAAA///15iAT")
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)

646.906003ms ago: executing program 1 (id=593):
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000000)=@NCI_OP_CORE_SET_CONFIG_RSP={0x0, 0x0, 0x2, 0x2, 0x2, {0x3, 0x1, '~'}}, 0x6)

646.355883ms ago: executing program 4 (id=594):
sched_setscheduler(0x0, 0x1, &(0x7f0000000840)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x2, 0x3, 0xff)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x2, @local}, 0x10)
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r3, &(0x7f0000002fc0)=[{{0x0, 0x600, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000500)="7dcc2c9d4eaf588822e6a9cc8eec13d9754bb76c", 0x14}], 0x302}}], 0x2, 0x0)

642.080944ms ago: executing program 0 (id=595):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000200)="67a818beb2c030ce59945b", 0xb}, {&(0x7f0000000300), 0x400000}, {0x0}], 0x3)
shutdown(r0, 0x1)

473.566941ms ago: executing program 3 (id=596):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000120000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r3}, 0x9)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})

458.804481ms ago: executing program 0 (id=597):
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040))

354.523105ms ago: executing program 0 (id=598):
pause()
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
write$binfmt_script(r3, &(0x7f0000000340), 0xffffff46)
dup3(r3, r2, 0x0)
sendmsg$netlink(r2, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)=ANY=[], 0xf0}], 0x1}, 0x0)
close(r2)
socket$inet_udp(0x2, 0x2, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @local}, 0x80, 0x0}, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e24, @multicast2}, 0x10)
clock_gettime(0x0, &(0x7f00000000c0)={<r4=>0x0, <r5=>0x0})
timer_settime(0x0, 0x1, &(0x7f000006b000)={{0x77359400}, {r4, r5+60000000}}, 0x0)
rt_sigreturn()
listen(r1, 0x0)
accept4$inet6(r1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={<r6=>0xffffffffffffffff})
write$binfmt_script(r6, &(0x7f0000000340), 0xffffff46)

168.145343ms ago: executing program 3 (id=599):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000008c0)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv6=@icmpv6={0x0, 0x6, "54d9b0", 0x39, 0x3a, 0x0, @mcast2, @private1, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [{0x0, 0x2, "b0dcc4a3616748a199e53d96e28516"}]}}}}}, 0x73)

70.032667ms ago: executing program 0 (id=600):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000800)=@framed, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
setregid(0xffffffffffffffff, r1)
syz_mount_image$reiserfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x800c, &(0x7f00000000c0), 0x0, 0x111d, &(0x7f0000001480)="$eJzs2LFqFEEcBvBv9k7NobBy6RcLCwsJkbNWUyhca6uNSipT5SpFMA9jY+eDaCr7kF6LPMHK3eayCOFUkrPQ3w+Wmf3PNzsz5U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbph8K8lmlYyXtSpJSZrmcHqcpFnWb34eVCl5ujudPd6fPJl1sVQpz5Iyn5Xy8UGXnYwn43vj+5s7t7/M3rx9/WJvb3d/MfDyekmTo5NLPcUop3sZrAjNN7hxlgYAAID/R3th9e8t9OnGmtYHAAAAfuVybxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/lxb9/2ry06VpCRNczg9TtKcM+/KX9ofAAAAcHElVZ7X59W7a4De3Xyty1m97Tyssp0PdUaLyLBPV6sWXTkIAAAA/7z22qK5lXLQ/yaX933gToZ9fZEcZmurez9t8n0nGeRgY/vnb48eJTk6efdq/pR2sO6zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9iBYwEAAAAAYf7WaXRsAAAAAAAAAAAAAAAAAAAAAAAAAADAXgEAAP//1gXd9g==")

62.323787ms ago: executing program 1 (id=601):
r0 = socket$xdp(0x2c, 0x3, 0x0)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="1401000029000100000000000000000004010080810000008acbfcdf685906d9037227a090d01e3f1e9f062386416246d88f61e4f3591a1c78c75eea128bdabb4feaf12ee8b14535654293f995c6b1afbafe4a28d39d896a71245f40c4d88416245322d732fc100627ed381a9c8d1eb2f71bcce8aff4eb658cd1c7adb76faf7b94c4cd6e9e59ebe8439c15e1784b0a44fd4b69544f000000040010"], 0x114}], 0x1}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x1a1000a, &(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYRES8, @ANYRES8, @ANYRESDEC], 0x0, 0x151f, &(0x7f00000001c0)="$eJzs3AucT9X6MPDnWWtthqRfk1yGtdaz+aXBMiTJJUkuSZIcSXJLCE2SJCTGXdKQ5H6ZJJchJJdpTBr3+yX3JEmaJAkJSdb7mY5e55zO/98553/e1/ueeb6fz/7s9ey9n7XXnmdmfnvt+cz+tseoOs3q1mxCRPA/gn9eJQFADAAMA4AbACAAgIqxFWOz9+eRmPQ/Own793ok9VqPgF1LXP+cjev/nyr4h47i+udsXP+cjeufs3H9cyT/W4Prn7Nx/RnLyXbMLXIjLzl34ef/ORl//v8HySo75ctNZW/u+U+kcP1zNq5/zsb1z9m4/jkb1z9n4/rnbFz/nI3rz1hO9q8/O/7HcoP/B55x/6vLhBzw95Fr/f3HGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyxnuOCvUgDw25oxxhhjjDHGGGP/OXzuaz0CxhhjjDHGGGOM/Z+HIECCggByQW6IgTyQF66DfHA95IcbAK8cVQBuhoJQCApDEYiDolAMNBiwQBBCcSgBUbgFSsKtEA+loDSUAQdlIQHKQXm4DSrA7VAR7oBKcCdUhipQFarBXVAd7oYacA/UhHuhFtSGOlAX7oN6cD/UhwegATwIDeEhaAQPQ2P4EzSBR6ApPArN4DFoDo9DC2gJraA1tPmX8l+CPvAy9IV+kAT9YQAMhEEwGIbAUBgGr8BweBVGwGuQDCNhFLwOo+ENGANvwlgYB+NhAkyESTAZpsBUmAYp8BZMh7dhBrwDM2EWzIY5kApzYR68C/NhASyE92ARvA+LYQkshWWQBh9AOiyHDPgQVsBHkAkrYRWshjWwFtbBetgAG2ETbIYtsBW2wXbYAR/DTtgFu2EP7IV9sB8+gQPwKRyEz+AQfP5P5p//m/yeCAgoUKBChbkwF8ZgDObFvJgP82F+zI8RjGAsxmIBLIAFsSAWxsIYh3FYDIuhQYOEhMWxOEYxiiWxJMZjPJbG0ujQYQImYHm8DStgBayIFbESVsLKWAWrYDWshtWxOtbAGlgTa2ItrIV1sA7eh/fh/Vgf62MDbIANsSE2wkbYGBtjE2yCTbEpNsNm2BybYwtsga2wFbbBNtgW22I7bIcdsAN2xI7YGTtjIiZiF+yCXbErdsNu2B27Yw/sgT2xF/bCl/AlfBlfxn5YS/THATgAB+EgHIJDcSi+gsPxVXwVX8NkHImj8HV8Hd/AMXgOx+I4HI/jsbqYhJNxCpKYhimYgtNxOs7AGTgTZ+EsnIOpOBfn4TycjwtwAb6Hi/B9fB+X4BJchmmYhum4HDMwA1fgeczElbgKV+MaXItrcD1uwPW4CTfjJtyKW3E7bseP8WPchbtwD+7BfagA8BP8FD/FZDyEh/AwHsYjeASP4lHMwiw8hsfwOB7HE3gCT+JJPIWn8QyexrN4Fs/hebyAF/AiXsRL+ELc1033ldqYDCKbEkrkErlEjIgReUVekU/kE/lFfhERERErYkUBUUAUFAVFYVFYxIk4UUwUE0YYQSIUxUVxERVRUVKUFPEiXpQWpYUTTiSIBFFelBcVRAVRUdwhKok7RWVRRbR31UQ1UV10cDXEPaKmqClqidqijqgr6op6op6oL+qLBqKBaCgaikbiYdFY9Mch+IjIrkwzMRKbi1HYQrQUrURr8QY+IdqKMdhOtBcdxFNiHI7FzqKtSxTPiC5iMnYVz4kp+LzoLqZhD/Gi6Cl6id7iJdFHtHN9RT8xE/uLAWIODhKDxRAxVMzH2iK7YnXEayJZjBSjxOtiGb4hxog3xVgxTowXE8REMUlMFlPEVDFNpIi3xHTxtpgh3hEzxSwxW8wRqWKumCfeFfPFArFQvCcWiffFYrFELBXLRJr4QKSL5SJDfChWiI9EplgpVonVYo1YK9aJ9WKD2Cg2ic1ii9gqtontYof4WOwUu8RusUfsFfvEfvGJOCA+FQfFZ+KQ+FwcFl+II+JLcVR8JbLE1+KY+EYcF9+KE+I7cVJ8L06J0+KM+EGcFT+Kc+K8uCB+EhfFz+KS+EVcFl6ARCmklEoGMpfMLWNkHplXXifzyetlfnmDjMgbZay8SRaQN8uCspAsLIvIOFlUFpNaGmklyVAWlyVkVN4iS8pbZbwsJUvLMtLJsjJBlpPl5W2ygrxdVpR3yEryTllZVpFVZTV5l6wu75Y15D2yprxX1pK1ZR1ZV94n68n7ZX35gGwgH5QN5UOykXxYNpZ/kk3kI7KpfFQ2k4/J5vJx2UK2lK1ka9lGPiHbyidlO9ledpBPyY6yk+wsn5aJ8hnZRT4ru8rnZDf5vOwuX5A95Iuyp+wle8tf5GXpZV/ZTybJ/nKAHCgHycFyiBwqh8lX5HD5qhwhX5PJcqQcJV+Xo+Ubcox8U46V4+R4OUFOlJPkZDlFTpXTZIp8S06Xb8sZ8h05U86Ss+UcmSrnyiFXelr4D+S//XfyR/x69u1yh/xY7pS75G65R+6V++R+uV8ekAfkQXlQHpKH5GF5WB6RR+RReVRmySx5TB6Tx+VxeUKekCflSXlKnpY/yR/kWfmjPCfPy/PyJ3lRXpSXrnwNQKESSiqlApVL5VYxKo/Kq65T+dT1Kr+6QUXUjSpW3aQKqJtVQVVIFVZFVJwqqooprYyyilSoiqsSKqpu+e1WQZVWZZRTZVWCKvfP5KuS6lYVr0r9Vf4fja+NaqPaqraqnWqnOqgOqqPqqDqrzipRJaouqovqqrqqbqqb6q66qx6qh+qpeqreqrfqo/qovqqvSlJJaoAaqAapwWqIGqqGqVfUcDVcjVAjVLJKVqPUKDVajVZj1Bg1Vo1V49V4NVFNVJPVZDVVTVUpKkVNV9PVDDVDzVQz1Ww1W6WqVDVPzVPz1Xy1UC1Ui9QitVgtVkvVUpWm0lS6SlcZKkOtUCtUplqpVqrVarVaq9aq9Wq92qg2qs1qs9qqtqpMtUPtUDvVTrVb7VZ71V61X+1XB9QBdVAdVIfUIXVYHVZH1BF1VB1VWSpLHVPH1HF1XJ1QJ9RJdVKdUqfUGXVGnVVn1Tl1Tl1QF9RFdVFdUpfUZXU5+7YvEIEIVKCCXEGuICaICfIGeYN8Qb4gf5A/iASRIDaIDQoENwcFg0JB4aBIEBcUDYoFOjCBDSgIg+JBiSAa3BKUDG4N4oNSQemgTOCCskFCUC4oH9wWVAhuDyoGdwSVgjuDykGVoGpQLbgrqB7cHdQI7glqBvcGtYLaQZ2gbnBfUC+4P6gfPBA0CB4MGgYPBY2Ch4PGwZ+CJsEjQdPg0aBZ8FjQPHg8aBG0DFoFrYM2/9b+vT9X6EnXV/fTSbq/HqAH6kF6sB6ih+ph+hU9XL+qR+jXdLIeqUfp1/Vo/YYeo9/UY/U4PV5P0BP1JD1ZT9FT9TSdot/S0/XbeoZ+R8/Us/RsPUen6rl6nn5Xz9cL9EL9nl6k39eL9RK9VC/TafoDna6X6wz9oV6hP9KZeqVepVfrNXqtXqfX6w16o96kN+steqveprfrHfpjvVPv0rv1Hr1X79P79Sf6gP5UH9Sf6UP6c31Yf6GP6C/1Uf2VztJf62P6G31cf6tP6O/0Sf29PqVP6zP6B31W/6jP6fP6gv5JX9Q/60v6F31Z++yb++yPd6OMMrlMLhNjYkxek9fkM/lMfpPfREzExJpYU8AUMAVNQVPYFDZxJs4UM8VMNjJkipviJmqipqQpaeJNvCltShtnnEkwCaa8KW8qmAqmoqloKplKprKpbKqaquYuc5e529xt7jH3mHvNvaa2qW3qmrqmnqln6pv6poFpYBqahqaRaWQam8amiWlimpqmpplpZpqb5qaFaWFamVamjWlj2pq2pp1pZzqYDqaj6Wg6m84m0SSaLqaL6Wq6mm6mm+luupsepofpaXqa3qa36WP6mL6mr0kySWaAGWAGmUFmiBlihplhZrgZbkaYESbZJJtRZpQZbUabMWaMGWvGmfFmgploJpnJZoqZaqaZFJNippvpZoaZYWaamWa2mW1STaqZZ+aZ+Wa+WWgWmkVmkVlsFpulZqlJM2km3aSbDJNhVpgVJtNkmlVmlVlj1ph1Zp3ZYDaYTWaT2WK2mG1mm9lhdpidZqfZbXabvWav2W/2mwPmgDloDppD5pA5bA57BDBHzVGTZbLMMXPMHDfHzQlzwpw0J80pc8qcMWfMWXPWnDPnzAVzwVw0P5tL5hdz2XgTY/PYvPY6m89eb/PbG+zfxoVtERtni9piVtuCttBfxcZaG29L2dK/TTFtORsfk70uY50taxNsOVvZVrFVbTV7l61u77Y1fhfXs/fb+vYB28A+aOva+/4qbmgfso3sY7axfdw2sS1tU9vaNrOP2eb2cdvCtrStbGvb0Xayne3TNtE+Y7vYZ38Xp9vldoPdaDfZzfaA/dResD/Z4/Zbe9H+bPvafnaYfcUOt6/aEfY1m2xH/i4ebyfYiXaSnWyn2Kl22u/i2XaOTbVz7Tz7rp1vF/wuTrMf2EU2wy62S+xSu+zXOHtMGfZDu8J+ZDPtSrvKrrZr7Fq7zq7/32NdbbfabXa73W8/sTvtLrvb7rF77b5f4+zrOGg/s4fs5/aY/cYesV/ao/aEzbJf/xpnX98J+509ab+3p+xpe8b+YM/aH+05ez77+n32tf9gf7GXrbdASIIkKQooF+WmGMpDeek6ykfXU366gSJ0I8XSTVSAbqaCVIgKUxGKo6JUjDQZskQUUnEqQVG6hUrSrRRPpag0lSFHZSmBylF5uo0q0O1Uke6gSnQnVaYqVJWq0V1Une6mGnQP1aR7qRbVpjpUl+6jenQ/1acHqAE9SA3pIWpED1Nj+hM1oUeoKT1Kzegxak6PUwtqSa2oNbWhJ6gtPUntqD11oKeoI3WizvQ0JdIz1IWepa70HHWj56k7vUA96EXqSb2oN71Efehl6kv9KIn60wAaSINoMA2hoTSMXqHh9CqNoNcomUbSKHqdRtMbNIbepLE0jsbTBJpIk2gyTaGpNI1S6C2aTm/TDHqHZtIsmk1zKJXm0jx6l+bTAlpI79Eiep8W0xJaSssojT6gdFpOGfQhraCPKJNW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+20gz6mnbSLdtMe2kv7aD99Qgcoz5UfuM/pMH1BR+hLOkpfURZ9TcfoGzpO39IJ+o5O0vd0ik7TGfqBztKPdI7O0wX6iS7Sz3SJfqHL5AlCDEUoQxUGYa4wdxgT5gnzhteF+cLrw/zhDWEkvDGMDW8KC4Q3hwXDQmHhsEgYFxYNi4U6NKENKQzD4mGJMBreEpYMbw3jw1Jh6bBM6MKyYUJYLiwf3hZWCG8PK4Z3hJXCO8PKYZXwsQerhXeF1cO7wxrhPWHN8N6wVlg7rBPWDe8L64X3h/XDB8IG4YNhhfChsFH4cAhX/l+lafho2Cx8LGwePh62CFuGrcLWYZvwibBt+GTYLmwfdgifCjuGncLO4dNhYvhM2CV89g/3J4X9wwHhwHBg6P0Dcml0WTQt+kE0Pbo8mhH9MLoi+lE0M7oyuiq6Oromuja6Lro+uiG6Mbopujm6Jbo1ui26Pep93dzg0AknnXKBy+VyuxiXx+V117l87nqX393gIu5GF+tucgXcza6gK+QKuyIuzhV1xZx2xllHLnTFXQkXdbe4ku5WF+9KudKujHOurEtwrV0b18a1dU+6dq696+Ceck+5Tq6Te9o97Z5xXdyzrqt7znVzz7vu7gX3gnvR9XS9XG/3kuvjXnZ9XT+X5JLcADfADXKD3BA3xA1zw9xwN9yNcCNcskt2o9woN9qNdmPcGDfWjXXj3Xg30U10k91kN9VNdSkuxU13090MN8MFADDbzXapLtXNc/PcfDffLXQL3aL4RW6xW+yWuqUuzaW5dJfuMlyGW+FWuEyX6Va5VW6NW+PWuXVug9vgNrlNbovb4ra5bW6H2+F2up1ut9vt9rq9br/b7w64A+6gO+gOuUPusDvsjrgj7qj7ymW5r90x94077r51J9x37qT73p1yp90Z94M7635059x5d8H95C66n90l94u77LxLibwVmR55OzIj8k5kZmRWZHZkTiQ1MjcyL/JuZH5kQWRh5L3Iosj7kcWRJZGlkWWRtMgHkfTI8khG5MPIishHkczIysiqyOrImshaBb7oztAX9yV81N/iS/pbfbwv5Uv7Mt75sj7Bl/Pl/W2+gr/dV/R3+Er+Tl/ZV/FV/eO+hW/pW/nWvo1/wrf1T/p2vr3v4J/yHX0n39k/7RP9M76Lf9Z39c/5bv55392/4Hv4F31P38v39i/5Pv5l39f380m+vx/gB/pBfrAf4of6Yf4VP9y/6kf413yyH+lH+df9aP+GH+Pf9GP9OD/eT/AT/SQ/2U/xU/00n+Lf8tP9236Gf8fP9LP8bD/Hp/q5fp5/18/3C/xC/55f5N/3i/0Sv9Qv82n+A5/ul/sM/6Ff4T/ymX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+Y7/T7/K7/R6/1+/z+/0n/oD/1B/0n/lD/nN/2H/hj/gv/VH/lc/yX/tj/ht/3H/rT/jv/En/vT/lT/sz/gd/1v/oz/nz/oL/yV/0P/tL/hd/2Xv/zzz1rv3venzOGGOMMfb/mYF/sL//39mmAEBcaf/svb9+V5Gsq1sAJABsKfjn9mAR1zECAM/06/HIb0utWklJSVeOzZQQlFgCAJG/OcGVeCV0gE6QCO2h/N8d32DR6yL9Qf/ROwDy/kVODFyNr/b/xX/R/xNPjU+vFF6I/W/6XwIQX+JqTvYs/Ld4JXT49XUK7aHCf9F/obZ/MP48X6YAtPuLnHwA0O7KVH/lRX9l/AnwJDwLiX91JGOMMcYYY4wx9meDRdVufzR/zp6fx/3FSwFzw9X4j+bnjDHGGGOMMcYYu/ae79X76ScSE9t34wY3uJHDGp3+m2Ou9W8mxhhjjDHG2L/b1Zv+q9vyXMsBMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjOdD/jTeNXetrZIwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq61/xUAAP//1JM0Ag==")
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x81, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
unshare(0x6020400)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0)
unshare(0x22000200)

0s ago: executing program 2 (id=602):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x1}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000000)={@rand_addr=0x64010102, @loopback}, 0xc)
socket$netlink(0x10, 0x3, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b00040008000300", @ANYRES32=r5, @ANYBLOB="2f00330040000000080211000000080211000001505050505050"], 0x4c}}, 0x46)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
readv(r6, &(0x7f0000000200)=[{&(0x7f0000000480)=""/171, 0xab}], 0x1)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000540)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@timestamp={0x44, 0x4, 0x42}, @rr={0x7, 0x3, 0x50}]}}, @echo}}}}, 0x0)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r7], 0x1c}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r9 = syz_open_dev$midi(&(0x7f0000000180), 0x200, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
readv(r9, &(0x7f00000001c0)=[{&(0x7f0000000580)=""/50, 0x32}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

s (loop4): Found nat_bits in checkpoint
[  101.541700][ T4458] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  101.553340][ T4458] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  101.812330][ T4482] netlink: 4 bytes leftover after parsing attributes in process `syz.3.195'.
[  101.846347][ T4480] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.853833][ T4480] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.871875][ T3874] attempt to access beyond end of device
[  101.871875][ T3874] loop4: rw=1, want=45112, limit=40427
[  102.007739][ T4484] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.014831][ T4484] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.022283][ T4484] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.029428][ T4484] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.086660][ T4484] device bridge0 entered promiscuous mode
[  102.257248][   T23] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  102.558121][ T4478] loop2: detected capacity change from 0 to 32768
[  102.616990][   T13] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  102.657229][   T23] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  102.676282][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.723455][ T4478] XFS (loop2): Mounting V5 Filesystem
[  102.731827][   T23] usb 4-1: config 0 descriptor??
[  102.734457][ T4507] loop4: detected capacity change from 0 to 4096
[  102.822426][ T4478] XFS (loop2): Ending clean mount
[  102.848319][ T4478] XFS (loop2): Quotacheck needed: Please wait.
[  102.866904][   T13] usb 2-1: Using ep0 maxpacket: 16
[  102.885476][ T4501] loop0: detected capacity change from 0 to 32768
[  102.973332][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  102.988412][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  103.002506][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  103.008631][ T4501] XFS (loop0): Mounting V5 Filesystem
[  103.012825][   T13] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  103.019997][ T4478] XFS (loop2): Quotacheck: Done.
[  103.027053][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.042215][   T13] usb 2-1: config 0 descriptor??
[  103.162611][ T4478] XFS (loop2): Unmounting Filesystem
[  103.170623][ T4501] XFS (loop0): Ending clean mount
[  103.287222][   T23] [drm:udl_init] *ERROR* Selecting channel failed
[  103.325230][   T23] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  103.355519][   T23] [drm] Initialized udl on minor 2
[  103.404745][ T3502] XFS (loop0): Unmounting Filesystem
[  103.412656][   T23] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  103.428918][   T23] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  103.455409][   T23] usb 4-1: USB disconnect, device number 3
[  103.508123][ T4499] udc-core: couldn't find an available UDC or it's busy
[  103.534860][ T4499] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  103.573232][ T4499] udc-core: couldn't find an available UDC or it's busy
[  103.580873][ T4499] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  103.633254][   T13] hid (null): bogus close delimiter
[  103.647436][   T13] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0
[  103.654858][   T13] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0
[  103.676903][   T13] hid-generic 0003:0158:0100.0005: bogus close delimiter
[  103.684139][   T13] hid-generic 0003:0158:0100.0005: item 0 0 2 10 parsing failed
[  103.716332][   T13] hid-generic: probe of 0003:0158:0100.0005 failed with error -22
[  103.792672][ T4529] loop4: detected capacity change from 0 to 40427
[  103.836259][   T23] usb 2-1: USB disconnect, device number 4
[  103.840901][ T4529] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  103.893072][ T4529] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  103.997873][ T4529] F2FS-fs (loop4): Found nat_bits in checkpoint
[  104.114908][ T3667] kernel write not supported for file /sg0 (pid: 3667 comm: kworker/1:6)
[  104.142937][ T4529] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  104.155304][ T4529] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.277861][ T3874] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.359469][ T3671] attempt to access beyond end of device
[  104.359469][ T3671] loop4: rw=1, want=45112, limit=40427
[  104.418143][ T3874] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.505176][ T3874] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.689932][ T3874] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.748883][ T4553] loop2: detected capacity change from 0 to 4096
[  104.964261][ T4567] loop0: detected capacity change from 0 to 128
[  104.987205][   T23] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  105.057391][ T4543] chnl_net:caif_netlink_parms(): no params data found
[  105.103022][ T4567] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  105.168690][ T4567] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  105.217252][ T3513] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  105.287250][   T23] usb 2-1: Using ep0 maxpacket: 16
[  105.320208][ T4543] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.336055][ T4543] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.369898][ T4543] device bridge_slave_0 entered promiscuous mode
[  105.399882][ T4543] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.414221][ T4543] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.421850][   T23] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  105.434795][ T4543] device bridge_slave_1 entered promiscuous mode
[  105.446049][   T23] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  105.495521][ T4543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.503275][   T23] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  105.510522][ T4543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.515029][ T3513] usb 3-1: Using ep0 maxpacket: 16
[  105.544154][   T23] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  105.581038][ T4543] team0: Port device team_slave_0 added
[  105.617037][ T4543] team0: Port device team_slave_1 added
[  105.683085][ T4565] loop4: detected capacity change from 0 to 32768
[  105.684101][   T23] usb 2-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75
[  105.699270][ T3513] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.728572][ T3513] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.733954][ T4565] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.210 (4565)
[  105.741582][   T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  105.762168][ T4543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.775347][ T4543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.782840][ T3513] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  105.819311][   T23] usb 2-1: SerialNumber: syz
[  105.824738][ T3513] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  105.841524][ T3513] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.856339][ T3668] kernel write not supported for file /sg0 (pid: 3668 comm: kworker/1:7)
[  105.859267][ T4543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.887088][   T23] usb-storage 2-1:1.0: USB Mass Storage device detected
[  105.895350][ T3513] usb 3-1: config 0 descriptor??
[  105.915453][ T4543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.928071][   T23] usb-storage 2-1:1.0: Quirks match for vid 04e6 pid 0007: 1
[  105.935844][ T4543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.966180][ T4565] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  105.976947][   T23] scsi host1: usb-storage 2-1:1.0
[  105.992118][ T4543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.007562][ T4565] BTRFS info (device loop4): using free space tree
[  106.018964][ T4565] BTRFS info (device loop4): has skinny extents
[  106.165000][ T4543] device hsr_slave_0 entered promiscuous mode
[  106.226057][ T4543] device hsr_slave_1 entered promiscuous mode
[  106.247023][ T1280] Bluetooth: hci1: command 0x0409 tx timeout
[  106.248952][ T4565] BTRFS info (device loop4): enabling ssd optimizations
[  106.399023][ T3513] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  106.406329][ T3513] microsoft 0003:045E:07DA.0006: item 0 4 0 9 parsing failed
[  106.427289][ T3513] microsoft 0003:045E:07DA.0006: parse failed
[  106.435759][ T3513] microsoft: probe of 0003:045E:07DA.0006 failed with error -22
[  106.548011][ T4622] Bluetooth: hci3: expected 4337 bytes, got 7 bytes
[  106.633717][ T3513] usb 3-1: USB disconnect, device number 4
[  106.777014][ T3874] device hsr_slave_0 left promiscuous mode
[  106.793000][ T3546] usb 2-1: USB disconnect, device number 5
[  106.834877][ T3874] device hsr_slave_1 left promiscuous mode
[  106.871243][ T3874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.889491][ T3874] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.929677][ T3874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.952914][ T3874] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.010879][ T3874] device bridge_slave_1 left promiscuous mode
[  107.023728][ T3874] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.169238][ T3874] device bridge_slave_0 left promiscuous mode
[  107.185773][ T3874] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.214911][ T3874] device veth1_macvtap left promiscuous mode
[  107.248894][ T4594] loop0: detected capacity change from 0 to 40427
[  107.266924][ T3874] device veth0_macvtap left promiscuous mode
[  107.273241][ T3874] device veth1_vlan left promiscuous mode
[  107.280067][ T3874] device veth0_vlan left promiscuous mode
[  107.331577][ T4594] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  107.341549][ T4594] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  107.385275][ T4594] F2FS-fs (loop0): Found nat_bits in checkpoint
[  107.540142][ T4594] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  107.555148][ T4594] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  107.793739][ T3874] team0 (unregistering): Port device team_slave_1 removed
[  107.798897][ T1336] attempt to access beyond end of device
[  107.798897][ T1336] loop0: rw=1, want=45112, limit=40427
[  107.844101][ T3874] team0 (unregistering): Port device team_slave_0 removed
[  107.907244][ T3874] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  107.943393][ T3874] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.134697][ T3874] bond0 (unregistering): Released all slaves
[  108.259156][ T4639] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.266374][ T4639] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.292132][ T4639] device bridge0 left promiscuous mode
[  108.312177][ T4641] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.319342][ T4641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.326710][ T4641] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.333871][ T4641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.353647][ T4641] device bridge0 entered promiscuous mode
[  108.363954][ T3547] Bluetooth: hci1: command 0x041b tx timeout
[  108.396027][ T4659] netlink: 'syz.0.224': attribute type 8 has an invalid length.
[  108.656730][ T4672] binder: 4669:4672 ioctl c0306201 20000380 returned -14
[  108.746200][ T4683] netlink: 4 bytes leftover after parsing attributes in process `syz.0.233'.
[  108.799663][ T3664] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  108.989916][ T4693] loop0: detected capacity change from 0 to 2048
[  109.145257][ T4693] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  109.159691][ T4543] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  109.167331][ T3664] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  109.176987][ T3664] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.187459][ T3664] usb 2-1: config 0 descriptor??
[  109.196467][ T4543] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  109.212329][ T4693] ext4 filesystem being mounted at /root/syzkaller.Pv2sEg/68/file0 supports timestamps until 2038 (0x7fffffff)
[  109.228117][ T3547] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  109.243892][   T26] audit: type=1800 audit(1719858601.164:11): pid=4693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.238" name="file0" dev="loop0" ino=13 res=0 errno=0
[  109.245639][ T4693] fs-verity: sha512 using implementation "sha512-avx2"
[  109.273829][ T4543] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  109.349199][ T4543] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  109.414507][ T4707] loop2: detected capacity change from 0 to 4096
[  109.477258][ T3547] usb 5-1: Using ep0 maxpacket: 16
[  109.595016][ T4711] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  109.597934][ T3547] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  109.615867][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  109.687148][ T3664] [drm:udl_init] *ERROR* Selecting channel failed
[  109.714238][ T4713] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.721451][ T4713] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.738844][ T3664] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  109.758290][ T3664] [drm] Initialized udl on minor 2
[  109.784732][ T4713] device bridge0 left promiscuous mode
[  109.797040][ T3664] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  109.824931][ T4543] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.837427][ T3664] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  109.874514][ T4715] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.881691][ T4715] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.889080][ T4715] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.896133][ T4715] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.913649][ T3664] usb 2-1: USB disconnect, device number 6
[  109.937055][ T3547] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  109.953344][ T3547] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.970352][ T3547] usb 5-1: Product: syz
[  109.974532][ T3547] usb 5-1: Manufacturer: syz
[  109.979573][ T3547] usb 5-1: SerialNumber: syz
[  109.986390][ T3547] usb 5-1: config 0 descriptor??
[  109.991663][ T4715] device bridge0 entered promiscuous mode
[  110.039722][ T3547] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  110.068214][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  110.083594][ T4714] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  110.103457][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.120234][ T3547] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  110.146676][ T4543] 8021q: adding VLAN 0 to HW filter on device team0
[  110.176082][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  110.197696][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  110.206104][ T1280] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.213266][ T1280] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.257467][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  110.273259][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  110.301472][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  110.333239][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  110.362172][ T1280] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.369336][ T1280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.407229][ T4631] Bluetooth: hci1: command 0x040f tx timeout
[  110.411401][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  110.504898][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  110.537412][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  110.562235][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  110.586588][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  110.626600][ T4730] binder: BINDER_SET_CONTEXT_MGR already set
[  110.635341][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  110.651696][ T4730] binder: 4729:4730 ioctl 4018620d 200001c0 returned -16
[  110.665974][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  110.706418][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  110.741734][ T4543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  110.752417][ T3547] em28xx 5-1:0.0: chip ID is em2710
[  110.794321][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  110.820189][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  110.829421][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  110.848636][ T1280] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  110.869138][ T4743] loop2: detected capacity change from 0 to 256
[  111.035924][ T4743] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  111.097338][ T3547] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  111.135494][ T3547] em28xx 5-1:0.0: board has no eeprom
[  111.267231][ T3547] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  111.306846][ T3547] em28xx 5-1:0.0: dvb set to bulk mode.
[  111.328318][ T4543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.349995][ T3547] usb 5-1: USB disconnect, device number 5
[  111.424948][ T3547] em28xx 5-1:0.0: Disconnecting em28xx
[  111.488206][ T3548] em28xx 5-1:0.0: Binding DVB extension
[  111.513339][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  112.306625][ T3548] em28xx 5-1:0.0: Registering input extension
[  112.307594][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  112.322760][ T3547] em28xx 5-1:0.0: Closing input extension
[  112.340998][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  112.358923][ T3547] em28xx 5-1:0.0: Freeing device
[  112.368780][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  112.470159][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  112.493909][ T4721] loop0: detected capacity change from 0 to 32768
[  112.501516][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  112.537973][ T3682] Bluetooth: hci1: command 0x0419 tx timeout
[  112.546147][ T4543] device veth0_vlan entered promiscuous mode
[  112.583474][ T4543] device veth1_vlan entered promiscuous mode
[  112.608716][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.623702][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.633255][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  112.678991][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.706825][ T3546] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  112.724546][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.749873][ T4543] device veth0_macvtap entered promiscuous mode
[  112.773767][ T4721] XFS (loop0): Mounting V5 Filesystem
[  112.798246][ T4543] device veth1_macvtap entered promiscuous mode
[  112.937740][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.984041][ T4721] XFS (loop0): Ending clean mount
[  113.021388][ T4721] XFS (loop0): Quotacheck needed: Please wait.
[  113.036812][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.077374][ T3546] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  113.096738][ T3546] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.096810][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.104824][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.104851][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.104867][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.104884][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.104897][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.138826][ T4543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.214648][ T3546] usb 2-1: config 0 descriptor??
[  113.275625][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  113.283287][ T4721] XFS (loop0): Quotacheck: Done.
[  113.306383][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  113.338297][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  113.367233][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  113.377258][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.382612][ T4768] loop4: detected capacity change from 0 to 32768
[  113.397024][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.436804][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.469281][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.489362][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.520169][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.544711][ T4543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.555693][ T4543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.582341][ T4543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.583603][ T3502] XFS (loop0): Unmounting Filesystem
[  113.620669][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  113.631202][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.675012][ T4543] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.704815][ T4543] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.723015][ T4543] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.735593][ T3546] [drm:udl_init] *ERROR* Selecting channel failed
[  113.783056][ T4774] loop2: detected capacity change from 0 to 40427
[  113.790031][ T3546] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  113.797588][ T3546] [drm] Initialized udl on minor 2
[  113.804834][ T4543] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.818151][ T4768] XFS (loop4): Mounting V5 Filesystem
[  113.827123][ T3546] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  113.836014][ T3546] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  113.845626][ T3546] usb 2-1: USB disconnect, device number 7
[  113.974458][ T4774] F2FS-fs (loop2): Found nat_bits in checkpoint
[  114.088267][ T4768] XFS (loop4): Ending clean mount
[  114.105584][ T4774] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  114.248320][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.256533][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.302359][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  114.302390][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.323517][ T3814] XFS (loop4): Unmounting Filesystem
[  114.393088][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.415002][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  114.538124][ T4826] loop1: detected capacity change from 0 to 64
[  114.567215][ T4774] overlayfs: failed to resolve './file0': -2
[  114.734818][ T3945] attempt to access beyond end of device
[  114.734818][ T3945] loop2: rw=2049, want=45120, limit=40427
[  115.026893][ T3546] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  115.076245][ T4841] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  115.226934][ T3683] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  115.276935][ T3546] usb 4-1: Using ep0 maxpacket: 32
[  115.508295][ T3683] usb 1-1: Using ep0 maxpacket: 16
[  115.557129][ T3546] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=ba.e3
[  115.576437][ T3546] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.607267][ T3546] usb 4-1: Product: syz
[  115.624182][ T3546] usb 4-1: Manufacturer: syz
[  115.634316][ T3546] usb 4-1: SerialNumber: syz
[  115.637137][ T3683] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  115.655318][ T3546] usb 4-1: config 0 descriptor??
[  115.677861][ T3683] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  115.708890][ T3683] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  115.735887][ T3683] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  115.757769][ T4849] loop2: detected capacity change from 0 to 4096
[  115.843999][ T4843] loop1: detected capacity change from 0 to 32768
[  115.847030][ T4850] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  115.851242][ T3683] usb 1-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75
[  115.872274][ T3683] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  115.885292][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!!
[  115.895128][ T3683] usb 1-1: SerialNumber: syz
[  115.951709][ T3683] usb-storage 1-1:1.0: USB Mass Storage device detected
[  115.980137][ T3683] usb-storage 1-1:1.0: Quirks match for vid 04e6 pid 0007: 1
[  115.998611][ T3683] scsi host1: usb-storage 1-1:1.0
[  116.072041][ T4843] XFS (loop1): Mounting V5 Filesystem
[  116.132475][ T3546] usb 4-1: USB disconnect, device number 4
[  116.155778][ T3546] f81534a_ctrl 4-1:0.0: failed to set register 0x116: -19
[  116.185644][ T3546] f81534a_ctrl 4-1:0.0: failed to enable ports: -19
[  116.282730][ T4843] XFS (loop1): Ending clean mount
[  116.364775][ T3882] XFS (loop1): Unmounting Filesystem
[  116.583485][ T4632] usb 1-1: USB disconnect, device number 6
[  116.901619][ T4872] loop3: detected capacity change from 0 to 128
[  116.973257][ T4872] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  116.999764][ T4872] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  117.033393][ T4873] loop1: detected capacity change from 0 to 8192
[  117.066864][ T3546] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  117.115436][ T4877] loop3: detected capacity change from 0 to 64
[  117.133290][ T4873] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  117.142641][ T4873] REISERFS (device loop1): using ordered data mode
[  117.149679][ T4873] reiserfs: using flush barriers
[  117.164943][ T4873] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  117.183264][ T4873] REISERFS (device loop1): checking transaction log (loop1)
[  117.192787][ T4873] REISERFS (device loop1): Using r5 hash to sort names
[  117.200149][ T4873] REISERFS (device loop1): using 3.5.x disk format
[  117.207884][ T4873] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  117.233298][ T4873] overlayfs: upper fs needs to support d_type.
[  117.240826][ T4873] overlayfs: upper fs does not support tmpfile.
[  117.249995][ T4873] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  117.257687][ T4873] overlayfs: failed to set xattr on upper
[  117.263425][ T4873] overlayfs: ...falling back to index=off,metacopy=off.
[  117.288186][ T4632] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  117.435632][ T3546] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  117.456270][ T3546] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.498709][ T3546] usb 3-1: config 0 descriptor??
[  117.525733][ T4884] loop3: detected capacity change from 0 to 8
[  117.613350][ T4884] SQUASHFS error: zlib decompression failed, data probably corrupt
[  117.639086][ T4884] SQUASHFS error: Failed to read block 0x13e: -5
[  117.645599][ T4884] SQUASHFS error: Unable to read metadata cache entry [13c]
[  117.654407][ T4884] SQUASHFS error: Unable to read directory block [13c:26]
[  117.697128][ T4632] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  117.727524][ T4632] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  117.776876][ T3547] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  117.809570][ T4886] loop3: detected capacity change from 0 to 4096
[  117.837082][ T4632] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  117.846152][ T4632] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  117.865812][ T4632] usb 5-1: SerialNumber: syz
[  117.942311][ T4887] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.007601][ T3546] [drm:udl_init] *ERROR* Selecting channel failed
[  118.037765][ T3546] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[  118.053032][ T3546] [drm] Initialized udl on minor 2
[  118.096956][ T3546] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  118.124052][ T3546] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  118.139189][ T3546] usb 3-1: USB disconnect, device number 5
[  118.156965][ T3547] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  118.182989][ T4632] usb 5-1: 0:2 : does not exist
[  118.238023][ T4888] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  118.331288][ T4632] usb 5-1: USB disconnect, device number 6
[  118.337098][ T3547] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  118.337129][ T3547] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.337151][ T3547] usb 1-1: Product: syz
[  118.337166][ T3547] usb 1-1: Manufacturer: syz
[  118.337182][ T3547] usb 1-1: SerialNumber: syz
[  118.420909][ T3547] cdc_ether: probe of 1-1:1.0 failed with error -22
[  118.451352][ T3746] udevd[3746]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  118.620990][ T3547] usb 1-1: USB disconnect, device number 7
[  119.251392][ T4899] loop2: detected capacity change from 0 to 8192
[  119.347127][ T4899] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  119.356490][ T4899] REISERFS (device loop2): using ordered data mode
[  119.425615][ T4899] reiserfs: using flush barriers
[  119.432285][ T4899] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  119.447165][ T3547] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  119.489637][ T4899] REISERFS (device loop2): checking transaction log (loop2)
[  119.513986][ T4899] REISERFS warning (device loop2): vs-13075 reiserfs_read_locked_inode: dead inode read from disk [1 2 0x0 SD]. This is likely to be race with knfsd. Ignore
[  119.548840][ T4897] loop4: detected capacity change from 0 to 40427
[  119.615290][ T4897] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  119.633670][ T4897] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  119.656213][ T4897] F2FS-fs (loop4): Found nat_bits in checkpoint
[  119.687272][ T3547] usb 1-1: Using ep0 maxpacket: 8
[  119.803333][ T4911] loop2: detected capacity change from 0 to 64
[  119.809888][ T3547] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  119.822016][ T3547] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  119.832164][ T4897] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  119.851173][ T4897] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  119.872840][ T3547] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  119.923157][ T3547] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  119.939417][ T3547] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  119.984905][ T3547] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.195320][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  120.267000][ T3547] usb 1-1: GET_CAPABILITIES returned 0
[  120.272607][ T3547] usbtmc 1-1:16.0: can't read capabilities
[  120.286721][ T4921] loop2: detected capacity change from 0 to 128
[  120.474757][ T3547] usb 1-1: USB disconnect, device number 8
[  120.637403][   T26] audit: type=1804 audit(1719858612.544:12): pid=4925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.285" name="/root/syzkaller.acB6e4/47/file0" dev="sda1" ino=1998 res=1 errno=0
[  120.717881][   T26] audit: type=1804 audit(1719858612.544:13): pid=4925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.285" name="/root/syzkaller.acB6e4/47/file0" dev="sda1" ino=1998 res=1 errno=0
[  122.600680][ T4632] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.676835][ T3547] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  123.046952][ T3547] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  123.227442][ T3547] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  123.236617][ T3547] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.247685][ T3683] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  123.256803][ T3547] usb 1-1: Product: syz
[  123.276467][ T3547] usb 1-1: Manufacturer: syz
[  123.281144][ T3547] usb 1-1: SerialNumber: syz
[  123.327954][ T3547] cdc_ether: probe of 1-1:1.0 failed with error -22
[  123.555457][ T3547] usb 1-1: USB disconnect, device number 9
[  123.663097][ T4970] loop4: detected capacity change from 0 to 1024
[  123.677045][ T3683] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.697305][ T3683] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.716389][ T3683] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  123.718596][   T26] audit: type=1804 audit(1719858615.644:14): pid=4971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.301" name="/root/syzkaller.4cZhHX/13/file0" dev="sda1" ino=1993 res=1 errno=0
[  123.726108][ T3683] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.775318][ T3683] usb 3-1: config 0 descriptor??
[  123.796759][   T26] audit: type=1804 audit(1719858615.674:15): pid=4971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.301" name="/root/syzkaller.4cZhHX/13/file0" dev="sda1" ino=1993 res=1 errno=0
[  123.923131][ T4970] EXT4-fs (loop4): Test dummy encryption mode enabled
[  123.936937][ T4970] EXT4-fs (loop4): Ignoring removed orlov option
[  123.992825][ T4970] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  124.269729][ T3683] itetech 0003:06CB:73F5.0007: collection stack underflow
[  124.286964][ T3683] itetech 0003:06CB:73F5.0007: item 0 4 0 12 parsing failed
[  124.294955][ T3683] itetech: probe of 0003:06CB:73F5.0007 failed with error -22
[  124.335433][ T4990] loop4: detected capacity change from 0 to 2048
[  124.402674][ T4990] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  124.473830][ T3547] usb 3-1: USB disconnect, device number 6
[  124.657092][ T1280] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  124.906943][ T1280] usb 1-1: Using ep0 maxpacket: 16
[  125.027015][ T1280] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  125.066940][ T1280] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  125.096108][ T1280] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  125.108042][ T5011] loop2: detected capacity change from 0 to 128
[  125.127563][ T1280] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  125.217183][ T1280] usb 1-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75
[  125.249310][ T1280] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  125.262199][   T26] audit: type=1804 audit(1719858617.184:16): pid=5013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.316" name="/root/syzkaller.acB6e4/59/file0" dev="sda1" ino=1996 res=1 errno=0
[  125.265643][ T1280] usb 1-1: SerialNumber: syz
[  125.313339][   T26] audit: type=1804 audit(1719858617.224:17): pid=5013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.316" name="/root/syzkaller.acB6e4/59/file0" dev="sda1" ino=1996 res=1 errno=0
[  125.407851][ T1280] usb-storage 1-1:1.0: USB Mass Storage device detected
[  125.439777][ T1280] usb-storage 1-1:1.0: Quirks match for vid 04e6 pid 0007: 1
[  125.496348][ T1280] scsi host1: usb-storage 1-1:1.0
[  126.616628][ T5028] loop4: detected capacity change from 0 to 256
[  126.687032][ T4631] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  126.725814][ T3664] usb 1-1: USB disconnect, device number 10
[  126.826918][ T1280] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  127.080005][ T1280] usb 3-1: Using ep0 maxpacket: 8
[  127.127103][ T4631] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  127.197113][ T1280] usb 3-1: config 0 has no interfaces?
[  127.202884][ T1280] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  127.222940][ T1280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.261382][ T1280] usb 3-1: config 0 descriptor??
[  127.327066][ T4631] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  127.346519][ T4631] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.366810][ T4631] usb 4-1: Product: syz
[  127.371172][ T4631] usb 4-1: Manufacturer: syz
[  127.375784][ T4631] usb 4-1: SerialNumber: syz
[  127.459525][ T4631] cdc_ether: probe of 4-1:1.0 failed with error -22
[  127.684445][ T3683] usb 4-1: USB disconnect, device number 5
[  127.891251][  T154] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.900255][ T5039] loop4: detected capacity change from 0 to 40427
[  127.937702][ T5039] F2FS-fs (loop4): Invalid segment count (0)
[  127.943727][ T5039] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  127.966011][ T5039] F2FS-fs (loop4): invalid crc value
[  128.003554][  T154] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.022149][ T3546] usb 3-1: USB disconnect, device number 7
[  128.024208][ T5039] F2FS-fs (loop4): Found nat_bits in checkpoint
[  128.102396][ T5039] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  128.116357][ T5039] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  128.169306][  T154] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.214288][  T154] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.230158][ T5046] chnl_net:caif_netlink_parms(): no params data found
[  128.444811][ T5046] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.455553][ T5046] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.466707][ T5046] device bridge_slave_0 entered promiscuous mode
[  128.516981][ T5046] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.577149][ T5046] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.627843][ T5046] device bridge_slave_1 entered promiscuous mode
[  128.853087][ T5075] loop2: detected capacity change from 0 to 64
[  128.874992][ T5046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.915188][ T5046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  129.073010][ T5077] netlink: 4 bytes leftover after parsing attributes in process `syz.4.337'.
[  129.099385][    C1] vcan0: j1939_xtp_rx_dpo: no connection found
[  129.105857][    C1] vcan0: j1939_xtp_rx_dpo: no connection found
[  129.112159][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  129.118631][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.126517][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.134382][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.142335][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.150189][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.158112][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.165937][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.173853][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.181719][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.189683][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.197536][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.205422][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.213296][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.221220][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.229125][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.237025][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.244850][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.252767][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.260617][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.268627][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.276448][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.284375][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.292230][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.300148][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.307996][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.315890][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.323755][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.331661][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.339622][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.347530][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.355398][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.363326][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.371244][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.379189][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.387042][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.394925][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.402803][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.410724][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.418599][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.426647][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.434521][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.442440][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.450309][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.458216][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.466045][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.473974][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.481828][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.489749][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.497597][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.505473][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.513370][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.521292][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.529152][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.537235][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.545060][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.552999][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.560864][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.568793][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.576631][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.584547][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.592386][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.600303][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.608153][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.616028][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.623894][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.631801][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.639668][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.647564][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.655380][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.663309][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.671169][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.679080][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.686921][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.694803][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.702667][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.710578][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.718445][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.726333][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.734345][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.742244][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  129.750107][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  129.777279][ T3547] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  129.856971][ T3683] Bluetooth: hci2: command 0x0409 tx timeout
[  130.512288][ T5046] team0: Port device team_slave_0 added
[  130.611754][ T5046] team0: Port device team_slave_1 added
[  130.756895][ T3547] usb 1-1: Using ep0 maxpacket: 32
[  130.813957][ T5046] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.826893][ T5046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.881423][ T5046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.892506][ T3547] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  130.908523][ T3547] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  130.987596][ T5046] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.995753][ T5046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.052023][ T5046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.117026][ T3547] usb 1-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=90.0e
[  131.150428][ T3547] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.186898][ T3547] usb 1-1: Product: syz
[  131.191164][ T3547] usb 1-1: Manufacturer: syz
[  131.195773][ T3547] usb 1-1: SerialNumber: syz
[  131.228896][ T3547] usb 1-1: config 0 descriptor??
[  131.267989][ T3547] usbserial_generic 1-1:0.0: The "generic" usb-serial driver is only for testing and one-off prototypes.
[  131.296850][ T3547] usbserial_generic 1-1:0.0: Tell linux-usb@vger.kernel.org to add your device to a proper driver.
[  131.326934][ T3547] usbserial_generic 1-1:0.0: device has no bulk endpoints
[  131.347988][ T3547] safe_serial 1-1:0.0: safe_serial converter detected
[  131.380055][ T3547] usb 1-1: safe_serial converter now attached to ttyUSB0
[  131.444630][ T5046] device hsr_slave_0 entered promiscuous mode
[  131.464078][ T5046] device hsr_slave_1 entered promiscuous mode
[  131.493112][ T5046] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  131.531890][ T5046] Cannot create hsr debugfs directory
[  131.937062][ T4631] Bluetooth: hci2: command 0x041b tx timeout
[  132.737936][ T1384] ieee802154 phy0 wpan0: encryption failed: -22
[  132.738017][ T1384] ieee802154 phy1 wpan1: encryption failed: -22
[  133.011892][ T3683] usb 1-1: USB disconnect, device number 11
[  133.033597][ T3683] safe_serial ttyUSB0: safe_serial converter now disconnected from ttyUSB0
[  133.062525][ T3683] safe_serial 1-1:0.0: device disconnected
[  133.230834][ T5183] loop4: detected capacity change from 0 to 256
[  133.275818][  T154] device hsr_slave_0 left promiscuous mode
[  133.287592][  T154] device hsr_slave_1 left promiscuous mode
[  133.316438][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.363033][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.406057][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.421172][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.435642][  T154] device bridge_slave_1 left promiscuous mode
[  133.452569][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.468895][  T154] device bridge_slave_0 left promiscuous mode
[  133.475665][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.527553][  T154] device veth1_macvtap left promiscuous mode
[  133.551186][  T154] device veth0_macvtap left promiscuous mode
[  133.565598][  T154] device veth1_vlan left promiscuous mode
[  133.573355][  T154] device veth0_vlan left promiscuous mode
[  133.934248][ T5180] loop3: detected capacity change from 0 to 32768
[  134.018309][ T4631] Bluetooth: hci2: command 0x040f tx timeout
[  134.076526][  T154] team0 (unregistering): Port device team_slave_1 removed
[  134.082465][ T5180] XFS (loop3): Mounting V5 Filesystem
[  134.092575][  T154] team0 (unregistering): Port device team_slave_0 removed
[  134.119590][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.167107][ T3682] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  134.179424][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.222074][ T5180] XFS (loop3): Ending clean mount
[  134.238186][ T5180] XFS (loop3): Quotacheck needed: Please wait.
[  134.292400][  T154] bond0 (unregistering): Released all slaves
[  134.330854][ T5212] loop0: detected capacity change from 0 to 256
[  134.330889][ T5180] XFS (loop3): Quotacheck: Done.
[  134.387266][ T5212] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  134.424364][ T4543] XFS (loop3): Unmounting Filesystem
[  134.587062][ T3682] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.612740][ T5046] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  134.680176][ T5046] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  134.726108][ T5046] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  134.734469][ T5220] netlink: 'syz.4.367': attribute type 4 has an invalid length.
[  134.770243][ T5046] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  134.807000][ T3682] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  134.816309][ T3682] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.833884][ T3682] usb 3-1: Product: syz
[  134.839439][ T3682] usb 3-1: Manufacturer: syz
[  134.844058][ T3682] usb 3-1: SerialNumber: syz
[  134.853335][ T5226] 7����: renamed from syzkaller0
[  134.907938][ T3682] cdc_ether: probe of 3-1:1.0 failed with error -22
[  134.999680][ T5229] loop0: detected capacity change from 0 to 1024
[  135.081267][ T5046] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.153379][ T3682] usb 3-1: USB disconnect, device number 8
[  135.172760][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  135.173397][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.183136][ T5046] 8021q: adding VLAN 0 to HW filter on device team0
[  135.201045][ T5229] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  135.240213][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.240811][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.241215][ T4631] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.241277][ T4631] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.241860][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  135.247102][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  135.247598][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.247968][ T4631] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.248004][ T4631] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.254948][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  135.259306][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  135.262207][   T26] audit: type=1804 audit(1719859139.184:18): pid=5240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.369" name="/root/syzkaller.Pv2sEg/88/bus/file1" dev="loop0" ino=15 res=1 errno=0
[  135.262366][ T5240] EXT4-fs error (device loop0): ext4_xattr_ibody_get:603: inode #15: comm syz.0.369: corrupted in-inode xattr
[  135.264868][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  135.265895][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  135.266660][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  135.272739][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  135.374724][ T5240] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.369: corrupted in-inode xattr
[  135.436691][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  135.578051][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  135.586505][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  135.612696][ T5240] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.369: Invalid block bitmap block 0 in block_group 0
[  135.617376][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  135.676536][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  135.683885][ T5251] loop4: detected capacity change from 0 to 512
[  135.701318][ T5046] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  135.720720][ T5240] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  135.804678][ T5251] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[  135.804678][ T5251] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  135.804678][ T5251] 
[  135.813243][ T5240] EXT4-fs (loop0): This should not happen!! Data will be lost
[  135.813243][ T5240] 
[  135.913019][ T5251] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  135.984017][ T5251] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  136.045439][ T3502] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /root/syzkaller.Pv2sEg/88/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  136.067593][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.087915][ T3682] Bluetooth: hci2: command 0x0419 tx timeout
[  136.138139][ T5251] EXT4-fs (loop4): 1 truncate cleaned up
[  136.143859][ T5251] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,inode_readahead_blks=0x0000000000000000,barrier=0x0000000000000003,errors=remount-ro,block_validity,debug_want_extra_isize=0x000000000000002e,noacl,auto_da_alloc,usrquota,block_validity,nogrpid,commit=0x0000. Quota mode: writeback.
[  136.145388][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  136.172929][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.187794][ T3664] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  136.202355][ T5046] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.248252][  T144] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm kworker/u4:1: corrupted in-inode xattr
[  136.283397][  T144] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 28
[  136.303691][ T5273] loop2: detected capacity change from 0 to 256
[  136.320235][  T144] EXT4-fs (loop0): This should not happen!! Data will be lost
[  136.320235][  T144] 
[  136.328293][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  136.347429][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  136.350512][  T144] EXT4-fs (loop0): Total free blocks count 0
[  136.376228][ T5046] device veth0_vlan entered promiscuous mode
[  136.419685][  T144] EXT4-fs (loop0): Free/Dirty block details
[  136.435444][  T144] EXT4-fs (loop0): free_blocks=68719476736
[  136.452908][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  136.469860][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  136.485828][  T144] EXT4-fs (loop0): dirty_blocks=16
[  136.497455][  T144] EXT4-fs (loop0): Block reservation details
[  136.510860][  T144] EXT4-fs (loop0): i_reserved_data_blocks=1
[  136.525390][  T144] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm kworker/u4:1: corrupted in-inode xattr
[  136.531430][ T5046] device veth1_vlan entered promiscuous mode
[  136.606080][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  136.627901][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.642615][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  136.744463][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  136.797282][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  136.862368][ T5283] kvm: MWAIT instruction emulated as NOP!
[  136.938550][ T5046] device veth0_macvtap entered promiscuous mode
[  136.983291][ T5046] device veth1_macvtap entered promiscuous mode
[  137.098013][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.140418][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.171975][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.194112][ T5259] loop3: detected capacity change from 0 to 32768
[  137.202928][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.239867][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.265827][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.291034][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  137.332636][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.353272][ T5046] batman_adv: batadv0: Interface activated: batadv_slave_0
[  137.378873][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  137.391562][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  137.410278][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  137.503628][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  137.548348][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  137.568911][ T5259] XFS (loop3): Mounting V5 Filesystem
[  137.612459][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.659843][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  137.679329][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.783522][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  137.839195][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.866787][ T5046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  137.896925][ T5046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  137.929627][ T5046] batman_adv: batadv0: Interface activated: batadv_slave_1
[  137.939482][ T5259] XFS (loop3): Ending clean mount
[  137.959280][ T5259] XFS (loop3): Quotacheck needed: Please wait.
[  138.009943][ T5046] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.575853][ T5259] XFS (loop3): Quotacheck: Done.
[  138.812262][ T5046] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.822042][ T5046] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.831363][ T5046] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.848247][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  138.867485][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  138.902925][ T5323] loop4: detected capacity change from 0 to 1024
[  138.938458][ T4543] XFS (loop3): Unmounting Filesystem
[  139.121320][ T5323] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  139.371021][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.423929][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.442398][   T26] audit: type=1804 audit(1719859143.364:19): pid=5339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.385" name="/root/syzkaller.acB6e4/86/bus/file1" dev="loop4" ino=15 res=1 errno=0
[  139.569189][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  139.607714][ T3806] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.647221][ T3806] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.688150][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  139.737685][ T5318] chnl_net:caif_netlink_parms(): no params data found
[  139.817362][ T3814] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /root/syzkaller.acB6e4/86/bus: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  139.877947][ T5348] loop2: detected capacity change from 0 to 256
[  140.137610][ T3682] Bluetooth: hci0: command 0x0409 tx timeout
[  140.347985][ T5318] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.373870][ T5318] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.968087][ T5318] device bridge_slave_0 entered promiscuous mode
[  141.056375][ T5318] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.112060][ T5318] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.132982][ T5357] loop3: detected capacity change from 0 to 8192
[  141.194482][ T5318] device bridge_slave_1 entered promiscuous mode
[  141.267244][ T5357] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option ""
[  141.323403][ T5318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.361325][ T5318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  141.531726][ T5318] team0: Port device team_slave_0 added
[  141.585064][ T5318] team0: Port device team_slave_1 added
[  141.654208][ T5378] netlink: 'syz.3.394': attribute type 4 has an invalid length.
[  141.688535][ T5318] batman_adv: batadv0: Adding interface: batadv_slave_0
[  141.716530][ T5318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  141.778866][ T5318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  141.811000][ T5318] batman_adv: batadv0: Adding interface: batadv_slave_1
[  141.826808][ T5318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  141.865333][ T5318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  141.891182][  T154] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.957843][  T154] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.001873][ T5318] device hsr_slave_0 entered promiscuous mode
[  142.037681][ T5318] device hsr_slave_1 entered promiscuous mode
[  142.051710][ T5318] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.080741][ T5360] loop2: detected capacity change from 0 to 32768
[  142.083696][ T5318] Cannot create hsr debugfs directory
[  142.168101][ T3683] Bluetooth: hci0: command 0x041b tx timeout
[  142.180126][  T154] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.194040][ T5369] loop1: detected capacity change from 0 to 32768
[  142.271538][ T5360] XFS (loop2): Mounting V5 Filesystem
[  142.312181][ T5369] XFS (loop1): Mounting V5 Filesystem
[  142.371856][  T154] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.387356][ T5369] XFS (loop1): Ending clean mount
[  142.429538][ T5360] XFS (loop2): Ending clean mount
[  142.523693][ T5383] loop3: detected capacity change from 0 to 32768
[  142.544941][ T5046] XFS (loop1): Unmounting Filesystem
[  142.553417][ T3945] XFS (loop2): Unmounting Filesystem
[  142.747377][ T5383] XFS (loop3): Mounting V5 Filesystem
[  142.788772][ T5379] chnl_net:caif_netlink_parms(): no params data found
[  143.013071][ T5383] XFS (loop3): Ending clean mount
[  143.059116][ T5383] XFS (loop3): Quotacheck needed: Please wait.
[  143.059304][ T5318] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.164030][ T5383] XFS (loop3): Quotacheck: Done.
[  143.286121][ T5425] loop2: detected capacity change from 0 to 256
[  143.300044][ T5318] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.325078][ T4543] XFS (loop3): Unmounting Filesystem
[  143.772590][ T5379] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.858702][ T3683] Bluetooth: hci3: command 0x0409 tx timeout
[  143.915740][ T5379] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.071248][ T5379] device bridge_slave_0 entered promiscuous mode
[  144.441780][ T3683] Bluetooth: hci0: command 0x040f tx timeout
[  144.475239][ T5318] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.520427][ T5441] netlink: 'syz.2.403': attribute type 4 has an invalid length.
[  144.567277][ T5379] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.574457][ T5379] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.612741][ T5379] device bridge_slave_1 entered promiscuous mode
[  144.628630][ T5446] loop2: detected capacity change from 0 to 2048
[  144.682007][ T5318] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.712670][ T5446] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  144.751322][ T5446] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.405: bg 0: block 234: padding at end of block bitmap is not set
[  144.802168][ T5446] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 25 with max blocks 2 with error 117
[  144.816616][ T5446] EXT4-fs (loop2): This should not happen!! Data will be lost
[  144.816616][ T5446] 
[  144.846975][ T3550] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  144.911450][ T5379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.971558][ T5379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.026263][ T5458] loop2: detected capacity change from 0 to 512
[  145.085437][ T5379] team0: Port device team_slave_0 added
[  145.096983][ T3550] usb 2-1: Using ep0 maxpacket: 16
[  145.170189][ T5379] team0: Port device team_slave_1 added
[  145.190615][ T5458] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: writeback.
[  145.216004][ T5458] ext4 filesystem being mounted at /root/syzkaller.gw2pOt/62/file1 supports timestamps until 2038 (0x7fffffff)
[  145.230003][ T5318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  145.237257][ T3550] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  145.250248][ T3683] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  145.255950][ T5458] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #2: comm syz.2.406: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  145.317454][ T5458] EXT4-fs (loop2): Remounting filesystem read-only
[  145.352229][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.359526][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.386804][ T5379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.398864][ T5318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  145.435362][ T5379] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.458353][ T5379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.487067][ T5379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.510170][ T5318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  145.598275][ T5318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  145.657301][ T3683] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  145.666370][ T3683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.685123][ T3550] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  145.696982][ T3550] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.705821][ T3550] usb 2-1: Manufacturer: 觰긷홋鋘瓷》櫖顏삮爁脮ᢠ䗯⓽鳉⯣↾㏱瘹蠤忣燸쎮앎厗䓙ⱺ齮ͪ竐漸霿흃윚䦮˄拂ǩ䱚ﲔ㉺｟
[  145.728921][ T3683] usb 4-1: config 0 descriptor??
[  145.754852][ T3550] usb 2-1: SerialNumber: syz
[  145.765660][ T5379] device hsr_slave_0 entered promiscuous mode
[  145.773209][ T3683] cp210x 4-1:0.0: cp210x converter detected
[  145.785048][ T5379] device hsr_slave_1 entered promiscuous mode
[  145.793160][ T5379] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.812902][ T5379] Cannot create hsr debugfs directory
[  145.819676][ T3550] cdc_ether 2-1:1.0: skipping garbage
[  145.835316][ T3550] usb 2-1: bad CDC descriptors
[  145.937378][ T3550] Bluetooth: hci3: command 0x041b tx timeout
[  146.099226][ T5318] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.117681][ T3664] usb 2-1: USB disconnect, device number 8
[  146.150509][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  146.169020][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  146.192956][ T5318] 8021q: adding VLAN 0 to HW filter on device team0
[  146.242645][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  146.253272][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  146.260929][ T5478] loop2: detected capacity change from 0 to 32768
[  146.278122][ T4630] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.285234][ T4630] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.349990][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  146.364296][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  146.374188][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  146.401804][ T5478] XFS (loop2): Mounting V5 Filesystem
[  146.403719][ T3682] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.414352][ T3682] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.422454][ T3683] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71
[  146.432892][ T3683] cp210x 4-1:0.0: GPIO initialisation failed: -71
[  146.440333][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  146.453038][ T3683] usb 4-1: cp210x converter now attached to ttyUSB0
[  146.477752][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  146.496570][ T3683] usb 4-1: USB disconnect, device number 6
[  146.511061][ T4631] Bluetooth: hci0: command 0x0419 tx timeout
[  146.511404][ T5478] XFS (loop2): Ending clean mount
[  146.525456][ T5478] XFS (loop2): Quotacheck needed: Please wait.
[  146.527542][ T3683] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  146.547775][ T3683] cp210x 4-1:0.0: device disconnected
[  146.611355][ T5478] XFS (loop2): Quotacheck: Done.
[  146.681908][ T3945] XFS (loop2): Unmounting Filesystem
[  146.703232][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  146.714415][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  146.723175][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  146.742748][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  146.752196][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  146.760764][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  146.769396][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  146.791113][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  146.808967][ T5318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  146.823812][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  147.056822][ T3664] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  147.146610][ T3550] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  147.158877][ T3550] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  147.171750][  T154] device hsr_slave_0 left promiscuous mode
[  147.188453][  T154] device hsr_slave_1 left promiscuous mode
[  147.195020][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.203136][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  147.217043][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  147.224932][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  147.253390][  T154] device bridge_slave_1 left promiscuous mode
[  147.269552][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.278893][  T154] device bridge_slave_0 left promiscuous mode
[  147.286036][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.312273][  T154] device hsr_slave_0 left promiscuous mode
[  147.319380][  T154] device hsr_slave_1 left promiscuous mode
[  147.396026][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.405805][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  147.427191][ T3664] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  147.446949][ T3664] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  147.467528][ T3664] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  147.485488][ T3664] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.516586][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  147.524236][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  147.527882][ T5502] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  147.540928][  T154] device bridge_slave_1 left promiscuous mode
[  147.547534][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.556221][  T154] device bridge_slave_0 left promiscuous mode
[  147.562905][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.991254][  T154] device veth1_macvtap left promiscuous mode
[  148.019716][ T3682] Bluetooth: hci3: command 0x040f tx timeout
[  148.097810][  T154] device veth0_macvtap left promiscuous mode
[  148.267235][  T154] device veth1_vlan left promiscuous mode
[  148.273081][  T154] device veth0_vlan left promiscuous mode
[  148.282960][ T3664] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  148.317052][ T3664] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input7
[  148.357000][ T3664] usb 2-1: USB disconnect, device number 9
[  148.446691][  T154] device veth1_macvtap left promiscuous mode
[  148.453878][  T154] device veth0_macvtap left promiscuous mode
[  148.462223][  T154] device veth1_vlan left promiscuous mode
[  148.468185][  T154] device veth0_vlan left promiscuous mode
[  148.748406][  T154] bond1 (unregistering): Released all slaves
[  149.008344][  T154] team0 (unregistering): Port device team_slave_1 removed
[  149.115895][  T154] team0 (unregistering): Port device team_slave_0 removed
[  149.147084][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.175042][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.348253][  T154] bond0 (unregistering): Released all slaves
[  149.684295][  T154] team0 (unregistering): Port device team_slave_1 removed
[  149.715140][  T154] team0 (unregistering): Port device team_slave_0 removed
[  149.734609][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.761236][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.930917][  T154] bond0 (unregistering): Released all slaves
[  150.005771][ T5379] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  150.031707][ T5318] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.105050][ T4631] Bluetooth: hci3: command 0x0419 tx timeout
[  150.175251][ T5318] device veth0_vlan entered promiscuous mode
[  150.201867][ T5318] device veth1_vlan entered promiscuous mode
[  150.243220][ T5318] device veth0_macvtap entered promiscuous mode
[  150.263464][ T5318] device veth1_macvtap entered promiscuous mode
[  150.366363][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  150.375566][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  150.387654][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  150.398067][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  150.406619][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  150.414896][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  150.423032][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  150.432923][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  150.475704][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  150.513568][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  150.542204][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  150.576603][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  150.590882][ T5529] netlink: 'syz.2.410': attribute type 11 has an invalid length.
[  150.631592][ T5379] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  150.684199][ T5318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.737652][ T5318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.763660][ T5318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.775963][ T5318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.787615][ T5318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.798782][ T5318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.821084][ T5318] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.942086][ T5379] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  150.978185][ T5540] netlink: 'syz.2.417': attribute type 10 has an invalid length.
[  151.009685][ T5540] device geneve0 entered promiscuous mode
[  151.394543][ T5540] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  151.882995][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  151.894471][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  151.905508][ T5318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.920165][ T5318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.935595][ T5318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.951640][ T5318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.966781][ T5318] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.979834][ T5552] loop3: detected capacity change from 0 to 1024
[  151.986789][ T5318] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.008460][ T5318] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.037473][ T5379] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  152.090498][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  152.108210][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  152.145011][ T5318] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.175274][ T5318] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.176861][ T4631] Bluetooth: hci3: command 0x0405 tx timeout
[  152.217771][ T5318] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.263578][ T5318] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.493030][ T3547] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  152.514268][ T3745] hfsplus: b-tree write err: -5, ino 4
[  152.548148][ T3594] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.556344][ T3594] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.602808][ T5379] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.620061][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  152.701713][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  152.721815][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  152.750313][ T5379] 8021q: adding VLAN 0 to HW filter on device team0
[  152.766676][ T5550] loop1: detected capacity change from 0 to 32768
[  152.779470][ T3745] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.785296][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  152.809956][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  152.827472][ T4631] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.829803][ T3745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.834623][ T4631] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.870529][ T3547] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  152.905667][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  152.914294][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  152.922385][ T3547] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  152.924173][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  152.942806][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  152.946018][ T3547] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  152.951457][ T4630] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.967107][ T4630] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.975644][ T4630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  152.983934][ T3547] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.032642][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  153.046631][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  153.047224][ T5557] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  153.060467][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  153.071013][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  153.085423][ T4631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  153.112237][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  153.129229][ T5550] XFS (loop1): Mounting V5 Filesystem
[  153.217231][ T5550] XFS (loop1): Ending clean mount
[  153.246935][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  153.258524][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  153.261944][ T5550] XFS (loop1): Quotacheck needed: Please wait.
[  153.278302][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  153.417387][ T4632] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  153.656342][ T5550] XFS (loop1): Quotacheck: Done.
[  153.838869][ T4632] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.934507][ T4632] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.975605][ T4632] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  153.982037][ T3546] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  154.004233][ T3547] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  154.013731][ T3547] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input8
[  154.050573][ T3547] usb 3-1: USB disconnect, device number 9
[  154.066794][    C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  154.075964][ T4632] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.115337][ T4632] usb 4-1: config 0 descriptor??
[  154.211035][ T5046] XFS (loop1): Unmounting Filesystem
[  154.327198][ T5600] loop0: detected capacity change from 0 to 1024
[  154.484357][ T5379] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.517253][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  154.524779][ T3547] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  154.638691][ T4632] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  154.666143][ T4632] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  154.704319][ T4632] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  154.733006][ T5615] netlink: 'syz.2.429': attribute type 10 has an invalid length.
[  154.746944][ T4632] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  154.754184][ T4632] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  154.802594][ T4632] cm6533_jd 0003:0D8C:0022.0008: No inputs registered, leaving
[  154.847303][ T4632] cm6533_jd 0003:0D8C:0022.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
[  155.088431][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  155.106155][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  155.201295][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  155.218228][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  155.268596][ T5379] device veth0_vlan entered promiscuous mode
[  155.292928][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  155.313067][ T4632] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  155.345793][ T5379] device veth1_vlan entered promiscuous mode
[  155.368387][ T3513] usb 4-1: USB disconnect, device number 7
[  155.417255][ T5639] netlink: 104 bytes leftover after parsing attributes in process `syz.1.432'.
[  155.551751][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  155.565999][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  155.595636][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  155.642441][ T3548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  155.692852][ T5379] device veth0_macvtap entered promiscuous mode
[  155.729627][ T5379] device veth1_macvtap entered promiscuous mode
[  155.738190][ T5651] loop1: detected capacity change from 0 to 64
[  155.824613][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.866074][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.936987][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.976794][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.005724][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.036775][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.066838][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  156.093572][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.111553][ T5614] loop0: detected capacity change from 0 to 32768
[  156.119879][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_0
[  156.153288][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  156.162399][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  156.181568][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  156.211289][ T5622] loop2: detected capacity change from 0 to 32768
[  156.215992][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  156.217904][ T3513] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  156.295583][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.315395][ T5622] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop2 scanned by syz.2.430 (5622)
[  156.362199][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.376439][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.393647][ T5614] XFS (loop0): Mounting V5 Filesystem
[  156.409868][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.421035][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.437352][ T5622] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  156.446900][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.486847][ T5622] BTRFS info (device loop2): using free space tree
[  156.493394][ T5622] BTRFS info (device loop2): has skinny extents
[  156.500053][ T5379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  156.528923][ T5379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  156.542002][ T5379] batman_adv: batadv0: Interface activated: batadv_slave_1
[  156.550370][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  156.585020][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  156.669031][ T5379] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.687136][ T3513] usb 4-1: New USB device found, idVendor=13d8, idProduct=0021, bcdDevice=79.90
[  156.694570][ T5614] XFS (loop0): Ending clean mount
[  156.698531][ T5681] loop1: detected capacity change from 0 to 512
[  156.707652][ T3513] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.716293][ T5379] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.718253][ T3513] usb 4-1: config 0 descriptor??
[  156.764417][ T5379] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.781093][ T5379] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.792256][ T3513] usb 4-1: selecting invalid altsetting 3
[  156.807328][ T3513] comedi comedi0: could not set alternate setting 3 in high speed
[  156.815186][ T3513] usbduxsigma 4-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[  156.835608][ T5318] XFS (loop0): Unmounting Filesystem
[  156.879794][ T3513] usbduxsigma: probe of 4-1:0.0 failed with error -22
[  157.007925][ T3550] usb 4-1: USB disconnect, device number 8
[  157.019504][ T5681] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  157.035710][ T5622] BTRFS info (device loop2): enabling ssd optimizations
[  157.037073][ T5681] ext4 filesystem being mounted at /root/syzkaller.DTiP1H/15/bus supports timestamps until 2038 (0x7fffffff)
[  157.109108][ T3715] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.153681][ T3715] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.207735][ T3806] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.221555][ T3806] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.254884][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  157.320446][ T3513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  157.715151][   T26] audit: type=1326 audit(1719859161.634:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5718 comm="syz.4.444" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f842de95b99 code=0x0
[  157.871280][   T26] audit: type=1326 audit(1719859161.674:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5718 comm="syz.4.444" exe="/root/syz-executor" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f842dec7b85 code=0x0
[  158.032438][   T26] audit: type=1326 audit(1719859161.694:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5718 comm="syz.4.444" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f842de95b99 code=0x0
[  158.134555][ T3663] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  158.218998][ T5735] netlink: 24 bytes leftover after parsing attributes in process `syz.0.445'.
[  158.253934][ T5737] loop3: detected capacity change from 0 to 1764
[  158.657185][ T3663] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  158.691404][ T3663] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.742823][ T3663] usb 2-1: Product: syz
[  158.752206][ T3663] usb 2-1: Manufacturer: syz
[  158.784866][ T3663] usb 2-1: SerialNumber: syz
[  158.811811][ T3663] usb 2-1: config 0 descriptor??
[  159.190260][ T3548] usb 2-1: USB disconnect, device number 10
[  159.742511][ T5759] loop0: detected capacity change from 0 to 256
[  159.847955][ T5759] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  159.861426][ T5757] loop3: detected capacity change from 0 to 32768
[  160.472382][ T3681] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  160.606530][ T5767] netlink: 'syz.1.454': attribute type 10 has an invalid length.
[  160.639306][ T5767] device geneve0 entered promiscuous mode
[  160.694503][ T5767] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  160.729510][ T3681] usb 3-1: Using ep0 maxpacket: 8
[  160.861578][ T3681] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  160.873158][ T3681] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  160.891636][ T3681] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  160.933556][ T3681] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  160.985061][ T3681] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  161.028983][ T3681] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  161.095564][ T3681] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.407043][ T3681] usb 3-1: usb_control_msg returned -32
[  161.412737][ T3681] usbtmc 3-1:16.0: can't read capabilities
[  161.753363][ T5790] udc-core: couldn't find an available UDC or it's busy
[  161.783397][ T5790] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  161.990181][ T5788] loop4: detected capacity change from 0 to 32768
[  162.078646][ T5788] XFS: noikeep mount option is deprecated.
[  162.091846][ T5788] XFS: noikeep mount option is deprecated.
[  162.119920][ T3547] usb 3-1: USB disconnect, device number 10
[  162.186441][ T5788] XFS (loop4): Mounting V5 Filesystem
[  162.330723][ T5788] XFS (loop4): Ending clean mount
[  162.341003][ T5788] XFS (loop4): Quotacheck needed: Please wait.
[  162.386633][ T5788] XFS (loop4): Quotacheck: Done.
[  162.442241][ T5802] loop1: detected capacity change from 0 to 2048
[  162.474742][ T5379] XFS (loop4): Unmounting Filesystem
[  162.537911][ T5802] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  163.517707][   T26] audit: type=1800 audit(1719859167.434:23): pid=5823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.468" name="file1" dev="sda1" ino=2015 res=0 errno=0
[  164.008907][ T5822] loop4: detected capacity change from 0 to 32768
[  164.041691][ T5822] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.469 (5822)
[  164.089772][ T5822] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  164.108941][ T5822] BTRFS info (device loop4): using free space tree
[  164.124717][ T5822] BTRFS info (device loop4): has skinny extents
[  164.239000][ T5826] loop0: detected capacity change from 0 to 32768
[  164.274575][ T5826] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.470 (5826)
[  164.303003][ T5826] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  164.366922][ T5826] BTRFS info (device loop0): force clearing of disk cache
[  164.413381][ T5826] BTRFS info (device loop0): turning on flush-on-commit
[  164.437491][ T5826] BTRFS info (device loop0): using free space tree
[  164.491777][ T5826] BTRFS info (device loop0): has skinny extents
[  164.816042][ T5822] BTRFS info (device loop4): enabling ssd optimizations
[  165.039921][ T5826] BTRFS info (device loop0): enabling ssd optimizations
[  165.056907][ T5826] BTRFS info (device loop0): clearing free space tree
[  165.073364][ T5826] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  165.087148][ T5826] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  165.282248][ T5826] BTRFS info (device loop0): creating free space tree
[  165.298467][ T5826] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  165.332987][ T5826] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  165.426216][   T26] audit: type=1800 audit(1719859169.344:24): pid=5826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.470" name="file1" dev="loop0" ino=260 res=0 errno=0
[  165.522363][   T26] audit: type=1804 audit(1719859169.424:25): pid=5826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.470" name="/root/syzkaller.iEnmPV/10/file2/file1" dev="loop0" ino=260 res=1 errno=0
[  165.679666][   T26] audit: type=1804 audit(1719859169.474:26): pid=5898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.470" name="/root/syzkaller.iEnmPV/10/file2/file1" dev="loop0" ino=260 res=1 errno=0
[  165.849960][ T5860] loop2: detected capacity change from 0 to 32768
[  165.939139][ T5860] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.477 (5860)
[  166.032096][ T5860] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  166.034271][ T3715] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  166.065461][ T5860] BTRFS info (device loop2): using free space tree
[  166.089412][ T5860] BTRFS info (device loop2): has skinny extents
[  166.412560][ T5860] BTRFS info (device loop2): enabling ssd optimizations
[  166.549086][ T3677] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  167.108859][ T3549] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  167.116585][   T26] audit: type=1800 audit(1719859171.034:27): pid=5940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.485" name="file1" dev="sda1" ino=2016 res=0 errno=0
[  167.185839][ T5942] syz.0.487[5942] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.185914][ T5942] syz.0.487[5942] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.198181][ T3677] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  167.222673][ T3677] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  167.236844][ T3677] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  167.246147][ T3677] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.277116][ T5915] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  167.391684][ T5945] sctp: [Deprecated]: syz.0.488 (pid 5945) Use of int in max_burst socket option deprecated.
[  167.391684][ T5945] Use struct sctp_assoc_value instead
[  167.497036][ T3549] usb 2-1: config 0 has no interfaces?
[  167.577201][ T3549] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  167.590486][ T3549] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  167.616275][ T3549] usb 2-1: SerialNumber: syz
[  167.636074][ T3549] usb 2-1: config 0 descriptor??
[  167.664980][ T5954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.492'.
[  167.737226][ T3677] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[  167.762947][ T3677] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input9
[  167.799429][ T3677] usb 4-1: USB disconnect, device number 9
[  167.807138][    C1] aiptek 4-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  167.887748][ T3549] usb 2-1: USB disconnect, device number 11
[  168.007489][   T21] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  168.026191][ T5963] loop2: detected capacity change from 0 to 256
[  168.267127][   T21] usb 1-1: Using ep0 maxpacket: 32
[  168.587280][   T21] usb 1-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice=98.d2
[  168.587316][   T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.587339][   T21] usb 1-1: Product: syz
[  168.587356][   T21] usb 1-1: Manufacturer: syz
[  168.587373][   T21] usb 1-1: SerialNumber: syz
[  168.590792][   T21] usb 1-1: config 0 descriptor??
[  168.605006][ T5976] sctp: [Deprecated]: syz.4.501 (pid 5976) Use of int in max_burst socket option deprecated.
[  168.605006][ T5976] Use struct sctp_assoc_value instead
[  168.670577][   T21] gspca_main: pac7311-2.14.0 probing 093a:2601
[  169.167200][   T21] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -71
[  169.167523][   T21] pac7311: probe of 1-1:0.0 failed with error -71
[  169.200286][   T21] usb 1-1: USB disconnect, device number 12
[  169.470895][   T26] audit: type=1800 audit(1719859173.394:28): pid=5983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.504" name="file1" dev="sda1" ino=2015 res=0 errno=0
[  169.674085][ T3549] kernel write not supported for file /input/mice (pid: 3549 comm: kworker/0:8)
[  169.732468][ T5996] loop0: detected capacity change from 0 to 256
[  169.810090][ T5996] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4e1f5d09, utbl_chksum : 0xe619d30d)
[  169.905904][ T5996] exFAT-fs (loop0): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5)
[  169.932440][ T5996] exFAT-fs (loop0): Filesystem has been set read-only
[  170.386856][ T6019] sctp: [Deprecated]: syz.0.517 (pid 6019) Use of int in max_burst socket option deprecated.
[  170.386856][ T6019] Use struct sctp_assoc_value instead
[  170.427010][ T3670] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  170.654568][ T6022] loop4: detected capacity change from 0 to 2048
[  170.907808][ T3670] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  170.995146][ T3670] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  171.202955][ T3670] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  171.212181][ T3670] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.231247][ T6022] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  171.257152][ T6011] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  171.397043][ T3677] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  171.586825][   T13] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  171.642953][ T6034] loop0: detected capacity change from 0 to 32768
[  171.687264][ T3677] usb 4-1: Using ep0 maxpacket: 32
[  171.731770][ T6034] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.522 (6034)
[  171.755621][ T6034] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  171.765276][ T3670] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  171.796245][ T3670] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input10
[  171.805847][ T6034] BTRFS info (device loop0): force zlib compression, level 3
[  171.838115][   T13] usb 3-1: Using ep0 maxpacket: 8
[  171.843600][ T6034] BTRFS info (device loop0): force clearing of disk cache
[  171.851718][ T3670] usb 2-1: USB disconnect, device number 12
[  171.872714][ T6034] BTRFS info (device loop0): setting nodatasum
[  171.881734][ T6034] BTRFS info (device loop0): allowing degraded mounts
[  171.889069][ T6034] BTRFS info (device loop0): enabling disk space caching
[  171.896307][ T6034] BTRFS info (device loop0): disk space caching is enabled
[  171.911525][ T6034] BTRFS info (device loop0): has skinny extents
[  171.957157][   T13] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  171.981642][   T13] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  171.997094][ T6034] BTRFS info (device loop0): clearing free space tree
[  171.999234][   T13] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  172.004606][ T3677] usb 4-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice=98.d2
[  172.022088][   T13] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  172.024133][ T6034] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  172.043216][ T3677] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.051286][ T3677] usb 4-1: Product: syz
[  172.051596][ T6034] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  172.055547][ T3677] usb 4-1: Manufacturer: syz
[  172.070588][ T3677] usb 4-1: SerialNumber: syz
[  172.078769][   T13] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  172.087678][ T3677] usb 4-1: config 0 descriptor??
[  172.106346][   T13] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  172.126825][   T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.165632][ T3677] gspca_main: pac7311-2.14.0 probing 093a:2601
[  172.252669][ T6034] BTRFS info (device loop0): balance: start -sprofiles=metadata|single|raid10|raid1|dup|raid0|raid5|raid6|raid1c3|raid1c4|0xfffefffffffff800,usage=4..0,devid=0,vrange=0..0,limit=0,limit=0..0,stripes=0..0
[  172.295162][ T6034] BTRFS info (device loop0): balance: ended with status: 0
[  172.487319][   T13] usb 3-1: usb_control_msg returned -32
[  172.493383][   T13] usbtmc 3-1:16.0: can't read capabilities
[  172.569745][ T6069] syz.4.528 sent an empty control message without MSG_MORE.
[  172.590254][ T3677] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -71
[  172.598268][ T3677] pac7311: probe of 4-1:0.0 failed with error -71
[  172.612495][ T3677] usb 4-1: USB disconnect, device number 10
[  172.836064][ T6074] udc-core: couldn't find an available UDC or it's busy
[  172.846726][ T6074] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  173.262029][ T3677] usb 3-1: USB disconnect, device number 11
[  173.300329][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.533'.
[  173.337672][ T6095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.533'.
[  173.452988][ T6100] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  173.484767][ T6100] overlayfs: failed to set xattr on upper
[  173.494752][ T6100] overlayfs: ...falling back to index=off,metacopy=off.
[  173.520463][ T6102] loop4: detected capacity change from 0 to 1024
[  173.623188][ T6102] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  173.640639][ T6102] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  173.652620][ T6111] loop3: detected capacity change from 0 to 1024
[  173.660624][ T6102] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  173.705554][ T6111] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  173.715037][ T6111] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  173.723864][ T6102] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  173.726584][ T6111] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  173.742122][ T6102] System zones: 0-1, 3-36
[  173.752743][ T6111] journal_init_common: Cannot get buffer for journal superblock
[  173.758033][ T6102] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  173.761405][ T6111] EXT4-fs (loop3): Could not load journal inode
[  174.101163][   T26] audit: type=1326 audit(1719859178.024:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.543" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f8b174b99 code=0x0
[  174.707842][ T3677] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  174.951345][ T3677] usb 1-1: Using ep0 maxpacket: 16
[  174.997427][ T6149] loop3: detected capacity change from 0 to 32768
[  175.006932][ T4631] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  175.064299][ T6155] loop2: detected capacity change from 0 to 1024
[  175.067668][ T6149] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.555 (6149)
[  175.084295][ T3677] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  175.101919][ T6155] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  175.130442][ T6157] loop1: detected capacity change from 0 to 1024
[  175.132073][ T6155] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  175.144759][ T6155] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  175.173601][ T6149] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  175.195700][ T6149] BTRFS info (device loop3): force zlib compression, level 3
[  175.205422][ T6149] BTRFS info (device loop3): force clearing of disk cache
[  175.206197][ T6155] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  175.225351][ T6149] BTRFS info (device loop3): setting nodatasum
[  175.239841][ T6155] System zones: 0-1, 3-36
[  175.245562][ T6149] BTRFS info (device loop3): allowing degraded mounts
[  175.253764][ T6149] BTRFS info (device loop3): enabling disk space caching
[  175.255572][ T6155] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  175.261261][ T6149] BTRFS info (device loop3): disk space caching is enabled
[  175.289883][ T4631] usb 5-1: Using ep0 maxpacket: 8
[  175.295247][ T3677] usb 1-1: New USB device found, idVendor=0a12, idProduct=5d10, bcdDevice=24.8b
[  175.304453][ T6149] BTRFS info (device loop3): has skinny extents
[  175.311031][ T3677] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.319432][ T3677] usb 1-1: Product: syz
[  175.323630][ T3677] usb 1-1: Manufacturer: syz
[  175.329537][ T3677] usb 1-1: SerialNumber: syz
[  175.340573][ T3677] usb 1-1: config 0 descriptor??
[  175.427018][ T4631] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  175.435246][ T4631] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  175.445218][ T4631] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  175.455507][ T4631] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  175.465638][ T4631] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  175.481752][ T4631] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  175.491460][ T4631] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.503067][    T9] hfsplus: b-tree write err: -5, ino 4
[  175.525068][ T6149] BTRFS info (device loop3): clearing free space tree
[  175.540501][ T6149] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  175.553288][ T6149] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  175.592478][ T3677] usb 1-1: USB disconnect, device number 13
[  175.642471][ T6149] BTRFS info (device loop3): balance: start -d -m -s
[  175.659288][ T6149] BTRFS info (device loop3): relocating block group 6881280 flags data|metadata
[  175.716072][ T6185] loop1: detected capacity change from 0 to 1024
[  175.774369][ T6149] BTRFS info (device loop3): relocating block group 5242880 flags data|metadata
[  175.805117][ T6149] BTRFS info (device loop3): balance: canceled
[  175.817026][ T4631] usb 5-1: usb_control_msg returned -32
[  175.822951][ T4631] usbtmc 5-1:16.0: can't read capabilities
[  175.846152][ T6185] hfsplus: bad catalog entry type
[  175.965153][ T3671] hfsplus: b-tree write err: -5, ino 4
[  176.164231][ T6190] udc-core: couldn't find an available UDC or it's busy
[  176.186070][ T6190] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  176.262503][ T6189] loop0: detected capacity change from 0 to 1764
[  176.448619][ T6198] loop2: detected capacity change from 0 to 128
[  176.645859][ T6198] FAT-fs (loop2): Unrecognized mount option "*" or missing value
[  176.717601][ T3549] usb 5-1: USB disconnect, device number 7
[  177.438430][ T6225] loop3: detected capacity change from 0 to 1024
[  177.511463][ T6225] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  177.553190][ T6225] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  177.571122][ T6225] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  177.596277][ T6229] loop0: detected capacity change from 0 to 512
[  177.733204][ T6225] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  177.752401][ T6225] System zones: 0-1, 3-36
[  177.802668][ T6225] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  177.849543][ T6229] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: writeback.
[  177.867043][ T6229] ext4 filesystem being mounted at /root/syzkaller.iEnmPV/30/file0 supports timestamps until 2038 (0x7fffffff)
[  177.867308][  T264] block nbd1: Attempted send on invalid socket
[  177.887003][  T264] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  177.893364][ T6229] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.576: corrupted xattr block 32
[  177.900754][ T6227] exFAT-fs (nbd1): unable to read boot sector
[  177.917516][ T6227] exFAT-fs (nbd1): failed to read boot sector
[  177.923592][ T6227] exFAT-fs (nbd1): failed to recognize exfat type
[  177.957424][ T6227] blk_update_request: I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  177.969835][ T6227] EXT4-fs (loop1): unable to read superblock
[  178.030658][ T6218] loop2: detected capacity change from 0 to 32768
[  178.041040][ T6229] EXT4-fs error (device loop0): ext4_get_inode_usage:852: inode #15: comm syz.0.576: corrupted xattr block 32
[  178.101708][ T6218] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.572 (6218)
[  178.174142][ T6218] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  178.197186][ T6218] BTRFS info (device loop2): force zlib compression, level 3
[  178.229738][ T3553] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  178.252108][ T6218] BTRFS info (device loop2): force clearing of disk cache
[  178.267361][ T6218] BTRFS info (device loop2): setting nodatasum
[  178.267390][ T6218] BTRFS info (device loop2): allowing degraded mounts
[  178.267410][ T6218] BTRFS info (device loop2): enabling disk space caching
[  178.267427][ T6218] BTRFS info (device loop2): disk space caching is enabled
[  178.267443][ T6218] BTRFS info (device loop2): has skinny extents
[  178.643180][ T6263] loop3: detected capacity change from 0 to 256
[  178.937579][ T3553] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  179.014220][ T6263] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  179.030123][ T3553] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.261236][ T3553] usb 5-1: Product: syz
[  179.265528][ T3553] usb 5-1: Manufacturer: syz
[  179.270525][ T3553] usb 5-1: SerialNumber: syz
[  179.355583][ T3553] usb 5-1: config 0 descriptor??
[  179.417201][ T6218] BTRFS info (device loop2): clearing free space tree
[  179.428461][ T6218] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  179.506844][ T6218] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  179.646676][ T4631] usb 5-1: USB disconnect, device number 8
[  179.738451][ T6218] BTRFS info (device loop2): balance: start -d -m -s
[  179.777660][ T6218] BTRFS info (device loop2): relocating block group 6881280 flags data|metadata
[  179.900309][ T6218] BTRFS info (device loop2): relocating block group 5242880 flags data|metadata
[  179.944904][ T6291] loop1: detected capacity change from 0 to 512
[  180.041289][ T6218] BTRFS info (device loop2): balance: canceled
[  180.057646][ T6291] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: writeback.
[  180.070618][ T6291] ext4 filesystem being mounted at /root/syzkaller.DTiP1H/50/file0 supports timestamps until 2038 (0x7fffffff)
[  180.170583][   T26] audit: type=1800 audit(1719859184.074:30): pid=6298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.589" name="file1" dev="sda1" ino=2020 res=0 errno=0
[  180.226776][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[  180.235898][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[  180.295005][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #108!!!
[  180.311941][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #10a!!!
[  180.322557][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #10a!!!
[  180.332354][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[  180.342837][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[  180.361217][ T6291] EXT4-fs error (device loop1): ext4_xattr_block_get:546: inode #15: comm syz.1.588: corrupted xattr block 32
[  180.494706][ T6291] EXT4-fs error (device loop1): ext4_get_inode_usage:852: inode #15: comm syz.1.588: corrupted xattr block 32
[  181.095412][ T6303] loop3: detected capacity change from 0 to 1024
[  181.781290][ T6332] 
[  181.783662][ T6332] ======================================================
[  181.790771][ T6332] WARNING: possible circular locking dependency detected
[  181.797792][ T6332] 5.15.161-syzkaller #0 Not tainted
[  181.802990][ T6332] ------------------------------------------------------
[  181.810024][ T6332] syz.2.602/6332 is trying to acquire lock:
[  181.815921][ T6332] ffffffff8db50528 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_dlc_exists+0xa2/0x370
[  181.825005][ T6332] 
[  181.825005][ T6332] but task is already holding lock:
[  181.832374][ T6332] ffffffff8db53f08 (rfcomm_ioctl_mutex){+.+.}-{3:3}, at: rfcomm_dev_ioctl+0x233/0x2180
[  181.842063][ T6332] 
[  181.842063][ T6332] which lock already depends on the new lock.
[  181.842063][ T6332] 
[  181.852559][ T6332] 
[  181.852559][ T6332] the existing dependency chain (in reverse order) is:
[  181.861928][ T6332] 
[  181.861928][ T6332] -> #3 (rfcomm_ioctl_mutex){+.+.}-{3:3}:
[  181.869849][ T6332]        lock_acquire+0x1db/0x4f0
[  181.874885][ T6332]        __mutex_lock_common+0x1da/0x25a0
[  181.880616][ T6332]        mutex_lock_nested+0x17/0x20
[  181.885916][ T6332]        rfcomm_dev_ioctl+0x233/0x2180
[  181.891382][ T6332]        rfcomm_sock_ioctl+0x82/0xc0
[  181.896676][ T6332]        sock_do_ioctl+0x11d/0x5a0
[  181.901796][ T6332]        sock_ioctl+0x47f/0x770
[  181.906652][ T6332]        __se_sys_ioctl+0xf1/0x160
[  181.911773][ T6332]        do_syscall_64+0x3b/0xb0
[  181.916722][ T6332]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  181.923145][ T6332] 
[  181.923145][ T6332] -> #2 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}:
[  181.932607][ T6332]        lock_acquire+0x1db/0x4f0
[  181.937673][ T6332]        lock_sock_nested+0x44/0x100
[  181.942974][ T6332]        rfcomm_sk_state_change+0x57/0x300
[  181.948794][ T6332]        __rfcomm_dlc_close+0x2b2/0x6d0
[  181.954374][ T6332]        rfcomm_dlc_close+0xed/0x180
[  181.959670][ T6332]        __rfcomm_sock_close+0x104/0x220
[  181.965318][ T6332]        rfcomm_sock_shutdown+0xb4/0x230
[  181.970966][ T6332]        rfcomm_sock_release+0x55/0x110
[  181.976528][ T6332]        sock_close+0xcd/0x230
[  181.981306][ T6332]        __fput+0x3bf/0x890
[  181.985817][ T6332]        task_work_run+0x129/0x1a0
[  181.990941][ T6332]        do_exit+0x6a3/0x2480
[  181.995633][ T6332]        do_group_exit+0x144/0x310
[  182.000755][ T6332]        get_signal+0xc66/0x14e0
[  182.005705][ T6332]        arch_do_signal_or_restart+0xc3/0x1890
[  182.011880][ T6332]        exit_to_user_mode_loop+0x97/0x130
[  182.017700][ T6332]        exit_to_user_mode_prepare+0xb1/0x140
[  182.023773][ T6332]        syscall_exit_to_user_mode+0x5d/0x240
[  182.029850][ T6332]        do_syscall_64+0x47/0xb0
[  182.034789][ T6332]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  182.041301][ T6332] 
[  182.041301][ T6332] -> #1 (&d->lock){+.+.}-{3:3}:
[  182.048343][ T6332]        lock_acquire+0x1db/0x4f0
[  182.053392][ T6332]        __mutex_lock_common+0x1da/0x25a0
[  182.059138][ T6332]        mutex_lock_nested+0x17/0x20
[  182.064434][ T6332]        __rfcomm_dlc_close+0x259/0x6d0
[  182.070003][ T6332]        rfcomm_dlc_close+0xed/0x180
[  182.075334][ T6332]        __rfcomm_sock_close+0x104/0x220
[  182.080980][ T6332]        rfcomm_sock_shutdown+0xb4/0x230
[  182.086621][ T6332]        rfcomm_sock_release+0x55/0x110
[  182.092167][ T6332]        sock_close+0xcd/0x230
[  182.096937][ T6332]        __fput+0x3bf/0x890
[  182.101451][ T6332]        task_work_run+0x129/0x1a0
[  182.106575][ T6332]        do_exit+0x6a3/0x2480
[  182.111349][ T6332]        do_group_exit+0x144/0x310
[  182.116467][ T6332]        get_signal+0xc66/0x14e0
[  182.121410][ T6332]        arch_do_signal_or_restart+0xc3/0x1890
[  182.127568][ T6332]        exit_to_user_mode_loop+0x97/0x130
[  182.133385][ T6332]        exit_to_user_mode_prepare+0xb1/0x140
[  182.139471][ T6332]        syscall_exit_to_user_mode+0x5d/0x240
[  182.145562][ T6332]        do_syscall_64+0x47/0xb0
[  182.150512][ T6332]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  182.156938][ T6332] 
[  182.156938][ T6332] -> #0 (rfcomm_mutex){+.+.}-{3:3}:
[  182.164320][ T6332]        validate_chain+0x1649/0x5930
[  182.169703][ T6332]        __lock_acquire+0x1295/0x1ff0
[  182.175106][ T6332]        lock_acquire+0x1db/0x4f0
[  182.180207][ T6332]        __mutex_lock_common+0x1da/0x25a0
[  182.185926][ T6332]        mutex_lock_nested+0x17/0x20
[  182.191205][ T6332]        rfcomm_dlc_exists+0xa2/0x370
[  182.196569][ T6332]        rfcomm_dev_ioctl+0xb2d/0x2180
[  182.202104][ T6332]        rfcomm_sock_ioctl+0x82/0xc0
[  182.207389][ T6332]        sock_do_ioctl+0x11d/0x5a0
[  182.212507][ T6332]        sock_ioctl+0x47f/0x770
[  182.217356][ T6332]        __se_sys_ioctl+0xf1/0x160
[  182.222457][ T6332]        do_syscall_64+0x3b/0xb0
[  182.227386][ T6332]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  182.233788][ T6332] 
[  182.233788][ T6332] other info that might help us debug this:
[  182.233788][ T6332] 
[  182.243999][ T6332] Chain exists of:
[  182.243999][ T6332]   rfcomm_mutex --> sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM --> rfcomm_ioctl_mutex
[  182.243999][ T6332] 
[  182.258759][ T6332]  Possible unsafe locking scenario:
[  182.258759][ T6332] 
[  182.266194][ T6332]        CPU0                    CPU1
[  182.271550][ T6332]        ----                    ----
[  182.276897][ T6332]   lock(rfcomm_ioctl_mutex);
[  182.281562][ T6332]                                lock(sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM);
[  182.290438][ T6332]                                lock(rfcomm_ioctl_mutex);
[  182.297629][ T6332]   lock(rfcomm_mutex);
[  182.301784][ T6332] 
[  182.301784][ T6332]  *** DEADLOCK ***
[  182.301784][ T6332] 
[  182.309920][ T6332] 2 locks held by syz.2.602/6332:
[  182.314957][ T6332]  #0: ffff888076349120 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sock_ioctl+0x74/0xc0
[  182.326382][ T6332]  #1: ffffffff8db53f08 (rfcomm_ioctl_mutex){+.+.}-{3:3}, at: rfcomm_dev_ioctl+0x233/0x2180
[  182.336593][ T6332] 
[  182.336593][ T6332] stack backtrace:
[  182.342479][ T6332] CPU: 1 PID: 6332 Comm: syz.2.602 Not tainted 5.15.161-syzkaller #0
[  182.350546][ T6332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  182.360621][ T6332] Call Trace:
[  182.363929][ T6332]  <TASK>
[  182.366855][ T6332]  dump_stack_lvl+0x1e3/0x2d0
[  182.371540][ T6332]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  182.377167][ T6332]  ? print_circular_bug+0x12b/0x1a0
[  182.382367][ T6332]  check_noncircular+0x2f8/0x3b0
[  182.387299][ T6332]  ? unwind_next_frame+0x1437/0x1fa0
[  182.392586][ T6332]  ? add_chain_block+0x850/0x850
[  182.397520][ T6332]  ? lockdep_lock+0x11f/0x2a0
[  182.402201][ T6332]  ? stack_trace_save+0x1c0/0x1c0
[  182.407216][ T6332]  ? __kernel_text_address+0x94/0x100
[  182.412582][ T6332]  ? unwind_get_return_address+0x49/0x80
[  182.418209][ T6332]  ? _find_first_zero_bit+0xcf/0xf0
[  182.423412][ T6332]  validate_chain+0x1649/0x5930
[  182.428273][ T6332]  ? stack_trace_snprint+0xe0/0xe0
[  182.433387][ T6332]  ? reacquire_held_locks+0x660/0x660
[  182.439100][ T6332]  ? lockdep_unlock+0x166/0x300
[  182.443946][ T6332]  ? lockdep_lock+0x2a0/0x2a0
[  182.448616][ T6332]  ? validate_chain+0x13bd/0x5930
[  182.453633][ T6332]  ? mark_lock+0x98/0x340
[  182.457983][ T6332]  __lock_acquire+0x1295/0x1ff0
[  182.462832][ T6332]  lock_acquire+0x1db/0x4f0
[  182.467326][ T6332]  ? rfcomm_dlc_exists+0xa2/0x370
[  182.472350][ T6332]  ? read_lock_is_recursive+0x10/0x10
[  182.477715][ T6332]  ? __might_sleep+0xc0/0xc0
[  182.482295][ T6332]  ? mark_lock+0x98/0x340
[  182.486618][ T6332]  __mutex_lock_common+0x1da/0x25a0
[  182.491818][ T6332]  ? rfcomm_dlc_exists+0xa2/0x370
[  182.496858][ T6332]  ? rfcomm_dlc_exists+0xa2/0x370
[  182.501880][ T6332]  ? mutex_lock_io_nested+0x60/0x60
[  182.507071][ T6332]  ? aa_get_newest_label+0xf9/0x6c0
[  182.512266][ T6332]  ? end_current_label_crit_section+0x170/0x170
[  182.518505][ T6332]  ? __lock_acquire+0x1ff0/0x1ff0
[  182.523533][ T6332]  mutex_lock_nested+0x17/0x20
[  182.528305][ T6332]  rfcomm_dlc_exists+0xa2/0x370
[  182.533151][ T6332]  ? __rfcomm_dlc_close+0x6d0/0x6d0
[  182.538338][ T6332]  ? bpf_lsm_capable+0x5/0x10
[  182.543006][ T6332]  ? security_capable+0x86/0xb0
[  182.547855][ T6332]  rfcomm_dev_ioctl+0xb2d/0x2180
[  182.552790][ T6332]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  182.558764][ T6332]  ? print_irqtrace_events+0x210/0x210
[  182.564215][ T6332]  ? rfcomm_sock_debugfs_show+0x120/0x120
[  182.569944][ T6332]  ? __local_bh_enable_ip+0x164/0x1f0
[  182.575325][ T6332]  ? lockdep_hardirqs_on+0x94/0x130
[  182.580524][ T6332]  ? __local_bh_enable_ip+0x164/0x1f0
[  182.585889][ T6332]  ? _local_bh_enable+0xa0/0xa0
[  182.590727][ T6332]  ? do_raw_spin_unlock+0x137/0x8b0
[  182.595923][ T6332]  rfcomm_sock_ioctl+0x82/0xc0
[  182.600683][ T6332]  sock_do_ioctl+0x11d/0x5a0
[  182.605283][ T6332]  ? sock_show_fdinfo+0xb0/0xb0
[  182.610137][ T6332]  sock_ioctl+0x47f/0x770
[  182.614463][ T6332]  ? sock_poll+0x410/0x410
[  182.618883][ T6332]  ? __fget_files+0x413/0x480
[  182.623553][ T6332]  ? bpf_lsm_file_ioctl+0x5/0x10
[  182.628500][ T6332]  ? security_file_ioctl+0x7d/0xa0
[  182.633626][ T6332]  ? sock_poll+0x410/0x410
[  182.638034][ T6332]  __se_sys_ioctl+0xf1/0x160
[  182.642624][ T6332]  do_syscall_64+0x3b/0xb0
[  182.647030][ T6332]  ? clear_bhb_loop+0x15/0x70
[  182.651700][ T6332]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  182.657594][ T6332] RIP: 0033:0x7f4f8b174b99
[  182.661999][ T6332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.681592][ T6332] RSP: 002b:00007f4f89bf5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  182.689995][ T6332] RAX: ffffffffffffffda RBX: 00007f4f8b302fa0 RCX: 00007f4f8b174b99
[  182.697957][ T6332] RDX: 0000000020000100 RSI: 00000000400452c8 RDI: 0000000000000004
[  182.705917][ T6332] RBP: 00007f4f8b1f577e R08: 0000000000000000 R09: 0000000000000000
[  182.713882][ T6332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.721844][ T6332] R13: 000000000000004d R14: 00007f4f8b302fa0 R15: 00007fff8b24f558
[  182.729813][ T6332]  </TASK>
[  182.926337][ T6338] loop0: detected capacity change from 0 to 8192
[  182.963641][ T6338] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  182.976852][ T6338] REISERFS (device loop0): using ordered data mode
[  182.983406][ T6338] reiserfs: using flush barriers
[  183.007707][ T6338] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  183.024564][ T6338] REISERFS (device loop0): checking transaction log (loop0)
[  183.035419][ T6338] REISERFS (device loop0): Using tea hash to sort names
[  183.047055][ T6338] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.