last executing test programs:

18.636165832s ago: executing program 2 (id=1682):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff8c}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb0}}, 0x0)
sendmsg$IPSET_CMD_GET_BYINDEX(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0xf, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
chdir(0x0)
statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_TSC(0x1a, 0x3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$media(&(0x7f0000000000), 0x1, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r6, 0x80047c05, &(0x7f0000000040)=<r7=>0xffffffffffffffff)
poll(&(0x7f0000000100)=[{r7}], 0x1, 0x0)

17.68614979s ago: executing program 2 (id=1685):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d047008476100000001090212"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x7, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000013007b990000000000000000fc0000"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)

14.418199958s ago: executing program 2 (id=1691):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatacow}, {@flushoncommit}, {@nossd_spread}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380))
recvmsg(0xffffffffffffffff, 0x0, 0x40010000)
r1 = socket$kcm(0x29, 0x2, 0x0)
close(r1)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x2})

12.329406429s ago: executing program 2 (id=1699):
syz_usb_connect(0x0, 0x5e, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000063721c40b822484bf03f0102030109024c00011d1000000904000000fffbff00052d06000105"], 0x0)

11.634945956s ago: executing program 3 (id=1701):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d047008476100000001090212"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x7, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000013007b990000000000000000fc0000"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)

10.72797434s ago: executing program 0 (id=1703):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
faccessat(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0xa00}, {0x65, 0x0, 0x5}}, [@printk={@llx, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xc, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x4, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000140)={0x0, 0x3})
socket$inet(0x2, 0x2, 0x0)
r6 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r8, r8, 0x0, 0x10000a006)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x15, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x90)

9.699684795s ago: executing program 0 (id=1708):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb0}}, 0x0)
sendmsg$IPSET_CMD_GET_BYINDEX(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0xf, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
chdir(0x0)
statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_TSC(0x1a, 0x3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$media(&(0x7f0000000000), 0x1, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r6, 0x80047c05, &(0x7f0000000040)=<r7=>0xffffffffffffffff)
poll(&(0x7f0000000100)=[{r7}], 0x1, 0x0)

8.410648201s ago: executing program 0 (id=1710):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@lazytime}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nombcache}, {@quota}, {@quota}]}, 0xff, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
pwrite64(r1, &(0x7f0000000300)='{', 0x1, 0x0)
r2 = open(0x0, 0x0, 0x0)
copy_file_range(r2, 0x0, r0, &(0x7f00000000c0)=0x10000, 0x6, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f00000002c0)={0x0, 0xffff, 0x5})

8.1761189s ago: executing program 2 (id=1712):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x4000000000001ac, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000100)=ANY=[], 0x6)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)

8.101635156s ago: executing program 0 (id=1713):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a40)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
chdir(&(0x7f0000000140)='./file0\x00')
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x24001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x48, 0x0, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x4}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000004}, 0x8001)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff7e}, 0x90)
socket$packet(0x11, 0x0, 0x300)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001340)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebcaec033c75eb78820ad1d8ceb6f90b569e165002e702e1a206666d3c9d903ce78c73f778eae82d58317c634016a3e01ae29607f7b5ff253c607e4f60c0aa49021205073cdd574a3d4c25fbf79cc8ac99ff149ae54aa56286204e628dc2dfe4384ef74c8dac04ace6c5762d03f9e19942e4b6bbbb41fefc569cc23b3319d4ebc55551fecf8f936221e9787e744f2e1422baaa25b2f5bf59205190b7fe52f0641f149c5e00b764c493afadeaa04324783c268f48772b1c532d52d211865704db5fbafc3193385adc9855a1ad9ea0c05479329efd6c08ed22c5656eab2ea050f53bf441a9dfb4157d14b99214fa59b8b0e53200795762145a63d61c5c526edb03429e1e14072e1d7dff102fdb9801234bbbb8e0274a861dd60f3a21f129326b2f6fee61f690fa3967cdc5f6f9519282c48e28d6aa7d1b0ed07bdd72ebf1dd97b46f24ffde352095f4bffd6fdd0b9f0d60f16746f1c1ec46656cf94ae2237540c558c1863fb2ffd4619e5ee5b7aa5757e252b821e003fcef57f33cd70f19ec0b5f8098c030741147e8e4319109892fd56b22d261800b7107a393b9a7d835383e3504f5f2794f30914c4f8145ed446a06e3787eb32ab90abf595d45013c8b6d9c26cf4e60812b02427a4d2a8dcbdfaf8ace4e17f0f598676a5f26dc3615eddea77e1d68c857fbe2b39b67ccacd6afcea94b4f9592490c1a51e11f4ffc6dd4d4cdc44995b09864743b906e07a12c93045b654abf2faaf1127ee92698e09efee1d8d45ceb103973c3d1d5c98090d9af08789f867", 0x2e0}], 0x1}}], 0x1, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40040, 0x0, 0x0)
write(r0, &(0x7f0000004200)='t', 0x7ffff000)

7.872070835s ago: executing program 4 (id=1714):
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x48882, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x89)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = syz_open_dev$video(&(0x7f0000000180), 0x800, 0x0)
ioctl$VIDIOC_STREAMOFF(r2, 0x40045613, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x80, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f0000000080)='x', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
syz_open_dev$media(&(0x7f0000000040), 0x0, 0x0)
fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
r6 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
r7 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

6.757026196s ago: executing program 0 (id=1715):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
fsetxattr(r2, 0x0, 0x0, 0x0, 0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0}, 0x90)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x21, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x4d5337314ea54c74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, r3}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r3, r5, 0x1, 0x0, @val=@iter={0x0}}, 0x40)
socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000200)={0x3, &(0x7f0000000180)=[{0x4d}, {0x4d}, {0x6}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)

6.646883145s ago: executing program 1 (id=1716):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x32}}, 0x0)
getsockname$packet(r1, 0x0, &(0x7f00000000c0))
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="fe000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000540)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x13)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010000507000000070000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062726964676500000400028008000a00", @ANYRES32=r3], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0xffffffff, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r6}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0xd}]}, 0x28}}, 0x0)

5.685857714s ago: executing program 0 (id=1717):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000280)={'erspan0\x00', <r2=>0x0, 0x20, 0x80, 0x80000000, 0x4, {{0xc, 0x4, 0x1, 0x8, 0x30, 0x65, 0x0, 0xf1, 0x3e, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}, @multicast1, {[@generic={0x94, 0xd, "792ddd603e98c7405963c9"}, @timestamp={0x44, 0x4, 0xf8, 0x0, 0x5}, @end, @generic={0x86, 0x7, "9bb7d6ad60"}]}}}}})
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="4400000003060500250001000700000009bf4938273fa4370900020073797a31000000000900020073797a31000000000500010007000000d22aff3232880080ef49ca684966045a114137c88764eacd243142a3e34c16e90f010015549962086e2fd793f46595c35b"], 0x44}, 0x1, 0x0, 0x0, 0x8050}, 0x8001)
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip_tables_matches\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x5, 0x10, 0x1, 0x200, r1, 0xb2, '\x00', r2, r3, 0x3, 0x3, 0x4, 0xd}, 0xffffffffffffff6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
syz_read_part_table(0x5fd, &(0x7f0000001a40)="$eJzs2z9olGccB/DvxVzOP9B0cHKpcegkFMXRDFWSU7EQTqUQHLS1iJgpQuCkhwc6tBkUM0jHLlK4ReNkzOBQFIXORRxahAwuBV2kdshbrvc2rfaPR8kNxc9n+T338rvn+/zgWZ/wvzaUarkqar+VDz751/5i9I91O8c6E5MHi6IojiaVHE81Y9++s5hkOK/umh1JRv60z/WvNy9/+fxAtfP4yIv3T9ybH1rbs5Z3k2wZeePRa/1PyaDcGL8/evHSbP1y90e9tbL6cXLz2URj6fD8wuKh6v5T3e8Xkgdlf+9ibMq5NHM+Z3Ny+L+kVl7Jb3fzm+NnHtVbK191nuxa3Vbv3D699+X25St3dydz3Yip1/6XN9+vvqzNX+bPjV2dXmjt23lr67U9zTsPG083/Fz0lJHV9ckFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAwbozfH714abZ+uTl+5lG9tfLF9999dPPZRGPp8PzC4qGR/afKvgdlHS7ruTRzPmdzMjOZyWeZ7T9yuvKP+b9sTp7sWt1W79w+vffl5PKVu7vLvqn1GPZvvD7/3NjV6YXWvp23tl7b07zzsPF0Q69vppZPU+2tawM6CwAAAAAAAAAAAAAAAAAAAG+vicmD26c+bBxNKjm+MclPnw91vxflI/ff3+rvKOsPtWRTkusbk/bzA9XO4yMvRk7cm/+x7G+nlnaSLd8sHUveW8u58JfkyqBHow+/BgAA//8hVpWc")
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@map=0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
ioctl$LOOP_CLR_FD(r4, 0x4c01)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)

5.621077419s ago: executing program 3 (id=1718):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
faccessat(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0xa00}, {0x65, 0x0, 0x5}}, [@printk={@llx, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xc, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x4, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000140)={0x0, 0x3})
socket$inet(0x2, 0x2, 0x0)
r6 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r8, r8, 0x0, 0x10000a006)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x15, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x90)

5.282487917s ago: executing program 1 (id=1719):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x40004, 0x1, 0x113a, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x8000000}, 0x48)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20010, 0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x40000000004)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x33)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0xff, 0x203, &(0x7f0000000780)="$eJzsmbGLE0EUxr+Z3ezGQwQLLWxiceAJ3uZ201xjoa0Iwp2oZfDWI7pJJNkiCQgGGxsbO/8RhdR2NmJhpaKCYGFKGwVHZnY2mWTN6iYEi3u/YvjmzcybN2/23sAFBEEcWT5/+v7xyeXd/QsAjmMTrrZ/taZzuDH/3TOrpOXL1okHo3l/DIAQ0779l/0dvP/wVG6OxK0QP4Q5vql97oMrLbkOjvNa3wCDl8YqJIkMwXBLm+8aun1Miyhkt9vRwZ1GFO7IxpdNIJsaIGbiHw8ZDgCU9RbMiK/bH9yrR0AnEVGYipJI98kMFRV5+VPxXeK4aKRA3tfNx4+Gsu9p+46RPx8cvtY1MOxpvQsXnudVdDf0jfOfsaf+LXltM+f/15OUV0tEUXFyO3dOeoh1h/FLrMWzs9QVrEfIOIqv4pXsKqeYH2eJmNm8Rf5BTyynx6NX2VVf/mt6VxOqcAHIDL3ZiKKrpuX1FS1Ozfg5a+bHEOkXuPCTSOoHs4FzRn2yjVehGjfvV7v9wXajWT8MD8NWENSAh6rEqtpcVW1O/Sur+rRh+C8tmOswB716HHf8HhB3/Ek/SFqj4u49b39Ta7iqfxxbP4VInxd1bPfPe6j3z03WMdXbshYGTxAEQRAEQRAEQRAEQRAEkUPlbcaCF9D/q2Tpb2JZ7OCamv07AAD//6KhYw4=")
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

4.106543614s ago: executing program 3 (id=1720):
creat(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x4e0c01)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd600a8435001c0600000000000000000000a652ff00000000fe80000000aa000004"], 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0)
ioctl$SNDCTL_DSP_STEREO(r4, 0x40045010, &(0x7f0000000080))
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
poll(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x15, 0xe, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x90)
r6 = openat$mixer(0xffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d03, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, 0x0)
writev(r4, &(0x7f0000001780)=[{&(0x7f0000001580)="318626e0b336236ef1ce05b3d9be7d346a77bbbd96328f5b65f1f9441c841b07aacf0e76a1ee2f363045254d1fa11c93b95d372eb2476a3cf28b2979cb08e11e0212f56ad7cf40d073cac9c1b66cbc29c48bf33c584c7ec35967aa13611656c02b473e2f461a8bdea1ab0356ca2b9d91778e57618987ce3b69716d5883a81617d47b", 0x82}, {&(0x7f0000001640)="1efdf348290f875913c8658596a46885fddaf7", 0x13}, {&(0x7f0000001680)="e89e61d28f1bbc27ffec42b2bd86c27427e2e040c9b7ae3752f77b9699276894e8e8626289a0ab7c41e6f276a32d827aee4020c7987d323076106e00b447e00bf48f31f39fcc7f235a994c0586933b6e2be60d46c970f24a6c0e697ace876e7818983d4458a62b26c930a00ec5916b72a22f4ce1903b8760f01f99eac1e30210d0294ec2dc9e344a22605f72544c", 0x8e}, {&(0x7f0000001740)="e5f73b2049ba57da052068761263eda68a055bc0bea5c466d75a9cb58436110ddc34300b365156", 0x27}], 0x4)

3.746708103s ago: executing program 1 (id=1721):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb0}}, 0x0)
sendmsg$IPSET_CMD_GET_BYINDEX(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0xf, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
chdir(0x0)
statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_TSC(0x1a, 0x3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$media(&(0x7f0000000000), 0x1, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r6, 0x80047c05, &(0x7f0000000040)=<r7=>0xffffffffffffffff)
poll(&(0x7f0000000100)=[{r7}], 0x1, 0x0)

3.676358879s ago: executing program 4 (id=1722):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.current\x00', 0x275a, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)=ANY=[@ANYBLOB="020000"], 0x8)

2.798128391s ago: executing program 3 (id=1723):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@lazytime}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nombcache}, {@quota}, {@quota}]}, 0xff, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
pwrite64(r1, &(0x7f0000000300)='{', 0x1, 0x0)
r2 = open(0x0, 0x0, 0x0)
copy_file_range(r2, 0x0, r0, &(0x7f00000000c0)=0x10000, 0x6, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f00000002c0)={0x0, 0xffff, 0x5})

2.747649015s ago: executing program 1 (id=1724):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_opts(r0, 0x29, 0x48, 0x0, 0x0)

2.617220556s ago: executing program 1 (id=1725):
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0x6f, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5d, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, ';'}, {0x5, 0x24, 0x0, 0xfffe}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x4abe, 0x0, 0x2f}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x0, 0x1}}}}}}}]}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000400)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff0802110000"], 0x6f4}}, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

2.599934897s ago: executing program 4 (id=1726):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a40)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
chdir(&(0x7f0000000140)='./file0\x00')
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x24001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x48, 0x0, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x4}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000004}, 0x8001)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff7e}, 0x90)
socket$packet(0x11, 0x0, 0x300)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001340)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebcaec033c75eb78820ad1d8ceb6f90b569e165002e702e1a206666d3c9d903ce78c73f778eae82d58317c634016a3e01ae29607f7b5ff253c607e4f60c0aa49021205073cdd574a3d4c25fbf79cc8ac99ff149ae54aa56286204e628dc2dfe4384ef74c8dac04ace6c5762d03f9e19942e4b6bbbb41fefc569cc23b3319d4ebc55551fecf8f936221e9787e744f2e1422baaa25b2f5bf59205190b7fe52f0641f149c5e00b764c493afadeaa04324783c268f48772b1c532d52d211865704db5fbafc3193385adc9855a1ad9ea0c05479329efd6c08ed22c5656eab2ea050f53bf441a9dfb4157d14b99214fa59b8b0e53200795762145a63d61c5c526edb03429e1e14072e1d7dff102fdb9801234bbbb8e0274a861dd60f3a21f129326b2f6fee61f690fa3967cdc5f6f9519282c48e28d6aa7d1b0ed07bdd72ebf1dd97b46f24ffde352095f4bffd6fdd0b9f0d60f16746f1c1ec46656cf94ae2237540c558c1863fb2ffd4619e5ee5b7aa5757e252b821e003fcef57f33cd70f19ec0b5f8098c030741147e8e4319109892fd56b22d261800b7107a393b9a7d835383e3504f5f2794f30914c4f8145ed446a06e3787eb32ab90abf595d45013c8b6d9c26cf4e60812b02427a4d2a8dcbdfaf8ace4e17f0f598676a5f26dc3615eddea77e1d68c857fbe2b39b67ccacd6afcea94b4f9592490c1a51e11f4ffc6dd4d4cdc44995b09864743b906e07a12c93045b654abf2faaf1127ee92698e09efee1d8d45ceb103973c3d1d5c98090d9af08789f867", 0x2e0}], 0x1}}], 0x1, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40040, 0x0, 0x0)
write(r0, &(0x7f0000004200)='t', 0x7ffff000)

2.519225054s ago: executing program 3 (id=1727):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fcb602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYBLOB="3db1bd3c9389ce300f92cc8091d7dfbdcfffeed8bb90e543382e29209562d6483c6fcfdf79d0b465e6bc8ea70762049054a683ca4394e098765d85fa3b798fc191119debc7d45cce724609d275eabc974abf88d2270db005808488efc289084aff3069b2b0a78cdfa1f780c10f6c51d7c9ced6ab3e8a7aa716d5ebe1e8cb6255366a32ca4bfad14e3b1315ec", @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRES64], 0x1, 0x620f, &(0x7f000000cb40)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW73+DJdPT6/nzSu+vpUTZ/yv6svU1V9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIH/7gx2eqiLj0q3TDsYjPRT+iF7HS1GsRsbJ2LC8/iIgXYrs5no+I4VJElRufjXg9Ij4+GnH33q315qaz++zH9//yzz/85MiP/vGn4an//fVG/41py928+dv//u32o28vAAAAlKiu67pKH/OPp8/3va47BQDMRX79r5N8u3rh6s0F649arVarD2HdVk92u11ExGZ7neY9g8PxAHDIbMYnXXeBDsm/aIOIONJ1J4CFVnXdAQ7E3Xu31quUb9V+PVjbac/nguzJf7Pavb5j2nSW8XNM5vX42op+PDelPytz6sMiyfn3xvO/tNM+SssddP7zMi3/0c6lT8XJ+ffH8x/z9OTfm5h/qXL+g4fKvy9/AAAAAABYYPnv/8c6Pv679Pibsi8POv67Nqc+AAAAAAAAAMCT9rjj/+2qjP8HAAAAi6r5rN743dH7t037Lrbm9otVxDNjywOFSRfLrHbdDwAAAAAAAAAAAAAoyWDnHN6LVcQwIp5ZXa3ruvlpG68f1uOuf9iVvv1Qsq6f5AEAYMfHR8eu5a8iliPiYvquv+Hq6mpdL6+s1qv1ylJ+PztaWq5XWp9r87S5bWm0jzfEg1Hd/LLl1nptsz4vz2of/33NfY3q/j46Nh8dBg4AEbHzanTXK9JTpq6fja7f5XA4TNr/+908bHlC7P/sR9ePUwAAAODg1XVdV+nrvI+nY/69rjsFAMxFfv0fPy6gVqvVarX66avb6slut4uI2Gyv07xnMBw/ABwym/FJ112gQ/Iv2iAiXui6E8BCq7ruAAfi7r1b61XKt2q/HqTx3fO5IHvy36y218vrT5rOMn6OybweX1vRj+em9Of5OfVhkeT8e+P5X9ppH6XlDjr/eZmWf7OdxzroT9dy/v3x/Mc8Pfn3JuZfqpz/4KHy78sfAAAAAAAWWP77/7GFOv47etTNmelBx3/XDuxeAQAAAAAAAOBg3b13az1f95qP/39hwnKu/3w65fwr+Rcp598by/+rY8u1xwO+8/b9/P9z79b6H2/8+/N5ut/8l/JMlR5ZVXpEVOmeqkGaPs7WfdbWsD9q7mlY9fqDdM5PPXw3rsTV2IjTe5btpf+P++1n9rQ3PR1ut9f9nfaze9oHu+15/XN72ofpTKd6JbefjPX4eVyNd7bbm7alGdu/PKO9ntGe8+/b/4uU8x+0fpr8V1N7NTZt3Pmo95n9vj2ddD9vXfnib04f/ObMtBX93W1ra7bvpQ76s/1/cmQUv7y+ce3kzcs3blw7E2my59azkSZPWM5/mH52n/9f3mnPz/vt/fXOR6OHzn9RbMVgav4vt+ab7X1lzn3rQs5/lH5y/u+k9sn7/2HOf/r+/2oH/QEAAAAAAAAAAAAAAIAHqet6+xLRtyLifLr+p6trMwGA+cqv/3WSb59X3X/U9f+8dzu66r9aPee6WrD+zLX+tF6s/qjVh7Fuqyd7s11ExN/b6zTvGX496ZcBAIvs04j4V9edoDPyL1j+vr9meqLrzgBzdf2DD396+erVjWvXu+4JAAAAAAAAAPCo8vifa63xn0/UdX17bLk947++HWuPO/7nIM/sDjA6ZaDq/sNv04Ns9Ub9Xmu48Rdj2vjfw925B43/PZhxf8MZ7aMZ7Usz2pdntE+80KMl5/9ia7zzExFxfGz49RLGfx0f874EOf+XWo/nJv+vjC3Xzr/+/WHOv7cn/1M33v/FqesffPjalfcvv7fx3sbPzp05c/rc+fMXLlw49e6Vqxund/7tsMcHK+efx752HmhZcv45c/mXJef/pVTLvyw5/y+nWv5lyfnn93vyL0vOP3/2kX9Zcv6vpFr+Zcn5fy3V8i9Lzv/VVMu/LDn/r6da/mXJ+b+WavmXJed/MtXyL0vO/1Sq95n/ykH3i/nI+ecjXPb/suT885kN8i9Lzv9squVflpz/uVTLvyw5/9dTLf+y5Py/kWr5lyXnfz7V8i9Lzv+bqZZ/WXL+F1It/7Lk/L+VavmXJef/7VTLvyw5/zdSLf+y5Py/k2r5lyXn/91Uy78sOf/vpVr+Zcn5v5lq+Zfl/vf/mzFjxkye6fqZCQAAAAAAAAAAAAAYN4/TibveRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+D87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIddb3Az+zb147kBgI+Tv5m7B2jDHOJrt+iV9oXUx4bXgrCaHQF2zXuzYLfsNrl0Cj2lGgRMKoqKJtuGgLCLW5qbAqLmgFKBeoVaVKpL2gN4gKlYuoCiggVaIVZKuZ8zzPzszOzqy9482Zcz4fify8M2fmnDnzzOx+bb47AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GzLm2Y/U8uyrFar5RdszLKX1Of6iY2NS17/4h4fAAAAsHq/bPz3+VvSBYdXcKOmbf7pzu9+fWFhYSH7wPCfjn5hYSFdMZFlo+uyrHFddPWHH6w1bxM8no3Xhpq+Huqx++Ee14/0uH60x/VjPa5f1+P68R7XLzkBS6zPaunOtjX+uDE/pdmt2Wjjum0dbvV4bd1Q/dyl22a1xm0WRk9kc9mpbDabbtk+37bW2P6bW+r7ensW9zXUtK/N9RXy00ePx2OohXO8rWVfi/cZ/fiN2cTPfvro8b++8NztnWbP09Byf/lx7thaP85PhUvyY61l69I5icc51HScmzs8J8Mtx1lr3K7+5/bjfH6Fxzm8eJhrqv05H8+GGn9+pnGeRmpZh/O0OVz287uyLLu8eNjt2yzZVzaUbWi5ZGjx+RnPV2T9PupL6eXZyDWt0y0rWKf1ObOtdZ22vybi878l3G5kmWNofpp+/NhY0/P+i4XrWadR/VEv91ppX4P9fq0UZQ3GdfFM40E/0XENbguP/9Hty6/BjmunwxpMj7tpDW7ttQaHxoYbx5yehFrjNotrcFfL9sONPdUa89nt3dfg1IXT56bmP/HJe+ZOHzs5e3L2zJ5du6b37Nt34MCBqRNzp2an8/9e59kuvg3ZUHoNbA3nLr4GXtu2bfNSXfjy2JL33+t9HY53eR1ubNu236/DkfYHV1ubF+TSNZ2/Nt5XP+njV4ayZV5jjedn5+pfh+lxN70OR5pehx2/p3R4HY6s4HVY3+bczpX9zDLS9L9Ox7D894LVrcGNTWuw/eeR9jXY759HirIGx8O6+P7O5b8XbA7H+8Tktf48MrxkDaaHG9576pekn/fHDzRGp3V5R/2Km8ayi/Oz5+995NiFC+d3ZWGsiVc0rZX29bqh6TFlS9br0DWv18Nzdz5xR4fLN4ZzNX5P/T/jyz5X9W323tv9uWp8d+t8Plsu3Z2F0WdrfT47fTevn8+xLPvidx578FuPfvFNy57Pet781NTqfxZPubTp/Xd0mfffmPtfyPeX7urx4dGR/PU7nM7OaMv7cetTNdJ476o19v381Mrej0fD/9b6/fjWLu/Hm9q27ff78Wj7g4vvx7Vef9uxOu3P53hYJ6emu78f17fZtPta1+RI1/fju8KshfP/upAUUi5qWjvLrdu0r5GR0fC4RuIeWtfpnpbt43qr7+up3de3Tnfcld/XcHp0i9ZqnU60bdvvdZr+7mu5dVrr9bdv16f9+RwP6+LWPd3XaX2bp/eu/r1zffxj03vnWK81ODo8Vj/m0bQIG+/32cL6uAbvzY5nZ7NT2Uzj2rHGeqo19jV538rW4Fj431q/V27qsgZ3tG3b7zWYvo8tt/ZqI0sffB+0P5/jYV08eV/3NVjf5s37+/uz645wSdqm6WfX9r9fW+7vvO5oO003aq2MhOP8zv7ufzdb3+bUgWvNmd3P093hkps6nKf21+9yr6mZbG3O06ZwnM8dWP481Y+nvs0XDq5wPR3OsuzSx+5v/H1v+PeVv7v4va+3/LtLp3/TufSx+3/y0hP/eC3HD8DgeyEfG/LvdU3/MrWSf/8HAAAABkLM/UNhJvI/AAAAlEbM/fH/FZ7I/wAAAFAaMfePhJlUJP9vevNzcy9cylIzfyGI16fT8EC+Xey4ToevJxYW1S+//6uz//0Pl1a276Esy37xwB903H7TA/G4chPhOK++pfXyJb5+z4r2ffThS2m/zf31L4X7j49npcugUwV3Osuyb97yucZ+Jj54pTGffuBoYz54+YnH69s8fzD/Ot7+2Vfk2/9FKP8ePnGs5fbPhvPwozCn39H5fMTbfe3K6zbvf//i/uLtaltvbjzsJz+U32/8PTmffzzfPp7n5Y7/W5996mv17R95TefjvzTU+fifCvf71TD/51X59s3PQf3reLtPh+OP+4u3u/cr3+54/Fc/k29/7q35dkfDjPvfEb7e9tbn5prP1yO1Yy2PK3tbvl3c//T3/rhxfby/eP/txz9+5ErL+WhfH0//W34/U23bx8vjfqK/b9t//X6a12fc/1N/dLTlPPfa/9UHn31V/X7b939323bnPrazsf/F+2v9jU1/+enPddxfPJ7Df3uu5fEcfm94HYf9P/mhsB7D9f97Nb+/9t+ucPS9re8/cfsvbbzU8niit/8s3//VN5xszHXj6zfc9JKX3nz51fVzl2XPrMvvr9f+T/7V2Zbj//Jt+fmI18eOfvv+lxP3f/7jk2fOzl+cm0ln9dFbGr8755358cTjvSW8t7Z/feTshQ/Pnp+YnpjOsony/gq96/aVMH+Sj8vdt15Y8g668+HwfN7x59/csP1fPxsv//f35ZdfeUf+feu1YbvPh8s3hufv2va/1JNbbmu8vmtPhyNcWPr7gldj87b/OrCiDcPjb/+5IK73c6/8cOM81K9rfN+Ir+tVHv8PZvL7+UY4rwvhNzNvvW1xf83bx9+NcOWh/PW+6vMX3ubi8/o34fl+14/y+4/HFR/vD8LPMd/e1Pp+F9fHNy4Ntd9/47d4XA7vJ9nl/Pq4VTzfV56/rePhxd9Dkl2+vfH1n6T7uf2aHuZy5j8xP3Vq7szFR6YuzM5fmJr/xCePnD578cyFI43f5XnkI71uv/j+tKHx/jQzu29v1ni3OpuPG+zFPv5zDx+f2T+9fWb2xLGLJy48fG72/Mnj8/PHZ2fmtx87cWL2471uPzdzaNfug3v27548OTdz6MDBg3sOTs6dOVs/jPygetg3/dHJM+ePNG4yf2jvwV333bd3evL02ZnZQ/unpycv9rp943vTZP3Wvz95fvbUsQtzp2cn5+c+OXto18F9+3b3/G2Ap8+dmJ+YOn/xzNTF+dnzU/ljmbjQuLj+va/X7Smn+f/If55tV8t/EV/2nrv3pd/PWvfVx5a9q3yTtl8g+lz4XTT//LJzB1bydcz9o2EmFcn/AAAAUAUx94+Fmcj/AAAAUBox968LM5H/AQAAoDRi7h8PM6lI/i9d/3/TpRXtX/9f/7/5fOn/V6z//1DR+v/5+4X+f3+stn+v/x/o/+v/6//r/+v/0wdF6//H3L8+yyqZ/wEAAKAKYu7fEGYi/wMAAEBpxNx/U5iJ/A8AAAClEXP/S8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+/1RWrf7/5X4ev/6//j9LFa3/H3P/S8NMKpL/AQAAoApi7r85zET+BwAAgNKIuf+WMBP5HwAAAEoj5v6NYSYVyf/6//r/+v/6//r/nfev/z+Y9P+70//vQf/f5//r/+v/01dF6//H3P+yMJOK5H8AAACogpj7Xx5mIv8DAABA8Yxc381i7n9FmMmS/H+dOwAAAABedDH335q1FcEr8u//+v/6/8Xv/69L1+n/6/9nhez/D2f6/8Wh/9+d/n8P+v/6//r/+v/0VdH6/43cn41nrwwzqUj+BwAAgCqIuf+2MBP5HwAAAEoj5v7/F2Yi/wMAAEBpxNy/KcykIvlf/1//v/j9f5//r/9f9P6/z/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf/2MJOK5H8AAACogpj77wgzkf8BAACgNGLu//9hJvI/AAAAlEbM/ZvDTCqS//X/C97/j81R/X/9f/1//X/9/xXR/+9O/78H/X/9f/1//X/6qmj9/5j7XxVmUpH8DwAAAFUQc/+dYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu6fCDOpSP7X/y94/z/vwY/5/H/9f/1//X/9/5XR/+9O/78H/X/9/770/xcu6f/r/5MrWv8/5v4tYSYVyf8AAABQBTH3bw0zkf8BAACgNGLuvyvMRP4HAACA0oi5f1uYSUXyv/7/QPT/M/1//X/9f/1//f+V0f/vTv+/B/1//X+f/6//T18Vrf8fc/9rwkwqkv8BAACgCmLu3x5mIv8DAABAacTc/9owE/kfAAAASiPm/h1hJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+14WZVCT/AwAAQBXE3L8zzET+BwAAgNKIuf/uMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zvvX/x9M+v/d6f/3oP/fr/78sP6//r/+P1kB+/8x998TZlKR/A8AAABVEHP/vWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6/6vu/zc9eP3/CvT/X714v/r/Of3/YtH/707/v4f+9f9Hsmr3/33+/3X3/0f1/ymVovX/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/j1hJvI/AAAAlEbM/XvDTCqS//X/9f99/r/+v8//77x//f/BpP/fXf/7//Eh6v/7/H/9f5//r//PUkXr/8fcf1+YSUXyPwAAAFRBzP37wkzkfwAAACiNmPv3h5nI/wAAAFAaMfcfCDOpSP7X/9f/1//X/9f/77x//f/BpP/fXdU//39jrwPQ/9f/1//X/2eVHvrD5q+K1v+Puf9gmElF8j8AAABUQcz9rw8zkf8BAACgNGLu/5UwE/kfAAAASiPm/l8NMylL/u/RPNT/1//X/9f/1//vvH/9/8Gk/99d1fv/Pen/6//r/+v/01dF6//H3H8ozKQs+R8AAABIuf/XwkzkfwAAACiNmPvfEGYi/wMAAEBpxNx/OMykIvlf/1//X/9f/1//v/P+17r/PxbvV/9/VfT/u9P/70H/X/9f/1//n74qWv8/5v43hplUJP8DAABAFcTcf3+YifwPAAAApRFz/5vCTOR/AAAAKI2Y+98cZlKR/K//r/+v/6//r//fef8+/38w6f93txb9/2H9f/1//X/9f/1/gqL1/2Puf0uYSUXyPwAAAFRBzP1vDTOR/wEAAKA0Yu5/W5iJ/A8AAAClEXP/28NMKpL/9f/1//X/9f/1/zvvX/9/MOn/d+fz/3vQ/9f/1//X/6evitb/j7n/18NMKpL/AQAAoApi7n8gzET+BwAAgNKIuf8dYSbyPwAAAJRGzP3vDDOpSP7X/9f/1//X/9f/77x//f/BpP/f3YD1/395c7hc/z+n/1/s47/W/v9I29c3pP//w+X6/wvr2m+v/8+NULT+f8z97wozqUj+BwAAgCqIuf/dYSbyPwAAAJRGzP3vCTOR/wEAAKA0Yu7/jTCTiuR//f/6cSy2l/X/y9r/H9L/1//X/68I/f/uBqz/7/P/2+j/F/v4ff6//j9LFa3/H3P/e8NMKpL/AQAAoApi7n8wzET+BwAAgNKIuf+hMBP5HwAAAEoj5v73hZlUJP/r//v8/2r0/33+f6b/r/9fEfr/3en/96D/r/9ftP7/f+r/M9iK1v+Puf/hMJOK5H8AAACogpj73x9mIv8DAABAacTc/5thJvI/AAAAlEbM/R8IM6lI/tf/H5T+/8SA9v8f0/+/gf3/O2/Ot9P/1/9nkf5/d/r/Pej/6/8Xrf/v8/8ZcEXr/8fc/8Ewk5Xn//EVbwkAAAC8KGLu/60wk4r8+z8AAABUQcz9vx1mIv8DAABAacTc/zthJhXJ//r/N6T/3/jS5//7/P/29eHz//X/9f9vvLXr/8d3Hv1//X/9/0j/v0D9/4v6/xRD0fr/Mff/bphJRfI/AAAAVEHM/R8KM5H/AQAAYCB0+ky2djH3Hwkzkf8BAACgNGLuPxpmUpH8r/8/KJ//r/+fVa3//2db/+X733330V36//r/+v/XZE0//7/+4vf5//r/+v+J/n+B+v8+/5+CKFr/P+b+Y2EmFcn/AAAAUAUx9/9emIn8DwAAAKURc//xMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXRj+//vX+yJ6/9fa/9/rOOl+v/6/4N8/Pr/+v8sVbT+f8z9s2EmFcn/AAAAUAUh9w+dyOfiFfI/AAAAlEbM/SfDTOR/AAAAKI2Y+z8cZlKR/K//r/+v/6//7/P/O++/W/+/NuLz/4sq9e9/3nih6P+3KU7/vzP9f/3/QT5+/X/9f5YqWv8/5v65MJOK5H8AAACogpj7PxJmIv8DAABAacTc/9EwE/kfAAAASiPm/lNhJhXJ//r/+v/6//r/+v+d91/Yz//X/+9qtf17/f9A/1//X/9f/1//nz4oWv8/5v7TYSYVyf8AAABQBTH3nwkzkf8B/o+9O2myqz7vOH47SKVWwSK7LLJJVZZ5CSySdfICssgmi6QqlUVIQhIyIzKPJNjGs43B84AHMBhjGzwP4Akbz2Abz/OAJ4xNyUX38zxS3z59bnfrdvc5///ns+CJOjT3Qqkk/dT6+gAAQDNy918Vt9j/AAAA0Izc/X8at3Sy//X/+v9m+//f1P/v9fr6f/1/y/T/4/T/K+j/9f/6f/0/azW1/j93/5/FLZ3sfwAAAOhB7v4/j1vsfwAAAGhG7v6r4xb7HwAAAJqRu/8v4pZO9v9S/7+xmFj/n33tEff/+TL6/5b6f8//3/P19f/6/5Ydb/9/3ZM/8un/9f/6/6D/31f/f2avz9f/06Kp9f+5+/8ybulk/wMAAEAPcvf/Vdxi/wMAAEAzcvdfE7fY/wAAANCM3P1/Hbd0sv/X9/z/s1sf9/z/C/T/+v/l7x/6f/2//v/oef7/uJ76/6sfvPxPHr3zV+86yOvr//X/nv+v/2e9ptb/5+7/m7ilk/0PAAAAPcjd/7dxi/0PAAAAzcjd/3dxi/0PAAAAzcjd//dxSyf7f339/9E8/z/p//X/C/2//n/p30f/r/8fov8fN/X+/7Tn/+v/Z/z+9f/6f3abWv+fu/8f4pZO9j8AAAD0IHf/P8Yt9j8AAAA0I3f/tXGL/Q8AAADNyN1/Lm7pZP/r/4++/39C/6//j6v/1//r/4+e/n/c1Pv/dT7//zCvr//X/+v/9f+s19T6/9z918Utnex/AAAA6EHu/n+KW+x/AAAAaEbu/n+OW+x/AAAAaEbu/n+JWzrZ//p/z//X/+v/9f/Dr6//nyf9/zj9/wr6/0vt50/r//X/+n8udsD+//GRH7bX0v/n7v/XuKWT/Q8AAAA9yN3/b3GL/Q8AAADNyN3/73GL/Q8AAADNyN3/H3FLJ/tf/6//1//r/w/d/+/+rrdF/z9M/3889P/jJtP/b5wa/HC3/f9j22+0gf7f8//1//p/dpja8/9z9/9n3NLJ/gcAAIAe5O7/r7hlZP8f+DfzAQAAgBOVu/+/4xZf/wcAAIDZy+osd///xC2d7H/9v/5f/6//9/z/4dcf6//vuuj96f+nRf8/bjL9/x667f8XF96v/n++71//r/9nt6n1/7n7/zdu6WT/AwAAQA9y918ft9j/AAAA0Izc/f8Xt9j/AAAA0Izc/f8ft3Sy/4f7/wv/f/3//uj/d75//f/w94919f/5T9T/j/b/v+X5/33S/487/v7/jP5/5z9f/3+ETvr9N97/n131+fp/hkyt/8/df0Pc0sn+BwAAgB7k7n9K3GL/AwAAQDNy9z81brH/AQAAoBm5+58Wt3Sy/z3/X/+v/59f/7/8/P+k/992HM//Xxx7/39K/79P+v9xnv+/gv5f/6//9/x/1mpq/X/u/hvjlk72PwAAAPTgxscWW7v/6YuF/Q8AAABzdPGfHVj+A6Uhd/8z4hb7HwAAAJqRu/+ZcUsn+1//r//X/8+///f8/x76f8//3y/9/zj9/wr6/6Po50811v/ftNfnT6H/v1b/z8Ts6P/vufDxk+r/c/c/K27pZP8DAABAD3L3Pztusf8BAACgGbn7nxO32P8AAADQjNz9z41bOtn/R97/n937tfX/+n/9v/5f/6//Xzf9/zj9/wr6f8//9/x//T9rtaP/v8hJ9f+5+58Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P03xS32PwAAADQjd/8L4pZO9r/n/+v/9f/6f/3/8Ovr/+dJ/z9O/7+C/l//r//X/7NWU+v/c/ffHLd0sv8BAACgB7n7b4lb7H8AAABoRu7+F8Yt9j8AAAA0I3f/i+KWTva//v9o+//8uP5f/7/Q/+v/9f/Hotv+f2PoZ6Ld9uj/7/+jc7+z8yP6f/2//l//r/9nDSbR/5+/8KvL3P0vjls62f8AAADQg9z9L4lb7H8AAABoRu7+l8Yt9j8AAAA0I3f/y+KWA+7/X17ruzo++n/P/9f/6//1/8Ovr/+fp9n1/6d3ftPz//X/+v/5vn/9v/6f3SbR/1/07dz9L49bfP0fAAAAmpG7/xVxi/0PAAAAzcjd/8q4xf4HAACAZuTuf1Xc0sn+1//r//X/+n/9//DrH7b/31wM0/8fj9n1/0v0//p//f9837/+X//PblPr/3P33xq3dLL/AQAAoAe5+18dt9j/AAAA0Izc/a+JW+x/AAAAaEbu/tfGLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//Nn9P/6f/2//p9Dmlr/n7v/dXFLJ/sfAAAAepC7/7a4xf4HAACAZuTuvz1usf8BAACgGbn7Xx+3dLL/9f/6f/2//l//P/z6+v950v+P0/+v4Pn/+n/9v/6ftZpa/5+7/464pZP9DwAAAD3I3X9n3GL/AwAAQDNy978hbrH/AQAAoBm5+++KWzrZ//p//b/+X/9/JP3/Of3/Mv3/8Ti6/n+h/9f/6/9X0P/r//X/LDuu/v/x+PF+Vf+fu/+NcUsn+x8AAAB6kLv/7rjF/gcAAIBm5O5/U9xi/wMAAEAzcve/OW7pZP/r//X/+n/9v+f/D7++/n+ePP9/nP5/Bf2//l//r/9nrY6r/9+r91/+du7+t8Qtnex/AAAA6EHu/nviFvsfAAAAmpG7/964xf4HAACAZuTuf2vc0sn+1//r/3f2/4uF/l//r//fdgz9/+ZC/792+v9x+v8V9P9t9v+/tGio/z+75+fr/5miqfX/ufvfFrd0sv8BAACgB7n73x632P8AAADQjNz974hb7H8AAABoRu7+d8YtLe3/J/ZO3+bf/59Z+kT9/2KxeOgaz//X/4+8vv5/Mv1//VfV/6+P/n+c/n8F/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7/+XP1H/v7ik5//r/7c+oP/X/+v/Z+tS+/ubN+PnNP2//l//P9jPb+zx656F/l//r/9nwNT6/9z974tbOtn/AAAA0IPc/ffFLfY/AAAANCN3//1xi/0PAAAAzcjd//64pZP9r//X/+v/59n/b+r/9f/6/0F79vdX7O/z1/X8/yuv/O0H9P/6/xb7/zH6f/2//p9lU+v/c/d/IG7pZP8DAABAD3L3fzBusf8BAACgGbn7PxS32P8AAADQjNz9H45bOtn/u/v/04vtQnXbUP8fjZr+/yL6/53vX/8//P3D8//1//r/o3epz99fV//v+f+He//6f/3/nN//gfr/X9v9+fp/WjS1/j93/wNxy8jw2/stAQAAAFOUu/8jcUsnX/8HAACAHuTu/2jcYv8DAABAM3L3Pxi3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/FfT/+n/P/7/qDy7T/7M+U+v/c/d/LG7ZGn6/fsUh/zUBAACACcnd//G4pZOv/wMAAEAPcvd/Im6x/wEAAKAZufs/Gbd0sv/1//p//b/+X/8//Pr6/3nS/4/T/6/QT/+/OfTBk+7nL9VJv/9m+n/P/2eNptb/5+7/VNzSyf4HAACAHuTu/3TcYv8DAABAM3L3fyZusf8BAACgGbn7H4pbOtn/+n/9f/v9/+/r/5deX/+v/2+Z/j9/Rh+m/1+hn/5/0En383N///r/sf7/4D8e0oap9f+5+x+OWzrZ/wAAANCD3P2fjVvsfwAAAGhG7v7PxS32PwAAADQjd//n45ZO9r/+v6/+f2PRY//v+f/6f/1/T+bT/99yauijnv+v/9f/z/f96/89/5/dptb/5+5/ZONUl/sfAAAA5up3f+OPH97v3/vI1l83F1+IW+x/AAAAaEbu/i/GLfY/AAAANCN3/5filk72v/6/r/6/z+f/6//1//r/nsyn/x+m/9f/6//n+/71//p/dpta/5+7/8txy0XDb/B/oAcAAACYjdz9X4lbOvn6PwAAAPQgd/9X45Zd+//8Pv9UOwAAADA1ufu/Frd08vV//f/E+//FEfX/8ffp/7fp//X/Q6+v/58n/f+4S+z/z2/o//X/I/T/+n/9P8um1v/n7r/7jkWX+x8AAAAateN3FL6+9dfNxTfiFvsfAAAAmpG7/5txi/0PAAAAzcjd/624pZP9r/+feP9/qOf/n63/y/P/O+//r98cfH39v/6/Zfr/cZ7/v4L+X/+v/9f/s1YH6P+3BulR9/+5+78dt3Sy/wEAAKAHufu/E7fY/wAAANCM3P3fjVvsfwAAAGhG7v7vxS2d7H/9/wn0/zecWSyOtP/fx/P/9f999P97vH47/f+vXH7uvt/7w9tv1f9zwXH2//l9Qf+v/9f/b9P/6//1/yyb2vP/c/d/P27pZP8DAABAD3L3Pxq32P8AAADQjNz9P4hbntz/957UuwIAAADWKXf/D+OWTr7+r/9v8fn/8+z/87/1CfT/5+bX/2dT3Hv/7/n/+v/dPP9/nP5/Bf2//l//r/9nrabW/+fu/1Hc0sn+BwAAgB7k7v9x3JL7f+PAv3UPAAAATEzu/p/ELb7+DwAAAM3I3f9Y3NLJ/tf/6/8P2/+f9fx/z//X/2/R/0+L/n+c/n8F/b/+X/+v/2etptb/5+7/adzSyf4HAACAHuTufzxusf8BAACgGbn7fxa32P8AAADQjNz9P49bOtn/+n/9/1Se/5/0/xc+T/+/Tf+v/z8I/f+4g/T/lw38ukD/r/8fo//X/+v/WTa1/j93/y8CAAD//zJLcR4=")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
lseek(r0, 0x7fff, 0x0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
syz_mount_image$minix(&(0x7f0000000540), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRESOCT], 0xfd, 0x18f, &(0x7f0000000740)="$eJzs21tqGnEUx/Hf33vt/fbSp0IL7UudaqHTvrVLEZ0YyZhIzIsSCC4lC8oOAtmAQrKBTMgoozMxZDA4E/X7AZlzlMM5I/z1+KAAbK03koyM8pI8zzvZ/Wr0Oe2hACTC07UHYFtlL9OeAEA6xv+z/h7QlXRxddwYTR/5mPuDUca//pM0mqsvxKwfD41//ZQL1xclleLsL6eT+m+R/s+Mua/k/GxB/3Kkvhx7/sn9f/8Srn8u6YWkl0Z6Jen19LfWW0nvFvRvRvp/jNkfeAyjShCXJnll/vWMdtqu8zPI835eDfKCn9ci+a8gL/p5pXHgNld5GwCWkFHouN85/9nI+c9Fzj+A9dXrD/bqrusczgKj6DMbHAwTbjqU1v3tlZ7EGAQPBbf7/PLlaX8yAVg166jTtXr9wY92p95yWs5+zf5r29U/1d+25W/+Vnj/B7A5Zl/6aU8CAAAAAAAAAAAAAACW9V7Sh7SHAAAAAJCIJP6NlPY9AgAAAAAAAAAAAAAAAAAAAJviJgAA//8+LUxp")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
ftruncate(r1, 0x1f)
write$cgroup_type(r1, &(0x7f0000000200), 0x175d9003)

2.456413279s ago: executing program 2 (id=1728):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d047008476100000001090212"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x7, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000013007b990000000000000000fc0000"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)

1.357135909s ago: executing program 4 (id=1729):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x32}}, 0x0)
getsockname$packet(r1, 0x0, &(0x7f00000000c0))
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="fe000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000540)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x13)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010000507000000070000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062726964676500000400028008000a00", @ANYRES32=r3], 0x3c}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0xffffffff, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x825, 0x0, 0x0, {0xa, 0x0, 0x0, r6}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0xd}]}, 0x28}}, 0x0)

957.001342ms ago: executing program 4 (id=1730):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
fsetxattr(r2, 0x0, 0x0, 0x0, 0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0}, 0x90)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x21, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x4d5337314ea54c74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, r3}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r3, r5, 0x1, 0x0, @val=@iter={0x0}}, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000200)={0x3, &(0x7f0000000180)=[{0x4d}, {0x4d}, {0x6}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)

450.077233ms ago: executing program 3 (id=1731):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0xa00}, {0x65, 0x0, 0x5}}, [@printk={@llx, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xc, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x4, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000140)={0x0, 0x3})
socket$inet(0x2, 0x2, 0x0)
r5 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x10000a006)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x15, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x90)

99.012812ms ago: executing program 1 (id=1732):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x40004, 0x1, 0x113a, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x8000000}, 0x48)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20010, 0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x40000000004)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0x33)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0xff, 0x203, &(0x7f0000000780)="$eJzsmbGLE0EUxr+Z3ezGQwQLLWxiceAJ3uZ201xjoa0Iwp2oZfDWI7pJJNkiCQgGGxsbO/8RhdR2NmJhpaKCYGFKGwVHZnY2mWTN6iYEi3u/YvjmzcybN2/23sAFBEEcWT5/+v7xyeXd/QsAjmMTrrZ/taZzuDH/3TOrpOXL1okHo3l/DIAQ0779l/0dvP/wVG6OxK0QP4Q5vql97oMrLbkOjvNa3wCDl8YqJIkMwXBLm+8aun1Miyhkt9vRwZ1GFO7IxpdNIJsaIGbiHw8ZDgCU9RbMiK/bH9yrR0AnEVGYipJI98kMFRV5+VPxXeK4aKRA3tfNx4+Gsu9p+46RPx8cvtY1MOxpvQsXnudVdDf0jfOfsaf+LXltM+f/15OUV0tEUXFyO3dOeoh1h/FLrMWzs9QVrEfIOIqv4pXsKqeYH2eJmNm8Rf5BTyynx6NX2VVf/mt6VxOqcAHIDL3ZiKKrpuX1FS1Ozfg5a+bHEOkXuPCTSOoHs4FzRn2yjVehGjfvV7v9wXajWT8MD8NWENSAh6rEqtpcVW1O/Sur+rRh+C8tmOswB716HHf8HhB3/Ek/SFqj4u49b39Ta7iqfxxbP4VInxd1bPfPe6j3z03WMdXbshYGTxAEQRAEQRAEQRAEQRAEkUPlbcaCF9D/q2Tpb2JZ7OCamv07AAD//6KhYw4=")
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

0s ago: executing program 4 (id=1733):
creat(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x4e0c01)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd600a8435001c0600000000000000000000a652ff00000000fe80000000aa000004"], 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0)
ioctl$SNDCTL_DSP_STEREO(r4, 0x40045010, &(0x7f0000000080))
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
poll(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x15, 0xe, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x90)
r6 = openat$mixer(0xffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r6, 0x80044d03, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, 0x0)
writev(r4, &(0x7f0000001780)=[{&(0x7f0000001580)="318626e0b336236ef1ce05b3d9be7d346a77bbbd96328f5b65f1f9441c841b07aacf0e76a1ee2f363045254d1fa11c93b95d372eb2476a3cf28b2979cb08e11e0212f56ad7cf40d073cac9c1b66cbc29c48bf33c584c7ec35967aa13611656c02b473e2f461a8bdea1ab0356ca2b9d91778e57618987ce3b69716d5883a81617d47b", 0x82}, {&(0x7f0000001640)="1efdf348290f875913c8658596a46885fddaf7", 0x13}, {&(0x7f0000001680)="e89e61d28f1bbc27ffec42b2bd86c27427e2e040c9b7ae3752f77b9699276894e8e8626289a0ab7c41e6f276a32d827aee4020c7987d323076106e00b447e00bf48f31f39fcc7f235a994c0586933b6e2be60d46c970f24a6c0e697ace876e7818983d4458a62b26c930a00ec5916b72a22f4ce1903b8760f01f99eac1e30210d0294ec2dc9e344a22605f72544c", 0x8e}, {&(0x7f0000001740)="e5f73b2049ba57da052068761263eda68a055bc0bea5c466d75a9cb58436110ddc34300b365156", 0x27}], 0x4)

kernel console output (not intermixed with test programs):

 bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  465.172787][ T8151] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1192'.
[  465.331910][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  466.658480][ T8163] loop2: detected capacity change from 0 to 1024
[  466.694995][ T8163] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  466.737184][ T8163] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  466.775191][ T8163] EXT4-fs (loop2): barriers disabled
[  466.780615][ T8163] JBD2: no valid journal superblock found
[  466.814732][ T8163] EXT4-fs (loop2): error loading journal
[  466.831050][ T8176] loop0: detected capacity change from 0 to 128
[  467.082378][ T8182] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1198'.
[  468.948145][ T8195] loop3: detected capacity change from 0 to 16
[  469.083024][ T8195] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  469.365025][ T5393] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  469.422023][ T8200] loop2: detected capacity change from 0 to 256
[  469.736543][ T8212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1206'.
[  471.109560][ T8234] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1210'.
[  472.817453][ T8250] loop2: detected capacity change from 0 to 16
[  472.828217][ T8250] erofs: (device loop2): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  472.897666][ T5393] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  473.240513][ T8246] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  473.247620][ T8246] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  473.294723][ T8246] vhci_hcd vhci_hcd.0: Device attached
[  473.405328][ T8267] ieee802154 phy0 wpan0: encryption failed: -22
[  473.614634][ T5028] usb 18-1: SetAddress Request (2) to port 0
[  473.629560][ T5028] usb 18-1: new SuperSpeed USB device number 2 using vhci_hcd
[  473.641604][ T8274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1221'.
[  473.694134][ T8257] vhci_hcd: connection closed
[  473.699837][ T4032] vhci_hcd: stop threads
[  473.713436][ T4032] vhci_hcd: release socket
[  473.742638][ T4032] vhci_hcd: disconnect device
[  474.004497][ T8052] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  474.284519][ T8052] usb 3-1: Using ep0 maxpacket: 8
[  474.385842][ T8287] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1224'.
[  474.424587][ T8052] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  474.439239][ T8052] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  474.494591][ T8052] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  474.534871][ T8052] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  474.664383][ T8052] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  474.762662][ T8294] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1225'.
[  475.545868][ T8052] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  475.588125][ T8052] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.765422][ T8300] loop0: detected capacity change from 0 to 2048
[  475.903153][ T8300]  loop0: p1 < > p4
[  475.996424][ T8310] binder: 8305:8310 ioctl 4018620d 0 returned -22
[  476.803530][ T8300] loop0: p4 size 8388608 extends beyond EOD, truncated
[  476.830863][ T8308] loop4: detected capacity change from 0 to 1024
[  476.841857][ T8308] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  476.853931][ T8308] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  476.924467][ T8052] usb 3-1: usb_control_msg returned -71
[  476.930089][ T8052] usbtmc 3-1:16.0: can't read capabilities
[  476.951940][ T8308] EXT4-fs (loop4): barriers disabled
[  476.975956][ T8308] JBD2: no valid journal superblock found
[  477.054526][ T8308] EXT4-fs (loop4): error loading journal
[  477.066605][ T8052] usb 3-1: USB disconnect, device number 14
[  477.176113][ T3091]  loop0: p1 < > p4
[  477.204211][ T3091] loop0: p4 size 8388608 extends beyond EOD, truncated
[  477.472360][ T8319] loop1: detected capacity change from 0 to 2048
[  477.507532][ T8319] EXT4-fs: Ignoring removed orlov option
[  477.553835][ T8319] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  477.773898][ T8320] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  477.840210][ T8322] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1234'.
[  478.148564][ T8326] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1235'.
[  478.396665][ T8315] loop2: detected capacity change from 0 to 32768
[  478.448280][ T8315] 
[  478.448280][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.448280][ T8315] 
[  478.560134][ T8315] 
[  478.560134][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.560134][ T8315] 
[  478.593073][ T8315] 
[  478.593073][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.593073][ T8315] 
[  478.638954][ T8317] loop4: detected capacity change from 0 to 32768
[  478.651109][ T8317] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1233 (8317)
[  478.674224][ T8317] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  478.674611][ T8315] 
[  478.674611][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.674611][ T8315] 
[  478.685037][ T8317] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  478.725925][ T8315] 
[  478.725925][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.725925][ T8315] 
[  478.736734][ T8317] BTRFS info (device loop4): enabling auto defrag
[  478.743214][ T8317] BTRFS info (device loop4): max_inline at 0
[  478.771424][ T8317] BTRFS info (device loop4): enabling ssd optimizations
[  478.784515][ T8317] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  478.794927][ T5028] usb 18-1: device descriptor read/8, error -110
[  478.814884][  T133] 
[  478.814884][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.814884][  T133] 
[  478.851132][ T8317] BTRFS info (device loop4): use lzo compression, level 0
[  478.876354][ T8335] 
[  478.876354][ T8335]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.876354][ T8335] 
[  478.890347][ T8317] BTRFS info (device loop4): using free space tree
[  478.920571][ T8335] 
[  478.920571][ T8335]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.920571][ T8335] 
[  478.967415][ T8315] 
[  478.967415][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  478.967415][ T8315] 
[  479.016459][ T8315] 
[  479.016459][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.016459][ T8315] 
[  479.034611][ T8315] 
[  479.034611][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.034611][ T8315] 
[  479.046378][ T8347] futex_wake_op: syz.0.1241 tries to shift op by 32; fix this program
[  479.213192][ T8315] 
[  479.213192][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.213192][ T8315] 
[  479.232324][ T5028] usb usb18-port1: attempt power cycle
[  479.244652][ T8315] 
[  479.244652][ T8315]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.244652][ T8315] 
[  479.258119][  T133] 
[  479.258119][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.258119][  T133] 
[  479.272130][ T8364] loop3: detected capacity change from 0 to 16
[  479.286865][ T8364] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  479.622426][ T8331] 
[  479.622426][ T8331]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.622426][ T8331] 
[  479.862085][ T8331] 
[  479.862085][ T8331]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.862085][ T8331] 
[  479.957174][ T5026] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  479.976526][ T8331] 
[  479.976526][ T8331]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.976526][ T8331] 
[  479.990070][  T133] 
[  479.990070][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.990070][  T133] 
[  480.231551][ T7763] 
[  480.231551][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  480.231551][ T7763] 
[  480.253971][ T7763] 
[  480.253971][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  480.253971][ T7763] 
[  480.271273][  T133] 
[  480.271273][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  480.271273][  T133] 
[  480.292227][ T3646] 
[  480.292227][ T3646]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  480.292227][ T3646] 
[  480.344779][ T5026] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  480.370263][ T3646] 
[  480.370263][ T3646]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  480.370263][ T3646] 
[  480.377702][ T5026] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  480.444709][ T5026] usb 2-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  480.458987][ T5026] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.485595][ T5028] usb usb18-port1: unable to enumerate USB device
[  480.505228][ T5026] usb 2-1: config 0 descriptor??
[  480.523849][ T6712] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  480.828160][ T8379] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1245'.
[  481.121240][ T8380] netlink: 308 bytes leftover after parsing attributes in process `syz.2.1245'.
[  481.122082][ T5026] wacom 0003:056A:0084.0003: hidraw0: USB HID v0.00 Device [HID 056a:0084] on usb-dummy_hcd.1-1/input0
[  481.357841][ T5026] usb 2-1: USB disconnect, device number 12
[  481.822654][ T8392] loop4: detected capacity change from 0 to 2048
[  483.937356][ T3641] Bluetooth: hci3: command 0x0406 tx timeout
[  484.278148][ T8392]  loop4: p1 < > p4
[  484.346471][ T8392] loop4: p4 size 8388608 extends beyond EOD, truncated
[  484.602317][ T8417] loop2: detected capacity change from 0 to 256
[  486.132752][ T8428] syz.0.1258 (8428): drop_caches: 2
[  486.999257][ T8436] loop1: detected capacity change from 0 to 16
[  487.735622][ T8436] erofs: (device loop1): mounted with root inode @ nid 36.
[  487.838689][ T8438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1261'.
[  487.850693][ T8438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1261'.
[  488.184686][ T3682] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  488.564718][ T3682] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  488.611654][ T3682] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  488.807431][ T3682] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  488.817673][ T3682] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  488.827872][ T3682] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  488.838615][ T3682] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  489.004572][ T3682] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  489.144779][ T3682] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.152984][ T3682] usb 4-1: Product: syz
[  489.159381][ T3682] usb 4-1: Manufacturer: syz
[  489.163983][ T3682] usb 4-1: SerialNumber: syz
[  489.454795][ T3682] cdc_ncm 4-1:1.0: bind() failure
[  489.471144][ T3682] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  489.521613][ T3682] cdc_ncm 4-1:1.1: bind() failure
[  489.562416][ T3682] usb 4-1: USB disconnect, device number 16
[  489.632285][ T8449] loop1: detected capacity change from 0 to 32768
[  489.748651][ T8449] XFS (loop1): Mounting V5 Filesystem
[  489.845874][ T8449] XFS (loop1): Ending clean mount
[  489.866936][ T8449] XFS (loop1): Quotacheck needed: Please wait.
[  490.115875][ T8449] XFS (loop1): Quotacheck: Done.
[  490.157241][ T8481] fuse: Invalid rootmode
[  490.845287][ T8487] loop4: detected capacity change from 0 to 16
[  491.045957][ T8487] erofs: (device loop4): mounted with root inode @ nid 36.
[  491.564249][ T3636] XFS (loop1): Unmounting Filesystem
[  491.665735][ T8494] loop4: detected capacity change from 0 to 512
[  491.672594][ T8494] EXT4-fs: Ignoring removed oldalloc option
[  491.682091][ T8492] loop3: detected capacity change from 0 to 128
[  491.719911][ T8494] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1279: Parent and EA inode have the same ino 15
[  491.735249][ T8494] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1279: Parent and EA inode have the same ino 15
[  491.876363][ T8494] EXT4-fs (loop4): 1 orphan inode deleted
[  491.882166][ T8494] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  491.982112][ T8498] loop2: detected capacity change from 0 to 256
[  492.367679][ T6712] EXT4-fs (loop4): unmounting filesystem.
[  492.377333][ T8498] FAT-fs (loop2): Directory bread(block 64) failed
[  492.424516][ T8498] FAT-fs (loop2): Directory bread(block 65) failed
[  492.451590][ T8498] FAT-fs (loop2): Directory bread(block 66) failed
[  492.489287][ T8498] FAT-fs (loop2): Directory bread(block 67) failed
[  492.508348][ T8501] loop4: detected capacity change from 0 to 256
[  492.516679][ T8498] FAT-fs (loop2): Directory bread(block 68) failed
[  492.544393][ T8498] FAT-fs (loop2): Directory bread(block 69) failed
[  492.558129][ T8498] FAT-fs (loop2): Directory bread(block 70) failed
[  492.585020][ T8498] FAT-fs (loop2): Directory bread(block 71) failed
[  492.634675][ T8498] FAT-fs (loop2): Directory bread(block 72) failed
[  492.641340][ T8498] FAT-fs (loop2): Directory bread(block 73) failed
[  492.897883][   T26] audit: type=1326 audit(1723848888.289:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8500 comm="syz.4.1281" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7fe5799b9 code=0x0
[  494.962620][ T8533] loop3: detected capacity change from 0 to 256
[  494.979127][ T8533] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  495.007440][ T8534] loop2: detected capacity change from 0 to 64
[  495.157633][ T8523] loop0: detected capacity change from 0 to 2048
[  495.216488][ T8523]  loop0: p1 < > p4
[  495.251889][ T8523] loop0: p4 size 8388608 extends beyond EOD, truncated
[  495.499333][   T26] audit: type=1326 audit(1723848890.889:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.1293" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x0
[  497.057020][   T26] audit: type=1326 audit(1723848892.449:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.1.1299" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1297d799b9 code=0x0
[  497.120850][ T8561] loop3: detected capacity change from 0 to 1024
[  497.215720][ T8563] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  497.347577][ T8563] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1299'.
[  499.838405][ T3650] Bluetooth: hci3: command 0x0406 tx timeout
[  500.679062][ T8582] syz.3.1303 (8582): drop_caches: 2
[  501.359118][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  501.544545][ T8589] loop2: detected capacity change from 0 to 64
[  503.334071][ T8613] loop3: detected capacity change from 0 to 512
[  503.344864][ T8613] EXT4-fs: Ignoring removed mblk_io_submit option
[  503.353555][ T8613] EXT4-fs: Ignoring removed i_version option
[  503.392418][ T8613] EXT4-fs error (device loop3): __ext4_iget:5055: inode #11: block 1: comm syz.3.1317: invalid block
[  503.419763][ T8613] EXT4-fs (loop3): Remounting filesystem read-only
[  503.457082][ T8613] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1317: couldn't read orphan inode 11 (err -117)
[  503.538092][ T8613] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  503.622291][ T8613] EXT4-fs (loop3): unmounting filesystem.
[  503.950323][ T8605] loop1: detected capacity change from 0 to 32768
[  504.359349][ T8605] 
[  504.359349][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.359349][ T8605] 
[  504.699765][ T8605] 
[  504.699765][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.699765][ T8605] 
[  504.744144][ T8605] 
[  504.744144][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.744144][ T8605] 
[  504.757163][ T8627] loop0: detected capacity change from 0 to 512
[  504.792533][ T8605] 
[  504.792533][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.792533][ T8605] 
[  504.811723][ T8605] 
[  504.811723][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.811723][ T8605] 
[  504.824247][ T8627] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  504.825614][  T133] 
[  504.825614][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.825614][  T133] 
[  504.876264][ T8605] 
[  504.876264][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.876264][ T8605] 
[  504.918708][ T8605] 
[  504.918708][ T8605]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  504.918708][ T8605] 
[  504.926182][ T8627] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  504.949732][ T8627] EXT4-fs (loop0): 1 truncate cleaned up
[  504.957029][ T8627] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  505.006389][   T26] audit: type=1804 audit(1723848900.399:174): pid=8627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1320" name="/newroot/277/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  505.068902][  T133] 
[  505.068902][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.068902][  T133] 
[  505.113012][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  505.124720][ T8628] 
[  505.124720][ T8628]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.124720][ T8628] 
[  505.188136][ T8628] 
[  505.188136][ T8628]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.188136][ T8628] 
[  505.239727][ T8628] 
[  505.239727][ T8628]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.239727][ T8628] 
[  505.268231][ T8637] loop3: detected capacity change from 0 to 1024
[  505.289998][ T8628] 
[  505.289998][ T8628]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.289998][ T8628] 
[  505.393301][ T8628] 
[  505.393301][ T8628]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.393301][ T8628] 
[  505.409723][ T8637] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  505.437104][  T133] 
[  505.437104][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.437104][  T133] 
[  505.543839][ T7763] 
[  505.543839][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.543839][ T7763] 
[  505.558212][ T7763] 
[  505.558212][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.558212][ T7763] 
[  505.570927][   T26] audit: type=1326 audit(1723848900.959:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  505.598326][  T134] 
[  505.598326][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.598326][  T134] 
[  505.636973][ T7763] 
[  505.636973][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.636973][ T7763] 
[  505.658131][ T7763] 
[  505.658131][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.658131][ T7763] 
[  505.677475][  T134] 
[  505.677475][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.677475][  T134] 
[  505.721269][ T3636] 
[  505.721269][ T3636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.721269][ T3636] 
[  505.742894][ T3636] 
[  505.742894][ T3636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  505.742894][ T3636] 
[  505.776181][ T6775] EXT4-fs (loop3): unmounting filesystem.
[  506.090314][   T26] audit: type=1326 audit(1723848901.479:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.166411][   T26] audit: type=1326 audit(1723848901.499:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.237864][ T8650] loop1: detected capacity change from 0 to 128
[  506.249340][   T26] audit: type=1326 audit(1723848901.499:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.303711][   T26] audit: type=1326 audit(1723848901.499:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.670453][   T26] audit: type=1326 audit(1723848901.499:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.858191][   T26] audit: type=1326 audit(1723848901.499:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.881339][   T26] audit: type=1326 audit(1723848901.499:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  506.914113][   T26] audit: type=1326 audit(1723848901.499:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8635 comm="syz.0.1321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  508.537210][ T8669] loop3: detected capacity change from 0 to 512
[  508.564546][ T8669] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  508.698375][ T8669] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  508.743111][ T8675] loop4: detected capacity change from 0 to 64
[  508.743850][ T8669] EXT4-fs (loop3): 1 truncate cleaned up
[  508.764184][ T8669] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  508.915531][ T8681] syz.1.1334 (8681): drop_caches: 2
[  509.887754][ T6775] EXT4-fs (loop3): unmounting filesystem.
[  510.072388][ T8690] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1340'.
[  510.164504][ T3682] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  510.874782][ T3682] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.912934][ T3682] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.954896][ T3682] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  510.973636][ T3682] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  510.990393][ T3682] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  511.006814][ T3682] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  511.224737][ T3682] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  511.233805][ T3682] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.310483][ T3682] usb 2-1: Product: syz
[  511.330674][ T3682] usb 2-1: Manufacturer: syz
[  511.337109][ T8688] loop2: detected capacity change from 0 to 32768
[  511.345816][ T8671] loop0: detected capacity change from 0 to 32768
[  511.401814][ T3682] usb 2-1: SerialNumber: syz
[  511.413998][ T8688] 
[  511.413998][ T8688]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.413998][ T8688] 
[  511.424529][   T26] kauditd_printk_skb: 60 callbacks suppressed
[  511.424539][   T26] audit: type=1326 audit(1723848906.809:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  511.455507][ T8671] 
[  511.455507][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.455507][ T8671] 
[  511.498280][ T8671] 
[  511.498280][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.498280][ T8671] 
[  511.510129][   T26] audit: type=1326 audit(1723848906.899:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  511.586605][ T8671] 
[  511.586605][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.586605][ T8671] 
[  511.676783][ T8671] 
[  511.676783][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.676783][ T8671] 
[  511.741998][ T8688] 
[  511.741998][ T8688]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.741998][ T8688] 
[  511.813824][ T8671] 
[  511.813824][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.813824][ T8671] 
[  511.824847][ T3682] cdc_ncm 2-1:1.0: bind() failure
[  511.829568][ T8688] 
[  511.829568][ T8688]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.829568][ T8688] 
[  511.835273][ T3682] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  511.867917][ T8688] 
[  511.867917][ T8688]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.867917][ T8688] 
[  511.868704][  T134] 
[  511.868704][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.868704][  T134] 
[  511.919398][ T3682] cdc_ncm 2-1:1.1: bind() failure
[  511.941827][ T8671] 
[  511.941827][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.941827][ T8671] 
[  511.957094][ T3682] usb 2-1: USB disconnect, device number 13
[  511.968435][ T8671] 
[  511.968435][ T8671]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.968435][ T8671] 
[  511.985816][ T8710] 
[  511.985816][ T8710]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  511.985816][ T8710] 
[  512.026390][ T8704] 
[  512.026390][ T8704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.026390][ T8704] 
[  512.045320][   T26] audit: type=1326 audit(1723848907.439:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.083085][ T8710] 
[  512.083085][ T8710]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.083085][ T8710] 
[  512.096589][ T8704] 
[  512.096589][ T8704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.096589][ T8704] 
[  512.125803][ T8710] 
[  512.125803][ T8710]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.125803][ T8710] 
[  512.129397][   T26] audit: type=1326 audit(1723848907.459:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.145488][ T8704] 
[  512.145488][ T8704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.145488][ T8704] 
[  512.205441][ T8710] 
[  512.205441][ T8710]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.205441][ T8710] 
[  512.256497][ T8704] 
[  512.256497][ T8704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.256497][ T8704] 
[  512.269745][   T26] audit: type=1326 audit(1723848907.459:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.294884][  T134] 
[  512.294884][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.294884][  T134] 
[  512.316545][ T8704] 
[  512.316545][ T8704]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.316545][ T8704] 
[  512.327975][ T8709] 
[  512.327975][ T8709]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.327975][ T8709] 
[  512.348985][   T26] audit: type=1326 audit(1723848907.459:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.354733][ T8709] 
[  512.354733][ T8709]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.354733][ T8709] 
[  512.384203][ T8713] syz.3.1344 (8713): drop_caches: 2
[  512.398334][  T134] 
[  512.398334][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.398334][  T134] 
[  512.465825][ T8713] syz.3.1344 (8713): drop_caches: 2
[  512.467789][ T8709] 
[  512.467789][ T8709]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.467789][ T8709] 
[  512.474358][   T26] audit: type=1326 audit(1723848907.459:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.516210][   T11] 
[  512.516210][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.516210][   T11] 
[  512.544385][   T26] audit: type=1326 audit(1723848907.459:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.569597][ T8709] 
[  512.569597][ T8709]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.569597][ T8709] 
[  512.587462][   T11] 
[  512.587462][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.587462][   T11] 
[  512.629173][ T8717] loop1: detected capacity change from 0 to 16
[  512.639730][ T8717] erofs: (device loop1): mounted with root inode @ nid 36.
[  512.847094][ T8709] 
[  512.847094][ T8709]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.847094][ T8709] 
[  512.862730][  T133] 
[  512.862730][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.862730][  T133] 
[  512.928063][   T26] audit: type=1326 audit(1723848907.459:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  512.988061][   T11] 
[  512.988061][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  512.988061][   T11] 
[  513.122296][   T11] 
[  513.122296][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.122296][   T11] 
[  513.250235][   T26] audit: type=1326 audit(1723848907.459:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8697 comm="syz.3.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60ef799b9 code=0x7fc00000
[  513.303349][   T11] 
[  513.303349][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.303349][   T11] 
[  513.327012][ T3634] 
[  513.327012][ T3634]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.327012][ T3634] 
[  513.381034][   T11] 
[  513.381034][   T11]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.381034][   T11] 
[  513.397514][  T133] 
[  513.397514][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.397514][  T133] 
[  513.418283][ T3646] 
[  513.418283][ T3646]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.418283][ T3646] 
[  513.516385][ T8724] syz.3.1347 (8724): drop_caches: 2
[  513.545066][  T134] 
[  513.545066][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.545066][  T134] 
[  513.591090][ T3634] 
[  513.591090][ T3634]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.591090][ T3634] 
[  513.618833][ T3646] 
[  513.618833][ T3646]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  513.618833][ T3646] 
[  514.137315][ T8726] loop1: detected capacity change from 0 to 512
[  514.245788][ T8726] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  514.386167][ T8726] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  514.593688][ T8726] EXT4-fs (loop1): 1 truncate cleaned up
[  514.599656][ T8726] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  515.513958][ T8741] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1352'.
[  515.593834][ T3636] EXT4-fs (loop1): unmounting filesystem.
[  516.279561][ T8745] loop3: detected capacity change from 0 to 512
[  516.366693][ T8745] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  516.458196][ T8745] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz.3.1355: iget: bad i_size value: -6917529027641081756
[  516.532922][ T8745] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1355: couldn't read orphan inode 17 (err -117)
[  516.589550][ T8745] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  516.645277][ T8052] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  516.794221][ T6775] EXT4-fs (loop3): unmounting filesystem.
[  516.897925][ T8761] loop4: detected capacity change from 0 to 16
[  516.909759][ T8761] erofs: (device loop4): mounted with root inode @ nid 36.
[  517.104835][ T8052] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  517.219265][ T8052] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  517.633036][ T8052] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  517.661292][ T8052] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  517.671546][ T8052] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  517.681464][ T8052] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  517.844544][ T8052] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  517.853631][ T8052] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.879900][ T8755] loop1: detected capacity change from 0 to 32768
[  517.887544][ T8052] usb 3-1: Product: syz
[  517.891789][ T8052] usb 3-1: Manufacturer: syz
[  517.902175][ T8755] 
[  517.902175][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  517.902175][ T8755] 
[  517.914022][ T8052] usb 3-1: SerialNumber: syz
[  517.976240][ T8755] 
[  517.976240][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  517.976240][ T8755] 
[  517.988868][ T8755] 
[  517.988868][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  517.988868][ T8755] 
[  518.001721][ T8755] 
[  518.001721][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.001721][ T8755] 
[  518.007728][ T8778] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1366'.
[  518.013941][ T8755] 
[  518.013941][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.013941][ T8755] 
[  518.050964][  T133] 
[  518.050964][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.050964][  T133] 
[  518.131431][ T8755] 
[  518.131431][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.131431][ T8755] 
[  518.206907][ T8755] 
[  518.206907][ T8755]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.206907][ T8755] 
[  518.234508][ T8052] cdc_ncm 3-1:1.0: bind() failure
[  518.242331][ T8052] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  518.258075][ T8779] 
[  518.258075][ T8779]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.258075][ T8779] 
[  518.269677][ T8779] 
[  518.269677][ T8779]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.269677][ T8779] 
[  518.292099][ T8779] 
[  518.292099][ T8779]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.292099][ T8779] 
[  518.301521][ T8052] cdc_ncm 3-1:1.1: bind() failure
[  518.415151][ T8779] 
[  518.415151][ T8779]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.415151][ T8779] 
[  518.435360][ T8052] usb 3-1: USB disconnect, device number 15
[  518.445568][ T8779] 
[  518.445568][ T8779]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.445568][ T8779] 
[  518.554437][ T3682] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  518.676987][ T8789] loop4: detected capacity change from 0 to 512
[  518.715146][  T134] 
[  518.715146][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.715146][  T134] 
[  518.736266][ T8789] EXT4-fs: Ignoring removed oldalloc option
[  518.752770][ T8789] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  518.790803][ T7763] 
[  518.790803][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.790803][ T7763] 
[  518.808141][ T7763] 
[  518.808141][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.808141][ T7763] 
[  518.976736][  T134] 
[  518.976736][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  518.976736][  T134] 
[  518.994485][ T3682] usb 4-1: Using ep0 maxpacket: 8
[  519.000160][ T7763] 
[  519.000160][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  519.000160][ T7763] 
[  519.014600][ T7763] 
[  519.014600][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  519.014600][ T7763] 
[  519.032834][ T3636] 
[  519.032834][ T3636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  519.032834][ T3636] 
[  519.809525][  T133] 
[  519.809525][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  519.809525][  T133] 
[  519.874505][ T3682] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  519.882761][ T3682] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  519.885977][ T3636] 
[  519.885977][ T3636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  519.885977][ T3636] 
[  520.019442][ T8789] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  520.034418][ T3682] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  520.050047][ T3682] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  520.819477][ T3682] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  520.837583][ T3682] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  520.849536][ T3682] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.886688][ T3682] usb 4-1: can't set config #16, error -71
[  520.914626][ T3682] usb 4-1: USB disconnect, device number 17
[  521.406005][ T8809] loop0: detected capacity change from 0 to 16
[  521.753331][ T8809] erofs: (device loop0): mounted with root inode @ nid 36.
[  521.841909][ T8786] syz.4.1367 (8786) used greatest stack depth: 18808 bytes left
[  522.109380][ T8817] loop0: detected capacity change from 0 to 64
[  522.190784][ T8814] loop3: detected capacity change from 0 to 1024
[  522.205406][ T8814] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  522.232115][ T8814] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  522.337975][ T8814] EXT4-fs (loop3): barriers disabled
[  522.352753][ T8814] JBD2: no valid journal superblock found
[  522.369863][ T8814] EXT4-fs (loop3): error loading journal
[  523.344011][ T8836] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1379'.
[  524.130529][ T8840] netlink: 'syz.4.1381': attribute type 17 has an invalid length.
[  524.154560][ T8840] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1381'.
[  524.574084][ T8848] loop2: detected capacity change from 0 to 512
[  524.611516][ T8848] EXT4-fs: Ignoring removed oldalloc option
[  524.702266][ T8848] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1385: Parent and EA inode have the same ino 15
[  524.717367][ T8848] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1385: Parent and EA inode have the same ino 15
[  524.741476][ T8848] EXT4-fs (loop2): 1 orphan inode deleted
[  524.747529][ T8848] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  525.441388][ T8832] loop3: detected capacity change from 0 to 32768
[  525.490354][ T8832] 
[  525.490354][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  525.490354][ T8832] 
[  525.586170][ T8862] loop0: detected capacity change from 0 to 16
[  525.603642][ T8862] erofs: (device loop0): mounted with root inode @ nid 36.
[  525.643759][ T8832] 
[  525.643759][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  525.643759][ T8832] 
[  525.905351][ T8832] 
[  525.905351][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  525.905351][ T8832] 
[  526.284873][ T8832] 
[  526.284873][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.284873][ T8832] 
[  526.333320][ T8832] 
[  526.333320][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.333320][ T8832] 
[  526.465029][  T134] 
[  526.465029][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.465029][  T134] 
[  526.502760][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  526.514754][ T8832] 
[  526.514754][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.514754][ T8832] 
[  526.595510][ T8832] 
[  526.595510][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.595510][ T8832] 
[  526.654025][ T8864] 
[  526.654025][ T8864]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.654025][ T8864] 
[  526.676541][ T8864] 
[  526.676541][ T8864]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.676541][ T8864] 
[  526.700125][ T8864] 
[  526.700125][ T8864]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.700125][ T8864] 
[  526.731000][ T8864] 
[  526.731000][ T8864]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.731000][ T8864] 
[  526.743463][ T8864] 
[  526.743463][ T8864]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.743463][ T8864] 
[  526.770240][  T134] 
[  526.770240][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.770240][  T134] 
[  526.796480][ T3625] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  526.874927][ T3745] 
[  526.874927][ T3745]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.874927][ T3745] 
[  526.896985][ T3745] 
[  526.896985][ T3745]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.896985][ T3745] 
[  526.918282][  T134] 
[  526.918282][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.918282][  T134] 
[  526.946850][ T3745] 
[  526.946850][ T3745]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.946850][ T3745] 
[  526.968112][ T3745] 
[  526.968112][ T3745]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.968112][ T3745] 
[  526.980462][  T134] 
[  526.980462][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.980462][  T134] 
[  526.991452][ T6775] 
[  526.991452][ T6775]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.991452][ T6775] 
[  526.994405][ T3625] usb 1-1: device descriptor read/64, error -71
[  527.008693][ T6775] 
[  527.008693][ T6775]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  527.008693][ T6775] 
[  527.425961][ T8879] loop3: detected capacity change from 0 to 16
[  528.156656][ T3625] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  528.167479][ T8879] erofs: (device loop3): mounted with root inode @ nid 36.
[  528.344468][ T3625] usb 1-1: device descriptor read/64, error -71
[  528.528459][ T3625] usb usb1-port1: attempt power cycle
[  528.747729][ T8888] syz.2.1393 (8888): drop_caches: 2
[  529.115235][ T3625] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  529.232637][ T3625] usb 1-1: device descriptor read/8, error -71
[  529.514647][ T3625] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  529.530303][ T8890] loop3: detected capacity change from 0 to 512
[  529.551486][ T8890] EXT4-fs: Ignoring removed oldalloc option
[  529.592707][ T8890] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.1395: Parent and EA inode have the same ino 15
[  529.638696][ T8897] loop2: detected capacity change from 0 to 64
[  529.645833][ T8890] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.1395: Parent and EA inode have the same ino 15
[  529.667805][ T8890] EXT4-fs (loop3): 1 orphan inode deleted
[  529.679042][ T8900] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1397'.
[  529.693000][ T8890] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  529.834030][ T3625] usb 1-1: device not accepting address 16, error -71
[  529.841476][ T3625] usb usb1-port1: unable to enumerate USB device
[  530.536317][ T6775] EXT4-fs (loop3): unmounting filesystem.
[  531.141159][ T8922] loop4: detected capacity change from 0 to 16
[  531.932704][ T8922] erofs: (device loop4): mounted with root inode @ nid 36.
[  536.545749][ T8938] syz.4.1409 (8938): drop_caches: 2
[  537.150200][ T8942] loop4: detected capacity change from 0 to 512
[  537.241753][ T8949] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1413'.
[  537.282930][ T8942] EXT4-fs: Ignoring removed oldalloc option
[  537.358907][ T8942] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1412: Parent and EA inode have the same ino 15
[  537.379609][ T8942] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1412: Parent and EA inode have the same ino 15
[  537.396251][ T8942] EXT4-fs (loop4): 1 orphan inode deleted
[  537.402175][ T8942] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  538.217181][ T6712] EXT4-fs (loop4): unmounting filesystem.
[  540.458252][   T22] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  540.591368][ T8991] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1425'.
[  540.664448][   T22] usb 5-1: device descriptor read/64, error -71
[  540.694556][ T8993] syz.0.1423 (8993): drop_caches: 2
[  540.934619][   T22] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  541.134414][   T22] usb 5-1: device descriptor read/64, error -71
[  541.151969][ T8997] loop3: detected capacity change from 0 to 2048
[  541.210523][ T8997]  loop3: p1 < > p4
[  541.233004][ T8997] loop3: p4 size 8388608 extends beyond EOD, truncated
[  541.254573][   T22] usb usb5-port1: attempt power cycle
[  541.389848][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  541.395138][ T8997] __loop_clr_fd: partition scan of loop3 failed (rc=-16)
[  541.437810][ T8943] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  541.468073][ T8943] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  541.468159][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  541.510266][ T8943] Buffer I/O error on dev loop3p4, logical block 1, async page read
[  541.532253][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  541.560162][ T9002] loop2: detected capacity change from 0 to 512
[  541.578081][ T8971] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  541.600144][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  541.621160][ T9002] EXT4-fs: Ignoring removed oldalloc option
[  541.632382][ T8971] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  541.654147][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  541.683317][ T8971] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  541.698839][ T9002] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1428: Parent and EA inode have the same ino 15
[  541.716568][ T9002] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1428: Parent and EA inode have the same ino 15
[  541.720902][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  541.773511][ T9002] EXT4-fs (loop2): 1 orphan inode deleted
[  541.781054][ T9002] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  541.796409][ T8971] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  541.833039][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  541.862856][ T8971] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  542.626603][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  542.860024][ T9020] loop2: detected capacity change from 0 to 64
[  549.045105][ T9020] hfs: unable to open catalog tree
[  549.070886][ T9020] hfs: can't find a HFS filesystem on dev loop2
[  549.132218][   T26] kauditd_printk_skb: 59 callbacks suppressed
[  549.132234][   T26] audit: type=1326 audit(1723848944.519:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9035 comm="syz.1.1438" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1297d799b9 code=0x0
[  549.591984][ T9052] loop4: detected capacity change from 0 to 16
[  549.599624][ T3625] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  550.436583][ T9055] syz.2.1442 (9055): drop_caches: 2
[  550.473885][ T9052] erofs: (device loop4): mounted with root inode @ nid 36.
[  551.014902][ T3625] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  551.042588][ T3625] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  551.072135][ T9064] loop2: detected capacity change from 0 to 1024
[  551.088800][ T3625] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  551.140940][ T3625] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  551.174047][ T3625] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  551.185199][ T3625] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  551.228363][ T9064] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  551.364485][ T3625] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  551.392237][ T3625] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.407373][ T3625] usb 1-1: Product: syz
[  551.411890][ T3625] usb 1-1: Manufacturer: syz
[  551.412661][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  551.434560][ T3625] usb 1-1: SerialNumber: syz
[  553.246484][ T9078] loop4: detected capacity change from 0 to 64
[  553.254656][ T3625] cdc_ncm 1-1:1.0: bind() failure
[  553.262609][ T3625] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  553.285802][ T3625] cdc_ncm 1-1:1.1: bind() failure
[  553.304140][ T3625] usb 1-1: USB disconnect, device number 17
[  553.398564][   T26] audit: type=1326 audit(1723848948.759:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9080 comm="syz.0.1453" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x0
[  553.489272][ T3650] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  553.503402][ T3650] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  553.513576][ T3650] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  553.521748][ T3650] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  553.530798][ T3650] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  553.538861][ T3650] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  554.648964][ T9093] loop4: detected capacity change from 0 to 16
[  554.656351][ T9093] erofs: (device loop4): mounted with root inode @ nid 36.
[  554.845003][ T3718] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.980811][ T9105] syz.1.1457 (9105): drop_caches: 2
[  555.012546][ T9104] loop0: detected capacity change from 0 to 1024
[  555.062631][ T3718] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  555.095830][ T9104] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  555.367329][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  555.595924][ T3641] Bluetooth: hci3: command tx timeout
[  556.025765][ T3718] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  556.249502][   T26] audit: type=1326 audit(1723848951.639:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.4.1463" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7fe5799b9 code=0x0
[  556.425803][ T9122] loop4: detected capacity change from 0 to 64
[  556.470999][ T3718] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  556.517882][ T5026] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  556.833271][ T9082] chnl_net:caif_netlink_parms(): no params data found
[  556.904580][ T5026] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.946524][ T5026] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.989484][ T5026] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  557.012483][ T5026] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  557.035569][ T5026] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  557.060163][ T5026] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  557.234615][ T5026] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  557.254792][ T5026] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.275028][ T5026] usb 1-1: Product: syz
[  557.279440][ T5026] usb 1-1: Manufacturer: syz
[  557.284166][ T5026] usb 1-1: SerialNumber: syz
[  557.344575][ T5028] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  557.381757][ T9082] bridge0: port 1(bridge_slave_0) entered blocking state
[  557.390212][ T9082] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.401606][ T9082] device bridge_slave_0 entered promiscuous mode
[  557.507981][ T9082] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.516004][ T9082] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.535666][ T9116] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1462'.
[  557.540308][ T9082] device bridge_slave_1 entered promiscuous mode
[  557.636507][ T5026] cdc_ncm 1-1:1.0: bind() failure
[  557.670102][ T9145] loop1: detected capacity change from 0 to 16
[  557.681740][ T3641] Bluetooth: hci3: command tx timeout
[  557.689654][ T9145] erofs: (device loop1): mounted with root inode @ nid 36.
[  558.356312][ T5026] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  558.363903][ T5026] cdc_ncm 1-1:1.1: bind() failure
[  558.414663][ T5026] usb 1-1: USB disconnect, device number 18
[  558.434542][ T5028] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  558.471511][ T5028] usb 3-1: config 0 has no interfaces?
[  558.486635][ T5028] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  558.514822][ T5028] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.533992][ T9082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  558.542436][ T5028] usb 3-1: config 0 descriptor??
[  558.563875][ T9082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  558.772883][ T9158] loop0: detected capacity change from 0 to 1024
[  558.790213][ T9082] team0: Port device team_slave_0 added
[  558.818459][ T9082] team0: Port device team_slave_1 added
[  558.893761][ T9158] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  559.402704][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  559.774980][ T3641] Bluetooth: hci3: command tx timeout
[  559.886929][ T9082] batman_adv: batadv0: Adding interface: batadv_slave_0
[  559.929319][ T9082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.032572][ T9172] loop1: detected capacity change from 0 to 64
[  560.056611][ T9082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  560.069611][ T9082] batman_adv: batadv0: Adding interface: batadv_slave_1
[  560.076760][ T9082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  560.104282][ T9082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  560.198897][   T26] audit: type=1326 audit(1723848955.579:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.0.1474" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x0
[  561.854415][ T3641] Bluetooth: hci3: command tx timeout
[  561.898606][ T5028] usb 3-1: USB disconnect, device number 16
[  562.909306][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  563.202285][ T9082] device hsr_slave_0 entered promiscuous mode
[  563.218607][ T9082] device hsr_slave_1 entered promiscuous mode
[  563.244451][ T5026] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  563.253729][ T9082] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  563.271730][ T9082] Cannot create hsr debugfs directory
[  563.429918][ T9202] loop4: detected capacity change from 0 to 1024
[  563.501144][ T9202] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  563.624707][ T5026] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  563.635943][ T5026] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  563.654940][ T5026] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  563.677578][ T5026] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  563.717425][ T3718] device hsr_slave_0 left promiscuous mode
[  563.743714][ T3718] device hsr_slave_1 left promiscuous mode
[  563.760731][ T3718] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  563.818802][ T5026] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  563.828934][ T5026] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  563.845806][ T3718] batman_adv: batadv0: Removing interface: batadv_slave_0
[  563.858769][ T3718] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  563.874414][ T3718] batman_adv: batadv0: Removing interface: batadv_slave_1
[  563.957691][ T6712] EXT4-fs (loop4): unmounting filesystem.
[  564.035324][ T3718] device bridge_slave_1 left promiscuous mode
[  564.054881][ T5026] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  564.075686][ T5026] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.090640][ T3718] bridge0: port 2(bridge_slave_1) entered disabled state
[  564.455654][ T5026] usb 2-1: Product: syz
[  564.459970][ T5026] usb 2-1: Manufacturer: syz
[  564.465809][ T5026] usb 2-1: SerialNumber: syz
[  564.536703][ T3718] device bridge_slave_0 left promiscuous mode
[  564.551099][ T3718] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.034455][   T26] audit: type=1326 audit(1723848960.399:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.4.1486" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7fe5799b9 code=0x0
[  565.095979][ T9188] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1479'.
[  565.410877][ T3718] device veth1_macvtap left promiscuous mode
[  565.489267][ T3718] device veth0_macvtap left promiscuous mode
[  565.522080][ T3718] device veth1_vlan left promiscuous mode
[  565.548004][ T3718] device veth0_vlan left promiscuous mode
[  565.687926][ T9226] loop4: detected capacity change from 0 to 64
[  565.974596][ T3625] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  566.334766][ T3625] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  566.363388][ T3625] usb 3-1: config 0 has no interfaces?
[  566.392032][ T3625] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  566.438844][ T3625] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.547815][ T3625] usb 3-1: config 0 descriptor??
[  567.140318][ T3718] team0 (unregistering): Port device team_slave_1 removed
[  567.381006][ T3718] team0 (unregistering): Port device team_slave_0 removed
[  567.569278][ T3718] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  567.755569][ T3718] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  568.436667][ T3718] bond0 (unregistering): Released all slaves
[  568.739616][ T3625] usb 3-1: USB disconnect, device number 17
[  568.745886][ T5026] cdc_ncm 2-1:1.0: bind() failure
[  568.787560][ T5026] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  568.805219][ T5026] cdc_ncm 2-1:1.1: bind() failure
[  568.844089][ T5026] usb 2-1: USB disconnect, device number 14
[  568.934517][ T9251] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1493'.
[  569.722205][ T9264] loop1: detected capacity change from 0 to 2048
[  571.918444][ T9264]  loop1: p1 < > p4
[  572.165054][ T9264] loop1: p4 size 8388608 extends beyond EOD, truncated
[  573.109755][ T9082] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  573.166179][ T9082] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  573.273421][ T9082] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  573.334977][ T9082] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  573.796501][ T9290] loop0: detected capacity change from 0 to 32768
[  573.829005][ T9290] 
[  573.829005][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  573.829005][ T9290] 
[  573.850407][ T9290] 
[  573.850407][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  573.850407][ T9290] 
[  573.872599][ T9290] 
[  573.872599][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  573.872599][ T9290] 
[  573.896027][ T9290] 
[  573.896027][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  573.896027][ T9290] 
[  574.016757][ T9082] 8021q: adding VLAN 0 to HW filter on device bond0
[  574.023814][ T9290] 
[  574.023814][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.023814][ T9290] 
[  574.060159][ T9304] loop2: detected capacity change from 0 to 16
[  574.068010][ T9304] erofs: (device loop2): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  574.099345][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  574.123912][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  574.145228][ T8971] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  574.195131][ T9082] 8021q: adding VLAN 0 to HW filter on device team0
[  574.231767][  T133] 
[  574.231767][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.231767][  T133] 
[  574.266116][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  574.320482][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  574.321362][ T3091]  loop1: p1 < > p4
[  574.342088][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  574.349265][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  574.356978][ T3091] loop1: p4 size 8388608 extends beyond EOD, truncated
[  574.358122][ T9303] 
[  574.358122][ T9303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.358122][ T9303] 
[  574.436359][ T9303] 
[  574.436359][ T9303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.436359][ T9303] 
[  574.440194][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  574.459974][ T8943] udevd[8943]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  574.466975][ T9303] 
[  574.466975][ T9303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.466975][ T9303] 
[  574.485916][ T8971] udevd[8971]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  574.517337][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  574.522378][ T9303] 
[  574.522378][ T9303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.522378][ T9303] 
[  574.552657][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  574.564569][ T9303] 
[  574.564569][ T9303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.564569][ T9303] 
[  574.593507][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.600717][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  574.622241][ T9290] 
[  574.622241][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.622241][ T9290] 
[  574.672350][ T9290] 
[  574.672350][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.672350][ T9290] 
[  574.748814][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  574.758610][  T134] 
[  574.758610][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  574.758610][  T134] 
[  574.915865][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  575.926296][ T3768] 
[  575.926296][ T3768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  575.926296][ T3768] 
[  576.006523][ T7775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  576.017820][ T7775] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  576.024500][ T3768] 
[  576.024500][ T3768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.024500][ T3768] 
[  576.028320][ T7775] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  576.053445][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  576.078231][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  576.111653][ T3768] 
[  576.111653][ T3768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.111653][ T3768] 
[  576.124979][  T134] 
[  576.124979][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.124979][  T134] 
[  576.133547][ T9082] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  576.180655][ T3768] 
[  576.180655][ T3768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.180655][ T3768] 
[  576.197720][ T9082] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  576.223811][ T9308] loop1: detected capacity change from 0 to 32768
[  576.230514][ T3768] 
[  576.230514][ T3768]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.230514][ T3768] 
[  576.242042][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  576.251208][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  576.276210][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  576.277435][ T3634] 
[  576.277435][ T3634]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.277435][ T3634] 
[  576.304593][ T9308] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1504 (9308)
[  576.308153][  T134] 
[  576.308153][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.308153][  T134] 
[  576.328642][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  576.366223][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  576.381189][ T3634] 
[  576.381189][ T3634]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.381189][ T3634] 
[  576.391799][ T5032] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  576.425927][ T9308] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  576.516335][ T9308] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  576.559143][ T9308] BTRFS info (device loop1): setting nodatacow, compression disabled
[  576.592726][ T9308] BTRFS info (device loop1): turning on flush-on-commit
[  576.630953][ T9308] BTRFS info (device loop1): enabling auto defrag
[  576.663032][ T9308] BTRFS info (device loop1): max_inline at 0
[  576.684153][ T9308] BTRFS info (device loop1): using free space tree
[  576.744613][ T5032] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.817563][ T5032] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.878257][ T5032] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  576.950545][ T5032] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  577.088109][ T9308] BTRFS info (device loop1): enabling ssd optimizations
[  577.112407][ T5032] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  577.178899][ T5032] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  577.354844][ T5032] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  577.374067][ T5032] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.427847][ T5032] usb 3-1: Product: syz
[  577.452028][ T5032] usb 3-1: Manufacturer: syz
[  577.479138][ T5032] usb 3-1: SerialNumber: syz
[  579.007484][ T3636] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  579.033922][ T5032] usb 3-1: can't set config #1, error -71
[  579.055976][ T5032] usb 3-1: USB disconnect, device number 18
[  579.154841][ T9082] 8021q: adding VLAN 0 to HW filter on device batadv0
[  579.170321][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  579.203981][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  580.247324][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  580.298632][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  580.321878][ T9375] loop4: detected capacity change from 0 to 2048
[  580.361012][ T9383] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1515'.
[  580.397520][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  580.415470][ T9375]  loop4: p1 < > p4
[  580.421103][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  580.453015][ T9375] loop4: p4 size 8388608 extends beyond EOD, truncated
[  580.519031][ T9082] device veth0_vlan entered promiscuous mode
[  580.552589][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  580.595249][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  580.663613][ T9082] device veth1_vlan entered promiscuous mode
[  580.839713][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  580.853420][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  580.873187][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  580.899301][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  580.913558][ T9082] device veth0_macvtap entered promiscuous mode
[  580.932295][ T9082] device veth1_macvtap entered promiscuous mode
[  581.010599][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  581.041847][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  581.070047][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  581.094495][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  581.129651][ T9394] loop1: detected capacity change from 0 to 1024
[  581.185999][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  581.244748][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  581.274413][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  581.400243][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  581.401015][ T9394] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  581.609792][ T9082] batman_adv: batadv0: Interface activated: batadv_slave_0
[  581.879187][ T9394] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  581.907976][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  581.936038][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  581.949185][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  581.959681][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  581.976857][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.013429][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.023916][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.035100][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.045648][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.057026][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.067894][ T9082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  582.097902][ T9082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  582.110585][ T9082] batman_adv: batadv0: Interface activated: batadv_slave_1
[  582.126582][ T9082] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  582.136775][ T9082] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  582.148115][ T3636] EXT4-fs (loop1): unmounting filesystem.
[  582.154403][ T9082] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  582.163388][ T9082] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  582.175980][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  582.338868][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  582.527737][ T9417] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1519'.
[  582.695598][ T8185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  582.703714][ T8185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  582.849902][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  582.861581][ T3745] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  582.878511][ T3745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  582.999247][ T8185] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  583.190818][ T9432] loop3: detected capacity change from 0 to 512
[  583.241764][ T9432] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  583.320424][ T9432] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  583.346190][ T9432] EXT4-fs (loop3): 1 truncate cleaned up
[  583.351888][ T9432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  583.369673][   T26] audit: type=1804 audit(1723848978.759:318): pid=9432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1446" name="/newroot/0/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  583.438486][ T9082] EXT4-fs (loop3): unmounting filesystem.
[  583.894596][ T4693] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  583.947517][ T9429] loop1: detected capacity change from 0 to 32768
[  583.966825][ T9429] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1521 (9429)
[  584.011472][ T9429] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  584.037008][ T9429] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  584.069803][ T9429] BTRFS info (device loop1): setting nodatacow, compression disabled
[  584.094244][ T9429] BTRFS info (device loop1): turning on flush-on-commit
[  584.130865][ T9429] BTRFS info (device loop1): enabling auto defrag
[  584.159858][ T9429] BTRFS info (device loop1): max_inline at 0
[  584.181845][ T9429] BTRFS info (device loop1): using free space tree
[  584.264596][ T4693] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  584.916239][ T9470] syz.4.1524 (9470): drop_caches: 2
[  585.035797][ T4693] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  585.045761][ T4693] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  585.055639][ T4693] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  585.065479][ T4693] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  585.075227][ T4693] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  585.274853][ T4693] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  585.284194][ T4693] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.311228][ T4693] usb 4-1: Product: syz
[  585.352419][ T4693] usb 4-1: Manufacturer: syz
[  585.388059][ T4693] usb 4-1: SerialNumber: syz
[  585.774185][ T9440] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1522'.
[  585.959139][ T4693] cdc_ncm 4-1:1.0: bind() failure
[  586.007414][ T4693] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  586.497038][ T4693] cdc_ncm 4-1:1.1: bind() failure
[  586.540417][ T4693] usb 4-1: USB disconnect, device number 18
[  586.628645][ T9490] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1527'.
[  587.025138][ T9429] BTRFS error (device loop1): open_ctree failed
[  587.217730][ T9495] loop2: detected capacity change from 0 to 1024
[  587.338816][ T9502] loop4: detected capacity change from 0 to 16
[  587.349685][ T9502] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  587.399240][ T9495] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  587.431514][ T9495] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  587.579957][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  589.883446][ T9546] syz.2.1536 (9546): drop_caches: 2
[  590.224912][ T3683] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  592.687893][ T9563] loop1: detected capacity change from 0 to 1024
[  592.755288][ T9563] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  592.805651][ T3683] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  592.806040][ T9563] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  592.817004][ T3683] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  592.841966][ T3683] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  592.851777][ T3683] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  592.861591][ T3683] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  592.872044][ T3683] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  592.934664][ T3683] usb 1-1: string descriptor 0 read error: -71
[  592.941520][ T3683] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  592.964700][ T3683] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.001290][ T3636] EXT4-fs (loop1): unmounting filesystem.
[  593.105979][ T9556] loop2: detected capacity change from 0 to 32768
[  593.114844][ T3683] usb 1-1: can't set config #1, error -71
[  593.131242][ T3683] usb 1-1: USB disconnect, device number 19
[  593.143696][ T9556] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1543 (9556)
[  593.771595][ T9556] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  593.832734][ T9556] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  593.889755][ T9556] BTRFS info (device loop2): setting nodatacow, compression disabled
[  593.961733][ T9556] BTRFS info (device loop2): turning on flush-on-commit
[  594.008953][ T9556] BTRFS info (device loop2): enabling auto defrag
[  594.085155][ T9556] BTRFS info (device loop2): max_inline at 0
[  594.156099][ T9556] BTRFS info (device loop2): using free space tree
[  594.310545][ T9585] loop1: detected capacity change from 0 to 16
[  594.319658][ T9585] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  595.202296][ T9597] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1553'.
[  595.597005][ T9556] BTRFS error (device loop2): open_ctree failed
[  597.201629][ T9631] syz.0.1555 (9631): drop_caches: 2
[  599.706361][    T7] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  600.179658][ T9664] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1565'.
[  601.672233][ T9665] loop3: detected capacity change from 0 to 16
[  601.712196][ T9665] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  601.924499][    T7] usb 3-1: unable to read config index 0 descriptor/all
[  601.931500][    T7] usb 3-1: can't read configurations, error -71
[  602.200074][ T8971] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  604.158277][ T9693] syz.3.1571 (9693): drop_caches: 2
[  604.712829][ T9702] loop3: detected capacity change from 0 to 64
[  605.845213][ T9717] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1578'.
[  606.344486][    T7] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  606.764968][    T7] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.457268][    T7] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.494651][    T7] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  607.546590][    T7] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  607.610011][    T7] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  607.631331][    T7] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  608.414671][    T7] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  608.423815][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.475187][    T7] usb 4-1: Product: syz
[  608.479398][    T7] usb 4-1: Manufacturer: syz
[  608.484014][    T7] usb 4-1: SerialNumber: syz
[  608.737959][    T7] usb 4-1: can't set config #1, error -71
[  608.819869][ T9749] syz.0.1585 (9749): drop_caches: 2
[  609.721514][    T7] usb 4-1: USB disconnect, device number 19
[  609.947189][ T9761] loop0: detected capacity change from 0 to 512
[  610.008548][ T9761] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  610.053559][ T9761] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  610.075408][ T9761] EXT4-fs (loop0): 1 truncate cleaned up
[  610.081127][ T9761] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  610.153492][   T26] audit: type=1804 audit(1723849005.539:319): pid=9761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1591" name="/newroot/336/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  610.248628][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  611.573583][ T9778] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1595'.
[  613.304631][ T5024] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  613.885799][ T9812] syz.0.1603 (9812): drop_caches: 2
[  614.502354][ T9815] loop2: detected capacity change from 0 to 16
[  615.129244][ T9815] erofs: (device loop2): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  615.364717][ T5024] usb 4-1: device descriptor read/all, error -71
[  615.406319][   T26] audit: type=1326 audit(1723849010.799:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  615.688787][ T9836] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1609'.
[  616.387752][   T26] audit: type=1326 audit(1723849010.809:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  616.410349][   T26] audit: type=1326 audit(1723849010.969:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  616.443160][   T26] audit: type=1326 audit(1723849010.969:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  616.467343][   T26] audit: type=1326 audit(1723849010.969:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  616.674425][   T26] audit: type=1326 audit(1723849010.969:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  617.016951][   T26] audit: type=1326 audit(1723849010.969:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9825 comm="syz.0.1607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  618.059367][ T9860] loop0: detected capacity change from 0 to 1024
[  618.079666][ T9860] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  618.094765][ T9860] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  618.126105][ T9865] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1616'.
[  618.330280][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  618.614983][ T9876] syz.1.1617 (9876): drop_caches: 2
[  620.008957][ T9888] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1622'.
[  620.621458][ T9897] loop4: detected capacity change from 0 to 16
[  620.628555][ T9897] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  620.654438][  T946] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  620.783001][   T26] audit: type=1326 audit(1723849016.169:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9891 comm="syz.1.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1297d799b9 code=0x7fc00000
[  620.823805][   T26] audit: type=1326 audit(1723849016.199:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9891 comm="syz.1.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1297d799b9 code=0x7fc00000
[  620.975648][ T6006] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  621.009696][ T9899] loop3: detected capacity change from 0 to 32768
[  621.021917][ T9899] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1625 (9899)
[  621.038667][ T9899] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  621.064534][  T946] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  621.090395][  T946] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  621.119814][ T9899] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  621.134416][  T946] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  621.150465][ T9899] BTRFS info (device loop3): setting nodatacow, compression disabled
[  621.164118][  T946] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  621.174618][ T9899] BTRFS info (device loop3): turning on flush-on-commit
[  621.192744][   T26] audit: type=1326 audit(1723849016.579:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9891 comm="syz.1.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1297d799b9 code=0x7fc00000
[  621.204370][ T9899] BTRFS info (device loop3): enabling auto defrag
[  621.222427][  T946] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  621.305501][  T946] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  621.315270][ T9899] BTRFS info (device loop3): max_inline at 0
[  621.315297][ T9899] BTRFS info (device loop3): using free space tree
[  621.656091][ T6006] usb 3-1: config 29 has an invalid descriptor of length 0, skipping remainder of the config
[  621.786613][  T946] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  622.207846][ T9899] BTRFS info (device loop3): enabling ssd optimizations
[  622.254654][  T946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.264196][ T6006] usb 3-1: config 29 has 0 interfaces, different from the descriptor's value: 1
[  622.293205][  T946] usb 1-1: Product: syz
[  622.309086][  T946] usb 1-1: Manufacturer: syz
[  622.322540][  T946] usb 1-1: SerialNumber: syz
[  622.354703][  T946] usb 1-1: can't set config #1, error -71
[  622.381058][  T946] usb 1-1: USB disconnect, device number 20
[  622.461043][ T9928] loop1: detected capacity change from 0 to 1024
[  622.474752][ T6006] usb 3-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  622.483828][ T6006] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.492573][ T9082] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  622.638824][ T6006] usb 3-1: Product: syz
[  622.644020][ T6006] usb 3-1: Manufacturer: syz
[  622.679822][ T6006] usb 3-1: SerialNumber: syz
[  623.518018][ T9928] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  623.569314][ T9928] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  623.716192][ T6006] usb 3-1: USB disconnect, device number 21
[  623.727637][ T9940] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1631'.
[  623.829331][ T3636] EXT4-fs (loop1): unmounting filesystem.
[  624.085199][ T9951] syz.2.1633 (9951): drop_caches: 2
[  624.297341][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  624.643333][ T9959] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1635'.
[  625.609257][ T9966] loop3: detected capacity change from 0 to 512
[  625.760075][ T9966] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  625.853927][ T9971] loop0: detected capacity change from 0 to 16
[  625.862381][ T9971] erofs: (device loop0): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  626.258648][ T9966] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  626.373868][ T9966] EXT4-fs (loop3): 1 truncate cleaned up
[  626.654239][ T9966] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  626.737510][   T26] audit: type=1804 audit(1723849022.129:330): pid=9966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1637" name="/newroot/22/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  626.820932][ T9082] EXT4-fs (loop3): unmounting filesystem.
[  627.014940][ T6006] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  627.419889][ T3685] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  627.456651][ T6006] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  627.491343][ T6006] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  627.543352][ T6006] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  627.591261][ T6006] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  627.644473][ T6006] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  627.698624][ T6006] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  627.812997][ T9978] loop3: detected capacity change from 0 to 32768
[  627.820911][ T9978] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1642 (9978)
[  627.836417][ T3685] usb 2-1: config 29 has an invalid descriptor of length 0, skipping remainder of the config
[  627.869669][ T3685] usb 2-1: config 29 has 0 interfaces, different from the descriptor's value: 1
[  627.902425][ T9978] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  627.944468][ T9978] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  627.944639][ T6006] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  627.963547][ T9978] BTRFS info (device loop3): setting nodatacow, compression disabled
[  627.968671][ T6006] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.980857][ T6006] usb 1-1: Product: syz
[  627.985199][ T6006] usb 1-1: Manufacturer: syz
[  627.989810][ T6006] usb 1-1: SerialNumber: syz
[  627.990577][ T9978] BTRFS info (device loop3): turning on flush-on-commit
[  628.018815][ T9978] BTRFS info (device loop3): enabling auto defrag
[  628.038710][ T9978] BTRFS info (device loop3): max_inline at 0
[  628.058388][ T9978] BTRFS info (device loop3): using free space tree
[  628.074727][ T3685] usb 2-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  628.092936][ T3685] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  628.111673][ T3685] usb 2-1: Product: syz
[  628.116205][ T3685] usb 2-1: Manufacturer: syz
[  628.120817][ T3685] usb 2-1: SerialNumber: syz
[  628.219039][ T9978] BTRFS info (device loop3): enabling ssd optimizations
[  628.237519][ T9984] loop4: detected capacity change from 0 to 32768
[  628.268773][ T9984] 
[  628.268773][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.268773][ T9984] 
[  628.298814][ T9984] 
[  628.298814][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.298814][ T9984] 
[  628.309958][ T6006] cdc_ncm 1-1:1.0: bind() failure
[  628.333058][ T6006] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  628.356798][ T6006] cdc_ncm 1-1:1.1: bind() failure
[  628.362117][ T9984] 
[  628.362117][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.362117][ T9984] 
[  628.385424][ T9984] 
[  628.385424][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.385424][ T9984] 
[  628.387422][ T6006] usb 1-1: USB disconnect, device number 21
[  628.414633][ T9082] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  628.422728][ T9984] 
[  628.422728][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.422728][ T9984] 
[  628.452391][ T3685] usb 2-1: USB disconnect, device number 15
[  628.485646][  T134] 
[  628.485646][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.485646][  T134] 
[  628.522425][T10005] 
[  628.522425][T10005]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.522425][T10005] 
[  628.540928][T10005] 
[  628.540928][T10005]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.540928][T10005] 
[  628.572207][ T9984] 
[  628.572207][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.572207][ T9984] 
[  628.659136][ T9984] 
[  628.659136][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.659136][ T9984] 
[  628.725504][ T9984] 
[  628.725504][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.725504][ T9984] 
[  628.748443][ T9984] 
[  628.748443][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.748443][ T9984] 
[  628.764655][T10009] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1645'.
[  628.782819][ T9984] 
[  628.782819][ T9984]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  628.782819][ T9984] 
[  628.813705][T10010] netlink: 308 bytes leftover after parsing attributes in process `syz.3.1645'.
[  629.004793][  T133] 
[  629.004793][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.004793][  T133] 
[  629.021561][ T3718] 
[  629.021561][ T3718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.021561][ T3718] 
[  629.047653][ T3718] 
[  629.047653][ T3718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.047653][ T3718] 
[  629.061563][  T134] 
[  629.061563][  T134]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.061563][  T134] 
[  629.077539][ T3718] 
[  629.077539][ T3718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.077539][ T3718] 
[  629.088522][T10007] loop2: detected capacity change from 0 to 32768
[  629.090120][ T3718] 
[  629.090120][ T3718]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.090120][ T3718] 
[  629.120892][  T133] 
[  629.120892][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.120892][  T133] 
[  629.144632][T10007] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1655 (10007)
[  629.157045][ T6712] 
[  629.157045][ T6712]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.157045][ T6712] 
[  629.176746][ T6712] 
[  629.176746][ T6712]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  629.176746][ T6712] 
[  629.184426][T10007] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  629.207036][T10007] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  629.334902][T10007] BTRFS info (device loop2): setting nodatacow, compression disabled
[  629.370515][T10007] BTRFS info (device loop2): turning on flush-on-commit
[  629.374091][T10022] syz.0.1647 (10022): drop_caches: 2
[  629.388196][T10007] BTRFS info (device loop2): enabling auto defrag
[  629.404468][T10007] BTRFS info (device loop2): max_inline at 0
[  629.414707][T10007] BTRFS info (device loop2): using free space tree
[  629.584402][T10024] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1648'.
[  630.713454][T10036] loop1: detected capacity change from 0 to 16
[  630.724769][T10036] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  630.752291][T10039] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1646'.
[  630.773678][ T8943] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  630.944140][T10052] loop4: detected capacity change from 0 to 512
[  633.399706][T10052] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  633.496327][T10007] BTRFS error (device loop2): open_ctree failed
[  633.510593][T10052] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  633.719410][T10052] EXT4-fs (loop4): 1 truncate cleaned up
[  633.731502][T10052] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  634.434536][T10069] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1657'.
[  634.467923][ T6712] EXT4-fs (loop4): unmounting filesystem.
[  635.001343][T10084] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1662'.
[  635.677885][ T3684] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  635.695931][ T4837] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  635.930707][   T26] audit: type=1326 audit(1723849031.319:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  635.966714][   T26] audit: type=1326 audit(1723849031.359:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  636.021683][T10098] syz.3.1663 (10098): drop_caches: 2
[  636.125081][ T4837] usb 5-1: config 29 has an invalid descriptor of length 0, skipping remainder of the config
[  636.164785][ T3684] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  636.181390][ T3684] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  636.206517][ T3684] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  636.233915][ T3684] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  636.258248][ T3684] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  636.288045][ T3684] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  636.315424][ T4837] usb 5-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  636.332872][ T4837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.342033][ T4837] usb 5-1: Product: syz
[  636.354285][ T4837] usb 5-1: Manufacturer: syz
[  636.359639][ T4837] usb 5-1: SerialNumber: syz
[  636.484637][ T3684] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  636.500794][ T3684] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.509521][ T3684] usb 3-1: Product: syz
[  636.517708][ T3684] usb 3-1: Manufacturer: syz
[  636.522348][ T3684] usb 3-1: SerialNumber: syz
[  636.580462][   T26] audit: type=1326 audit(1723849031.969:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  636.603442][   T26] audit: type=1326 audit(1723849031.969:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  636.646990][   T26] audit: type=1326 audit(1723849031.969:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  636.693990][   T26] audit: type=1326 audit(1723849031.969:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  636.723360][ T4837] qmi_wwan 5-1:29.0: skipping garbage
[  636.728885][ T3685] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  636.756840][ T4837] qmi_wwan 5-1:29.0: skipping garbage
[  636.767000][ T4837] qmi_wwan: probe of 5-1:29.0 failed with error -22
[  636.926842][T10105] loop3: detected capacity change from 0 to 16
[  636.934034][T10105] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  636.993098][ T3684] cdc_ncm 3-1:1.0: bind() failure
[  637.628062][   T26] audit: type=1326 audit(1723849031.969:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  637.659002][ T3684] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  637.662076][   T26] audit: type=1326 audit(1723849031.969:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  637.670687][ T4837] usb 5-1: USB disconnect, device number 19
[  637.701088][   T26] audit: type=1326 audit(1723849031.969:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  637.714384][ T3684] cdc_ncm 3-1:1.1: bind() failure
[  637.741755][   T26] audit: type=1326 audit(1723849031.969:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10089 comm="syz.0.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x7fc00000
[  637.784518][ T3685] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  637.797591][ T3684] usb 3-1: USB disconnect, device number 22
[  637.810933][ T3685] usb 2-1: config 0 has no interfaces?
[  637.888563][ T3685] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  637.897671][ T3685] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  637.910312][ T3685] usb 2-1: config 0 descriptor??
[  638.942164][T10119] loop2: detected capacity change from 0 to 512
[  638.966327][T10119] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  639.019977][T10119] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  639.037144][T10119] EXT4-fs (loop2): 1 truncate cleaned up
[  639.042840][T10119] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  639.180710][ T3646] EXT4-fs (loop2): unmounting filesystem.
[  639.472953][T10131] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1673'.
[  640.093814][ T3684] usb 2-1: USB disconnect, device number 16
[  640.376581][T10109] loop0: detected capacity change from 0 to 32768
[  640.393609][T10139] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1675'.
[  640.407951][T10109] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1669 (10109)
[  640.476507][T10109] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  640.487616][T10109] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  640.497551][T10109] BTRFS info (device loop0): setting nodatacow, compression disabled
[  640.517816][T10109] BTRFS info (device loop0): turning on flush-on-commit
[  640.534452][T10109] BTRFS info (device loop0): enabling auto defrag
[  640.544630][T10109] BTRFS info (device loop0): max_inline at 0
[  640.564546][T10109] BTRFS info (device loop0): using free space tree
[  640.690666][T10158] syz.2.1677 (10158): drop_caches: 2
[  640.954703][T10109] BTRFS error (device loop0): open_ctree failed
[  640.994431][    T7] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  641.417760][    T7] usb 2-1: config 29 has an invalid descriptor of length 0, skipping remainder of the config
[  641.835470][    T7] usb 2-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  641.846907][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.855334][    T7] usb 2-1: Product: syz
[  641.859855][    T7] usb 2-1: Manufacturer: syz
[  641.864548][    T7] usb 2-1: SerialNumber: syz
[  642.835230][    T7] qmi_wwan 2-1:29.0: skipping garbage
[  642.841363][    T7] qmi_wwan 2-1:29.0: skipping garbage
[  642.864494][ T9494] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  642.891240][    T7] qmi_wwan: probe of 2-1:29.0 failed with error -22
[  642.952737][    T7] usb 2-1: USB disconnect, device number 17
[  643.015874][T10188] loop0: detected capacity change from 0 to 512
[  643.040497][T10188] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  643.080651][T10188] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  643.104873][T10188] EXT4-fs (loop0): 1 truncate cleaned up
[  643.110635][T10188] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  643.142738][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  643.142752][   T26] audit: type=1804 audit(1723849038.529:375): pid=10188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1686" name="/newroot/359/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  643.215872][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  643.265231][ T9494] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  643.276481][ T5025] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  643.394414][ T9494] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  643.430989][ T9494] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  643.451997][ T9494] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  643.485361][T10198] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1687'.
[  643.726881][ T9494] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  643.739216][ T9494] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  644.033070][T10201] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1689'.
[  645.814556][ T5025] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  645.865921][ T5025] usb 3-1: config 0 has no interfaces?
[  645.877311][ T5025] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  645.894751][ T5025] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.905224][ T9494] usb 4-1: string descriptor 0 read error: -71
[  645.914002][ T9494] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  645.937739][ T5025] usb 3-1: config 0 descriptor??
[  645.942802][ T9494] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  645.954680][ T5025] usb 3-1: can't set config #0, error -71
[  645.968954][ T5025] usb 3-1: USB disconnect, device number 23
[  645.984534][ T9494] usb 4-1: can't set config #1, error -71
[  645.991849][ T9494] usb 4-1: USB disconnect, device number 22
[  646.346295][T10227] syz.1.1693 (10227): drop_caches: 2
[  646.547894][T10216] loop2: detected capacity change from 0 to 32768
[  646.907502][T10216] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1691 (10216)
[  646.981284][T10216] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  647.030819][T10216] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  647.054453][T10216] BTRFS info (device loop2): setting nodatacow, compression disabled
[  647.068956][T10216] BTRFS info (device loop2): turning on flush-on-commit
[  647.085669][T10216] BTRFS info (device loop2): enabling auto defrag
[  647.099626][T10216] BTRFS info (device loop2): max_inline at 0
[  647.112105][T10216] BTRFS info (device loop2): using free space tree
[  647.966558][T10216] BTRFS info (device loop2): enabling ssd optimizations
[  648.173595][T10217] loop3: detected capacity change from 0 to 32768
[  648.183988][ T3646] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  648.200353][T10257] loop1: detected capacity change from 0 to 512
[  648.234476][T10217] 
[  648.234476][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.234476][T10217] 
[  648.245815][T10257] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  648.290599][T10217] 
[  648.290599][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.290599][T10217] 
[  648.330399][T10217] 
[  648.330399][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.330399][T10217] 
[  648.355839][T10217] 
[  648.355839][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.355839][T10217] 
[  648.369867][T10257] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  648.384435][T10217] 
[  648.384435][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.384435][T10217] 
[  648.404386][  T133] 
[  648.404386][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.404386][  T133] 
[  648.422583][T10217] 
[  648.422583][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.422583][T10217] 
[  648.433242][T10217] 
[  648.433242][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.433242][T10217] 
[  648.451363][T10257] EXT4-fs (loop1): 1 truncate cleaned up
[  648.455771][  T133] 
[  648.455771][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.455771][  T133] 
[  648.457168][T10257] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  648.478631][T10217] 
[  648.478631][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.478631][T10217] 
[  648.494431][T10217] 
[  648.494431][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.494431][T10217] 
[  648.510303][   T26] audit: type=1804 audit(1723849043.899:376): pid=10257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1698" name="/newroot/371/bus/bus" dev="loop1" ino=18 res=1 errno=0
[  648.544497][T10217] 
[  648.544497][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.544497][T10217] 
[  648.563445][T10217] 
[  648.563445][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.563445][T10217] 
[  648.580812][T10217] 
[  648.580812][T10217]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.580812][T10217] 
[  648.613782][  T133] 
[  648.613782][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.613782][  T133] 
[  648.636344][ T3636] EXT4-fs (loop1): unmounting filesystem.
[  648.876455][ T9602] 
[  648.876455][ T9602]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.876455][ T9602] 
[  648.901061][ T9602] 
[  648.901061][ T9602]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.901061][ T9602] 
[  648.922277][ T9602] 
[  648.922277][ T9602]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.922277][ T9602] 
[  648.939137][  T133] 
[  648.939137][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.939137][  T133] 
[  648.950455][ T9602] 
[  648.950455][ T9602]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  648.950455][ T9602] 
[  648.987758][ T3685] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  649.033610][   T26] audit: type=1326 audit(1723849044.419:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.1.1700" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1297d799b9 code=0x0
[  649.162211][ T9602] 
[  649.162211][ T9602]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  649.162211][ T9602] 
[  649.679242][  T133] 
[  649.679242][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  649.679242][  T133] 
[  649.697756][ T9082] 
[  649.697756][ T9082]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  649.697756][ T9082] 
[  649.712331][ T9082] 
[  649.712331][ T9082]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  649.712331][ T9082] 
[  650.014524][ T6003] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  650.054612][ T3685] usb 3-1: config 29 has an invalid descriptor of length 0, skipping remainder of the config
[  650.345158][ T3685] usb 3-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  650.378697][ T3685] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.413927][ T3685] usb 3-1: Product: syz
[  650.420252][ T6003] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  650.435041][ T3685] usb 3-1: Manufacturer: syz
[  650.439863][ T6003] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  650.453058][ T3685] usb 3-1: SerialNumber: syz
[  650.464569][ T6003] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  650.476951][ T6003] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  650.488667][ T6003] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  650.500769][ T6003] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  650.724801][ T6003] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  650.744264][ T6003] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.753105][ T6003] usb 5-1: Product: syz
[  650.757856][ T6003] usb 5-1: Manufacturer: syz
[  650.762465][ T6003] usb 5-1: SerialNumber: syz
[  650.773087][ T5025] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  650.815433][ T3685] qmi_wwan 3-1:29.0: skipping garbage
[  650.821002][ T3685] qmi_wwan 3-1:29.0: skipping garbage
[  650.841651][ T3685] qmi_wwan: probe of 3-1:29.0 failed with error -22
[  650.865705][ T3685] usb 3-1: USB disconnect, device number 24
[  651.795615][T10295] syz.1.1707 (10295): drop_caches: 2
[  651.864650][ T6003] cdc_ncm 5-1:1.0: bind() failure
[  651.876240][ T6003] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  651.883248][ T6003] cdc_ncm 5-1:1.1: bind() failure
[  651.910356][ T6003] usb 5-1: USB disconnect, device number 20
[  652.115086][T10298] loop0: detected capacity change from 0 to 512
[  652.140405][T10298] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  652.164884][T10298] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  652.185107][T10298] EXT4-fs (loop0): 1 truncate cleaned up
[  652.195120][T10298] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  652.214572][ T5025] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  652.250077][ T5025] usb 4-1: config 0 has no interfaces?
[  652.289796][ T5025] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  652.339642][ T5025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.395244][ T5025] usb 4-1: config 0 descriptor??
[  652.402856][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  652.502549][T10308] loop0: detected capacity change from 0 to 512
[  652.527326][T10308] EXT4-fs: Ignoring removed oldalloc option
[  652.560541][T10308] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1713: Parent and EA inode have the same ino 15
[  652.565999][T10303] loop1: detected capacity change from 0 to 32768
[  652.576839][T10308] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1713: Parent and EA inode have the same ino 15
[  652.607769][T10308] EXT4-fs (loop0): 1 orphan inode deleted
[  652.613718][T10308] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  652.624677][T10303] 
[  652.624677][T10303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.624677][T10303] 
[  652.859764][T10303] 
[  652.859764][T10303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.859764][T10303] 
[  653.395267][T10303] 
[  653.395267][T10303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.395267][T10303] 
[  653.451486][T10303] 
[  653.451486][T10303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.451486][T10303] 
[  653.483261][T10303] 
[  653.483261][T10303]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.483261][T10303] 
[  653.543101][  T133] 
[  653.543101][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.543101][  T133] 
[  653.584154][T10318] 
[  653.584154][T10318]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.584154][T10318] 
[  653.609647][T10318] 
[  653.609647][T10318]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.609647][T10318] 
[  653.641065][T10318] 
[  653.641065][T10318]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.641065][T10318] 
[  653.671851][T10318] 
[  653.671851][T10318]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.671851][T10318] 
[  653.701947][T10318] 
[  653.701947][T10318]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.701947][T10318] 
[  653.726531][ T3634] EXT4-fs (loop0): unmounting filesystem.
[  653.759014][  T133] 
[  653.759014][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.759014][  T133] 
[  653.843686][   T33] 
[  653.843686][   T33]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.843686][   T33] 
[  653.902910][   T33] 
[  653.902910][   T33]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.902910][   T33] 
[  653.933398][   T33] 
[  653.933398][   T33]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.933398][   T33] 
[  653.954765][ T3636] 
[  653.954765][ T3636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.954765][ T3636] 
[  653.971778][  T133] 
[  653.971778][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.971778][  T133] 
[  653.983071][ T3636] 
[  653.983071][ T3636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  653.983071][ T3636] 
[  654.065753][   T26] audit: type=1326 audit(1723849049.449:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10321 comm="syz.0.1715" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e6cf799b9 code=0x0
[  654.765280][ T3685] usb 4-1: USB disconnect, device number 23
[  655.624664][T10337] loop1: detected capacity change from 0 to 16
[  655.633999][T10337] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  656.316829][ T8971] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  656.721663][T10345] syz.3.1720 (10345): drop_caches: 2
[  656.733961][    C0] eth0: bad gso: type: 1, size: 1408
[  656.805205][    C0] eth0: bad gso: type: 1, size: 1408
[  657.812123][T10356] loop3: detected capacity change from 0 to 512
[  657.825877][T10356] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  657.885693][T10356] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  657.905844][T10356] EXT4-fs (loop3): 1 truncate cleaned up
[  657.914642][T10356] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  657.982202][ T9082] EXT4-fs (loop3): unmounting filesystem.
[  658.051492][T10364] loop4: detected capacity change from 0 to 512
[  658.065133][T10364] EXT4-fs: Ignoring removed oldalloc option
[  658.140373][T10364] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1726: Parent and EA inode have the same ino 15
[  658.144388][ T5025] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  658.279108][T10364] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.1726: Parent and EA inode have the same ino 15
[  658.324625][    T7] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  658.365043][T10364] EXT4-fs (loop4): 1 orphan inode deleted
[  658.370789][T10364] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  658.539741][ T5025] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  658.564531][ T5025] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.590305][ T5025] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  658.621126][ T5025] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  658.652157][ T5025] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  658.657220][T10366] loop3: detected capacity change from 0 to 32768
[  658.667613][ T5025] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  658.708882][    T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  658.721937][    T7] usb 3-1: config 0 has no interfaces?
[  658.732266][    T7] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  659.066141][    T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  659.128465][ T6712] EXT4-fs (loop4): unmounting filesystem.
[  659.139161][    T7] usb 3-1: config 0 descriptor??
[  659.154833][ T5025] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  659.164126][ T5025] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.172552][ T5025] usb 2-1: Product: syz
[  659.182026][ T5025] usb 2-1: Manufacturer: syz
[  659.186962][ T5025] usb 2-1: SerialNumber: syz
[  659.191804][T10366] 
[  659.191804][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.191804][T10366] 
[  659.232484][T10366] 
[  659.232484][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.232484][T10366] 
[  659.299663][T10366] 
[  659.299663][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.299663][T10366] 
[  659.346690][T10366] 
[  659.346690][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.346690][T10366] 
[  659.360235][T10366] 
[  659.360235][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.360235][T10366] 
[  659.376500][  T133] 
[  659.376500][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.376500][  T133] 
[  659.414083][T10366] 
[  659.414083][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.414083][T10366] 
[  659.427335][T10366] 
[  659.427335][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.427335][T10366] 
[  659.439461][T10366] 
[  659.439461][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.439461][T10366] 
[  659.450980][T10366] 
[  659.450980][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.450980][T10366] 
[  659.484536][ T5025] cdc_ncm 2-1:1.0: bind() failure
[  659.491282][T10366] 
[  659.491282][T10366]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.491282][T10366] 
[  659.515693][ T5025] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  659.537262][  T133] 
[  659.537262][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.537262][  T133] 
[  659.547592][ T5025] cdc_ncm 2-1:1.1: bind() failure
[  659.589222][ T5025] usb 2-1: USB disconnect, device number 18
[  659.874726][   T26] audit: type=1326 audit(1723849055.209:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10374 comm="syz.4.1730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7fe5799b9 code=0x0
[  659.997172][ T7763] 
[  659.997172][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  659.997172][ T7763] 
[  660.009005][ T7763] 
[  660.009005][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  660.009005][ T7763] 
[  660.034491][ T7763] 
[  660.034491][ T7763]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  660.034491][ T7763] 
[  660.366913][ T9082] 
[  660.366913][ T9082]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  660.366913][ T9082] 
[  660.394746][  T133] 
[  660.394746][  T133]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  660.394746][  T133] 
[  660.416938][ T9082] 
[  660.416938][ T9082]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  660.416938][ T9082] 
[  660.514473][  T133] ==================================================================
[  660.522568][  T133] BUG: KASAN: use-after-free in txEnd+0x350/0x560
[  660.529005][  T133] Write of size 8 at addr ffff888020f89840 by task jfsCommit/133
[  660.536722][  T133] 
[  660.539031][  T133] CPU: 0 PID: 133 Comm: jfsCommit Not tainted 6.1.105-syzkaller #0
[  660.546896][  T133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  660.556939][  T133] Call Trace:
[  660.560203][  T133]  <TASK>
[  660.563110][  T133]  dump_stack_lvl+0x1e3/0x2cb
[  660.567772][  T133]  ? nf_tcp_handle_invalid+0x642/0x642
[  660.573213][  T133]  ? panic+0x764/0x764
[  660.577267][  T133]  ? _printk+0xd1/0x111
[  660.581432][  T133]  ? __virt_addr_valid+0x17f/0x530
[  660.586546][  T133]  ? __virt_addr_valid+0x17f/0x530
[  660.591660][  T133]  print_report+0x15f/0x4f0
[  660.596143][  T133]  ? __virt_addr_valid+0x17f/0x530
[  660.601234][  T133]  ? __virt_addr_valid+0x17f/0x530
[  660.606323][  T133]  ? __virt_addr_valid+0x45b/0x530
[  660.611412][  T133]  ? __phys_addr+0xb6/0x170
[  660.615892][  T133]  ? txEnd+0x350/0x560
[  660.619941][  T133]  kasan_report+0x136/0x160
[  660.624429][  T133]  ? txEnd+0x350/0x560
[  660.628497][  T133]  kasan_check_range+0x27f/0x290
[  660.633429][  T133]  txEnd+0x350/0x560
[  660.637311][  T133]  jfs_lazycommit+0x610/0xb60
[  660.641969][  T133]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  660.647846][  T133]  ? lockdep_hardirqs_on+0x94/0x130
[  660.653064][  T133]  ? txFreelock+0x580/0x580
[  660.657566][  T133]  ? do_task_dead+0xd0/0xd0
[  660.662069][  T133]  ? _raw_spin_unlock+0x40/0x40
[  660.666918][  T133]  ? __kthread_parkme+0x168/0x1c0
[  660.671938][  T133]  kthread+0x28d/0x320
[  660.675994][  T133]  ? txFreelock+0x580/0x580
[  660.680480][  T133]  ? kthread_blkcg+0xd0/0xd0
[  660.685061][  T133]  ret_from_fork+0x1f/0x30
[  660.689468][  T133]  </TASK>
[  660.692467][  T133] 
[  660.694770][  T133] Allocated by task 10366:
[  660.699163][  T133]  kasan_set_track+0x4b/0x70
[  660.703740][  T133]  __kasan_kmalloc+0x97/0xb0
[  660.708314][  T133]  lmLogOpen+0x314/0x1030
[  660.712630][  T133]  jfs_mount_rw+0xe3/0x640
[  660.717026][  T133]  jfs_fill_super+0x67d/0xc40
[  660.721684][  T133]  mount_bdev+0x2c9/0x3f0
[  660.726004][  T133]  legacy_get_tree+0xeb/0x180
[  660.730665][  T133]  vfs_get_tree+0x88/0x270
[  660.735065][  T133]  do_new_mount+0x2ba/0xb40
[  660.739552][  T133]  __se_sys_mount+0x2d5/0x3c0
[  660.744211][  T133]  do_syscall_64+0x3b/0xb0
[  660.748610][  T133]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  660.754485][  T133] 
[  660.756788][  T133] Freed by task 9082:
[  660.760743][  T133]  kasan_set_track+0x4b/0x70
[  660.765319][  T133]  kasan_save_free_info+0x27/0x40
[  660.770326][  T133]  ____kasan_slab_free+0xd6/0x120
[  660.775330][  T133]  __kmem_cache_free+0x25c/0x3c0
[  660.780264][  T133]  lmLogClose+0x29d/0x530
[  660.784601][  T133]  jfs_umount+0x298/0x370
[  660.789093][  T133]  jfs_put_super+0x86/0x180
[  660.793584][  T133]  generic_shutdown_super+0x130/0x340
[  660.798945][  T133]  kill_block_super+0x7a/0xe0
[  660.803621][  T133]  deactivate_locked_super+0xa0/0x110
[  660.808979][  T133]  cleanup_mnt+0x490/0x520
[  660.813378][  T133]  task_work_run+0x246/0x300
[  660.817950][  T133]  exit_to_user_mode_loop+0xde/0x100
[  660.823214][  T133]  exit_to_user_mode_prepare+0xb1/0x140
[  660.828741][  T133]  syscall_exit_to_user_mode+0x60/0x270
[  660.834266][  T133]  do_syscall_64+0x47/0xb0
[  660.838673][  T133]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  660.844552][  T133] 
[  660.846855][  T133] The buggy address belongs to the object at ffff888020f89800
[  660.846855][  T133]  which belongs to the cache kmalloc-1k of size 1024
[  660.860887][  T133] The buggy address is located 64 bytes inside of
[  660.860887][  T133]  1024-byte region [ffff888020f89800, ffff888020f89c00)
[  660.874141][  T133] 
[  660.876443][  T133] The buggy address belongs to the physical page:
[  660.882841][  T133] page:ffffea000083e200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20f88
[  660.892969][  T133] head:ffffea000083e200 order:3 compound_mapcount:0 compound_pincount:0
[  660.901276][  T133] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  660.909266][  T133] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888012841dc0
[  660.917838][  T133] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  660.926399][  T133] page dumped because: kasan: bad access detected
[  660.932806][  T133] page_owner tracks the page as allocated
[  660.938501][  T133] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 3623, tgid 3623 (syz-executor), ts 486607425916, free_ts 486289922554
[  660.961408][  T133]  post_alloc_hook+0x18d/0x1b0
[  660.966156][  T133]  get_page_from_freelist+0x322e/0x33b0
[  660.971682][  T133]  __alloc_pages+0x28d/0x770
[  660.976255][  T133]  alloc_slab_page+0x6a/0x150
[  660.980933][  T133]  new_slab+0x84/0x2d0
[  660.985001][  T133]  ___slab_alloc+0xc20/0x1270
[  660.989669][  T133]  __kmem_cache_alloc_node+0x19f/0x260
[  660.995118][  T133]  __kmalloc_node_track_caller+0xa0/0x220
[  661.000828][  T133]  __alloc_skb+0x135/0x670
[  661.005241][  T133]  tcp_stream_alloc_skb+0x3e/0x310
[  661.010345][  T133]  tcp_sendmsg_locked+0xda6/0x4100
[  661.015442][  T133]  tcp_sendmsg+0x2c/0x40
[  661.019676][  T133]  sock_write_iter+0x394/0x4e0
[  661.024431][  T133]  vfs_write+0x857/0xbc0
[  661.028656][  T133]  ksys_write+0x19c/0x2c0
[  661.032965][  T133]  do_syscall_64+0x3b/0xb0
[  661.037370][  T133] page last free stack trace:
[  661.042021][  T133]  free_unref_page_prepare+0xf63/0x1120
[  661.047549][  T133]  free_unref_page+0x33/0x3e0
[  661.052212][  T133]  __unfreeze_partials+0x1b7/0x210
[  661.057313][  T133]  put_cpu_partial+0x17b/0x250
[  661.062060][  T133]  qlist_free_all+0x76/0xe0
[  661.066548][  T133]  kasan_quarantine_reduce+0x156/0x170
[  661.071989][  T133]  __kasan_slab_alloc+0x1f/0x70
[  661.076817][  T133]  slab_post_alloc_hook+0x52/0x3a0
[  661.081912][  T133]  __kmem_cache_alloc_node+0x137/0x260
[  661.087354][  T133]  __kmalloc+0xa1/0x230
[  661.091490][  T133]  tomoyo_realpath_from_path+0xcb/0x5d0
[  661.097019][  T133]  tomoyo_path_number_perm+0x21f/0x7f0
[  661.102463][  T133]  security_file_ioctl+0x6d/0xa0
[  661.107381][  T133]  __se_sys_ioctl+0x47/0x160
[  661.111958][  T133]  do_syscall_64+0x3b/0xb0
[  661.116360][  T133]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  661.122325][  T133] 
[  661.124632][  T133] Memory state around the buggy address:
[  661.130241][  T133]  ffff888020f89700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  661.138279][  T133]  ffff888020f89780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  661.146317][  T133] >ffff888020f89800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  661.154361][  T133]                                            ^
[  661.160492][  T133]  ffff888020f89880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  661.168532][  T133]  ffff888020f89900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  661.176571][  T133] ==================================================================
[  661.317612][T10380] loop1: detected capacity change from 0 to 16
[  661.325117][T10380] erofs: (device loop1): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26222)
[  661.373875][  T133] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  661.381107][  T133] CPU: 1 PID: 133 Comm: jfsCommit Not tainted 6.1.105-syzkaller #0
[  661.387205][    T7] usb 3-1: USB disconnect, device number 25
[  661.394873][  T133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  661.404931][  T133] Call Trace:
[  661.408223][  T133]  <TASK>
[  661.411159][  T133]  dump_stack_lvl+0x1e3/0x2cb
[  661.415852][  T133]  ? nf_tcp_handle_invalid+0x642/0x642
[  661.421317][  T133]  ? panic+0x764/0x764
[  661.425371][  T133]  ? vscnprintf+0x59/0x80
[  661.429683][  T133]  panic+0x318/0x764
[  661.433559][  T133]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  661.439699][  T133]  ? check_panic_on_warn+0x1d/0xa0
[  661.444800][  T133]  ? memcpy_page_flushcache+0xfc/0xfc
[  661.450173][  T133]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  661.456142][  T133]  ? _raw_spin_unlock+0x40/0x40
[  661.460980][  T133]  check_panic_on_warn+0x7e/0xa0
[  661.465904][  T133]  ? txEnd+0x350/0x560
[  661.469984][  T133]  end_report+0x66/0x110
[  661.474206][  T133]  kasan_report+0x143/0x160
[  661.478696][  T133]  ? txEnd+0x350/0x560
[  661.482746][  T133]  kasan_check_range+0x27f/0x290
[  661.487664][  T133]  txEnd+0x350/0x560
[  661.491553][  T133]  jfs_lazycommit+0x610/0xb60
[  661.496227][  T133]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  661.502103][  T133]  ? lockdep_hardirqs_on+0x94/0x130
[  661.507284][  T133]  ? txFreelock+0x580/0x580
[  661.511774][  T133]  ? do_task_dead+0xd0/0xd0
[  661.516280][  T133]  ? _raw_spin_unlock+0x40/0x40
[  661.521114][  T133]  ? __kthread_parkme+0x168/0x1c0
[  661.526125][  T133]  kthread+0x28d/0x320
[  661.530174][  T133]  ? txFreelock+0x580/0x580
[  661.534656][  T133]  ? kthread_blkcg+0xd0/0xd0
[  661.539225][  T133]  ret_from_fork+0x1f/0x30
[  661.543626][  T133]  </TASK>
[  661.546894][  T133] Kernel Offset: disabled
[  661.551212][  T133] Rebooting in 86400 seconds..