last executing test programs:

39.901295396s ago: executing program 2 (id=2921):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f00000000c0)={0x5, 0x6, 0x5, 0x8, 0x9, 0x9})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001600)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000006140)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
fchown(r0, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000380)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100)={0x3}, 0x10}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
r8 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r8, 0x2def, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r7, 0x0, 0x0, 0x200408c4, 0x0, 0x0)
r11 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r12 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x20000023896)
r13 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSF(r13, 0x5409, 0x0)
shutdown(r7, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=@newqdisc={0x0, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xa}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_mq, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x89}, @TCA_RATE={0x6, 0x5, {0x0, 0x2}}, @TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0xcd, 0x6, 0xd15, 0x1000, 0x2, 0x1}}, {0x0, 0x2, [0x45ec, 0x7, 0x1, 0xad8, 0x7, 0x5, 0x6]}}, {{0x0, 0x1, {0x3, 0x10, 0x8000, 0x0, 0x1, 0x6, 0x809}}, {0x0, 0x2, [0x4e69]}}, {{0x0, 0x1, {0x2, 0x6, 0x7, 0x5, 0x0, 0x0, 0x7}}}, {{0x0, 0x1, {0x4, 0x4c, 0x5, 0x9, 0x1, 0x7, 0x80000000}}, {0x0, 0x2, [0x6]}}, {{0x0, 0x1, {0x2, 0x9, 0x0, 0x9, 0x1, 0xffffffff, 0x6}}, {0x0, 0x2, [0x104]}}, {{0x0, 0x1, {0x6, 0x0, 0x9, 0x5, 0x1, 0x2, 0x6}}, {0x0, 0x2, [0x703, 0x4]}}, {{0x0, 0x1, {0x59, 0x10, 0x111, 0xb20d, 0x2, 0xe8cc, 0x9}}, {0x0, 0x2, [0x400, 0x200, 0x2, 0x8000, 0xaa, 0xabd, 0x9, 0x401]}}]}]}, 0x48}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x1f2f, 0xf, 0x3ce, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r0, &(0x7f00000002c0)="2cb9961ea0681de52382dfe1a8084b5a897ac74fbcc1915d26b492a69377ebe84eb93d487be103195f13f1c7ca441f7a9245f8836874cc9e2af53509b785c43a4b5fbbaae12df5eaf818ee91c9c95cbc9a109ab15cd8fe8c1cc852c74db5c368d5b1e5291732eac602b6da766cc7b47ed7f565795333e0f412c8932409c6f05ee0181da82dccfbbf07b684523a4660758718b9d4dd8d21534dd64721042cf40d6eefb9964daf988f1077b6f8d29c7663b427fcf8cc6edee33dabdbd4524505e26a9e66c9a19a51d3ae1e3b75aab80955059a11fd8d65511fbddde7988287910273e7e711"}, 0x20)
r14 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r14, 0x80111500)

38.64174992s ago: executing program 2 (id=2925):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = syz_open_dev$vim2m(&(0x7f0000000300), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMON(r2, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000240)=0x1)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r1, 0x84, 0xa, &(0x7f0000001080)=""/4130, &(0x7f0000000100)=0x1022)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b70000000000000095", @ANYRES64=r2, @ANYRES64=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c40), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000100), 0x8)
r8 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
connect$ax25(r8, &(0x7f0000000040)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @null, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}]}}}, {0x14, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xdc}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)

36.529369716s ago: executing program 2 (id=2928):
syz_mount_image$btrfs(&(0x7f0000000140), &(0x7f0000005140)='./file0\x00', 0x16, &(0x7f0000000340)={[{@compress_force_algo={'compress-force', 0x3d, 'no'}}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'btrfs\x00'}}, {@appraise}, {@uid_gt}, {@measure}]}, 0x1, 0x510c, &(0x7f0000005180)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX/jei4r/D8W2kmPK2vzwpGkcDoW8vOhWziWFE7EM+3ztfl008L3sZBfYDEfr6BY070kIulxtV+PhcINe5ztHhwAAOCeEsNznmXHepshjbLztUE7rB60w8igHeqDdhhNdkh37Lc9zPYW4vb2mY1Le/7/keHyf3wrVmWLftf/h3j9f/5cw+71/7Ox0EgK87HQSu8Y0IrHyMLux/EYjVbe48r6bgEAAADuavF7gfoKzwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+Ye/eY+Sq7sOBn32O9+H1QvJTCL8o2SQ1jpt4vbbJQy1V1pSqEWmadUODqiiNjb0mixfs2KbEKETGJqIRgtIGKfmjCKMoqvkDagUikgLCRYojVB4RVVEAgUJriIJIKUlEmiDF1ey9Z/bOuTuPtb3GSz4fyTtn5nuedx6ec++dcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN8Nh79y1d82iz/82wuefu7i8cv2rb/45WsuOPPxECZmHu/Iwh391986/vM7z79r331rb7vn6IXv783L5fEwUP3Tmd+5LtZ6dGkI93aE0J0GVg1mgZ78/mCs7x2DIZwRZgO1EpP9WYm04fD9vhAOhNlArarv9YUwWAhc9MRDD95YTdzSF8LyEEIlbePZStZGXxo4pzcL9KeB7d1Z4FfHMrXAdzuzAJyw+GaovegPTdRnGJ67XIPXX89J69gbKx1eV0wMN873s/UL3KmC3vSBiRN62krVsSBKb4/D3m2L4N1W2s43e9qKX6TybyjHZkOV0LllcuumK6d3x0c6w+hoV6OaFuh5furVL22eT3rRvA5jB4ZPyuvwpseW39m18hOP3rNq+YsHP7D/pRPt5o8Km7SYXmiVkL/mFs3zGI37PFkEb7/St6QRX7pCCFs//3ufbBYvzf+Hm8//48s53nbW5Y61vj6Uzc3jI4Mx8cpQNjcHAACARWMx7DXdPvrAR5rVV5r/j7R3/D8e8s8n89loD4cwPpPYvyyEs2YezwJ3xOYuWRbCu2dSE/WB9UngcAhvn0msrFWVlFgSS4wkgZ8M5YHxJHAkBiaSwLdi4OYkcF0MHEoCm2PgcBI4PwbCVP04fn8oH0fbgb4Y2JhtxEPxLIRfDMXWkm31TK0qAACAkySfHfbU3y2c63CiGeL08lBfqwzxDOyGGSpJDekMtjatalhDd6saOlvVUBv33ubDL9Xc0arm0mkYHfUZbv3l33wqNFGa/481n/9X5uhIR+n4fwgbZv7G3J15ZLoW3zhRlwEAAAA4AQP/+/w3m8VL8//x9s7/j/tEugqZwyNxN8S2ZSGM1Qeyav+wHMiOeg/kAQAAAFgMasfja8fCp/Lb7BTtdD5dzj8xz/zxwP/4nPl7D9+/sVl/S/P/ifbO/++vv806cST24mvLQlhSCPwg9rIamDESAz/+aH0gH/+RuAFuiFXlJybUqrohltgYA2NJ4ECjEj+slTirPpA/WbXG99fGMZWXKAQAAADglIu7A+Jx+Xj+/3t+s/aqZuVK8/+N8zv/f2YeXDq9f3oghNXdIXSlPwx4pD9bGDAGBjvyxAP9WV1daVXX9odwXnVgaVXP5+v/d6drDD7Rl1UVA2e95+Cr51QT3+wLYXUx8ORnbv9gNbE7CdQa/8u+EN5VHW3a+HeWZI33pI1/fUkI7ywEalVdsiSEamO9aVUPVfLrGKRV/XMlhLcUArWqPlQJYU8AYJGK/5VuKT64a8/V2zZNT0/uXMBE3IffF7ZOTU+Obt4+vaXSoE9bkj7XLWN0bXlM7V755pl8iaJP371hsJ107XeCY8W28v34pRMH8/vxu1DPzDjX9tTdXZcO+X3vLTcRCt+kGg25c4GH3F+sZPZJLNUf8/eGgbDkyl2TO0e/uGn37p1rsr/tZl+b/Y2HmbJttSbdVv1z9a2Nl0fD1bISx7utVhQrWb378h2rd+25etXU5Zsunbx08oo1H1o7du7YurEPn7u6Oqqx7G+Loa6Yq+pkqMdub3NcJ3GoZ3cXKjkVnxoSEhKLLbF9YEXT/5NL8/8dzef/8VMnfvLn6zM0Ov4/HA/zZ4/PHubfGAMHysf/6/6XqB3/H250NL92YsBIEtgbA3sd5gcAAODNIU7y49w57pX+6crvvNisXGn+v7e93/+fpPX/a0vXX9homf+VscRYo/X/02X+a+v/7220/n+6zH9t/f8Db8D6/1fWAskm+YX1/wEAgDeDU7f+f8vl/dMLBJQytFzeP71AQClDy2X8271AwLzX/3/2P//qv0MTpfn/ze3N/y3cDwAAAKePL//ZVf+vWbw0/z/Q3vz/1K//Fxqd/z/SKDDRaGFA6/8BAACwSDVa/2/4+v7PNStXmv8fam/+H0+76KzLHWt9fShb0y6ka9q9MlT7yQAAAAAsDp1hdLSnzbx1K6OuP/42n8qXAm2WLnr+T47O7/z/w+3N/+t+l3HTY8vv7Fr5iUdfv2fV8hcPfmD/S7PH/wEAAICF0+5+CQAAAAAAAAAAAAAA4I33/H/sW9csXvr9f9gw83ij3//H6/7F3xe8tS53rLX1+n/5/Ys+fteemSULHxkK4b3FwLZ9284I+bX5VxQDD3525duqiX1pifufO/+FauJzaeBjq858rZo4LwlsjIskvj0NxKsqvrY0CcTlFf89DcTtcSgN9OaBry7NxtGRbqufDmbbqiPdVk8PhrCsEKhtq3sHszY60gHekgRqA/xCGogD/PM80Jn26q6BrFcxMBiL3jaQ9QoAgNNW/BbYE7ZOTU+Oxa/w8fbs7vrbqG7JsmvL1Xa02fwz+dJkn757w2A76a70u+jstcZ7QqU6hDWlr6vFLB0zozw5tbTYdG9tMORWq711NiiXmu+m6208or5sRKObt09v6Wk58HWts6ztbpllTWmyU8zSObNJ26iljb60MaI2t00bXY73O8PoaFeS6w9icDjUafWKaPf3+sV1/hq9Cop5rji6/1fN6ivN/4fbm/9XiuN6Lb8YwN54Zb2/W2aZfwAAAFhYX13/62/Ef5+6/uEnm+Utzf9H2pv/xz1Y+aHgbG/H4Xj9//3LQpi5tP5wFrgjNnfJshDePZOaiCWyC+pfGEuMZYE74g6TlbHExon6qpbEwKEk8JOhPHA4CRyJgXwvxcGQ78r5+6EQPjiT2lBfYkcsMZwEPhkDI0lgNAbGksDSGBhPAi8vzQMTSeDfYiBM1W+ru5fm2woAAGA+8nlWT/3dkM7zDnW3ytDRKkN/qwydrTJUWmVoNIp4/9sxQ09y8kpHIVNPWmtfUkspQ7wY/rz7VcoQflifMy1Yajqef1A736CjPsN9H+muhCZK8/+x9ub/2ZN5rL71I3H+P3v9vyzwg9i9r8VTx0di4McfrQ/kOwaOxMnuDbWqJvIS+aT9hlhiPAZGksCOGBhPAhs35IEDb6sP5DPtWuP7a41P5SUKAQAAADjl4g6CuJsmzv9v2/WVgWblSvP/8fbm/7G9gWJj18Vajy4N4d6O2d7UAqsGs0DcjzEYfx7/jsEQzijs4KiVmOzPSvQmDYfv92W/UO9Nq/peX/bjg3j/oiceevDGauKWvhCWF/a+1Np4tpK10ZcGzunNAv1pYHt3Foh7fmqB73ZmAThhtb2C8QWVn+pSMzx3uQavvzfLNUHT4ZX2gc6Rb67fXC2U0g7XfJ9qzfyetqb7bzlpSm+Pw95ti/HdNuzdVvwilX9DOTYbqoTOLZNbN105vTs+Uvwla8kCPc/FX6m2kz4Jr8O9x9/b1ippB8aSj4+xucvN/TrsiNXd9NjyO7tWfuLRe1Ytf/HgB/a/1HY3Gog/FH7omn8d/FFh8y60Sshfc4vu82TC58li/G9gxNMWQtjw8tdvaBYvzf8n2pv/dye3M34dN+auZSG8r7BxH4mb/4+XZZ+DhUD2KfmWciA75P5fQw0/OQEAAOBkq+3uqO0vmMpvsxPC03lyOf/EPPPH/RXjc+Zvt9/9f/3Z5c3ipfn/xubz/yVJNx3/d/yfBeL4/5xO913RS9IH9p7QruhSdSwIx//ndLq/2xz/n5Pj/47/z8Xx/xYc/5/T6f60lb4l7fClK4Tw4h898HSzeGn+v6O9+b/1/+ZetK+2/t/GRuv/7Wi0/t9e6/8BAAALqsFCc+k8r7R6XylDunpfKUPLBQJbLjFo/b95r//3wtnP/iY0UZr/721v/h9fDgPF1hfL+n8jGxpUdXMM7LAwIAAAAKejRjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGPd9w//s6VZ/OHfXvD0cxePX7Zv/cUvX3PBmY+HMDXzeEcW7ui//tbxn995/l377lt72z1HL3x/JS/Xk9/+/7rcsdbXh0I4UHhkMCZeGaremQ1c9PG79nRXE48MhfDeYmDbvm1nVBPfGgphRTHw4GdXvq2a2JeWuP+581+oJj6XBj626szXqonzNnVm3Uy7+49Ls+52pN29cWkIywqBWncvW5q10ZG28ad5oDNt458GszZiYDAW/cZg1kYMTMcSU0tCWN0dQlda1cOVrKqutKp/qWRVdaVVfbkSwnkhhO60qud6s6q605E/3ptVFQNnvefgq+dUEwd6Q1hdDDz5mds/WE18IQnUGv+L3hDeVX3JpI1/uydrvCdt/JaeEN4ZQuhNS/yyOyvRm5Z4vjuEtxQCtcY/3x3CnsCbQvzwqftE27Xn6m2bpqcndy5gojdvqy9snZqeHN28fXpLJelTIx2F9LFrj3/sz7z6pc3V20/fvWGwnXR3Xq5npstre+rurjvdex/71V+sZPb5KNUf8/eGgbDkyl2TO0e/uGn37p1rsr/tZl+b/e3Ko9m2WtNkW3UV77zR22pFsZLVuy/fsXrXnqtXTV2+6dLJSyevWPOhtWPnjq0b+/C5q6ujGsv+tj/U0HCot5/6oZ7dXajkVHwAzC8RN8/p0h8Jid/FRGfdp9vY6f6fXumL/mxHe0Jl5gO6NK0oZumYGeXJGPT64xzx8XxPaTmiNaWJQynL2tZZ1pUmE7NZ+rIsM9/rSpPDYk2dM5s03u8Mo6NdjbbDcP3d4ub92Qls3qfyTdduGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMClAAAA///9yyc9")
unshare(0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)
r1 = socket$kcm(0x29, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000580)="3c83037869cbf88c934869000284efc68617c60740a02dd96d8e48a6f2640900000054424fa2af240000e9b507fc50a554da6109280dc5c800005df3ce8297dd3ced735d", &(0x7f0000000600)=""/154}, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={0x0, 0x0, 0x8c, 0x0, 0x0, 0x5b77}, 0x20)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r2, 0x40309410, &(0x7f0000000200)={0x4, 0x0, 0x3, 0x100, 0x2, [0x10, 0x6, 0x42e]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x200000000000017a, &(0x7f0000000300)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r6}, 0x10)
rt_sigpending(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x290, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x80, {0x9, 0x21, 0x9, 0x80, 0x1, {0x22, 0x2}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x2}}}}}]}}]}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

31.750637478s ago: executing program 2 (id=2939):
socket$inet6(0xa, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
listen(0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x6, 0xc8}}}, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xfffffffd}, [@alu={0x7, 0x0, 0xd, 0x8, 0x6, 0x100, 0xffffffffffffffff}]}, &(0x7f0000000040)='GPL\x00', 0x100002, 0x0, 0x0, 0x0, 0x19}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x59}, [@ldst={0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x23)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', <r1=>0x0})
prlimit64(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
preadv(r2, &(0x7f0000000100)=[{&(0x7f0000000140)=""/196, 0xc4}], 0x1, 0x200000, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x48}}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xa, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)

27.395143452s ago: executing program 2 (id=2955):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x10)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000400)=[{0x200, 0x0, 0x0, 0x7ffc1ffb}]})
syz_open_procfs(r0, &(0x7f00000000c0)='limits\x00')
r4 = creat(0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000140)={0x8ef, 0x0, 0x2, 0x2, 0x7, [{0x5, 0x10001, 0xc, '\x00', 0xc}, {0x7bf, 0xd67b, 0x5, '\x00', 0x100}, {0x4, 0x1, 0x7}, {0x3, 0x8, 0x7, '\x00', 0x1400}, {0x0, 0x8c1, 0x2, '\x00', 0xc01}, {0x7f, 0x7, 0x3}, {0x845a, 0x0, 0x939, '\x00', 0x258d}]})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000200)={0x15})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000240)={0x28, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
fsmount(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000200)='cmdline\x00')
readv(r6, &(0x7f0000000700)=[{0x0}, {&(0x7f0000000140)=""/49, 0x31}], 0x2)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
socket(0xa, 0x0, 0x3a)
setsockopt$MRT6_DONE(0xffffffffffffffff, 0x29, 0xca, 0x0, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

23.160659965s ago: executing program 2 (id=2957):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40044582, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0)

12.617788377s ago: executing program 3 (id=2988):
r0 = syz_clone(0x8b2cb000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x10280000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = gettid()
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
ioctl$GIO_UNISCRNMAP(r4, 0x4b69, &(0x7f00000005c0)=""/91)
ioctl$BLKTRACESETUP(r4, 0xc0401273, &(0x7f0000000000)={'\x00', 0x4, 0x2, 0x0, 0x100000000, 0x1fd, r1})
getpriority(0x1, r1)
setpgid(r0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x5, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$dlm_plock(0xffffff9c, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f00000000c0)="ff780f4ee4de54c1e81798fbd956be2cfd839652fc48b95436716672126b88ecba324e529cf352083eea0c9c8806eb099d35", &(0x7f00000002c0)="72530362ee3bfc69c45ccfe1a805ef328e7e2927ad58cfadc57ce365dc3cc874f936b7300ddbb7537dd615896bf02732ea5ab31ebe7a66ce2739cd21777303e02eaee5d466847e2162a07fb2570b59e02560e73b8436d49fef613e7edaa3463ed9a1d6c58d8cdf4231a917111407e4c754ad97991ff3047ca69e946eb8dab390bfbb6e3bb5153956f3cbd65200b5fe2adc4ff7d6a12a8244b4690cca74e19390d147da4ba18fac35bd3eeef6c1c71566898b784e7f0c47a5af229bcf4010045d22da81860bcec2808bbd1960954e0420610895ca2568fc1647f756236ae9c374e565231673888df3680c4257f0e2994dbfbf770c9c8f4b42a16a74db"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x10800, 0x0)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r5, 0x7a6, &(0x7f0000000080)={0x0, 0x7f, 0x8000000000000001, 0x3, 0x7, 0xfffffffa})
read$midi(r6, 0x0, 0x49)

10.13803293s ago: executing program 3 (id=2994):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3})
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
fcntl$getflags(0xffffffffffffffff, 0x408)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@abort}, {@lazytime}, {@noload}, {@nojournal_checksum}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCFLSH(r1, 0x40045431, 0x20000000)

8.556068485s ago: executing program 3 (id=3000):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0x7, 0x8, 0x22, 0x0, 0xffffffffffffffff, 0x10}, 0x48)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000003c0)={r0, &(0x7f0000000680), &(0x7f0000000500)=@udp=r1}, 0x20)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0xc0185879, &(0x7f00000004c0)={0x0, 0x5, 0x3, 0x2000, 0x0, 0x0, 0x2401})
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000180)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETENCODER(r4, 0xc01464a6, &(0x7f0000000200)={r5})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f00000006c0)={'#! ', './file0', [], 0xa, "bb0841094396f73a7dd2f1384146a89b31b0ada41e9217b429a7bba1384672ecc3c243405e49cfaf06cdcc639ba74e692af5f90e56c5d7d33b3592c898"}, 0x48)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r7, 0x0)
ptrace$getregset(0x4205, r6, 0x2, &(0x7f0000000040)={0x0})
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r7, 0x11, 0xa, &(0x7f0000000080)=0xffffffbb, 0xfffffffffffffdff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))

5.572947394s ago: executing program 4 (id=3007):
openat$vcs(0xffffffffffffff9c, &(0x7f00000020c0), 0x400f02, 0x0)
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$phonet(0x23, 0x2, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001140)={'wg2\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000001180)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)

5.57008571s ago: executing program 5 (id=3008):
r0 = socket(0x2b, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000000), 0x4)

5.308250039s ago: executing program 5 (id=3010):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c0011060021001400000f0007000000", @ANYRES32=r1, @ANYBLOB], 0x48}}, 0x0)

5.307873819s ago: executing program 4 (id=3011):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x204090, &(0x7f0000000a40)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@abort}, {@lazytime}, {@noload}, {@nojournal_checksum}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x880a, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r0, @ANYBLOB="83e70882023bc58ae87cad0764cdc7706070", @ANYRESDEC=r0], 0x0, 0x5e7, &(0x7f0000001a00)="$eJzs3U9rHOcdB/DvrGTZcsFREjtJS0uFfWiJqa3VJo4OBbulFB1CCfSSSw7CXsfCayVIm6KEUuT+vfYdJD3I5556KD0Y0nPfgqCHHAq96+Yys7OrjSXLK8fRrprPB559ntln5vnz88yjnVnMBvjGWn43px6myPLltzfL7Z3tVmdnu3WvX05yOkkjme5lKdaS4vPkRnop3y7frJsrntTPe5++tfRF88H93tZ0nar9G4cdN5qtOmU+yVSdH9H0k9q7+WztDSkGMywDdqkfOBi3R/tsHeXwr3jdApOg6P3d3GcuOZvkTP05IPXq0Dje0T1/R1rlAAAA4IR6YTe72cy5cY8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATpL69/+LOjX65fkU/d//n6nfS10+0R6OewAAAAAAAAAA8Bx8v9jazWbO9bcfFdV3/herjfPV67fyUTbSznquZDMr6aab9TSTzA01NLO50u2uN0c4cvHAIxePZ74AAAAAAAAA8H/qt1ne+/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmQZFM9bIqne+X59KYTnImyUy531byj375JHs47gEAAADAMXhhN7vZzLn+9qOiuud/pbrvP5OPspZuVtNNJ+3cqp4F9O76Gzvbrc7Odutemfa3+5P/HmkYVYvpPXs4uOeFao9icMRyfp5f5nLm807Ws5pfZSXdtDOfn1WllRSZq59ezPXHefB4b3xp652njfW1aiSzuZ3VamxXcjMfpJNbaVRzqPY5vMf7ZXSKqVyvjBijW3VezujPdT4Z5qqInBpEZKGOfRmNFw+PxBHPk8d7aqYxeAZ1fpSYX79+pJifrfMy1n+c6JgvDp19rxweieTiv7/3tzudtbt3bm9cnpwpPaPHI9EaisSr36hIzNTR6K2ijVwY1Dx9tbxYHXsuq/lFPsittPNmlvJmFvNG3shClnJtKK4XRrjWGke71i79sC7MJvlTnU+GMq4vDsV1eKWbq+qG39mL0kvPf0Wa/k5dKPv4XZ1Phscj0RyKxMuHR+Ivj8rXjc7a3fU7Kx+O2N8P6ry8bP8wUWtzeb68VP5jVVtfPjvKupcPrGtWdecHdY19dRcGdU+7Umfqz3D7W1qs6l49sK5V1b02VHfQpxwAJt7Z18/OzP5n9l+zn83+fvbO7Ntnfnp66fR3Z3Lqn9N/n/pr40Hjx8Xr+Sy/2bv/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnt3Gx5/cXel02usKCgoKg8K4Vybg63a1e+/Dqxsff/Kj1Xsr77ffb6+1Ws1ri0vXlhavXb292mkv9F7HPUzga7D3R3/cIwEAAAAAAAAAAABGdRz/nWDccwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOtuV3c+phijQXriykSLLd6uxstzplXT/vmU7SSFL8Oik+T26klzI31FzxpH7e+/StpS+aD+7vtTXd379x2HGj2apT5pNM1fnzau/mV26vGMywDNilfuBg3P4XAAD//9JPDIE=")
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080), &(0x7f0000000140)=0x14)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r4, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000f00)={0x1c, r3, 0x1, 0x0, 0x0, {0x24}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000000)={0x0, 0x11})
r6 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCFLSH(r6, 0x40045431, 0x20000000)

5.27437883s ago: executing program 0 (id=3012):
ioperm(0x0, 0x0, 0x6)
set_mempolicy(0x0, &(0x7f0000000040)=0x6, 0x6)

5.035384028s ago: executing program 5 (id=3013):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000040)={'syztnl2\x00', &(0x7f0000000240)={'erspan0\x00', <r2=>0x0, 0x3c47, 0x700, 0x2, 0x1, {{0x11, 0x4, 0x1, 0x5, 0x44, 0x64, 0x0, 0xc, 0x2f, 0x0, @empty, @broadcast, {[@rr={0x7, 0xf, 0x15, [@multicast2, @multicast2, @multicast2]}, @end, @generic={0x88, 0xf, "53ddbcbd87821c830da944a2cb"}, @lsrr={0x83, 0xf, 0xe0, [@local, @loopback, @loopback]}]}}}}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000f6ff9500e9ebc0482cab"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = socket$alg(0x26, 0x5, 0x0)
r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000000900), 0x0)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x1080c, &(0x7f0000000180)=ANY=[], 0x1, 0xa53, &(0x7f0000000bc0)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141041, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r7, 0xc020660b, &(0x7f0000000940)={0x0, 0x3, 0x1, 0x0, 0x8, [{0xfffffffffffffffb, 0x7fffffff, 0x8, '\x00', 0x8}, {0x6, 0xcb2e, 0x1803}, {0xfffffffffffffff2, 0x3, 0x8, '\x00', 0xc9e29f97bb0a8481}, {0x80000001, 0x2, 0xffffffffffffffff, '\x00', 0x8}, {0x9, 0x400000005, 0xfffffffffffffc00, '\x00', 0x983}, {0xa0, 0x8, 0x2, '\x00', 0x248b}, {0x9, 0xfffffffffffffffc, 0x6, '\x00', 0x210}, {0x1, 0x5, 0xd66e, '\x00', 0x600}]})
r8 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$alg(r8, &(0x7f0000003080)=[{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000100)='O', 0x1}], 0x1}], 0x1, 0x0)
recvmsg(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/29, 0x1d}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, 0x0, 0x0)
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r9, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r9, 0x3ba0, &(0x7f0000000300)={0x48, 0x2, r10})

4.966895624s ago: executing program 0 (id=3014):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = io_uring_setup(0x1afb, &(0x7f0000004b00))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0}]}, 0x1}, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x6db6e559)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)

4.432302983s ago: executing program 5 (id=3015):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40044582, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, 0x0)

4.346131312s ago: executing program 4 (id=3016):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(0x0, 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04041a000000000000c7d57902"], 0xd)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc8}}}, 0x6)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x14, 0x0, 0x4f6})
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000240)="8a8d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
setresuid(0x0, 0xee00, 0xffffffffffffffff)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0fdffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="0103000000509bf2b3015c806e45"], 0xffffffffffffffcf}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x4088}, 0xc, &(0x7f0000001240)={&(0x7f00000012c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="10002bbd7000fcdbdf25060000006b050180060004004e24000008000500000000005c0001800c0007000400000004000000080006006f766600080009000a000000060002006c00000008000b007369700008000500020000000c0007"], 0x84}}, 0x0)

4.266071064s ago: executing program 3 (id=3017):
socket$kcm(0x10, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b87031c0000001f00000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="850000004f000000350000000000000085000000070000009500000000000000f4670880271e3503200ffa95a2c8c037c5a142dfa8ba6287066c5197fabd5f7010e81ae0b737126ea6f7dc39cd340101000000000000e22ff5dde54704d25c79949c23e2eb15d756a2350ea7c09cc28de194f44800000000b0d300047e93363af3c075ff1e23166304d95433b3b30514b1ccbaa2bb755af3d576090c4867a7b6393e366c6386d5ec7209d031f40f3003006b6e51a7f550afc852003bad0742c62f7846c744ae6af3c04143cca8d95c2c505d5e37102124d85cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d7eb6baaa4a9779f8555eaea75d24f2c221c110ef050000000ee282ab76f593d928cf95846be6277c8dcba00b1b2d2547c45b0c52087b5efaa98496b9a95166bd008ea02a7b56c0ebfb19a3426833280be1f844ce328c10752a42dca52fb98c1452b651ebf942f7147f7b2744a28626287ec7c24f44c54f419a2f238f173d0cd46dafc6e95500f53e5309ec91d83cf4fbd775d9c07d59101949f8982b6c403a08606d6a2fd1fdfce2b91a8665b1e629b3b20000000000000009000000d98255ea78431845ea38ca3d4dd562b71ff23c9443f11afd6575ad0f0e30175cf89f66380367e653af5fd72c5335aeb479d3a397dbbde8892bb31ffcc553924e8771cbeb001f8be25b9ef6dc614b9e2fcd41f174a17b08094577391b799b65affd4c37fa18b757fb1a9543567f33aa008a338c0749ad1200000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0xfffff000, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x28000, 0x0, 0xb3, 0x0, &(0x7f0000000240)="409b527cdd6267393ea0a2bf9c20d266b7e219122627629671778e9421b235b20d97c90c1ff80e73f670ba6092cef3a58cc697d8663daaa55586138245806f5ab417f31efe285f3968bf99965ce31a01117fee1921573b978409c39b6d9d64a69c73ec68b5464eaec290f6f6f516398c1d59d5d5f26ed61709042fa50ced09a3a8da38b3ea1a6a350a2b9043a4832493decc8fd0444b6b3105651585b11aed1d2073cd2c1b583f745c5076156287c6af269daa"}, 0x50)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r2, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x541b, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
pipe2$9p(&(0x7f0000000cc0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = epoll_create1(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x10)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose, 0x6}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080))
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0)

3.991246598s ago: executing program 3 (id=3018):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
shmget(0xffffffffffffffff, 0x3000, 0x4, &(0x7f0000ffc000/0x3000)=nil)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r4 = open(0x0, 0x10000, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x100800001)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xd8}}, 0x0)
shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000280)=""/35)
shmctl$SHM_STAT_ANY(0x0, 0xf, &(0x7f0000000080)=""/72)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001500)=ANY=[], 0x1c}}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r6, 0x0, 0x32, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f00000000c0)=0x1)
socket$packet(0x11, 0x3, 0x300)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f00000005c0), 0x10)

3.724595251s ago: executing program 0 (id=3019):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x880, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x2, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = dup(r0)
sendmsg$netlink(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000580)=ANY=[], 0x1f88}], 0x1, 0x0, 0xfffffea4}, 0x4000)

3.516440326s ago: executing program 4 (id=3020):
r0 = add_key$keyring(&(0x7f0000000200), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, r1, 0x0)

3.452541454s ago: executing program 4 (id=3021):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3})
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
fcntl$getflags(0xffffffffffffffff, 0x408)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@abort}, {@lazytime}, {@noload}, {@nojournal_checksum}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
ioctl$TCFLSH(0xffffffffffffffff, 0x40045431, 0x20000000)

3.27415936s ago: executing program 5 (id=3022):
openat$vcs(0xffffffffffffff9c, &(0x7f00000020c0), 0x400f02, 0x0)
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$phonet(0x23, 0x2, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000001140)={'wg2\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000001180)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)

2.892589468s ago: executing program 4 (id=3023):
memfd_create(&(0x7f0000000040)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t%\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c\x87\x1e|C\xd8\x01\xd0\xf5\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajnW\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e"], 0x0)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000a40), 0x8600, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x40a25000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000009c0)=[{{&(0x7f0000000180)=@generic, 0x80, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=""/85, 0x55}, {&(0x7f0000000440)=""/86, 0x56}, {&(0x7f00000004c0)=""/106, 0x6a}, {&(0x7f0000000540)=""/237, 0xed}, {&(0x7f0000000640)=""/228, 0xe4}, {&(0x7f0000000780)=""/223, 0xdf}, {&(0x7f0000000880)=""/45, 0x2d}, {&(0x7f00000008c0)=""/211, 0xd3}, {&(0x7f0000000ac0)=""/4096, 0x1000}], 0x9}, 0x4}], 0x1, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
ioctl$CAPI_GET_FLAGS(r0, 0x80044323, &(0x7f0000000a80))
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000340)={{@host, 0xffdffffc}, @local, 0x5, 0x0, 0x2449, 0x0, 0x0, 0x0, 0x4})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000040)={{@any, 0x40}, @host, 0x0, 0x0, 0x7})
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
ioctl$TIOCSTI(r7, 0x4b71, &(0x7f00000002c0))
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)

2.876478207s ago: executing program 0 (id=3024):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c0011060021001400000f0007000000", @ANYRES32=r1, @ANYBLOB="020002000a000200577f"], 0x48}}, 0x0)

2.844977319s ago: executing program 5 (id=3025):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x267, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f00000002c0)={0x14, 0x0, 0x204, 0x0, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="02c8000af905000100011302000000d9702fcbe1f5f90034236f538b4f6df0ac1192514fe223364ef04a5071d2787b5d34bdabcaea06981787834772912835507571560092fa"], 0xf)
mount$fuse(0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000'])
newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)

2.750535827s ago: executing program 1 (id=3026):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000540)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0010}]})
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x81, 0x0)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x6182, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000380)='system.posix_acl_default\x00', &(0x7f0000000580)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000e10000001299ffe195ae40f7ccb56525eb3a6915c0c616ffe5d71ff55c9047d05369f8a7eb367ad7a027399dac40e26f859ed157da741df4d4e7df4a4f60c3f1be997e93fcf7cc5a538b9fca3e8fdc234ed6517a63e92056b06be6b0d5da055a29af2f94a31fbab36aeb1eb165bd61f3fd72563496e96cd8c1e5729309d8b394c77db213684b025b3d609d0f16af069b608c381cc49075eb05aab5dd9bdacf34e347956ad56ea4ada597e9bfdeb92f15c0ec884775e19292fd17c7b547eded93448dc43f82dd000000000000"], 0x24, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r3, &(0x7f00000003c0)='./file0\x00', 0x1, 0x7fffffff)
chdir(&(0x7f0000000280)='./bus/file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x9)
renameat2(r4, &(0x7f00000001c0)='./file0\x00', r4, &(0x7f0000000200)='./bus/file0\x00', 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
poll(&(0x7f0000000100)=[{r0, 0x8000}, {r1, 0x795}, {r0, 0x40c0}, {r2, 0xc0}, {r0, 0x1110e}, {r0, 0x8003}, {r1}], 0x7, 0xec16)
pipe(&(0x7f0000000080))
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
socket(0x10, 0x3, 0x0)
socket$unix(0x1, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000001080021850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r7, &(0x7f0000000280)='cpuset.mem_hardwall\x00', 0x2, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))

2.588915974s ago: executing program 0 (id=3027):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$iso9660(&(0x7f0000001240), &(0x7f0000000000)='./file1\x00', 0x204419, &(0x7f00000004c0)=ANY=[], 0x2f, 0x5b2, &(0x7f0000000600)="$eJzs3V1v29Ydx/EfHXuxXaAYtiELjDycJhvgAKlCSY0DoRcDRx3ZbCVSI+nBviqCxi6MyO2QdMDimyU32QZsL6K3w17DXtGKXe7SAx9kW9FTZtlx5n4/Qnso8vDwT1o9/x5bPBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJDjN1236qgdhJtbZjy/GUed47fl3kMrdG+gmHBcycn+0eKirherrv/sePO17F93dKN4d0OLWbGogw+u/fjTn87P9fefEPA78fzFwdPHvd7Os4sO5BzdvDp+27oNgyQKOt66NUESmcbamvtgo5WYVtC2yXaS2o7xY+ulUWxW/Xum2mjUja1sR5vhetNr2/7KRx/XXHfNfFbpWi9OovDBZ5XE3wja7SBcz+tkm7M6j7IP4udBalLrdYzZ3evt1KedQFap+jaVatMq1dxarVqt1aprDxsPH7nu/NAK9w0aqnHxH1qcoYfLRz3h0lvuclZdNzCzuTL/q61AoTa1JTPy5aupWJE6Y7aXysTv/PKBnXjck/m/n+WvH29eUZ7/bxXvbmX5//aI/D8mlumv7P8nTrvvyddzvdCBnuqxeuppR8/ytUtn1Posr9vv5CjrsgoV/KalSIE68vI1RoESRTJqaE1rcvWFNtRSIqOWArVllWhbiVLZ/BPlK5aVp1SRYhmtytc9GVXVUEN1GVlVtK1Imwq1rqa8vJVd7amnf8zXJ8SoeSn/4VTHVlnuf+52VJvQ0mz5/9CRyP842w4cmMFhP/8DAAAAAIBLy8l/+56N/xd0M19qBW3rXnRYAAAAAADgDOV/+b+RFQvZ0k05g+P/q2X58oLiAwAAAAAAs3Pye+wcScu6XSztyslvl+JLAAAAAAAAXBL53/9vZUU+B8ptOeWcKoz/AQAAAAC4NP48fo79/lf+u1edf/5bcbzgvOpu/cLZ97KV3v6VYuuVN1tMWyvOh2UjebE2X77z7Q2nnP3yaBLM78tid9pc/84pAviVBgPQX/vzE3/0pCif9LeUWkHbVvyo/WlVnvfhXGq30t9/vfcH5af/l7BTVnv55Te9J3ksr7K3r/bLCRSH5lEcfzH0bT7fQn7PxcgzXshvxCiPu+xod6+34548/7li97n/4Zivdaeoc3elKJePzz875mJ2zGpl3NmXUVRnPPPXultGsXq3KEZEUdOUKGonozjVtRgVRf0/h4fFCeVR1Kddi/qMUQDARdmdkoWc4cR/il7uXLL7iB59taizupJ1rIvzKwcfXFs62rPo0d1pPbp71KMv6TTZ7e9Dz0Aal2Oz4/7tjaz6XbbDd2OOuyCp5mSX8Mq3+7/TtecvDj7e23/81c5XO1/XavU19xPXfVjTQn4aZTE20rf+iAAALqHBZ+yMyv9Tazif6KOixohRdVbjJ0dfKajoS32jnp7ofn63gYrH+oxodfnE1xDu90etd8rntLwxal3O02TxhJf7E8aWP8rvcui3W5tYdzCG+vn/IAAAeIfujMzDxdj+bfP//cFxt/Jx98g8muXyyaPj47rVd3odAAD4IbHx985y+icnjoPuF9VGo+qlG9bEkf+5iYPmujVBmNrY3/DCdWu6cZRGftQ2/d9Lm2Sz243i1LSi2HSjJNjKn/xuyke/J7bjhWngJ9229RJr/ChMPT81zSDx+228jPOdk671g1bge2kQhSaJNmPfVoxJrDXdzV+3g2TDxiZo2jANWkG2GJpuHHS8eNv8Nmpvdqxp2sSPg24aFQ32jxWErSju5M1WLvJCAwDwHnn+4uDp415v59kZLuhwcM1FnyMAABhElgYAAAAAAAAAAAAAAAAAAAAA4P13ipv8NLRmSae5WXC4HRayBedcbsr8/1n4+fsRxnkv/OtZ8V/gjO28LufhPvMIp3YdfzznrgnAOftvAAAA//+bYUXN") (async, rerun: 32)
syz_emit_ethernet(0x289, &(0x7f0000000880)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd602e5cea02533c00fc010000000000000000000000000000ff0200000000000000000000000000010003000000000000040100c910fe"], 0x0) (rerun: 32)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_META_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

2.34251221s ago: executing program 1 (id=3028):
mknod(&(0x7f0000000540)='./file1\x00', 0x0, 0x0)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000002b80)='pagemap\x00')
mount$9p_fd(0x20100000, &(0x7f00000006c0)='./file1\x00', &(0x7f0000000000), 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

993.859552ms ago: executing program 1 (id=3029):
socket$kcm(0x10, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b87031c0000001f00000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000021c0)=@filter={'filter\x00', 0x4, 0x4, 0x1354, 0xffffffff, 0x0, 0x11c4, 0xc8, 0xfeffffff, 0xffffffff, 0x128c, 0x128c, 0x128c, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x10d4, 0x10fc, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x1, 0x0, 0x0, './cgroup.cpu/syz0\x00'}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @private0, [], [], 'veth0_to_batadv\x00', 'wlan0\x00'}, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x13b0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="850000004f000000350000000000000085000000070000009500000000000000f4670880271e3503200ffa95a2c8c037c5a142dfa8ba6287066c5197fabd5f7010e81ae0b737126ea6f7dc39cd340101000000000000e22ff5dde54704d25c79949c23e2eb15d756a2350ea7c09cc28de194f44800000000b0d300047e93363af3c075ff1e23166304d95433b3b30514b1ccbaa2bb755af3d576090c4867a7b6393e366c6386d5ec7209d031f40f3003006b6e51a7f550afc852003bad0742c62f7846c744ae6af3c04143cca8d95c2c505d5e37102124d85cec074c6949e1d76d067a97000247fe5f17fdab800f4104dbaba46aac3abe6c4d7f47ef6d7eb6baaa4a9779f8555eaea75d24f2c221c110ef050000000ee282ab76f593d928cf95846be6277c8dcba00b1b2d2547c45b0c52087b5efaa98496b9a95166bd008ea02a7b56c0ebfb19a3426833280be1f844ce328c10752a42dca52fb98c1452b651ebf942f7147f7b2744a28626287ec7c24f44c54f419a2f238f173d0cd46dafc6e95500f53e5309ec91d83cf4fbd775d9c07d59101949f8982b6c403a08606d6a2fd1fdfce2b91a8665b1e629b3b20000000000000009000000d98255ea78431845ea38ca3d4dd562b71ff23c9443f11afd6575ad0f0e30175cf89f66380367e653af5fd72c5335aeb479d3a397dbbde8892bb31ffcc553924e8771cbeb001f8be25b9ef6dc614b9e2fcd41f174a17b08094577391b799b65affd4c37fa18b757fb1a9543567f33aa008a338c0749ad1200000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0xfffff000, 0xe, 0x0, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x28000, 0x0, 0xb3, 0x0, &(0x7f0000000240)="409b527cdd6267393ea0a2bf9c20d266b7e219122627629671778e9421b235b20d97c90c1ff80e73f670ba6092cef3a58cc697d8663daaa55586138245806f5ab417f31efe285f3968bf99965ce31a01117fee1921573b978409c39b6d9d64a69c73ec68b5464eaec290f6f6f516398c1d59d5d5f26ed61709042fa50ced09a3a8da38b3ea1a6a350a2b9043a4832493decc8fd0444b6b3105651585b11aed1d2073cd2c1b583f745c5076156287c6af269daa"}, 0x50)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r2, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x541b, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
pipe2$9p(&(0x7f0000000cc0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = epoll_create1(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x10)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose, 0x6}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080))
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0)

993.586805ms ago: executing program 0 (id=3030):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = io_uring_setup(0x1afb, &(0x7f0000004b00))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0}]}, 0x1}, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x6db6e559)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)

839.768768ms ago: executing program 1 (id=3031):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r0, 0x0)
r1 = socket(0xa, 0x6, 0x0)
getsockopt$inet6_mreq(r1, 0x10d, 0xe8, 0x0, &(0x7f0000000000))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = memfd_create(&(0x7f0000000040)='rootmode', 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0x0)
r4 = userfaultfd(0x80001)
pwritev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)='\x00', 0x43}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080))
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000002ec0)=""/4096, 0x1000)
fchmodat(r5, &(0x7f0000000000)='./file0\x00', 0x40)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})

323.141801ms ago: executing program 1 (id=3032):
r0 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, r1, 0x0)

9.980994ms ago: executing program 3 (id=3033):
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r1, &(0x7f0000000000), 0x100000008)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40044582, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=3034):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3})
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
fcntl$getflags(0xffffffffffffffff, 0x408)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@abort}, {@lazytime}, {@noload}, {@nojournal_checksum}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
ioctl$TCFLSH(0xffffffffffffffff, 0x40045431, 0x20000000)

kernel console output (not intermixed with test programs):

 (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.641797][   T29] audit: type=1326 audit(1722391198.159:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15707 comm="syz.3.2667" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f48eff77299 code=0x0
[ 1250.663639][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1250.726700][T14752] EXT4-fs error (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.744534][    T8] usb 1-1: USB disconnect, device number 50
[ 1250.759743][T15709] kAFS: unable to lookup cell '(>.Dz£û‚ʃ€¹sf¿Iêv¼N›úhÿÌ\û«ˆD%ÁÉa²¨¨âD'©+iÝ8ÄBc²ÂNÄo~F^ÁŸŠÜ(›$•)¬úÍ3kÿ 8S¦7<�±—Lé°+Gw¤
[ 1250.759743][T15709] %ͳÁ5…•Ýè>2ÞÕóÙgÕ‘fo$	.~'
[ 1250.773977][T14752] EXT4-fs error (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.800727][   T29] audit: type=1326 audit(1722391198.298:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15707 comm="syz.3.2667" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f48eff77299 code=0x0
[ 1250.845224][T14752] EXT4-fs error (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.845810][T15684] loop4: detected capacity change from 0 to 32768
[ 1250.870714][T14752] EXT4-fs error (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.880245][T15684] 
[ 1250.880245][T15684]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1250.880245][T15684] 
[ 1250.899938][T14752] EXT4-fs error (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.918893][T15684] read_mapping_page failed!
[ 1250.921745][T14752] EXT4-fs error (device loop1): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1250.930360][T15710] binder: 15707:15710 ioctl c0306201 0 returned -14
[ 1250.946840][T15684] ERROR: (device loop4): txCommit: 
[ 1250.946840][T15684] 
[ 1251.045760][T13891] 
[ 1251.045760][T13891]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1251.045760][T13891] 
[ 1251.081933][T13891] 
[ 1251.081933][T13891]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1251.081933][T13891] 
[ 1251.123283][T14783] 
[ 1251.123283][T14783]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1251.123283][T14783] 
[ 1251.172591][  T111] 
[ 1251.172591][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1251.172591][  T111] 
[ 1251.215244][T14783] 
[ 1251.215244][T14783]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1251.215244][T14783] 
[ 1251.309973][T15717] loop2: detected capacity change from 0 to 16
[ 1251.320280][T15717] erofs: Unknown parameter ''
[ 1251.478267][T14752] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1251.665271][T15725] loop0: detected capacity change from 0 to 1024
[ 1252.946824][   T25] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 1253.217373][ T5242] Bluetooth: hci1: command tx timeout
[ 1254.107153][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1254.181680][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1254.199001][ T2534] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1254.266990][T15730] loop4: detected capacity change from 0 to 512
[ 1254.279196][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1254.345444][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1254.377677][T15730] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1254.388939][T15732] loop0: detected capacity change from 0 to 256
[ 1254.421132][   T25] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1254.451792][T15729] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1254.461470][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1254.513274][T15730] EXT4-fs (loop4): 1 truncate cleaned up
[ 1254.543160][   T25] usb 3-1: config 0 descriptor??
[ 1254.563642][T15730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1254.580851][T15732] syz.0.2676: attempt to access beyond end of device
[ 1254.580851][T15732] loop0: rw=2049, sector=256, nr_sectors = 4 limit=256
[ 1254.588488][   T25] usb 3-1: can't set config #0, error -71
[ 1254.602408][   T25] usb 3-1: USB disconnect, device number 43
[ 1254.621497][T15729] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.2670: corrupted in-inode xattr: overlapping e_value 
[ 1254.658433][ T5295] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1254.668519][T15729] EXT4-fs (loop4): Remounting filesystem read-only
[ 1254.683574][T15729] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1772: inode #15: comm syz.4.2670: unable to update i_inline_off
[ 1254.689908][ T2534] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1254.844210][T15739] fuse: Bad value for 'user_id'
[ 1254.849130][T15739] fuse: Bad value for 'user_id'
[ 1254.864602][ T5295] usb 6-1: Using ep0 maxpacket: 8
[ 1254.881674][ T5295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1254.915002][ T5295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1254.939802][ T2534] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1254.947814][ T5295] usb 6-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00
[ 1255.020431][T10835] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1255.055181][T15747] UBIFS error (pid: 15747): cannot open "ubifs", error -22
[ 1255.874074][ T5295] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1255.933299][T15745] loop2: detected capacity change from 0 to 256
[ 1255.942200][ T5295] usb 6-1: config 0 descriptor??
[ 1256.027398][T15745] exfat: Bad value for 'uid'
[ 1256.056188][T15745] exfat: Bad value for 'uid'
[ 1256.094804][T15745] loop2: detected capacity change from 0 to 64
[ 1256.103195][T15739] loop3: detected capacity change from 0 to 1024
[ 1256.113111][T15745] hfs: unable to parse mount options
[ 1256.131729][T10835] usb 5-1: Using ep0 maxpacket: 16
[ 1256.139647][T10835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1256.162664][T10835] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1256.480915][T10835] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1256.492007][T10835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1256.503826][T10835] usb 5-1: config 0 descriptor??
[ 1256.520767][T15739] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1256.582225][ T5242] Bluetooth: Frame is too long (len 10, expected len 9)
[ 1256.603990][ T2534] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1256.820827][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1256.839998][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1256.856965][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1256.873703][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1256.878190][    C1] eth0: bad gso: type: 1, size: 1408
[ 1256.908996][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1256.942090][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1256.982692][T10835] microsoft 0003:045E:07DA.0028: No inputs registered, leaving
[ 1257.000156][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1257.022495][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1257.022772][T10835] microsoft 0003:045E:07DA.0028: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[ 1257.050820][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1257.076481][T13048] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1257.087423][T13048] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1257.095754][T13048] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1257.105300][T14621] EXT4-fs error (device loop3): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1257.158379][T13048] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1257.171534][T13048] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1257.183907][T13048] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1257.237674][T10835] microsoft 0003:045E:07DA.0028: no inputs found
[ 1257.245920][T10835] microsoft 0003:045E:07DA.0028: could not initialize ff, continuing anyway
[ 1257.270475][ T2534] bridge_slave_1: left allmulticast mode
[ 1257.276392][ T2534] bridge_slave_1: left promiscuous mode
[ 1257.282900][ T2534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1257.327119][ T2534] bridge_slave_0: left allmulticast mode
[ 1257.331218][T10835] usb 5-1: USB disconnect, device number 56
[ 1257.333649][ T2534] bridge_slave_0: left promiscuous mode
[ 1257.358930][ T2534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1257.804720][T15729] syz.4.2670 (15729) used greatest stack depth: 18032 bytes left
[ 1257.836410][ T5295] usbhid 6-1:0.0: can't add hid device: -71
[ 1257.842554][ T5295] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1257.898090][ T5295] usb 6-1: USB disconnect, device number 17
[ 1257.965130][T14783] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1258.093487][T15749] loop0: detected capacity change from 0 to 32768
[ 1258.154876][T15749] 
[ 1258.154876][T15749]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1258.154876][T15749] 
[ 1258.217499][T15749] read_mapping_page failed!
[ 1258.222435][T15749] ERROR: (device loop0): txCommit: 
[ 1258.222435][T15749] 
[ 1258.429576][ T9056] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1259.096532][ T2534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1259.117758][ T2534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1259.143298][ T2534] bond0 (unregistering): Released all slaves
[ 1259.335605][ T9056] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1259.348940][    C1] eth0: bad gso: type: 1, size: 1408
[ 1259.366760][    C1] eth0: bad gso: type: 1, size: 1408
[ 1259.377667][ T9056] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1259.387407][ T9056] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1259.396058][T15777] loop5: detected capacity change from 0 to 256
[ 1259.402501][ T9056] usb 3-1: Product: syz
[ 1259.407905][T15777] exfat: Deprecated parameter 'utf8'
[ 1259.414405][ T9056] usb 3-1: Manufacturer: syz
[ 1259.419158][ T9056] usb 3-1: SerialNumber: syz
[ 1259.435631][T15777] exfat: Bad value for 'errors'
[ 1259.435877][ T9056] usb 3-1: config 0 descriptor??
[ 1259.458331][ T5242] Bluetooth: hci4: command tx timeout
[ 1259.497222][T15780] loop4: detected capacity change from 0 to 256
[ 1259.512178][T15780] vfat: Bad value for 'errors'
[ 1259.523864][T15780] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 1259.535765][T15780] overlayfs: missing 'lowerdir'
[ 1259.702477][T11832] 
[ 1259.702477][T11832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1259.702477][T11832] 
[ 1259.742180][ T5306] usb 3-1: USB disconnect, device number 44
[ 1259.745862][T11832] 
[ 1259.745862][T11832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1259.745862][T11832] 
[ 1259.768768][T14824] 
[ 1259.768768][T14824]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1259.768768][T14824] 
[ 1259.861173][T15782] ebtables: ebtables: counters copy to user failed while replacing table
[ 1259.952295][T15782] loop5: detected capacity change from 0 to 1024
[ 1260.114587][T14824] 
[ 1260.114587][T14824]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1260.114587][T14824] 
[ 1260.304443][T14621] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1260.322389][  T110] 
[ 1260.322389][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1260.322389][  T110] 
[ 1260.423650][T15784] loop4: detected capacity change from 0 to 16
[ 1260.430356][T15784] erofs: Unknown parameter ''
[ 1260.776988][T15791] loop0: detected capacity change from 0 to 256
[ 1260.801587][ T5294] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1260.851946][T15787] loop2: detected capacity change from 0 to 4096
[ 1260.907576][ T2534] hsr_slave_0: left promiscuous mode
[ 1260.915643][T15791] syz.0.2691: attempt to access beyond end of device
[ 1260.915643][T15791] loop0: rw=2049, sector=256, nr_sectors = 4 limit=256
[ 1260.936651][ T2534] hsr_slave_1: left promiscuous mode
[ 1260.950755][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1260.974672][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1261.022169][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1261.042905][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1261.051230][ T5294] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1261.090385][ T5294] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1261.126277][ T5294] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1261.146721][ T2534] veth1_macvtap: left promiscuous mode
[ 1261.157970][ T5294] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1261.169942][ T2534] veth0_macvtap: left promiscuous mode
[ 1261.176853][ T2534] veth1_vlan: left promiscuous mode
[ 1261.193162][ T5294] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1261.202555][ T2534] veth0_vlan: left promiscuous mode
[ 1261.218293][ T5294] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1261.246567][ T5294] usb 5-1: config 0 descriptor??
[ 1261.415745][T15799] loop2: detected capacity change from 0 to 512
[ 1261.707293][T15799] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1261.722607][ T5242] Bluetooth: hci4: command tx timeout
[ 1261.776451][ T9056] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[ 1262.105849][ T5294] plantronics 0003:047F:FFFF.0029: unknown main item tag 0x0
[ 1262.114975][T15799] EXT4-fs (loop2): 1 truncate cleaned up
[ 1262.143505][ T5294] plantronics 0003:047F:FFFF.0029: No inputs registered, leaving
[ 1262.145439][T15799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1262.202036][ T5294] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1262.274251][T15799] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.2698: corrupted in-inode xattr: overlapping e_value 
[ 1262.428502][T15799] EXT4-fs (loop2): Remounting filesystem read-only
[ 1262.435081][T15799] EXT4-fs warning (device loop2): ext4_xattr_set_entry:1772: inode #15: comm syz.2.2698: unable to update i_inline_off
[ 1262.555504][ T5295] usb 5-1: USB disconnect, device number 57
[ 1262.594079][T13048] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1262.611043][T13048] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1262.631628][T13048] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1262.641850][T13048] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1262.650394][T13048] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1262.654748][ T9056] usb 1-1: Using ep0 maxpacket: 8
[ 1262.679087][T13048] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1262.731072][ T9056] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.742328][ T9056] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.752452][ T9056] usb 1-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00
[ 1262.761646][ T9056] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.764364][T15814] loop5: detected capacity change from 0 to 4096
[ 1262.773447][ T9056] usb 1-1: config 0 descriptor??
[ 1262.793411][   T25] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[ 1263.018111][   T25] usb 3-1: Using ep0 maxpacket: 16
[ 1263.277551][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1263.291790][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1263.305107][   T25] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1263.314210][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.347178][ T5242] Bluetooth: Frame is too long (len 10, expected len 9)
[ 1263.402494][   T25] usb 3-1: config 0 descriptor??
[ 1263.877765][T15816] loop5: detected capacity change from 0 to 32768
[ 1263.965698][T15816] 
[ 1263.965698][T15816]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1263.965698][T15816] 
[ 1263.978802][ T5242] Bluetooth: hci4: command tx timeout
[ 1264.022237][T15816] read_mapping_page failed!
[ 1264.027166][T15816] ERROR: (device loop5): txCommit: 
[ 1264.027166][T15816] 
[ 1264.965664][ T1254] ieee802154 phy0 wpan0: encryption failed: -22
[ 1264.972116][ T1254] ieee802154 phy1 wpan1: encryption failed: -22
[ 1265.013660][ T5242] Bluetooth: hci5: command tx timeout
[ 1265.080992][ T9056] usbhid 1-1:0.0: can't add hid device: -71
[ 1265.088730][ T9056] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1265.130989][ T1100] 
[ 1265.130989][ T1100]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1265.130989][ T1100] 
[ 1265.134738][ T9056] usb 1-1: USB disconnect, device number 51
[ 1265.154667][ T5300] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1265.155333][ T1100] 
[ 1265.155333][ T1100]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1265.155333][ T1100] 
[ 1265.177800][  T111] 
[ 1265.177800][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1265.177800][  T111] 
[ 1265.192609][T15060] 
[ 1265.192609][T15060]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1265.192609][T15060] 
[ 1265.206200][T15060] 
[ 1265.206200][T15060]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1265.206200][T15060] 
[ 1265.218379][T15824] loop0: detected capacity change from 0 to 256
[ 1265.241562][T15824] exfat: Deprecated parameter 'utf8'
[ 1265.251663][T15824] exfat: Bad value for 'errors'
[ 1265.571858][ T2534] team0 (unregistering): Port device team_slave_1 removed
[ 1265.578013][ T5300] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1265.588738][ T5300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1265.601821][ T5300] usb 5-1: config 0 descriptor??
[ 1265.632673][ T5300] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1265.704394][T15826] ebtables: ebtables: counters copy to user failed while replacing table
[ 1265.778567][T15826] loop0: detected capacity change from 0 to 1024
[ 1265.907396][ T5300] gp8psk: usb in 128 operation failed.
[ 1266.219656][T10576] Bluetooth: hci4: command tx timeout
[ 1266.384636][ T2534] team0 (unregistering): Port device team_slave_0 removed
[ 1266.907458][T15833] loop0: detected capacity change from 0 to 1024
[ 1267.833280][T13048] Bluetooth: hci5: command tx timeout
[ 1267.838876][T10576] Bluetooth: hci3: command 0x0406 tx timeout
[ 1267.906868][ T5300] gp8psk: usb in 137 operation failed.
[ 1267.925748][ T5300] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1267.977754][ T5300] dvb_usb_gp8psk 5-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1268.046729][ T5300] usb 5-1: USB disconnect, device number 58
[ 1268.167809][T15838] loop0: detected capacity change from 0 to 256
[ 1268.183775][T15839] loop4: detected capacity change from 0 to 256
[ 1268.228472][T15838] syz.0.2708: attempt to access beyond end of device
[ 1268.228472][T15838] loop0: rw=2049, sector=256, nr_sectors = 4 limit=256
[ 1268.237825][T15839] exfat: Bad value for 'uid'
[ 1268.246964][T15839] exfat: Bad value for 'uid'
[ 1268.340601][T15841] fuse: Bad value for 'user_id'
[ 1268.352514][T15841] fuse: Bad value for 'user_id'
[ 1268.405811][T15839] loop4: detected capacity change from 0 to 64
[ 1268.488797][T15839] hfs: unable to parse mount options
[ 1268.566680][T15841] loop5: detected capacity change from 0 to 1024
[ 1268.666839][T15841] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1268.820348][ T5242] Bluetooth: hci1: command tx timeout
[ 1268.945428][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.949485][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.952579][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.953660][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.954742][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.955811][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.958707][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.960436][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.961645][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1268.962674][T15060] EXT4-fs error (device loop5): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size
[ 1269.427354][   T25] usbhid 3-1:0.0: can't add hid device: -32
[ 1269.433415][   T25] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[ 1269.461157][T15855] loop4: detected capacity change from 0 to 16
[ 1269.467995][T15855] erofs: Unknown parameter ''
[ 1269.681964][T15797] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1269.784497][ T5295] usb 3-1: USB disconnect, device number 45
[ 1269.804810][T15150] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1269.815410][   T25] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1270.042986][ T5242] Bluetooth: hci5: command tx timeout
[ 1270.050312][   T25] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1270.078365][T15060] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1270.111217][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1270.163297][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1270.187463][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1270.195774][T15757] chnl_net:caif_netlink_parms(): no params data found
[ 1270.266945][   T25] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1270.283299][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.345681][   T25] usb 5-1: config 0 descriptor??
[ 1270.411443][ T5295] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[ 1270.617257][ T5295] usb 3-1: Using ep0 maxpacket: 8
[ 1270.624947][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1270.636376][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1270.651054][ T5295] usb 3-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00
[ 1270.663068][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.674676][ T5295] usb 3-1: config 0 descriptor??
[ 1270.703938][T15757] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1270.711112][T15757] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1270.758623][T15757] bridge_slave_0: entered allmulticast mode
[ 1270.774910][T15757] bridge_slave_0: entered promiscuous mode
[ 1270.803451][T15757] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1270.810383][   T25] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[ 1270.810676][T15757] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1270.834894][   T25] plantronics 0003:047F:FFFF.002A: No inputs registered, leaving
[ 1270.854444][T15757] bridge_slave_1: entered allmulticast mode
[ 1270.863318][   T25] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1270.878097][T15757] bridge_slave_1: entered promiscuous mode
[ 1271.234361][T10576] Bluetooth: Frame is too long (len 10, expected len 9)
[ 1271.256411][T15811] chnl_net:caif_netlink_parms(): no params data found
[ 1271.323305][T15757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1271.381148][T15757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1271.807567][ T2534] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1271.925677][T15757] team0: Port device team_slave_0 added
[ 1272.106514][ T2534] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1272.140000][T13048] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1272.152670][T13048] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1272.161214][T13048] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1272.170165][T13048] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1272.180845][T13048] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1272.188689][T13048] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1272.257569][T15757] team0: Port device team_slave_1 added
[ 1272.286098][T13048] Bluetooth: hci5: command tx timeout
[ 1272.372913][T13048] Bluetooth: hci2: command 0x0406 tx timeout
[ 1272.448710][ T5300] usb 5-1: reset high-speed USB device number 59 using dummy_hcd
[ 1272.530984][ T2534] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1272.616937][T15757] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1272.666434][T15757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1272.692632][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1272.732219][T15757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1272.824437][T15811] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1272.838258][T15811] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1272.853514][T15811] bridge_slave_0: entered allmulticast mode
[ 1272.869114][T15811] bridge_slave_0: entered promiscuous mode
[ 1272.980343][ T2534] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1273.023150][T15875] netlink: 'syz.4.2717': attribute type 10 has an invalid length.
[ 1273.031404][T15875] netem: change failed
[ 1273.037396][T15757] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1273.056750][T15757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1273.091406][T15757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1273.143223][T15811] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1273.151783][T15811] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1273.179549][T15811] bridge_slave_1: entered allmulticast mode
[ 1273.195138][T15811] bridge_slave_1: entered promiscuous mode
[ 1273.301120][ T5295] usbhid 3-1:0.0: can't add hid device: -71
[ 1273.322746][ T5295] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1273.423027][ T5295] usb 3-1: USB disconnect, device number 46
[ 1273.481713][T15811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1273.527528][T15757] hsr_slave_0: entered promiscuous mode
[ 1273.535218][T15757] hsr_slave_1: entered promiscuous mode
[ 1273.555466][T15757] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1273.563224][T15757] Cannot create hsr debugfs directory
[ 1273.582770][T15811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1273.612733][ T9056] usb 5-1: USB disconnect, device number 59
[ 1273.942430][T15811] team0: Port device team_slave_0 added
[ 1273.970910][T15887] loop4: detected capacity change from 0 to 256
[ 1274.032593][T15811] team0: Port device team_slave_1 added
[ 1274.146835][T15887] syz.4.2720: attempt to access beyond end of device
[ 1274.146835][T15887] loop4: rw=2049, sector=256, nr_sectors = 4 limit=256
[ 1274.428809][T15811] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1274.437880][T15811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1274.463540][ T5242] Bluetooth: hci1: command tx timeout
[ 1274.548842][T15811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1274.628036][T15811] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1274.678171][T15811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1274.839250][T15811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1275.533249][T15899] loop4: detected capacity change from 0 to 256
[ 1275.559410][T15899] exfat: Bad value for 'uid'
[ 1275.564211][T15899] exfat: Bad value for 'uid'
[ 1275.602370][T15899] loop4: detected capacity change from 0 to 64
[ 1275.612360][T15899] hfs: unable to parse mount options
[ 1275.840776][ T5242] Bluetooth: hci0: command tx timeout
[ 1276.935144][ T5242] Bluetooth: hci1: command tx timeout
[ 1277.210485][ T2534] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1277.240975][T15911] loop2: detected capacity change from 0 to 16
[ 1277.259603][T15911] erofs: Unknown parameter ''
[ 1277.392500][T15811] hsr_slave_0: entered promiscuous mode
[ 1277.408462][T15811] hsr_slave_1: entered promiscuous mode
[ 1277.432153][T15811] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1277.450760][T15811] Cannot create hsr debugfs directory
[ 1277.500000][ T2534] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1277.521935][T10835] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[ 1277.541426][T15871] chnl_net:caif_netlink_parms(): no params data found
[ 1277.771472][ T5295] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[ 1278.081987][T10835] usb 1-1: Using ep0 maxpacket: 8
[ 1278.091531][T10835] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1278.106497][T10835] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1278.116984][T10835] usb 1-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00
[ 1278.138658][T10835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1278.166552][ T5295] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1278.195211][T10835] usb 1-1: config 0 descriptor??
[ 1278.217612][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1278.260542][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1278.290768][ T5295] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1278.339711][ T5295] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1278.368561][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1278.437447][ T5295] usb 3-1: config 0 descriptor??
[ 1279.133566][ T5242] Bluetooth: hci1: command tx timeout
[ 1279.192431][ T5295] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1279.207530][ T5295] plantronics 0003:047F:FFFF.002B: No inputs registered, leaving
[ 1279.231641][ T5295] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1279.819545][ T2534] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1279.837424][ T5242] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1279.982993][T15931] loop4: detected capacity change from 0 to 1024
[ 1279.992176][T15931] hfsplus: unable to parse mount options
[ 1280.153585][T15933] loop4: detected capacity change from 0 to 512
[ 1280.196025][ T2534] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1280.222928][T15933] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1280.239659][T15933] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1280.758446][ T5294] usb 3-1: reset high-speed USB device number 47 using dummy_hcd
[ 1280.934651][T15943] loop2: detected capacity change from 0 to 256
[ 1280.947968][T15871] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1280.974478][T15871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1280.977210][T15943] syz.2.2732: attempt to access beyond end of device
[ 1280.977210][T15943] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256
[ 1281.006381][T15871] bridge_slave_0: entered allmulticast mode
[ 1281.040367][T15871] bridge_slave_0: entered promiscuous mode
[ 1281.080360][ T2534] bridge_slave_1: left allmulticast mode
[ 1281.086288][ T2534] bridge_slave_1: left promiscuous mode
[ 1281.093913][ T2534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1281.124718][ T2534] bridge_slave_0: left allmulticast mode
[ 1281.134230][ T2534] bridge_slave_0: left promiscuous mode
[ 1281.143835][ T2534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1281.163307][ T2534] bridge_slave_1: left allmulticast mode
[ 1281.419874][ T5242] Bluetooth: hci1: command tx timeout
[ 1281.434578][ T2534] bridge_slave_1: left promiscuous mode
[ 1281.458054][ T2534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1281.847912][ T2534] bridge_slave_0: left allmulticast mode
[ 1281.889950][T10604] usb 3-1: USB disconnect, device number 47
[ 1281.910967][ T2534] bridge_slave_0: left promiscuous mode
[ 1281.969180][ T2534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1282.319061][T10835] usbhid 1-1:0.0: can't add hid device: -71
[ 1282.350815][T10835] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1282.403957][T10835] usb 1-1: USB disconnect, device number 52
[ 1282.991845][T15954] loop0: detected capacity change from 0 to 256
[ 1282.999172][T15954] exfat: Deprecated parameter 'utf8'
[ 1283.005619][T15954] exfat: Bad value for 'errors'
[ 1283.252616][T14783] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1283.503938][T15956] ebtables: ebtables: counters copy to user failed while replacing table
[ 1284.367293][T15961] loop4: detected capacity change from 0 to 256
[ 1284.377915][T15961] exfat: Bad value for 'uid'
[ 1284.382580][T15961] exfat: Bad value for 'uid'
[ 1284.529753][    C1] eth0: bad gso: type: 1, size: 1408
[ 1284.538610][T15961] loop4: detected capacity change from 0 to 64
[ 1284.563883][T15961] hfs: unable to parse mount options
[ 1284.883955][T15964] loop0: detected capacity change from 0 to 40427
[ 1284.978571][T15964] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(262146) root(3)
[ 1284.978610][T15964] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[ 1285.035670][T15964] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1285.136271][T15964] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[ 1285.136313][T15964] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1285.175924][T15965] f2fs_ckpt-7:0: attempt to access beyond end of device
[ 1285.175924][T15965] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[ 1285.176003][T15965] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1285.176031][T15965] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1285.176055][T15965] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1285.253714][T14824] syz-executor: attempt to access beyond end of device
[ 1285.253714][T14824] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1285.253822][T14824] syz-executor: attempt to access beyond end of device
[ 1285.253822][T14824] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1286.145426][ T2534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1286.160354][ T2534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1286.174104][ T2534] bond0 (unregistering): Released all slaves
[ 1286.448865][ T2534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1286.479132][ T2534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1286.513889][ T2534] bond0 (unregistering): Released all slaves
[ 1286.574918][T15871] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1286.589266][T15871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1286.608688][T15871] bridge_slave_1: entered allmulticast mode
[ 1286.616347][T15871] bridge_slave_1: entered promiscuous mode
[ 1286.734434][T15969] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2740'.
[ 1286.874289][T15871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1286.926862][T15871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1287.557317][T15871] team0: Port device team_slave_0 added
[ 1287.642080][T15871] team0: Port device team_slave_1 added
[ 1287.866556][T15757] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1288.039269][T15757] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1288.072781][T15757] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1288.363856][T15871] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1288.370845][T15871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1288.431468][T13048] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1288.442134][T13048] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1288.462400][T15977] loop4: detected capacity change from 0 to 256
[ 1288.469921][T15977] exfat: Deprecated parameter 'utf8'
[ 1288.477386][T13048] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1288.494752][T15871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1288.510809][T13048] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1288.522758][T13048] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1288.525422][T15977] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x967df478, utbl_chksum : 0xe619d30d)
[ 1288.549241][T13048] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1288.554759][T15871] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1288.602017][T15871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1288.650126][T15977] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2745'.
[ 1288.659384][T15871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1288.680547][T15757] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1288.990789][T15871] hsr_slave_0: entered promiscuous mode
[ 1288.998205][T15871] hsr_slave_1: entered promiscuous mode
[ 1289.010447][T15983] loop4: detected capacity change from 0 to 512
[ 1289.017577][T15871] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1289.028324][T15983] EXT4-fs (loop4): invalid first ino: 0
[ 1289.035344][T15871] Cannot create hsr debugfs directory
[ 1289.053341][T15982] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2746'.
[ 1289.092169][T15985] loop2: detected capacity change from 0 to 256
[ 1289.105993][T15985] exfat: Deprecated parameter 'utf8'
[ 1289.123023][T15985] exfat: Bad value for 'errors'
[ 1289.240957][ T2534] hsr_slave_0: left promiscuous mode
[ 1289.255060][T15983] loop4: detected capacity change from 0 to 2048
[ 1289.271082][ T2534] hsr_slave_1: left promiscuous mode
[ 1289.283580][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1289.295843][T15983] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1289.316822][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1289.338272][T15986] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1289.372522][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1289.379980][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1289.408641][ T2534] hsr_slave_0: left promiscuous mode
[ 1289.420295][ T2534] hsr_slave_1: left promiscuous mode
[ 1289.427687][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1289.435085][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1289.443625][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1289.451388][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1289.656177][T15990] ebtables: ebtables: counters copy to user failed while replacing table
[ 1290.253956][ T2534] veth1_macvtap: left promiscuous mode
[ 1290.281288][ T2534] veth0_macvtap: left promiscuous mode
[ 1290.287012][ T2534] veth1_vlan: left promiscuous mode
[ 1290.312321][ T2534] veth0_vlan: left promiscuous mode
[ 1290.357887][ T2534] veth1_macvtap: left promiscuous mode
[ 1290.363636][ T2534] veth0_macvtap: left promiscuous mode
[ 1290.371487][ T2534] veth1_vlan: left promiscuous mode
[ 1290.376995][ T2534] veth0_vlan: left promiscuous mode
[ 1290.834065][ T5242] Bluetooth: hci2: command tx timeout
[ 1291.707056][ T2534] team0 (unregistering): Port device team_slave_1 removed
[ 1291.776090][ T2534] team0 (unregistering): Port device team_slave_0 removed
[ 1293.087327][ T5242] Bluetooth: hci2: command tx timeout
[ 1293.375883][ T2534] team0 (unregistering): Port device team_slave_1 removed
[ 1293.519043][ T2534] team0 (unregistering): Port device team_slave_0 removed
[ 1294.311454][T15997] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2750'.
[ 1294.768689][T15811] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1294.808801][T16006] loop4: detected capacity change from 0 to 4096
[ 1295.026498][T16006] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[ 1295.046877][T15811] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1295.067344][T15811] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1295.123367][T15811] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1295.341372][ T5242] Bluetooth: hci2: command tx timeout
[ 1295.593117][T15757] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1295.696213][T15978] chnl_net:caif_netlink_parms(): no params data found
[ 1295.838713][T15757] 8021q: adding VLAN 0 to HW filter on device team0
[ 1295.991636][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1295.998857][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1296.094970][T15978] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1296.102753][T15978] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1296.111160][T15978] bridge_slave_0: entered allmulticast mode
[ 1296.118826][T15978] bridge_slave_0: entered promiscuous mode
[ 1296.140885][T15978] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1296.158078][T15978] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1296.165823][T15978] bridge_slave_1: entered allmulticast mode
[ 1296.180582][T15978] bridge_slave_1: entered promiscuous mode
[ 1296.191077][ T5295] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1296.198341][ T5295] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1296.240727][T16025] loop2: detected capacity change from 0 to 4096
[ 1296.312141][T15978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1296.389178][T15978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1296.484229][T15978] team0: Port device team_slave_0 added
[ 1296.573641][ T2534] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1296.607128][T15978] team0: Port device team_slave_1 added
[ 1296.655846][T16028] loop4: detected capacity change from 0 to 256
[ 1296.662783][ T5300] usb 3-1: new low-speed USB device number 48 using dummy_hcd
[ 1296.787280][ T2534] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1296.845345][T15871] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1296.886941][T15978] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1296.895589][T15978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1296.922453][T15978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1296.924300][ T5300] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 is Bulk; changing to Interrupt
[ 1296.956041][T15978] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1296.963640][T15978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1296.991354][T15978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1297.024015][ T5300] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1297.034004][ T5300] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[ 1297.056542][ T5300] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1297.073764][ T2534] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1297.086606][ T5300] usb 3-1: string descriptor 0 read error: -22
[ 1297.092940][ T5300] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1297.106555][ T5300] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1297.119798][T16032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2758'.
[ 1297.131801][T16032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2758'.
[ 1297.162581][T15871] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1297.174463][T15871] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1297.233595][ T2534] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1297.252886][T15871] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1297.301979][ T9056] usb 5-1: new full-speed USB device number 60 using dummy_hcd
[ 1297.369438][T15978] hsr_slave_0: entered promiscuous mode
[ 1297.377009][T15978] hsr_slave_1: entered promiscuous mode
[ 1297.384549][    T8] usb 3-1: USB disconnect, device number 48
[ 1297.447346][T15811] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1297.543934][ T9056] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1297.573032][ T9056] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1297.582850][ T9056] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1297.592193][ T9056] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1297.600562][ T5242] Bluetooth: hci2: command tx timeout
[ 1297.610803][ T9056] usb 5-1: config 0 descriptor??
[ 1297.623488][ T9056] hub 5-1:0.0: USB hub found
[ 1297.630176][T15811] 8021q: adding VLAN 0 to HW filter on device team0
[ 1297.711134][ T2534] bridge_slave_1: left allmulticast mode
[ 1297.717405][ T2534] bridge_slave_1: left promiscuous mode
[ 1297.723175][ T2534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1297.737628][ T2534] bridge_slave_0: left allmulticast mode
[ 1297.743342][ T2534] bridge_slave_0: left promiscuous mode
[ 1297.749717][ T2534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.848379][ T9056] hub 5-1:0.0: 1 port detected
[ 1298.337796][ T9056] usb 5-1: USB disconnect, device number 60
[ 1298.439048][ T2534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1298.453962][ T2534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1298.467249][ T2534] bond0 (unregistering): Released all slaves
[ 1298.486521][T15757] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1298.521039][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1298.528202][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1298.586510][T16042] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2759'.
[ 1298.624827][ T5306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1298.632025][ T5306] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1298.785857][T16047] loop2: detected capacity change from 0 to 512
[ 1298.811744][T16047] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1298.849261][T16047] EXT4-fs (loop2): 1 truncate cleaned up
[ 1298.860345][T16047] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1299.392824][ T2534] hsr_slave_0: left promiscuous mode
[ 1299.416441][ T2534] hsr_slave_1: left promiscuous mode
[ 1299.427700][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1299.437944][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1299.454606][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1299.465839][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1299.511778][ T2534] veth1_macvtap: left promiscuous mode
[ 1299.517816][ T2534] veth0_macvtap: left promiscuous mode
[ 1299.524529][ T2534] veth1_vlan: left promiscuous mode
[ 1299.532016][ T2534] veth0_vlan: left promiscuous mode
[ 1299.793454][T15150] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1299.843052][T16051] loop4: detected capacity change from 0 to 32768
[ 1300.650380][ T2534] team0 (unregistering): Port device team_slave_1 removed
[ 1300.735748][ T2534] team0 (unregistering): Port device team_slave_0 removed
[ 1301.606900][T15757] veth0_vlan: entered promiscuous mode
[ 1301.632166][T15871] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1301.849710][T15757] veth1_vlan: entered promiscuous mode
[ 1301.979698][T15871] 8021q: adding VLAN 0 to HW filter on device team0
[ 1302.095658][T15871] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1302.106608][T15871] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1302.151156][ T5294] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1302.158401][ T5294] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1302.213451][ T5294] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1302.220730][ T5294] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1302.378515][T15757] veth0_macvtap: entered promiscuous mode
[ 1302.455689][T15757] veth1_macvtap: entered promiscuous mode
[ 1302.679732][T15757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1302.699020][T15757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1302.730447][T15757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1302.763148][T15757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1302.773899][T13048] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1302.785565][T13048] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1302.787382][T16084] loop2: detected capacity change from 0 to 4096
[ 1302.810073][T13048] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1302.824229][T15757] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1302.832648][T13048] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1302.863451][T13048] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1302.866629][T15757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1302.886648][T13048] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1302.929230][T15757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1302.943301][T15757] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1302.958041][T15757] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1302.982579][T15757] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1303.012252][T15978] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1303.069826][T15978] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1303.089605][T15978] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1303.103537][T15978] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1303.124300][T15757] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1303.133435][T15757] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1303.142731][T15757] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1303.151490][T15757] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1303.179848][T15811] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1303.256336][T15871] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1303.337285][T15948] usb 3-1: new low-speed USB device number 49 using dummy_hcd
[ 1303.463630][T13898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1303.486746][T13898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1303.545286][T15948] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 is Bulk; changing to Interrupt
[ 1303.567424][T15948] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1303.588568][T15948] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[ 1303.605121][T15948] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1303.646902][T15948] usb 3-1: string descriptor 0 read error: -22
[ 1303.663779][ T2534] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1303.666238][T15948] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1303.684985][T15948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1303.738756][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1303.754037][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1303.780302][ T2534] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1303.808063][T15811] veth0_vlan: entered promiscuous mode
[ 1303.893868][ T2534] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1303.990200][T15948] usb 3-1: USB disconnect, device number 49
[ 1304.050235][T16100] loop1: detected capacity change from 0 to 256
[ 1304.053537][ T2534] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1304.071733][T16100] exfat: Bad value for 'uid'
[ 1304.080615][T16100] exfat: Bad value for 'uid'
[ 1304.111327][T15811] veth1_vlan: entered promiscuous mode
[ 1304.196316][T16100] loop1: detected capacity change from 0 to 64
[ 1304.206662][T16100] hfs: unable to parse mount options
[ 1304.273937][T16087] chnl_net:caif_netlink_parms(): no params data found
[ 1304.323994][T15871] veth0_vlan: entered promiscuous mode
[ 1304.775223][T15871] veth1_vlan: entered promiscuous mode
[ 1304.801606][T15811] veth0_macvtap: entered promiscuous mode
[ 1304.848260][T15978] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1304.950796][ T2534] bridge_slave_1: left allmulticast mode
[ 1304.957127][ T2534] bridge_slave_1: left promiscuous mode
[ 1304.972923][ T2534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1305.047541][ T2534] bridge_slave_0: left allmulticast mode
[ 1305.060867][ T2534] bridge_slave_0: left promiscuous mode
[ 1305.070601][ T2534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1305.135240][ T5242] Bluetooth: hci3: command tx timeout
[ 1305.301972][T16113] loop1: detected capacity change from 0 to 736
[ 1305.363546][T16113] Symlink component flag not implemented
[ 1305.376221][T16113] Symlink component flag not implemented (121)
[ 1305.675834][T16115] loop1: detected capacity change from 0 to 16384
[ 1305.742511][T16116] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1306.003898][T16121] loop2: detected capacity change from 0 to 128
[ 1306.115908][ T2534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1306.125760][T16125] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2774'.
[ 1306.141974][ T2534] bond0 (unregistering): Released all slaves
[ 1306.191174][T16087] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1306.200644][T16087] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1306.208491][T16087] bridge_slave_0: entered allmulticast mode
[ 1306.216113][T16087] bridge_slave_0: entered promiscuous mode
[ 1306.258733][T15811] veth1_macvtap: entered promiscuous mode
[ 1306.308447][T16087] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1306.315672][T16087] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1306.333135][T16087] bridge_slave_1: entered allmulticast mode
[ 1306.352367][T16087] bridge_slave_1: entered promiscuous mode
[ 1306.352789][T16128] loop1: detected capacity change from 0 to 512
[ 1306.366923][T16128] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1306.374440][T16128] UDF-fs: Scanning with blocksize 512 failed
[ 1306.390242][T16128] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1306.397760][T16128] UDF-fs: Scanning with blocksize 1024 failed
[ 1306.411823][T16128] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1306.420547][T16128] UDF-fs: Scanning with blocksize 2048 failed
[ 1306.428954][T16128] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1306.445156][T16087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1306.471644][T16128] UDF-fs: warning (device loop1): udf_fill_super: No fileset found
[ 1306.561956][T16087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1306.576045][T10604] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1306.711611][T16087] team0: Port device team_slave_0 added
[ 1306.724492][T16087] team0: Port device team_slave_1 added
[ 1306.751493][T15978] 8021q: adding VLAN 0 to HW filter on device team0
[ 1306.767864][T16132] loop1: detected capacity change from 0 to 1024
[ 1306.774983][T15871] veth0_macvtap: entered promiscuous mode
[ 1306.793020][T10604] usb 3-1: Using ep0 maxpacket: 8
[ 1306.798375][T16132] hfsplus: unable to parse mount options
[ 1306.802974][T10604] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1306.824889][T10604] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[ 1306.834432][T10604] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.845540][T10604] usb 3-1: config 0 descriptor??
[ 1306.870609][T15811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1306.882505][T15811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1306.895785][T15811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1306.908315][T15811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1306.918258][T15811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1306.929001][T15811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1306.948432][T15811] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1307.017446][ T2534] hsr_slave_0: left promiscuous mode
[ 1307.026720][ T2534] hsr_slave_1: left promiscuous mode
[ 1307.045021][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1307.064757][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1307.077777][ T2534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1307.089850][ T2534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1307.130865][T16136] loop1: detected capacity change from 0 to 512
[ 1307.139008][T16136] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1307.148570][ T2534] veth1_macvtap: left promiscuous mode
[ 1307.154444][ T2534] veth0_macvtap: left promiscuous mode
[ 1307.158577][T16136] UDF-fs: Scanning with blocksize 512 failed
[ 1307.160170][ T2534] veth1_vlan: left promiscuous mode
[ 1307.172855][ T2534] veth0_vlan: left promiscuous mode
[ 1307.179890][T16136] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1307.187580][T16136] UDF-fs: Scanning with blocksize 1024 failed
[ 1307.200433][T16136] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1307.212811][T16136] UDF-fs: Scanning with blocksize 2048 failed
[ 1307.238142][T16136] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1307.250348][T16136] UDF-fs: warning (device loop1): udf_fill_super: No fileset found
[ 1307.310182][T10604] logitech 0003:046D:C295.002C: item fetching failed at offset 0/3
[ 1307.330725][T10604] logitech 0003:046D:C295.002C: parse failed
[ 1307.346266][T10604] logitech 0003:046D:C295.002C: probe with driver logitech failed with error -22
[ 1307.390104][ T5242] Bluetooth: hci3: command tx timeout
[ 1307.397039][T16138] loop1: detected capacity change from 0 to 736
[ 1307.478407][T16138] Symlink component flag not implemented
[ 1307.484162][T16138] Symlink component flag not implemented (121)
[ 1307.559303][T16125] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[ 1307.611211][ T5300] usb 3-1: USB disconnect, device number 50
[ 1308.205515][ T2534] team0 (unregistering): Port device team_slave_1 removed
[ 1308.299009][T16146] loop2: detected capacity change from 0 to 128
[ 1308.435461][ T2534] team0 (unregistering): Port device team_slave_0 removed
[ 1308.538838][T16151] loop2: detected capacity change from 0 to 256
[ 1308.545781][T16151] exfat: Bad value for 'uid'
[ 1308.561375][T16151] exfat: Bad value for 'uid'
[ 1308.625862][T16151] loop2: detected capacity change from 0 to 64
[ 1308.653063][T16151] hfs: unable to parse mount options
[ 1309.230953][T16155] loop1: detected capacity change from 0 to 4096
[ 1309.238457][T16155] ntfs3: Unknown parameter '+00000000000000000000004'
[ 1309.369668][T16160] loop1: detected capacity change from 0 to 256
[ 1309.377994][T16160] exfat: Deprecated parameter 'utf8'
[ 1309.391580][T16160] exfat: Bad value for 'errors'
[ 1309.531114][T16162] loop2: detected capacity change from 0 to 164
[ 1309.572482][T16162] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1309.647726][ T5242] Bluetooth: hci3: command tx timeout
[ 1309.686151][T16162] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1309.718379][T16162] iso9660: Corrupted directory entry in block 4 of inode 1792
[ 1309.910247][T16165] loop1: detected capacity change from 0 to 1024
[ 1310.036235][ T5242] Bluetooth: hci4: command tx timeout
[ 1310.390815][T16162] rock: corrupted directory entry. extent=41, offset=65536, size=8
[ 1310.420837][T16162] iso9660: Corrupted directory entry in block 4 of inode 1792
[ 1310.663839][T15811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1310.678643][T15811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1310.694620][T15811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1310.705624][T15811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1310.720430][T15811] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1310.758268][T15871] veth1_macvtap: entered promiscuous mode
[ 1310.986684][T15110] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1310.993870][T15110] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1311.028598][T16087] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1311.058154][T16087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1311.298384][T16087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1311.454070][T15871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1311.505268][T15871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1311.552407][T15871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1311.610946][T16180] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2791'.
[ 1311.630943][T15871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1311.651647][T15871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1311.673528][T15871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1311.712929][T15871] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1311.781321][T15811] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.812120][T15811] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.822145][T15811] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.831003][T15811] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.847294][T16087] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1311.854347][T16087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1311.880238][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1311.886754][T16087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1311.889091][T16185] loop1: detected capacity change from 0 to 128
[ 1311.904216][ T5242] Bluetooth: hci3: command tx timeout
[ 1311.941467][T15871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1311.953076][T15871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1311.963820][T15871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1311.974316][T15871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1311.985822][T15871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1311.996326][T15871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1312.009730][T15871] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1312.069999][ T5306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1312.077199][ T5306] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1312.148986][T16188] loop1: detected capacity change from 0 to 256
[ 1312.166880][T15871] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.177405][T15110] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1312.187871][T15871] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.197423][T15871] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.206327][T15871] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.229198][T16087] hsr_slave_0: entered promiscuous mode
[ 1312.242786][ T5242] Bluetooth: hci4: command tx timeout
[ 1312.272086][T16087] hsr_slave_1: entered promiscuous mode
[ 1312.286851][T16087] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1312.296421][T16087] Cannot create hsr debugfs directory
[ 1312.383049][T15110] usb 3-1: Using ep0 maxpacket: 8
[ 1312.392249][T15110] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1312.409476][T15110] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[ 1312.430547][T15110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1312.544600][T15110] usb 3-1: config 0 descriptor??
[ 1312.980188][T13893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1313.011650][T13893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.085820][T15110] logitech 0003:046D:C295.002D: item fetching failed at offset 0/3
[ 1313.108018][T15110] logitech 0003:046D:C295.002D: parse failed
[ 1313.124172][T15110] logitech 0003:046D:C295.002D: probe with driver logitech failed with error -22
[ 1313.219598][ T2534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1313.238496][ T2534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.379926][T16180] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[ 1313.446373][T15110] usb 3-1: USB disconnect, device number 51
[ 1313.471250][ T7389] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1313.501868][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1313.512157][ T7389] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.519997][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.693050][T15978] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1313.917350][T16197] loop5: detected capacity change from 0 to 256
[ 1313.930403][T16197] exfat: Deprecated parameter 'utf8'
[ 1313.944816][T16197] exfat: Bad value for 'errors'
[ 1314.286855][T15978] veth0_vlan: entered promiscuous mode
[ 1314.340494][T16200] ebtables: ebtables: counters copy to user failed while replacing table
[ 1314.466957][T16200] loop5: detected capacity change from 0 to 1024
[ 1314.501110][ T5242] Bluetooth: hci4: command tx timeout
[ 1314.759562][T15978] veth1_vlan: entered promiscuous mode
[ 1315.451412][T15978] veth0_macvtap: entered promiscuous mode
[ 1315.527987][T16204] loop5: detected capacity change from 0 to 512
[ 1315.553253][T16204] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1315.597489][T15978] veth1_macvtap: entered promiscuous mode
[ 1315.615979][T16204] EXT4-fs (loop5): 1 truncate cleaned up
[ 1315.643602][T16204] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1315.646187][T16209] loop2: detected capacity change from 0 to 256
[ 1315.667079][T16209] exfat: Bad value for 'uid'
[ 1315.680576][T16209] exfat: Bad value for 'uid'
[ 1315.756749][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1315.778048][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1315.801071][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1315.844929][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1315.847687][T16209] loop2: detected capacity change from 0 to 64
[ 1315.878052][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1315.898431][T16215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2799'.
[ 1315.907534][T16215] netlink: 'syz.3.2799': attribute type 1 has an invalid length.
[ 1315.915397][T16215] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2799'.
[ 1315.927090][T16209] hfs: unable to parse mount options
[ 1315.932515][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1316.774440][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1316.853559][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1316.906889][T15978] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1316.907034][T16087] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1317.149791][T16087] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1317.193155][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.193185][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.193202][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.193220][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.193235][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.193253][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.193270][T15978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.193287][T15978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.196862][T15978] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1318.048626][T15978] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1318.048676][T15978] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1318.048715][T15978] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1318.048753][T15978] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1318.062391][T16087] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1318.267051][T16087] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1318.659136][T11832] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1318.659162][T11832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1318.900051][T16087] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1318.960199][T11832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1318.960228][T11832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1319.040013][T16087] 8021q: adding VLAN 0 to HW filter on device team0
[ 1319.126534][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1319.126677][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1319.129083][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1319.129219][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1319.331179][T16241] loop3: detected capacity change from 0 to 256
[ 1319.368996][T16241] exfat: Deprecated parameter 'utf8'
[ 1319.400254][T15871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1319.411073][T16241] exfat: Bad value for 'errors'
[ 1319.798759][T16245] ebtables: ebtables: counters copy to user failed while replacing table
[ 1319.895139][T16245] loop3: detected capacity change from 0 to 1024
[ 1321.267541][ T5291] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1321.327748][    T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1321.659501][ T5291] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1321.739838][    T9] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1321.763940][ T5291] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1321.774030][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1321.796329][ T5291] usb 3-1: config 0 descriptor??
[ 1321.810315][    T9] usb 6-1: config 0 descriptor??
[ 1321.829504][ T5291] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1321.865454][    T9] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1321.974456][T16087] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1322.021389][T16259] loop0: detected capacity change from 0 to 128
[ 1322.135714][T16259] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1322.170308][T16259] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1322.303169][T13048] Bluetooth: hci0: command 0x0406 tx timeout
[ 1322.552404][T15978] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1322.617418][T16087] veth0_vlan: entered promiscuous mode
[ 1322.664414][T16087] veth1_vlan: entered promiscuous mode
[ 1322.713618][T16270] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[ 1322.769153][T16270] No control pipe specified
[ 1322.784716][T16087] veth0_macvtap: entered promiscuous mode
[ 1322.819299][T16270] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2809'.
[ 1322.848062][T16087] veth1_macvtap: entered promiscuous mode
[ 1322.892793][T16270] overlayfs: overlapping lowerdir path
[ 1322.977508][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1323.001835][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1323.020432][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1323.048841][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1323.090756][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1323.119204][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1323.140510][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1323.188259][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1323.220314][T16278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2811'.
[ 1323.229806][T16278] netlink: 'syz.3.2811': attribute type 1 has an invalid length.
[ 1323.237589][T16278] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2811'.
[ 1323.260708][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1323.519306][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1324.116561][    T9] gp8psk: usb out operation failed.
[ 1324.121946][    T9] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1324.241884][T16087] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1324.268338][    T9] dvb_usb_gp8psk 6-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1324.284031][    T9] usb 6-1: USB disconnect, device number 18
[ 1324.290553][ T5291] gp8psk: usb out operation failed.
[ 1324.296009][ T5291] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1324.307034][ T5291] dvb_usb_gp8psk 3-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1324.444773][ T5291] usb 3-1: USB disconnect, device number 52
[ 1324.470840][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1324.514948][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1324.555929][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1324.582452][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1324.668377][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1324.701677][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1324.729221][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1324.864484][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1324.874372][T16087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1324.887913][T16087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1325.097617][ T5242] Bluetooth: hci2: command tx timeout
[ 1325.452737][T16303] loop3: detected capacity change from 0 to 128
[ 1325.789007][T16087] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1326.054831][T16087] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.073671][T16308] loop5: detected capacity change from 0 to 256
[ 1326.083017][T16087] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.103703][T16308] exfat: Deprecated parameter 'utf8'
[ 1326.109045][T16308] exfat: Bad value for 'errors'
[ 1326.116569][T16087] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.348701][T16087] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1326.493140][T16311] ebtables: ebtables: counters copy to user failed while replacing table
[ 1326.594154][T16311] loop5: detected capacity change from 0 to 1024
[ 1327.373882][T16313] loop2: detected capacity change from 0 to 128
[ 1327.398342][T16313] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1327.632355][T16313] ext4 filesystem being mounted at /55/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1327.652264][T16320] loop3: detected capacity change from 0 to 736
[ 1327.779762][T13898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1327.787622][T13898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1327.858315][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1327.886486][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1328.167659][T15150] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1328.645529][T15948] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 1329.034443][T16331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2826'.
[ 1329.043479][T16331] netlink: 'syz.3.2826': attribute type 1 has an invalid length.
[ 1329.051299][T16331] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2826'.
[ 1329.328072][T15948] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1329.337217][T15948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1329.382444][T15948] usb 1-1: config 0 descriptor??
[ 1329.390941][T15948] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1329.396253][T16337] loop4: detected capacity change from 0 to 256
[ 1329.556088][T16337] FAT-fs (loop4): Directory bread(block 64) failed
[ 1329.562729][T16337] FAT-fs (loop4): Directory bread(block 65) failed
[ 1329.591396][T16337] FAT-fs (loop4): Directory bread(block 66) failed
[ 1329.598083][T16337] FAT-fs (loop4): Directory bread(block 67) failed
[ 1329.627035][T16337] FAT-fs (loop4): Directory bread(block 68) failed
[ 1329.643108][T16337] FAT-fs (loop4): Directory bread(block 69) failed
[ 1329.664629][T16337] FAT-fs (loop4): Directory bread(block 70) failed
[ 1329.671301][T16337] FAT-fs (loop4): Directory bread(block 71) failed
[ 1329.709407][T16337] FAT-fs (loop4): Directory bread(block 72) failed
[ 1329.716096][T16337] FAT-fs (loop4): Directory bread(block 73) failed
[ 1329.829424][ T5291] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1330.325091][T16360] loop5: detected capacity change from 0 to 128
[ 1330.333248][ T5291] usb 3-1: Using ep0 maxpacket: 32
[ 1330.344987][T16359] overlayfs: missing 'lowerdir'
[ 1331.154583][ T1254] ieee802154 phy0 wpan0: encryption failed: -22
[ 1331.161363][ T1254] ieee802154 phy1 wpan1: encryption failed: -22
[ 1331.617332][T15948] gp8psk: usb out operation failed.
[ 1331.622926][T15948] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1331.645231][T15948] dvb_usb_gp8psk 1-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1331.976794][T15948] usb 1-1: USB disconnect, device number 53
[ 1332.220698][ T5291] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1332.230377][ T5291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1332.454837][   T29] audit: type=1326 audit(1722391273.661:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16368 comm="syz.3.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8984377299 code=0x7fc00000
[ 1332.477298][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1332.486793][ T5291] usb 3-1: Product: syz
[ 1332.497716][ T5291] usb 3-1: Manufacturer: syz
[ 1332.512597][ T5291] usb 3-1: SerialNumber: syz
[ 1332.537861][    C1] eth0: bad gso: type: 1, size: 1408
[ 1332.626174][ T5291] usb 3-1: config 0 descriptor??
[ 1333.230523][T16379] loop4: detected capacity change from 0 to 736
[ 1333.250069][   T29] audit: type=1326 audit(1722391274.168:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16368 comm="syz.3.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8984377299 code=0x7fc00000
[ 1333.272427][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1333.278714][ T5291] usb 3-1: can't set config #0, error -71
[ 1333.364632][ T5291] usb 3-1: USB disconnect, device number 53
[ 1333.532815][T16385] loop2: detected capacity change from 0 to 512
[ 1333.553320][T16385] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1333.653016][T16385] EXT4-fs (loop2): 1 truncate cleaned up
[ 1333.662593][T16385] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1333.864098][T16401] loop3: detected capacity change from 0 to 256
[ 1333.887555][T16401] FAT-fs (loop3): Directory bread(block 64) failed
[ 1333.990863][T16401] FAT-fs (loop3): Directory bread(block 65) failed
[ 1334.129898][T16401] FAT-fs (loop3): Directory bread(block 66) failed
[ 1334.138831][T16401] FAT-fs (loop3): Directory bread(block 67) failed
[ 1334.145471][T16401] FAT-fs (loop3): Directory bread(block 68) failed
[ 1334.152944][T16401] FAT-fs (loop3): Directory bread(block 69) failed
[ 1334.181545][ T5291] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1334.192649][T16401] FAT-fs (loop3): Directory bread(block 70) failed
[ 1334.199242][T16401] FAT-fs (loop3): Directory bread(block 71) failed
[ 1334.493972][T16407] fuse: Unknown parameter 'Ë6¢6vF8µÀ&uÛ!LL-ô<w'
[ 1334.983781][T16401] FAT-fs (loop3): Directory bread(block 72) failed
[ 1334.990494][T16401] FAT-fs (loop3): Directory bread(block 73) failed
[ 1335.035986][T16385] EXT4-fs error (device loop2): ext4_find_dest_de:2067: inode #2: block 13: comm syz.2.2839: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1335.081393][T15948] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[ 1336.047236][T16416] loop5: detected capacity change from 0 to 128
[ 1336.195534][ T5242] Bluetooth: hci1: command tx timeout
[ 1336.223664][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1336.283478][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1336.475918][T15948] usb 1-1: Using ep0 maxpacket: 8
[ 1336.712957][T15948] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1336.773003][T15948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1336.826674][T15948] usb 1-1: config 0 descriptor??
[ 1336.933689][ T5294] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1337.026275][ T5291] usb 2-1: New USB device found, idVendor=048d, idProduct=ce50, bcdDevice= 0.00
[ 1337.036918][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.053706][ T5291] usb 2-1: config 0 descriptor??
[ 1337.065822][T15948] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 1337.106895][ T5291] usb 2-1: can't set config #0, error -71
[ 1337.117271][ T5291] usb 2-1: USB disconnect, device number 36
[ 1337.139922][T15150] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1337.196255][ T5294] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1337.503369][ T5294] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.540272][ T5294] usb 5-1: config 0 descriptor??
[ 1337.580980][ T5294] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1338.016025][T16406] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1338.064575][T16406] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1338.430747][ T5291] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1338.430883][T15948] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1338.453504][T15948] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1338.466431][T15948] asix 1-1:0.0: probe with driver asix failed with error -71
[ 1338.479325][T15948] usb 1-1: USB disconnect, device number 54
[ 1338.718459][T16419] loop3: detected capacity change from 0 to 32768
[ 1338.760588][T16419] 
[ 1338.760588][T16419]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1338.760588][T16419] 
[ 1338.777617][ T5291] usb 3-1: Using ep0 maxpacket: 32
[ 1338.800773][ T5291] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1338.818701][ T5291] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1338.838677][ T5291] usb 3-1: Product: syz
[ 1338.850254][ T5291] usb 3-1: Manufacturer: syz
[ 1338.859886][ T5291] usb 3-1: SerialNumber: syz
[ 1338.873837][ T5291] usb 3-1: config 0 descriptor??
[ 1338.895055][ T5291] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1338.956261][T15811] 
[ 1338.956261][T15811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1338.956261][T15811] 
[ 1338.967606][T15110] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1338.993696][T15811] 
[ 1338.993696][T15811]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1338.993696][T15811] 
[ 1339.179807][T15110] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1339.233472][T15110] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1339.238458][ T5294] gp8psk: usb out operation failed.
[ 1339.255413][ T5294] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1339.266238][ T5294] dvb_usb_gp8psk 5-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1339.278051][ T5294] usb 5-1: USB disconnect, device number 61
[ 1339.331896][T15110] usb 6-1: config 0 descriptor??
[ 1339.363091][T15110] cp210x 6-1:0.0: cp210x converter detected
[ 1339.658290][T16452] loop4: detected capacity change from 0 to 1024
[ 1339.700447][T16452] EXT4-fs (loop4): Can't support bigalloc feature without extents feature
[ 1339.700447][T16452] 
[ 1339.737007][T16454] loop3: detected capacity change from 0 to 128
[ 1339.781010][T16429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1339.787642][T16445] loop1: detected capacity change from 0 to 32768
[ 1339.815676][T16429] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1339.867947][T16445] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2856 (16445)
[ 1339.900380][T15110] cp210x 6-1:0.0: failed to get vendor val 0x3711 size 2: -71
[ 1339.912870][T15110] cp210x 6-1:0.0: GPIO initialisation failed: -71
[ 1339.938708][T15110] usb 6-1: cp210x converter now attached to ttyUSB0
[ 1339.959536][T16445] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1339.960557][T15110] usb 6-1: USB disconnect, device number 19
[ 1340.011947][T15110] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1340.014323][T16445] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[ 1340.021768][T16444] loop0: detected capacity change from 0 to 32768
[ 1340.035843][T15110] cp210x 6-1:0.0: device disconnected
[ 1340.059906][T16444] 
[ 1340.059906][T16444]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1340.059906][T16444] 
[ 1340.068342][T16445] BTRFS info (device loop1): using free-space-tree
[ 1340.118497][T16444] read_mapping_page failed!
[ 1340.150883][T16444] ERROR: (device loop0): txCommit: 
[ 1340.150883][T16444] 
[ 1340.182159][    C1] eth0: bad gso: type: 1, size: 1408
[ 1340.331487][ T1100] 
[ 1340.331487][ T1100]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1340.331487][ T1100] 
[ 1340.370579][T16429] loop2: detected capacity change from 0 to 2048
[ 1340.377346][ T1100] 
[ 1340.377346][ T1100]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1340.377346][ T1100] 
[ 1340.401603][T16429] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1340.408265][T16429] ext4: Unknown parameter 'nouser_xattr'
[ 1340.416458][  T111] 
[ 1340.416458][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1340.416458][  T111] 
[ 1340.503823][T15978] 
[ 1340.503823][T15978]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1340.503823][T15978] 
[ 1340.558880][T15978] 
[ 1340.558880][T15978]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1340.558880][T15978] 
[ 1340.668077][ T5291] gspca_ov534_9: reg_w failed -71
[ 1341.405823][T15757] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1341.483940][    T9] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1341.773613][T16464] loop3: detected capacity change from 0 to 32768
[ 1341.830627][    T9] usb 5-1: Using ep0 maxpacket: 32
[ 1341.928024][ T5291] gspca_ov534_9: Unknown sensor 0000
[ 1341.928479][ T5291] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22
[ 1342.341708][T16464] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2862 (16464)
[ 1342.473950][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1342.554261][ T5291] usb 3-1: USB disconnect, device number 54
[ 1342.578391][    T9] usb 5-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb
[ 1342.629143][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1342.686417][    T9] usb 5-1: Product: syz
[ 1342.690771][    T9] usb 5-1: Manufacturer: syz
[ 1342.708437][T16464] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1342.709457][    T9] usb 5-1: SerialNumber: syz
[ 1342.768223][    T9] usb 5-1: config 0 descriptor??
[ 1342.787348][T16464] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[ 1342.793631][    T9] usbtouchscreen 5-1:0.0: probe with driver usbtouchscreen failed with error -12
[ 1342.894371][T16509] ax25_connect(): syz.0.2871 uses autobind, please contact jreuter@yaina.de
[ 1343.639193][T16480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1343.667534][T16464] BTRFS info (device loop3): using free-space-tree
[ 1343.703824][T16480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1343.770131][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[ 1343.770809][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[ 1343.806416][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[ 1343.881862][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[ 1343.914490][T16480] loop4: detected capacity change from 0 to 128
[ 1343.980843][T16480] vfat: Unknown parameter ''
[ 1344.221479][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[ 1344.222419][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[ 1344.376745][T16526] loop4: detected capacity change from 0 to 256
[ 1344.396111][T16526] vfat: Bad value for 'dmask'
[ 1346.928043][ T5291] usb 5-1: USB disconnect, device number 62
[ 1346.950048][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[ 1346.952627][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[ 1347.046919][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[ 1347.237035][T15110] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1347.270236][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[ 1347.271165][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1347.344658][T16540] trusted_key: encrypted_key: keyword 'ne}' not recognized
[ 1347.376034][T16464] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1347.395727][T16464] BTRFS error (device loop3): open_ctree failed
[ 1347.419791][T16540] loop5: detected capacity change from 0 to 764
[ 1347.542796][T15110] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1347.546674][T16543] loop2: detected capacity change from 0 to 1024
[ 1347.579235][T15110] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1347.628761][T15110] usb 2-1: config 0 descriptor??
[ 1347.651901][T16543] EXT4-fs (loop2): Can't support bigalloc feature without extents feature
[ 1347.651901][T16543] 
[ 1347.689007][T16548] rock: directory entry would overflow storage
[ 1347.698750][T15110] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1347.700115][T16548] rock: sig=0x4f50, size=4, remaining=3
[ 1347.730401][T16548] iso9660: Corrupted directory entry in block 4 of inode 1792
[ 1348.017002][T15110] gp8psk: usb in 128 operation failed.
[ 1348.103802][T15110] gp8psk: usb in 137 operation failed.
[ 1348.268802][T15110] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1348.329539][T15110] dvb_usb_gp8psk 2-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1348.381527][T15110] usb 2-1: USB disconnect, device number 37
[ 1348.647423][T13048] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1348.662252][T13048] Bluetooth: hci2: Injecting HCI hardware error event
[ 1348.673812][ T5242] Bluetooth: hci2: hardware error 0x00
[ 1351.160105][ T5242] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1351.399912][T16593] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2888'.
[ 1351.408948][T16593] netlink: 'syz.1.2888': attribute type 1 has an invalid length.
[ 1351.416666][T16593] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2888'.
[ 1351.595958][T16596] loop1: detected capacity change from 0 to 512
[ 1351.605396][T16596] ext4: Unknown parameter 'fsuuid'
[ 1353.445087][ T5300] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1353.871447][ T5300] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1353.897091][ T5300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1353.928396][ T5300] usb 2-1: config 0 descriptor??
[ 1353.958037][ T5300] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1354.086079][T16616] loop5: detected capacity change from 0 to 512
[ 1354.162801][T16616] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1354.172469][T16616] UDF-fs: Scanning with blocksize 512 failed
[ 1354.208170][T16616] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1354.235256][T16592] loop4: detected capacity change from 0 to 32768
[ 1354.235723][T16616] UDF-fs: Scanning with blocksize 1024 failed
[ 1354.250254][T16592] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2887 (16592)
[ 1354.252933][T16614] loop0: detected capacity change from 0 to 4096
[ 1354.290181][T16616] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1354.290297][T16592] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1354.321331][T16592] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[ 1354.333364][T16616] UDF-fs: Scanning with blocksize 2048 failed
[ 1354.340702][T16592] BTRFS info (device loop4): using free-space-tree
[ 1354.380726][T16616] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1354.439501][T16616] UDF-fs: warning (device loop5): udf_fill_super: No fileset found
[ 1354.445247][T16601] loop2: detected capacity change from 0 to 32768
[ 1354.474206][T16601] BTRFS: device /dev/loop2 (7:2) using temp-fsid b224f8a3-fdaa-4f3f-812e-d0f80f9be276
[ 1354.484000][T16601] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2890 (16601)
[ 1354.505695][T16601] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1354.566714][T16601] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[ 1354.620286][T16601] BTRFS info (device loop2): using free-space-tree
[ 1354.674167][T16087] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1355.762497][T15150] BTRFS info (device loop2): last unmount of filesystem b224f8a3-fdaa-4f3f-812e-d0f80f9be276
[ 1356.156706][ T5300] gp8psk: usb out operation failed.
[ 1356.162001][ T5300] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22)
[ 1356.175633][ T5300] dvb_usb_gp8psk 2-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[ 1356.196533][ T5300] usb 2-1: USB disconnect, device number 38
[ 1356.365461][T16669] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2902'.
[ 1356.375488][T16669] netlink: 'syz.5.2902': attribute type 1 has an invalid length.
[ 1356.383482][T16669] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2902'.
[ 1356.559225][T16671] loop5: detected capacity change from 0 to 512
[ 1356.568522][T16671] ext4: Unknown parameter 'fsuuid'
[ 1357.463195][T16677] loop4: detected capacity change from 0 to 256
[ 1357.572213][T16684] loop1: detected capacity change from 0 to 256
[ 1359.393385][T16688] Invalid ELF header magic: != ELF
[ 1359.400325][   T29] audit: type=1804 audit(1722391298.526:192): pid=16688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2898" name="/newroot/11/bus/bus" dev="loop4" ino=1048843 res=1 errno=0
[ 1359.452878][T16684] FAT-fs (loop1): Directory bread(block 64) failed
[ 1359.467700][T16684] FAT-fs (loop1): Directory bread(block 65) failed
[ 1359.752071][T16684] FAT-fs (loop1): Directory bread(block 66) failed
[ 1359.758663][T16684] FAT-fs (loop1): Directory bread(block 67) failed
[ 1359.772321][T16684] FAT-fs (loop1): Directory bread(block 68) failed
[ 1359.778906][T16684] FAT-fs (loop1): Directory bread(block 69) failed
[ 1359.910150][T16684] FAT-fs (loop1): Directory bread(block 70) failed
[ 1359.917489][T16684] FAT-fs (loop1): Directory bread(block 71) failed
[ 1359.958022][T16684] FAT-fs (loop1): Directory bread(block 72) failed
[ 1359.964658][T16684] FAT-fs (loop1): Directory bread(block 73) failed
[ 1360.068724][T16695] loop0: detected capacity change from 0 to 128
[ 1365.576420][T16724] loop4: detected capacity change from 0 to 1024
[ 1365.582947][T15110] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1365.657806][T16724] EXT4-fs: Ignoring removed orlov option
[ 1365.663609][T16724] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1365.922126][T16724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1366.000371][T16750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2920'.
[ 1366.014356][T16750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2920'.
[ 1366.080553][T16754] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2923'.
[ 1366.193015][T16750] ALSA: seq fatal error: cannot create timer (-22)
[ 1366.245669][T16744] loop1: detected capacity change from 0 to 128
[ 1366.324379][T16759] loop5: detected capacity change from 0 to 256
[ 1366.335005][T16744] FAT-fs (loop1): bogus logical sector size 0
[ 1366.346668][T16754] loop3: detected capacity change from 0 to 512
[ 1366.360602][T16744] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[ 1366.372978][T16759] exfat: Deprecated parameter 'utf8'
[ 1366.378345][T16759] exfat: Bad value for 'errors'
[ 1366.392010][T16744] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 1366.672476][T16754] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1366.838302][T16762] ebtables: ebtables: counters copy to user failed while replacing table
[ 1367.730980][T16754] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[ 1367.764881][T16754] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.2923: inode #15: comm syz.3.2923: iget: illegal inode #
[ 1367.765052][T16087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1367.779946][T16754] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2923: couldn't read orphan inode 15 (err -117)
[ 1367.837644][T16754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1367.873989][T16740] loop0: detected capacity change from 0 to 4096
[ 1367.939829][T16740] ntfs3: Unknown parameter 'spjrse'
[ 1367.995490][T16768] loop5: detected capacity change from 0 to 4096
[ 1368.112061][T16771] ax25_connect(): syz.2.2925 uses autobind, please contact jreuter@yaina.de
[ 1369.390521][T15811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1369.457836][T16784] loop1: detected capacity change from 0 to 128
[ 1370.520882][T16777] loop2: detected capacity change from 0 to 32768
[ 1370.529193][T16777] btrfs: Unknown parameter 'smackfsfloor'
[ 1371.269361][   T46] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1371.296254][T16805] loop1: detected capacity change from 0 to 512
[ 1371.429833][ T5306] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1372.080049][ T5291] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1372.166496][T16805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1372.209885][T16805] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1372.729722][   T46] usb 4-1: Using ep0 maxpacket: 32
[ 1373.218433][T16814] ebtables: ebtables: counters copy to user failed while replacing table
[ 1373.720945][ T5306] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1373.731843][ T5306] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1373.741817][   T46] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1373.748164][ T5306] usb 6-1: Product: syz
[ 1373.780718][ T5306] usb 6-1: Manufacturer: syz
[ 1373.785396][ T5306] usb 6-1: SerialNumber: syz
[ 1373.802394][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1373.807858][ T5306] usb 6-1: config 0 descriptor??
[ 1373.851473][   T46] usb 4-1: Product: syz
[ 1373.877700][   T46] usb 4-1: Manufacturer: syz
[ 1373.906502][   T46] usb 4-1: SerialNumber: syz
[ 1373.937570][   T46] usb 4-1: config 0 descriptor??
[ 1373.951910][ T5291] usb 3-1: device not accepting address 55, error -71
[ 1373.971894][   T46] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1374.001829][T16824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2939'.
[ 1374.029053][T15757] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1374.061411][T16824] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2939'.
[ 1374.179795][T15948] usb 6-1: USB disconnect, device number 20
[ 1374.531453][ T5291] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[ 1374.600855][T16838] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[ 1374.635169][T16838] No control pipe specified
[ 1374.784424][ T5291] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1374.826289][ T5291] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1374.838516][T16800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1374.879959][T16800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1374.894988][ T5291] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1374.929189][ T5291] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1375.207208][ T5291] usb 3-1: config 0 descriptor??
[ 1375.215522][ T5291] hub 3-1:0.0: USB hub found
[ 1375.742466][   T46] gspca_ov534_9: reg_w failed -110
[ 1376.027035][T16850] loop4: detected capacity change from 0 to 512
[ 1376.038757][T16850] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1376.054518][ T5291] hub 3-1:0.0: 1 port detected
[ 1376.059378][T16850] EXT4-fs (loop4): 1 truncate cleaned up
[ 1376.061159][T16850] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1376.271914][ T5291] hub 3-1:0.0: hub_hub_status failed (err = -71)
[ 1376.280288][ T5291] hub 3-1:0.0: config failed, can't get hub status (err -71)
[ 1376.292332][ T5291] usbhid 3-1:0.0: can't add hid device: -71
[ 1376.303224][ T5291] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1376.335926][T16800] loop3: detected capacity change from 0 to 2048
[ 1376.371241][ T5291] usb 3-1: USB disconnect, device number 56
[ 1376.456835][   T46] gspca_ov534_9: Unknown sensor 0000
[ 1376.456945][   T46] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[ 1376.480300][T16087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1376.497485][   T46] usb 4-1: USB disconnect, device number 70
[ 1377.106112][T16871] ebtables: ebtables: counters copy to user failed while replacing table
[ 1382.049487][ T5242] Bluetooth: hci1: command tx timeout
[ 1382.500908][    C1] eth0: bad gso: type: 1, size: 1408
[ 1382.552258][T16891] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[ 1382.582959][T16891] No control pipe specified
[ 1382.683888][T16896] loop5: detected capacity change from 0 to 16
[ 1382.733855][T16896] erofs: Unknown parameter 'user_pattr'
[ 1384.023892][T16908] loop0: detected capacity change from 0 to 512
[ 1384.192121][T16908] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1384.316542][T16908] EXT4-fs (loop0): 1 truncate cleaned up
[ 1384.481604][T15948] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 1384.603773][T16908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1384.831342][T16926] ebtables: ebtables: counters copy to user failed while replacing table
[ 1385.487899][ T5242] Bluetooth: hci3: command tx timeout
[ 1385.699105][T15948] usb 6-1: Using ep0 maxpacket: 32
[ 1385.718130][T15948] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1385.741222][T15948] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1385.768393][T15948] usb 6-1: Product: syz
[ 1385.774227][T15948] usb 6-1: Manufacturer: syz
[ 1385.784718][T15948] usb 6-1: SerialNumber: syz
[ 1385.805663][T15948] usb 6-1: config 0 descriptor??
[ 1385.832233][T15948] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1385.956620][T16931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2968'.
[ 1385.971807][T15978] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1385.981533][T16931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2968'.
[ 1386.315895][   T46] usb 4-1: new full-speed USB device number 71 using dummy_hcd
[ 1386.333959][T16937] loop0: detected capacity change from 0 to 4096
[ 1386.547263][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1386.558863][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1386.570103][   T46] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1386.579902][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1386.602423][   T46] usb 4-1: config 0 descriptor??
[ 1386.622438][   T46] hub 4-1:0.0: USB hub found
[ 1386.751273][T16913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1386.760315][ T5291] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1386.764036][T16913] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1386.815774][    C1] eth0: bad gso: type: 1, size: 1408
[ 1386.857901][   T46] hub 4-1:0.0: 1 port detected
[ 1387.056355][ T5291] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1387.067364][   T46] hub 4-1:0.0: hub_hub_status failed (err = -71)
[ 1387.073836][   T46] hub 4-1:0.0: config failed, can't get hub status (err -71)
[ 1387.107240][ T5291] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1387.141040][   T46] usbhid 4-1:0.0: can't add hid device: -71
[ 1387.143510][ T5291] usb 2-1: Product: syz
[ 1387.147173][   T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1387.216274][ T5291] usb 2-1: Manufacturer: syz
[ 1387.220912][ T5291] usb 2-1: SerialNumber: syz
[ 1387.238936][   T46] usb 4-1: USB disconnect, device number 71
[ 1387.344541][T16944] loop0: detected capacity change from 0 to 1024
[ 1387.357222][ T5291] usb 2-1: config 0 descriptor??
[ 1387.406891][T16944] EXT4-fs (loop0): Can't support bigalloc feature without extents feature
[ 1387.406891][T16944] 
[ 1387.421358][T16913] loop5: detected capacity change from 0 to 2048
[ 1387.451960][T16913] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1387.466206][T16913] ext4: Unknown parameter 'nouser_xattr'
[ 1387.557861][T15948] gspca_ov534_9: reg_w failed -71
[ 1387.996336][T15948] gspca_ov534_9: Unknown sensor 0000
[ 1387.996464][T15948] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[ 1388.041908][T15948] usb 6-1: USB disconnect, device number 21
[ 1388.173879][    C1] eth0: bad gso: type: 1, size: 1408
[ 1388.389042][T16950] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[ 1388.400648][T16953] loop5: detected capacity change from 0 to 8
[ 1388.715427][T16955] loop5: detected capacity change from 0 to 256
[ 1388.752616][T16955] MINIX-fs: mounting file system with errors, running fsck is recommended
[ 1390.213777][ T5294] usb 2-1: USB disconnect, device number 39
[ 1390.305853][T16966] loop1: detected capacity change from 0 to 256
[ 1390.313438][T16966] exfat: Deprecated parameter 'utf8'
[ 1390.318918][T16966] exfat: Bad value for 'errors'
[ 1390.578258][T16972] loop4: detected capacity change from 0 to 256
[ 1390.691748][T16972] exfat: Deprecated parameter 'utf8'
[ 1390.786559][T16973] loop1: detected capacity change from 0 to 1024
[ 1390.799152][ T5300] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1391.063981][T16972] exfat: Bad value for 'errors'
[ 1391.816356][T16981] ebtables: ebtables: counters copy to user failed while replacing table
[ 1392.366278][ T5291] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[ 1392.385800][T16986] loop3: detected capacity change from 0 to 4096
[ 1392.507825][T10576] Bluetooth: hci5: command 0x0406 tx timeout
[ 1392.632283][ T5291] usb 6-1: Using ep0 maxpacket: 8
[ 1392.641084][ T5291] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1392.677418][ T5291] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1392.702504][ T5291] usb 6-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00
[ 1392.722949][ T5291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1392.739810][T16992] loop4: detected capacity change from 0 to 4096
[ 1392.754065][ T5291] usb 6-1: config 0 descriptor??
[ 1392.780312][T16994] loop1: detected capacity change from 0 to 512
[ 1392.816859][T16994] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1392.841277][T16994] UDF-fs: Scanning with blocksize 512 failed
[ 1392.863786][T16994] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1392.888709][T16994] UDF-fs: Scanning with blocksize 1024 failed
[ 1392.906827][T16994] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[ 1392.922701][T16994] UDF-fs: Scanning with blocksize 2048 failed
[ 1392.931959][T16994] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1392.962711][T16994] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1393.422881][T13048] Bluetooth: Frame is too long (len 10, expected len 9)
[ 1395.051445][T10576] Bluetooth: hci4: command 0x0406 tx timeout
[ 1395.276013][T17007] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[ 1395.540295][T17015] loop3: detected capacity change from 0 to 1024
[ 1396.006867][T17015] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1396.394693][T17015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1396.699025][T17025] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2996'.
[ 1396.984585][T13048] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1396.997151][T13048] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1397.006652][T13048] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1397.110768][T13048] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1397.120677][T13048] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1397.137073][T13048] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1397.476289][T17040] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1397.813574][ T1254] ieee802154 phy0 wpan0: encryption failed: -22
[ 1397.829269][ T1254] ieee802154 phy1 wpan1: encryption failed: -22
[ 1398.225504][ T5291] usbhid 6-1:0.0: can't add hid device: -32
[ 1398.238478][ T5291] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[ 1398.298329][T17044] smb3: Bad value for 'gid'
[ 1398.320523][T17044] smb3: Bad value for 'gid'
[ 1398.612107][ T5294] usb 6-1: USB disconnect, device number 22
[ 1399.471479][T13048] Bluetooth: hci6: command tx timeout
[ 1399.827887][T17032] chnl_net:caif_netlink_parms(): no params data found
[ 1400.284968][T17072] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3010'.
[ 1400.312529][T17078] loop4: detected capacity change from 0 to 1024
[ 1400.384963][T17032] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1400.392013][T17078] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1400.412607][T17032] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1400.462534][T17032] bridge_slave_0: entered allmulticast mode
[ 1400.478004][T17032] bridge_slave_0: entered promiscuous mode
[ 1400.513457][T17032] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1400.559849][T17085] loop5: detected capacity change from 0 to 2048
[ 1400.567135][T17085] nilfs2: Unknown parameter ''
[ 1400.615832][T17032] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.643648][T17032] bridge_slave_1: entered allmulticast mode
[ 1400.674649][T17032] bridge_slave_1: entered promiscuous mode
[ 1400.854063][T17085] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1401.067258][T17032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1401.111430][T16087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1401.135452][T17032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1401.343542][T17032] team0: Port device team_slave_0 added
[ 1401.378136][T17032] team0: Port device team_slave_1 added
[ 1401.631704][T17032] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1401.678076][T17032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1401.722185][T13048] Bluetooth: hci6: command tx timeout
[ 1401.734218][T17032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1401.749010][T17032] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1401.763364][T17032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1401.930740][T17032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1402.101420][T17104] loop4: detected capacity change from 0 to 1024
[ 1402.204872][T17104] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1402.290782][T17104] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1402.322144][T17032] hsr_slave_0: entered promiscuous mode
[ 1402.367715][T17032] hsr_slave_1: entered promiscuous mode
[ 1402.417231][T17032] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1402.459328][T17032] Cannot create hsr debugfs directory
[ 1402.720506][T17117] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3024'.
[ 1402.730419][T17117] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1402.913909][   T25] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1402.934505][T17124] loop0: detected capacity change from 0 to 164
[ 1402.955589][T17124] loop0: detected capacity change from 0 to 195
[ 1403.001337][ T5306] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1403.010566][T17124] loop0: detected capacity change from 0 to 195
[ 1403.065174][T17124] loop0: detected capacity change from 0 to 195
[ 1403.095676][T17124] loop0: detected capacity change from 0 to 195
[ 1403.124318][T17124] loop0: detected capacity change from 0 to 195
[ 1403.151854][T17124] loop0: detected capacity change from 0 to 195
[ 1403.155035][   T25] usb 5-1: Using ep0 maxpacket: 8
[ 1403.165815][T17124] loop0: detected capacity change from 0 to 195
[ 1403.181920][T17124] loop0: detected capacity change from 0 to 195
[ 1403.189328][   T25] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1403.196891][T17124] loop0: detected capacity change from 0 to 195
[ 1403.217296][ T5306] usb 6-1: Using ep0 maxpacket: 8
[ 1403.221134][   T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1403.224209][T13891] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1403.248665][T17124] loop0: detected capacity change from 0 to 195
[ 1403.257967][ T5306] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1403.266149][   T25] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 42157, setting to 1024
[ 1403.286130][ T5306] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1403.298485][   T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1403.299714][T17124] loop0: detected capacity change from 0 to 195
[ 1403.319046][ T5306] usb 6-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00
[ 1403.327857][   T25] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1403.339850][ T5306] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1403.368988][   T25] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1403.378071][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1403.386135][T17124] loop0: detected capacity change from 0 to 195
[ 1403.410629][ T5306] usb 6-1: config 0 descriptor??
[ 1403.424545][T17124] loop0: detected capacity change from 0 to 195
[ 1403.442102][T17124] loop0: detected capacity change from 0 to 195
[ 1403.499684][T17124] loop0: detected capacity change from 0 to 195
[ 1403.510558][ T5242] Bluetooth: hci3: command tx timeout
[ 1403.518969][T13891] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1403.544079][T17124] loop0: detected capacity change from 0 to 195
[ 1403.591346][T17124] loop0: detected capacity change from 0 to 195
[ 1403.627730][T17124] loop0: detected capacity change from 0 to 195
[ 1403.965016][ T5242] Bluetooth: hci6: command tx timeout
[ 1403.999090][T17124] loop0: detected capacity change from 0 to 195
[ 1404.424162][T13891] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1404.846977][T13891] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1405.498155][ T5242] Bluetooth: Frame is too long (len 10, expected len 9)
[ 1405.514990][ T5242] ==================================================================
[ 1405.523081][ T5242] BUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70
[ 1405.530573][ T5242] Read of size 8 at addr ffff88806545bb30 by task kworker/u9:7/5242
[ 1405.538683][ T5242] 
[ 1405.541016][ T5242] CPU: 1 UID: 0 PID: 5242 Comm: kworker/u9:7 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[ 1405.549858][T17141] loop1: detected capacity change from 0 to 1024
[ 1405.552115][ T5242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1405.552137][ T5242] Workqueue: hci1 hci_rx_work
[ 1405.573216][ T5242] Call Trace:
[ 1405.576934][ T5242]  <TASK>
[ 1405.580053][ T5242]  dump_stack_lvl+0x241/0x360
[ 1405.584757][ T5242]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1405.590233][ T5242]  ? __pfx__printk+0x10/0x10
[ 1405.594850][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.600493][ T5242]  ? _printk+0xd5/0x120
[ 1405.604661][ T5242]  ? __virt_addr_valid+0x183/0x530
[ 1405.609958][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.615597][ T5242]  print_report+0x169/0x550
[ 1405.620125][ T5242]  ? __virt_addr_valid+0x183/0x530
[ 1405.625245][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.630882][ T5242]  ? __virt_addr_valid+0x45f/0x530
[ 1405.636002][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.641657][ T5242]  ? __phys_addr+0xba/0x170
[ 1405.646181][ T5242]  ? __mutex_lock+0xfe/0xd70
[ 1405.650782][ T5242]  kasan_report+0x143/0x180
[ 1405.655310][ T5242]  ? __mutex_lock+0xfe/0xd70
[ 1405.659917][ T5242]  __mutex_lock+0xfe/0xd70
[ 1405.664358][ T5242]  ? l2cap_conn_unreliable+0x39/0x1a0
[ 1405.669748][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.675390][ T5242]  ? bt_err+0x127/0x180
[ 1405.679557][ T5242]  ? __pfx___mutex_lock+0x10/0x10
[ 1405.684608][ T5242]  ? __pfx_bt_err+0x10/0x10
[ 1405.689114][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.694756][ T5242]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1405.700404][ T5242]  l2cap_conn_unreliable+0x39/0x1a0
[ 1405.705613][ T5242]  l2cap_recv_acldata+0x50f/0x1560
[ 1405.710733][ T5242]  ? hci_conn_hash_lookup_handle+0x21/0x240
[ 1405.716637][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1405.722276][ T5242]  ? hci_conn_hash_lookup_handle+0x226/0x240
[ 1405.728270][ T5242]  hci_rx_work+0x50f/0xca0
[ 1405.732707][ T5242]  ? process_scheduled_works+0x945/0x1830
[ 1405.738434][ T5242]  process_scheduled_works+0xa2e/0x1830
[ 1405.744026][ T5242]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1405.750020][ T5242]  ? assign_work+0x364/0x3d0
[ 1405.754618][ T5242]  worker_thread+0x86d/0xd40
[ 1405.759232][ T5242]  ? __kthread_parkme+0x169/0x1d0
[ 1405.764271][ T5242]  ? __pfx_worker_thread+0x10/0x10
[ 1405.769557][ T5242]  kthread+0x2f2/0x390
[ 1405.773626][ T5242]  ? __pfx_worker_thread+0x10/0x10
[ 1405.778740][ T5242]  ? __pfx_kthread+0x10/0x10
[ 1405.783338][ T5242]  ret_from_fork+0x4d/0x80
[ 1405.787771][ T5242]  ? __pfx_kthread+0x10/0x10
[ 1405.792631][ T5242]  ret_from_fork_asm+0x1a/0x30
[ 1405.797682][ T5242]  </TASK>
[ 1405.800712][ T5242] 
[ 1405.803203][ T5242] Allocated by task 13048:
[ 1405.807619][ T5242]  kasan_save_track+0x3f/0x80
[ 1405.812306][ T5242]  __kasan_kmalloc+0x98/0xb0
[ 1405.816916][ T5242]  __kmalloc_cache_noprof+0x19c/0x2c0
[ 1405.822326][ T5242]  l2cap_conn_add+0xa9/0x8e0
[ 1405.826934][ T5242]  l2cap_connect_cfm+0x136/0x1220
[ 1405.831969][ T5242]  hci_remote_features_evt+0x538/0xaf0
[ 1405.837467][ T5242]  hci_event_packet+0xac4/0x1540
[ 1405.842424][ T5242]  hci_rx_work+0x3e8/0xca0
[ 1405.846855][ T5242]  process_scheduled_works+0xa2e/0x1830
[ 1405.852408][ T5242]  worker_thread+0x86d/0xd40
[ 1405.857015][ T5242]  kthread+0x2f2/0x390
[ 1405.861074][ T5242]  ret_from_fork+0x4d/0x80
[ 1405.865520][ T5242]  ret_from_fork_asm+0x1a/0x30
[ 1405.870297][ T5242] 
[ 1405.872616][ T5242] Freed by task 13048:
[ 1405.876683][ T5242]  kasan_save_track+0x3f/0x80
[ 1405.881391][ T5242]  kasan_save_free_info+0x40/0x50
[ 1405.886427][ T5242]  poison_slab_object+0xe0/0x150
[ 1405.891385][ T5242]  __kasan_slab_free+0x37/0x60
[ 1405.896168][ T5242]  kfree+0x149/0x360
[ 1405.900075][ T5242]  l2cap_connect_cfm+0x11f/0x1220
[ 1405.905117][ T5242]  hci_conn_failed+0x1f8/0x340
[ 1405.909902][ T5242]  hci_abort_conn_sync+0x583/0xde0
[ 1405.915042][ T5242]  hci_cmd_sync_work+0x22d/0x400
[ 1405.919986][ T5242]  process_scheduled_works+0xa2e/0x1830
[ 1405.925535][ T5242]  worker_thread+0x86d/0xd40
[ 1405.930142][ T5242]  kthread+0x2f2/0x390
[ 1405.934210][ T5242]  ret_from_fork+0x4d/0x80
[ 1405.938647][ T5242]  ret_from_fork_asm+0x1a/0x30
[ 1405.943429][ T5242] 
[ 1405.945752][ T5242] Last potentially related work creation:
[ 1405.951466][ T5242]  kasan_save_stack+0x3f/0x60
[ 1405.956147][ T5242]  __kasan_record_aux_stack+0xac/0xc0
[ 1405.961625][ T5242]  insert_work+0x3e/0x330
[ 1405.965956][ T5242]  __queue_work+0xc8b/0xf50
[ 1405.970463][ T5242]  call_timer_fn+0x190/0x650
[ 1405.975103][ T5242]  __run_timer_base+0x695/0x8e0
[ 1405.979982][ T5242]  run_timer_softirq+0xb7/0x170
[ 1405.984847][ T5242]  handle_softirqs+0x2c6/0x970
[ 1405.989621][ T5242]  __irq_exit_rcu+0xf4/0x1c0
[ 1405.994251][ T5242]  irq_exit_rcu+0x9/0x30
[ 1405.998507][ T5242]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1406.004139][ T5242]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1406.010142][ T5242] 
[ 1406.012476][ T5242] Second to last potentially related work creation:
[ 1406.019319][ T5242]  kasan_save_stack+0x3f/0x60
[ 1406.024005][ T5242]  __kasan_record_aux_stack+0xac/0xc0
[ 1406.029593][ T5242]  insert_work+0x3e/0x330
[ 1406.033949][ T5242]  __queue_work+0xb66/0xf50
[ 1406.038474][ T5242]  queue_work_on+0x1c2/0x380
[ 1406.043252][ T5242]  l2cap_connect_cfm+0xec2/0x1220
[ 1406.048278][ T5242]  hci_remote_features_evt+0x538/0xaf0
[ 1406.053784][ T5242]  hci_event_packet+0xac4/0x1540
[ 1406.058744][ T5242]  hci_rx_work+0x3e8/0xca0
[ 1406.063268][ T5242]  process_scheduled_works+0xa2e/0x1830
[ 1406.068847][ T5242]  worker_thread+0x86d/0xd40
[ 1406.073632][ T5242]  kthread+0x2f2/0x390
[ 1406.077709][ T5242]  ret_from_fork+0x4d/0x80
[ 1406.082142][ T5242]  ret_from_fork_asm+0x1a/0x30
[ 1406.086933][ T5242] 
[ 1406.089264][ T5242] The buggy address belongs to the object at ffff88806545b800
[ 1406.089264][ T5242]  which belongs to the cache kmalloc-1k of size 1024
[ 1406.103491][ T5242] The buggy address is located 816 bytes inside of
[ 1406.103491][ T5242]  freed 1024-byte region [ffff88806545b800, ffff88806545bc00)
[ 1406.117378][ T5242] 
[ 1406.119699][ T5242] The buggy address belongs to the physical page:
[ 1406.126110][ T5242] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x65458
[ 1406.134880][ T5242] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1406.143481][ T5242] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1406.151028][ T5242] page_type: 0xfdffffff(slab)
[ 1406.155710][ T5242] raw: 00fff00000000040 ffff888015841dc0 dead000000000100 dead000000000122
[ 1406.164487][ T5242] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[ 1406.173078][ T5242] head: 00fff00000000040 ffff888015841dc0 dead000000000100 dead000000000122
[ 1406.181762][ T5242] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[ 1406.190616][ T5242] head: 00fff00000000003 ffffea0001951601 ffffffffffffffff 0000000000000000
[ 1406.199465][ T5242] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 1406.208128][ T5242] page dumped because: kasan: bad access detected
[ 1406.214562][ T5242] page_owner tracks the page as allocated
[ 1406.220264][ T5242] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 15065, tgid 15054 (syz.1.2483), ts 1176364619320, free_ts 1175156684888
[ 1406.241297][ T5242]  post_alloc_hook+0x1f3/0x230
[ 1406.246084][ T5242]  get_page_from_freelist+0x2e4c/0x2f10
[ 1406.251660][ T5242]  __alloc_pages_noprof+0x256/0x6c0
[ 1406.256885][ T5242]  alloc_slab_page+0x5f/0x120
[ 1406.261618][ T5242]  allocate_slab+0x5a/0x2f0
[ 1406.266165][ T5242]  ___slab_alloc+0xcd1/0x14b0
[ 1406.270853][ T5242]  __slab_alloc+0x58/0xa0
[ 1406.275243][ T5242]  __kmalloc_noprof+0x25a/0x400
[ 1406.280115][ T5242]  ieee802_11_parse_elems_full+0xdb/0x2880
[ 1406.285974][ T5242]  ieee80211_inform_bss+0x15f/0x1080
[ 1406.291406][ T5242]  cfg80211_inform_single_bss_data+0xe95/0x2030
[ 1406.297681][ T5242]  cfg80211_inform_bss_data+0x3dd/0x5a70
[ 1406.303405][ T5242]  cfg80211_inform_bss_frame_data+0x3bc/0x720
[ 1406.309527][ T5242]  ieee80211_bss_info_update+0x8a7/0xbc0
[ 1406.315176][ T5242]  ieee80211_scan_rx+0x526/0x9c0
[ 1406.320124][ T5242]  ieee80211_rx_list+0x2b02/0x3780
[ 1406.325248][ T5242] page last free pid 15058 tgid 15057 stack trace:
[ 1406.331756][ T5242]  free_unref_page+0xd22/0xea0
[ 1406.336578][ T5242]  __put_partials+0xeb/0x130
[ 1406.341193][ T5242]  put_cpu_partial+0x17c/0x250
[ 1406.345989][ T5242]  __slab_free+0x2ea/0x3d0
[ 1406.350417][ T5242]  qlist_free_all+0x9e/0x140
[ 1406.355034][ T5242]  kasan_quarantine_reduce+0x14f/0x170
[ 1406.360519][ T5242]  __kasan_slab_alloc+0x23/0x80
[ 1406.365411][ T5242]  __kmalloc_node_track_caller_noprof+0x1cd/0x440
[ 1406.371839][ T5242]  memdup_user+0x2b/0xc0
[ 1406.376225][ T5242]  raw_ioctl+0x1f03/0x3cd0
[ 1406.380652][ T5242]  __se_sys_ioctl+0xfe/0x170
[ 1406.385365][ T5242]  do_syscall_64+0xf3/0x230
[ 1406.389898][ T5242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.395846][ T5242] 
[ 1406.398264][ T5242] Memory state around the buggy address:
[ 1406.403894][ T5242]  ffff88806545ba00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1406.411992][ T5242]  ffff88806545ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1406.420072][ T5242] >ffff88806545bb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1406.428233][ T5242]                                      ^
[ 1406.433873][ T5242]  ffff88806545bb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1406.442034][ T5242]  ffff88806545bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1406.450111][ T5242] ==================================================================
[ 1406.468033][T13048] Bluetooth: hci6: command tx timeout
[ 1406.473541][ T5242] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1406.473561][ T5242] CPU: 1 UID: 0 PID: 5242 Comm: kworker/u9:7 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[ 1406.473593][ T5242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1406.501712][ T5242] Workqueue: hci1 hci_rx_work
[ 1406.506430][ T5242] Call Trace:
[ 1406.509714][ T5242]  <TASK>
[ 1406.512647][ T5242]  dump_stack_lvl+0x241/0x360
[ 1406.517345][ T5242]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1406.522558][ T5242]  ? __pfx__printk+0x10/0x10
[ 1406.527164][ T5242]  ? preempt_schedule+0xe1/0xf0
[ 1406.532027][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1406.537697][ T5242]  ? vscnprintf+0x5d/0x90
[ 1406.542047][ T5242]  panic+0x349/0x860
[ 1406.545978][ T5242]  ? check_panic_on_warn+0x21/0xb0
[ 1406.551098][ T5242]  ? __pfx_panic+0x10/0x10
[ 1406.555554][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1406.561634][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1406.567276][ T5242]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 1406.573267][ T5242]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1406.579606][ T5242]  ? print_report+0x502/0x550
[ 1406.584317][ T5242]  check_panic_on_warn+0x86/0xb0
[ 1406.589264][ T5242]  ? __mutex_lock+0xfe/0xd70
[ 1406.593899][ T5242]  end_report+0x77/0x160
[ 1406.598165][ T5242]  kasan_report+0x154/0x180
[ 1406.602687][ T5242]  ? __mutex_lock+0xfe/0xd70
[ 1406.607295][ T5242]  __mutex_lock+0xfe/0xd70
[ 1406.612430][ T5242]  ? l2cap_conn_unreliable+0x39/0x1a0
[ 1406.617806][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1406.623442][ T5242]  ? bt_err+0x127/0x180
[ 1406.627607][ T5242]  ? __pfx___mutex_lock+0x10/0x10
[ 1406.632663][ T5242]  ? __pfx_bt_err+0x10/0x10
[ 1406.637178][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1406.642815][ T5242]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1406.648475][ T5242]  l2cap_conn_unreliable+0x39/0x1a0
[ 1406.653687][ T5242]  l2cap_recv_acldata+0x50f/0x1560
[ 1406.658811][ T5242]  ? hci_conn_hash_lookup_handle+0x21/0x240
[ 1406.664718][ T5242]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1406.670386][ T5242]  ? hci_conn_hash_lookup_handle+0x226/0x240
[ 1406.676385][ T5242]  hci_rx_work+0x50f/0xca0
[ 1406.680861][ T5242]  ? process_scheduled_works+0x945/0x1830
[ 1406.686598][ T5242]  process_scheduled_works+0xa2e/0x1830
[ 1406.692183][ T5242]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1406.698186][ T5242]  ? assign_work+0x364/0x3d0
[ 1406.702791][ T5242]  worker_thread+0x86d/0xd40
[ 1406.707409][ T5242]  ? __kthread_parkme+0x169/0x1d0
[ 1406.712451][ T5242]  ? __pfx_worker_thread+0x10/0x10
[ 1406.717578][ T5242]  kthread+0x2f2/0x390
[ 1406.721647][ T5242]  ? __pfx_worker_thread+0x10/0x10
[ 1406.726771][ T5242]  ? __pfx_kthread+0x10/0x10
[ 1406.731364][ T5242]  ret_from_fork+0x4d/0x80
[ 1406.735795][ T5242]  ? __pfx_kthread+0x10/0x10
[ 1406.740387][ T5242]  ret_from_fork_asm+0x1a/0x30
[ 1406.745183][ T5242]  </TASK>
[ 1406.748569][ T5242] Kernel Offset: disabled
[ 1406.752977][ T5242] Rebooting in 86400 seconds..