last executing test programs:

42.616899475s ago: executing program 5 (id=418):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, 0x0, 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

42.138691162s ago: executing program 5 (id=424):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f00000001c0)={[{@usebackuproot}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@nodiscard}, {@datacow}, {@metadata_ratio={'metadata_ratio', 0x3d, 0x5}}, {@clear_cache}, {@nobarrier}, {@discard_async}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a4, &(0x7f0000005600)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs1t43hJEVIfRJV/Xr6qSqPumq/r46qapPblWd/mt1CONDCBXpql6sSqqqSI98bVVSVQzstvdPNw3rTCyrCmFkbuCZb14/pjNxeiqQbfzrVSEM6XzJpBu/ozJpvDLd+FWVIewZQqhKl/jXiqREVbrEKxUhDMwJZBs/tSKEhYHPhPjhMzP3wXkLz549vaOj7YwdmKjKtFUTZrV3tDXOmNMxszrVp2LKctKbz/v4Y39+0zkzOm+nDrl9eCnpiky5yq4uN1fm3R29s/c+9qs2t5Itz0dB/TF/VegX+i6Y13ZG41nT588/Y1Tyt9TszcnfPplosq1G9ZZttV9uJSPnnzZ35LyFZ49oP236KW2ntH2neeyo5uYxXx07pnlk56iakr/bY6jXf/JD3b0ip5JP4gNAQkKityXK8z7dmnb2D/KCL/pbOloZqrs+oAumFblZyrpGuT0GfdjHHPHH+Z7S44hGFUwcCrI095xldMFkYkuWmiRL1/e6gslhbk3lXZs03i8PjY19im2Hhvy7uZv3rW3YvOsym67UNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPw/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgWAAAAABDmbx1GzwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACXAgAA//+iks5g")
r0 = open(&(0x7f0000000080)='./file1\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0xb7d4, 0x1001f0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r2=>0x0)
io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000, 0x3000}])

37.137758819s ago: executing program 5 (id=438):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/vlan/config\x00')
preadv(r2, &(0x7f0000000500)=[{&(0x7f0000000000)=""/82, 0x52}], 0x1, 0x7, 0x1)
pread64(r2, &(0x7f0000000080)=""/17, 0x11, 0xf0b)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
fchmod(r3, 0xe9)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x80, 0x100}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x2}, 0x94)
lremovexattr(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)

36.477791436s ago: executing program 5 (id=441):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000002780)=ANY=[@ANYBLOB="1c0008200203000014"], 0xfb5)

35.718892237s ago: executing program 5 (id=447):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x100000000, &(0x7f0000006680))
msgget(0x0, 0x2c4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

34.345468106s ago: executing program 5 (id=451):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
creat(0x0, 0x48)
pipe2$9p(&(0x7f0000000000), 0x0)
io_submit(0x0, 0x0, &(0x7f0000000380))
fchdir(0xffffffffffffffff)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x24008851}, 0x800)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

19.188704846s ago: executing program 32 (id=451):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
creat(0x0, 0x48)
pipe2$9p(&(0x7f0000000000), 0x0)
io_submit(0x0, 0x0, &(0x7f0000000380))
fchdir(0xffffffffffffffff)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x24008851}, 0x800)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

13.450255254s ago: executing program 2 (id=513):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r5}, &(0x7f0000000040), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
request_key(&(0x7f0000000440)='keyring\x00', &(0x7f0000000480)={'syz', 0x3}, 0x0, 0xfffffffffffffffc)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000140)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_remount}, {@nodiscard}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$unix(r2, &(0x7f0000000ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000f00)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x18, 0x80000}}], 0x1, 0x80)
ftruncate(0xffffffffffffffff, 0x5)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
clock_adjtime(0x3, &(0x7f0000000a40)={0xfffffffffffffffa, 0x4, 0x8d52, 0x4f, 0x7dc9, 0x8, 0x7, 0x3, 0x7, 0xd, 0x7f, 0x9, 0x10, 0x7, 0x10000, 0x8000000000000000, 0x1, 0x10, 0x3, 0x3, 0x95, 0x6, 0x10000, 0x1, 0x8, 0x81})
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b40)=ANY=[@ANYBLOB="50000000100023ff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000010270100280012800b000100697036746e6c00001800028014000200000000000000000000ffffac14142a08000400002e5c0c7c6ecff85bdfac34d32349895e42ff39998ef53a06ff912757e4a38811039ba6baf03d4749887d8db953c26460f64a86f01f53ee26d0ce29f6e443c9b41f238f56bcd3432770e6a278de69bf1548dcdcf30b179751c314a485adf18623266672070f05b5a501b0f58c6081bec1e859b49ae18fa3881812201270380f60784abe6aee565158b7fc1e1999de4a0509f274560cb9abb4f8aa9dc8fa74bbacba5230f5570ef0265f9ce439cf64f8ea25598db825f2f2997af7f90b002ca3d8b559d4a263a7bf04e48f62da8695c266a19625d2ed702b3f68eac2b8b1a41e82d446eede1e0f0e76ea0d7a309b101462f499ece47d1da9cdb20924120cabb61c2a712cf2378acb11201c3a32f8651ab0602939752340b683"], 0x50}, 0x1, 0x0, 0x0, 0x20040001}, 0x8000)

13.122017995s ago: executing program 1 (id=517):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x10001400200bd2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000010000000bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300000000000000000000000000000000062c7cf52e9624806a4833e1c0059e5a703ab9c2e9b38779270dc5e80af75d509b1a31fe6ed3f8c0172659256dc88de4e377c8a07e95ec5549ae47dc43b93a159a201be254048b9e0857ea3c736c761e686f9b3d0690f035617a12055b2cb3a03794d67b95e7f4fc6af323120c09d0503c8ce92e869e22bb2590299ad76d541f844d32f96184f74d433793bbd75ec15fb1497ce835445212421cb4e3ce08395c9055a2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)

9.771723421s ago: executing program 2 (id=518):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/vlan/config\x00')
preadv(r4, &(0x7f0000000500)=[{&(0x7f0000000000)=""/82, 0x52}], 0x1, 0x7, 0x1)
pread64(r4, &(0x7f0000000080)=""/17, 0x11, 0xf0b)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
fchmod(r5, 0xe9)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x80, 0x100}})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x2}, 0x94)
lremovexattr(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)

9.2025745s ago: executing program 0 (id=519):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@ipv6_getnexthop={0x20, 0x6a, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NHA_ID={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r3 = syz_open_dev$sg(0x0, 0x0, 0x9840)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000380)="259374c94982", 0x0, 0x0, 0x14, 0x0, 0x0})

9.201347588s ago: executing program 4 (id=520):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
syz_emit_ethernet(0x66, &(0x7f00000001c0)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x300, 0x0, 0x0, 0x6c, 0x0, @private}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000240)='./cgroup\x00', &(0x7f0000000180)='ufs\x00', 0x1004050, 0x0)
pipe(&(0x7f0000000040))

9.044626237s ago: executing program 1 (id=521):
mkdir(&(0x7f0000000400)='./file0\x00', 0x99)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
write$sndseq(r0, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @tick=0xb, {0x0, 0xb8}, {}, @control={0x9, 0xffffffff, 0xa}}], 0x1c)
truncate(&(0x7f0000000000)='./bus\x00', 0x8001)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0)

8.074643005s ago: executing program 2 (id=522):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000700)={{0x77ded23f, 0x0, 0x0, 0xfffffffd, 'syz1\x00', 0x3}, 0x0, 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x1, 'syz1\x00', &(0x7f0000000240)})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0xfff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$audio(0xffffffffffffff9c, &(0x7f0000000440), 0x40000, 0x0)
r3 = syz_io_uring_setup(0x4fc, &(0x7f0000000200)={0x0, 0xf915, 0x4, 0x1ffffe, 0x389, 0x0, r1}, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000340)=@ethtool_regs={0x7}})

7.941952894s ago: executing program 0 (id=523):
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x4dc8aa39}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe0b5bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

7.138419245s ago: executing program 4 (id=524):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
write$cgroup_subtree(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="2b68756765603ac4"], 0x9)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', 0x0}}, 0x40)

6.046933755s ago: executing program 3 (id=525):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x30, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r1, @ANYBLOB="0200000000008000800012000800010076746936"], 0xa0}}, 0x0)

5.935243623s ago: executing program 0 (id=526):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x8080)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

5.932493123s ago: executing program 1 (id=527):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24}, 0x94)

5.849928227s ago: executing program 2 (id=528):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
syz_open_dev$loop(&(0x7f0000000180), 0x4e, 0x181240)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x20493859, 0x0, 0x0, 0x0, 0x5, 0xfeedcafe, 0x3, 0x7}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000f80)='/sys/power/mem_sleep', 0xb35ac6044d52e5f5, 0xb)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket(0x6, 0x80000, 0x0)
close(0x3)
socket(0xa, 0x2, 0x88)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
openat$sysfs(0xffffffffffffff9c, 0x0, 0x109a02, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)

5.75702163s ago: executing program 4 (id=529):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dy'])
keyctl$clear(0x5, 0xfffffffffffffffd)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

4.974518553s ago: executing program 1 (id=530):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
clock_settime(0x4, &(0x7f0000000000)={0x77359400})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x4c}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0x100, @remote}}}, 0x108)
socket$pppl2tp(0x18, 0x1, 0x1)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)

4.730376246s ago: executing program 4 (id=531):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f00000005c0), 0x0, 0x0)
ioctl$HIDIOCGREPORTINFO(r1, 0xc00c4809, &(0x7f0000000040)={0x3, 0x2, 0x401})

4.586795725s ago: executing program 3 (id=532):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x10001400200bd2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000010000000bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60f132a2bf8a858392f34072d99aee0ec70aa6d75096e608d97ac4b7bfa2e0ae3e59718e7a7691a98b1334e34553300000000000000000000000000000000062c7cf52e9624806a4833e1c0059e5a703ab9c2e9b38779270dc5e80af75d509b1a31fe6ed3f8c0172659256dc88de4e377c8a07e95ec5549ae47dc43b93a159a201be254048b9e0857ea3c736c761e686f9b3d0690f035617a12055b2cb3a03794d67b95e7f4fc6af323120c09d0503c8ce92e869e22bb2590299ad76d541f844d32f96184f74d433793bbd75ec15fb1497ce835445212421cb4e3ce08395c9055a2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)

3.782180351s ago: executing program 0 (id=533):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/vlan/config\x00')
preadv(r4, &(0x7f0000000500)=[{&(0x7f0000000000)=""/82, 0x52}], 0x1, 0x7, 0x1)
pread64(r4, &(0x7f0000000080)=""/17, 0x11, 0xf0b)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
fchmod(r5, 0xe9)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x80, 0x100}})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x2}, 0x94)
lremovexattr(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)

3.650930322s ago: executing program 2 (id=534):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r5 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x70)
mknodat$loop(r5, &(0x7f0000001600)='./file1\x00', 0x400, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
open(&(0x7f00000005c0)='./bus\x00', 0x66843, 0x0)

2.613169411s ago: executing program 0 (id=535):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
listen(r1, 0x786)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000100), &(0x7f0000000180)='./file0\x00', 0x10112, &(0x7f0000000040)=ANY=[@ANYRES8], 0x1, 0x5a12, &(0x7f00000079c0)="$eJzs3X+QXFW9IPBzu3syk5n8mAR4RJDJEMh7PHiaCb8K5dUz7+17+gp4VCxe+QgbhUAmGE1CKj8EAkpwwSUFWGhhKeofaCG7SLSoglUiJfJjE1bRLKtLbSG1uov+4RaypASylOUyr2b6np6e233n9vT05Ad8PpXM7XP69Pece+7p231O35kOAAAAvCPsu3XrwYtP+IeffHb4jZv+8Qcbbw595bH8nligP91ed7hayKHUXVk0ts2Oi7+44du/Hbzq7378UO+33ty79uR1v/z7Y6567BMX7Lnna0++PveRt14qihvH0+nj6eSVJISeHx740uf2Pnv8aF4yb/RnaWcIC5KFTy5IMiGG/hhCWJsmFmXufPiNs9aNbm++vXtC/vxMOeP9nW30OI8OrB0Hrz0j/OpvV93ys8Xf/U7X7pd3jhdJeurGUwjzrqh/fFcIYXb6f1QcbXE8xkG7MoTQW/e48wradUqL7V+Wkz4x3c5Kt30FceL9SzLpUqZcNh11Zba9BfVNV1472i1XZE4mnT0ZTVdeO2P+gnT7/XR7+hTjl9N9KCehlIRKrfkbkvExEuqOWxKSsWPZU0uXasc2pPufSSeZdCmTLndl9mus3nSglZNkYv7rc6vpTH48HVfS/JPrz9VNXJKT/65025M+Ud+M6ZC9UdXXcKO2X2Niuw5M0pZDoVR3DmqWXzvw6cHoS/P6koUNjxlpIt63d9UdS8urn9rXn9OO5KEkjZ+0FX/HTxfM+diDu7ZnX9dr8a8opfFLbcX/9YX7X71s1ze/mhv/rhi/3Fb8Mx/vfeXCp29dkts/B2L/VNqKv+alZ+5cfOyVu3Pbf2+M39NW/BV79nfPPfj4E7ntH4r9M7ut+C+e/8HfPPD8oy/nxg8xfm9b8Vfv2fz57oGDp+XGfyL2T1974+e13ee+MDDwu8G8+M/F+HPbin//znvef9/82y/IPb4rY//0txX/olMfu2XOwUdPyjt3Jvd26pUT4J3pmPQ91m1put155nTVzRe+Mlipvuebk/6f28mKMm8+R+uZ18n4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBCOO6M//Kh//2R/lcqabo7vfFiqbqN+bNCSGaHELZuW7Nl2/pNVw9+4prtWzat2TC4Ztvg8KZtW64fPPuvBrcMb96w5vrRe4fec1b1cQtDUt0mJzXU3T0yMlLqn5gX6/s3p+7+1dLz/s/vQxg67hcDldz2L7tn433HNvmZkawY+cDG7Rf/4pxvpPvVn7arv0m7RkZGRkJOu/7vpX+674sHfntaCEN/Nlm7nnnxb340oUFjGeNxUqXuUG1Qd9LbtB21Vqftif1VWbd+w/DQ5P07+vhyzn782xte/uO6677wp2r/9uTuR4v9O3vFyIbSl1dd9P+/fGM1o6hdh+u4F/V33IvYvth/PWl/z0v3a17OflVy9uvWnz3x/A9P2PX6zjBUeW1xY91F+9WVDoCu5F0t1Rtr6E0WTMjvScvHIx4ft2zbxs3Ltl6/4z3rN665evjq4U3vW3728nOHzjn3nGVje76sw/sf6//zFvf/0Iyn+Z/a+f34s7XxNLFds6bcH6PtKu6P+hblPf96L/nc3e+75+mLqxlF4zyWrp1P0m3v6HFeHurGW2NfNduvouMTQhhs1g+vvn5BOP5/rL+l6DxUf2Tqf2YkK0aeXfKHb5z39UV/Xc04JOf5+ga1eZ6vtXq8PWP91ZMej5EjtH+7Qzndr76m7Vr+7NNdd+z7/adr7Zs1K1y3Ztu2LcurP+ekLZ2TnNi0XdncuF+Lx36WQ9otoTZMm4zXUV2h2r7s+TMWz/ZqX3pfX7Kw6X5lxfv2rrpjaXn1U/vyejp5qFrj7DC3uk3enVNyQ+aB5VqDm9V/pD7/isbHwIe+/shHHvne2Q3j48zqz6L9SnL267vP33/3t77w77/Xuf360N/s7//D//z40mrGEX9eKVcbUmt12p6k/rxyZghFz7/Fofl+5D7/Ss33p+j5l61nvHzzeIOZdF8ot/V8PfPx3lcufPrWJbnP1wOTPV/rd/bGCY8rFzxfj5Txk31+JZWJ7Zi559eEgZKsGPnxbcfsfPKmlSdUM4peL2ulm43rs1qYf+Ts148ue2HgmsF/9987d9749l89fPkv16z4TDWj/eMe29KZ496T9m9PTv/WWh3nnfX9+96rrtmwtppf1M+H7/1vui2Y/8RTydbrd3xyzYYNw1u2trZfrb6exnqyvdzu62k8uy0s2K9Sw37N3I1W+qvV51ts/9q2+2vi860vJG29Luz46YI5H3tw1/b+hkelFV1RSuOX2or/6wv3v3rZrm9+NTf+XTF+pa34a1565s7Fx165Ozf+vUkav6et+Cv27O+ee/DxJ3LjD8X2z24r/ovnf/A3Dzz/6Mu58UOM39de/7+2+9wXBgZ+lxv/uSStZ/Q9UggPv3HWumo6CV3p8y22o2tCu0I2nWTSpUy6XJ8uxVWEtIJykkzMj+XS/JPr2tLMv+Tkx3dhPYuq2zdjOmRvTJ5/pCnVnfub5Re9TwUAeLuLn//H96Dx8//h9I1S/koDjJvuPGxRTtw4Dxtfz5n4GeuiNH58fFwHHHhvGBrd3jxYfaM/1c8R4vMhu84Z6zntlIkxCtc5R8bqb1jnLFp/X5JJx3ZV18srdfPQVOO8phJaWH9vrGfy9ffM7hd/njV4W0OzBuvWrbLHrytdMWt2vUOmvZXRCHnjI7suFq/nGJgXVo7V1+L4yF5HE49D9jqaWM8JmRNnu9fR5I2P/sZ+mNCuOD5iuUnGx1iTiz+PbDx+YZL+HT9+zaNlj98UjnfPaPmOfj77Vu3u2uezHVg3bHpKO3TrhjP7eZh1yZz46RPsSF83jPlxPyotrid+JCe/U+uJ8XQR23VgkrYcCtYTgberOP+PrxGj8//RN+D/L1OuaJ6SfdcY4+VeJ1Ru3p6ieUfjdXq9bb2Or96z+fPdAwdPy32f80Sr1+ltnpDqLbjup6gfl2bShf2Ys0BTNN/L1lPU79nrMvrC3Lb6/f6d97z/vvm3X5Db7yurL6TF/X53dXNf2o8F/T7T13Me/dcZmC80jX+UXMdQtH522OYj6YVPMzUf+eec/KnOR3obbtT2a8yROx8ZfyGdMB/pOrTtAgCOHnH+X/v8LJ3//69YIH0fUTRvPT2TjvFy560570/y5q3/lG6vy5TvS3+jYqrvmy869bFb5hx89KTcecu9rc5D/+OEVH/hPHR68+bcecTKzlwvnjuPqM2zpjdPzG1/bZ44vXl6zse0dfP06c2jc/unNo+euA5w9/7W4sd1gBg/+3HC+DpAB+e5b40XOnTz3IL1ukxlMdnqet1hmUfPm7ifMzKPTn99dqbm0Zfk5E91Ht3XcKO2X2OO3Hn0xHzzaADg7SrO/+PbuDj/fzpTbrqfs+fOCzr0vj3790Bq8Z+bkXnlePwOff6bO+/o0Oe/xfPWmZ7Xz/S6xNH++e9Mrwv1j/0Bz5laJztsny8fKfPitFLzYgAAjmRx/j87TefP/6c3P2mYv3VV30KOz0+Ovvl5fTnz85z4b5v5ee/Yjhy9618ze53MoZj/j9Slj7j5f0ynyRHzfwAAjkBx/h9/7TH+/b//nKazf7f+aJynB5+jv5Pm6Uf5dSodXmeL8euvAzjK1wGO6OsAYjrU3Zg9Xt46AAAAh0PX2Eyp8ffsP5pus79nn/d7+ZfllG9VJX17fOW2LcPDl2/fvHbNtuHLN12zdnjr5dduWb9t2/Cmarnpzhtz5y3pvLErVNL+aF4uO2+bn/49hPk5fw8hWz6GPXHsRuPfQ8hWO7vg7wiMH7/W2pt3/EqTlG82PvKOd178f8kpH9WO/1UfP/PydVsvX79p/bb1yc6GcqOz1t4pfG9mkv6f0velZn40KE39+zvj4ZleO0oN7ehK+yPv+9mTTDsWpC1ZkPf9Bznt/sl/++KnTh350wMhDB1Xfve0+i9ZMfKfLh3+p237frF5tP2lSdtfK5m2q+j7SrPl4/5UNlyzddsZ667Zvin7jZLtiesZpVp6htYz0qd/ucX1idU5+VP9/f1yw40jU8vrEwAATBA//4/vZ+Pnh19I30DF/Nbn6dP7/Dh3nj7U2jw9+71kRfP0bPm4v63O03uaztP/6/1xj4vm6dn6i+bpzco3m6fnzbvz4v9zTvmpan2ctHGdR5x+Prhre+44uaK1cZL9PoOicZItP9VxkkxzPSdbf9E4aVa+2TjJO+558T+cUz5P0Xio1MbD9K7LyR0Pd7U2Hv4yky4aD9nyUx0PpWmOh2z9ReOhWflm4yHv+ObFvzinfKsmjo/RgTE2LoYvv/aaLZ+sKzfT338RGi/JaKV9s8YfO7Pf/9Gu1vt3Zq/7mn77Q1gxlpPX/pm9rmz67S/q/ylcVzYvNFxXltv+56a3EtZ6+2f2+10y8oo3Pv5QrdemZ4Ki68+K1nFX5eRPdR13VsONI5N1XDh84vw/ftwT5/+3p9tOfwx09H9Pmu8xaxq/Q99jVvQ+5h33ep79yN3rOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDbQndl0dh2361bD158wj/85LPDb9z0jz/YePNf3PDt3w5e9Xc/fqj3W2/uXXvyul/+/TFXPfaJC/bc87UnX5/7yFsvFQbuH/tZOT1N9oSQvJKE0PPDA1/63N5njx/NS0II5aR/ZwgLkoVPLkgyEYb+GEJYW2vnxDsffuOsdaPbm2/vnpA/PxMku1+hrxzbU9/OEK4r3COOQvE47zh47RnhV3+76pafLf7ud7p2v7xzvEjSUzeeQph3Rf3ju0IIs9P/o+JoWxQfnG5XhhB66x53XkG7Tmmx/cty0iem21nptq8gTrx/SSZdypTLpqOuzLa3oL7pymtHu+WKzMmksyej6cprZ8xfkG6/n25Pn2L8cvyfhFISKrXmb0jGx0ioO25JSMaOZU8tXaod25DufyadZNKlTLrcldmvsXrTgVZOkon5sVwmP56OK2n+yfXn6iYuycl/V7rtSZ+ob8Z0yN6o6mu4UduvMbFdByZpS+o/FBdpX6nuHNQsv3bg04PRl+b1JQsbHjPSRLxv76o7lpZXP7WvP6cdyUNJGj9pK/6Ony6Y87EHd21flBf/ilIav9RW/F9fuP/Vy3Z986u58e+K8cttxT/z8d5XLnz61iW5/XMg9k+lrfhrXnrmzsXHXrk7t/33xvg9bcVfsWd/99yDjz+R2/6h2D+z24r/4vkf/M0Dzz/6cm78EOP3thV/9Z7Nn+8eOHhabvwnYv/0tTd+Xtt97gsDA78bzIv/XIw/t6349++85/33zb/9gkU5LwzJytg//W3Fv+jUx26Zc/DRk/LOncm9nXrlBHhnOiZ9j3Vbmm53njlddfOFrwxWqu/55qT/53ayoozReuZVb1ZmsBoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN5mfn7j2R+99AMfXlVJQkhyyow0Ee8rz1qxYrCNete89Mydi4+9cnd93qI24gAAAADF4jy8VMvpCYvCtcnscGLT8nGN4MSYSibmZ9cQYpzsGkG7cUpN4pTaiFPuUHsqHYrT1aE4szoUp7tDcXoK4vSE1uLMniROZXQEtNie3knb03qcvg7FmdOhOHM7FGdeh+LM71Cc/knjtD4OF3QozsIOxTmmQ3GO7VCc4zoU5886FOf4DsXJrilPdRzOTUuekBdn7Ea5ME4lKdfuaLaefnxaz0nTrKevoJ65Ra/HLdYzu8V6Tsk8rjTFenparOfPW6gnabK/tXSL9fzlNPenVFBPHLfXZdsX64mpFsf/9R2Ks6NDcW7oUJwbOxTn0x2K85kOxblpmnEAWhXn/+Pzvf7QXfnr0JuecbKrAHG+u3jsZ+PrXd4JKcZ7dyZ/VlG87EQ9E2/xVNuXXUDIxFuSye+aEK9Sm49MEq+nPt7SzJ2T7e/5K5q3rT7e6Zn87kniTdgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgEfn7j2R+99AMfXhWSMPqvqZEm4n3lWStWDLZR795Vdywtr35qX31ed6WNQAAAAEChOA/vquX0hO7K8tCdzJpQriddB+hJ0+X+6nZgXlg5uk0GS2Pp3mTBpI+rpI9btm3j5mVbr9/xnvUb11w9fPXwpvctP3v5uUPnnHvOsnXrNwwPVX+G0F0QL4Qwtvyw9fodn1yzYcPwlq3VzGz7F6WPW5Smk/RxA+8NQ6Pbm9P2Lyyor9RQX4du7AoNdxUfPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf2XXXkPkOssHgL9nZnZmum3+nT+9TUOzHXIpUasmcSuplu4BwUJzIUtBZqtrCTbB4qYJbVJiHduAbU1QhJZAiOSDkVhsLX7pxRaxFwKRGg24MUhbNB/0g9JqJS35ICkjuzNnbjvTWYeSm7/fh3POPO/zvs95z8LCc2YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7JqujE6Wx8YnhqMQoh451S6SsXQ2jksD1P3KS9t+kBs5vbw1lssMsBAAAADQV9KHDzUi+ZDLh5AO185+WhxaBkKz7wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP73TFdGJ8tj4xOXRiFEPXKqXSRj6Wwclwaoe/K9Zz77xsjI31pjxQHWAQAAAPpL+vBUI5IPxbAkDEXXznT+jWjybmBhx/xaXlOyzqJ55nW+O+iVt2SeeTfMM+9jffLW1887AwAAAFz4kv4/04gUQi6zYE4/nPT//fr6JO/6jrx0/Tz/3wpk550JAAAAfLik/881IsWQyxQb/fp8+/3FHXnJ/H7f2yfzl/WY3+/7/HX1s+/pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODCMV0ZnSyPjU+koxCiHjnVLpKxdDaOSwPUXfXy8D/WHH50cWsslxlgIQAAAKCvpA9vtt75kMsMh6Fw6WzfP3Lbgee+9NwLoyGEWpufzYadG7dvv29V7ZjkrTx6eOj7R9759py8lbXjOdsgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwkZmujE6Wx8YnLolCiHrkVLtIxtLZOC4NUPetz3/xL0+dePHt1lhxgHUAAACA/pI+vNn750MxZEM2XD37qbXXn5HqmN/rnQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw8bj/mw9+Y+PU1Kb7XJybi2o6hPPgNly4aL841/+ZAACAj9r1IQrV/9I1G871XQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOeD6croZHlsfCIfhRD1yKl2kYyls3FcGqBu/NKx3ILTL7/aGisOsA4AAADQX9KHN3v/fCiGoTAUrpr91O2dwGz/XziLNwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcV6Yro5PlsfGJBVEIUY+cahfJWDobx6UB6j65a//nDl3+vdtbY7nMAAsBAAAAfSV9eLYRyYdc5uMhF66rf55qnxCl6+fu7wWa87a1TRue97xK27z0vOft7thZpr6b2rx8sl6hdm7MKzXnperzSi3ziqFRvtSYN/uw9rZVW9DnPuc+eQAAADh7kv4/14gUQi6Ta+n/f9qWX9DnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9TFdGJ8tj4xNRFELUI6faRTKWzsZxaYC6D/72/y/76s/27GiNFQdYBwAAAOgv6cObvX8+FMOi8H9h0WzfHwrt+UneP8tnDj3xr78uD2HF1cdHMp3L/ii5+PVbt77SeQgh1Z6dCuHyer2oR73f/P6JB5ZWzzwVwoqr0tfNqRc+vF77knH1+fKmdduPHN/W5+EAAADARSLp/4cakULIZe7t2f8nnXef/r9htgG//IFdv7iyfqx35B0zUoV6vVSPel9Y+syfl63++zsz/f/cep9sXH16/5ZDV7YVrEU6RHF1bMuO9cdvOphKdl2rn+6onzyXL3/r7X9v3vn4mVr9fMjX4ws7bqVWbe6xo3yIq1OpfRNrP9hXaa+f6bH/R3/36olfLdzz/kz9964fbtS/IXSrX9t5pmf9cElcHb7jsb037z+8vr1+CKHUrf67798ervnjPY907n+4Y+HWJ9967HwAcfXo4lMHVx8o3tJeP+qonzz/n594cu9PHv/uC0n95Lciy5fMt36qo/7ru6/Y9drDGxa210/12P8rd74xsrX0nT907v/utlUzPe9i7v6fvvHZu97cGD/UOQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBxma6MTpbHxidSUQhRj5xqF8lYOhvHpQHqnlxz7N079/z4h62x4gDrAAAAAP0lfXiz98+HYsiGbBie7fufL29at/3I8W2hUBuN6ufM1Nb7t39i89Yd9959ju4cAAAAmK+Ta6LZ/j/TiBRCLrM0DNX7/7EtO9Yfv+lgKun/UzPnKISw+Z6pTStCI+/13Vfseu3hDQsb7wlCmP1ZQH4m7zPNvNtuPVY49aevL+uat6qZd3TxqYOrDxRvSfJCa97K0Hg/8fSNz9715sb4ocb9teZ96mtbp+qvJ5J1h+94bO/N+w+vTyXvMern4fq6Sd5Uat/E2g/2VVKFkJsZT9fz8vV995cf+G8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeq6croZHlsfCKkQ4h65FRb1QPJWDobx6UB6q5d+stHLjv94qLWWC4zwEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8B924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsF9/IVKVfRzAn2dm993ZnV3d1RfaitbVisIulIKIuqmoCI0QujIkLM2LKAgiCrtoDY3Eim6CrBuJCqotBIPcJNFijf5JN11UUGBdBCIt1C7SRcXMPGecPc5pdNaC6vOB4dnnOed8z++c55kzewAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/lL6e0Xp7ZMdDc7dfcPMnT9w7+/it7z2w7bLH3vhhfNONH+8dePXk9OblW76+aemmA/etmdr90uFfht757VjH4EcbzcrUrYQQT8QQKu/PPP/k9Kfn1cZiCKEchydCGIlLDo/EXMLqX0MIm5t1zt+4b/aqLbV2266+eeOLcyH56wrVclZPw/D8evl3qaR1tnXukSvCtzes3/75srff6p08PnFql1jbp5zWUwiLNrYe3xtC6E+fmmy1jWYHp3ZdCGGg5bhrOtR18RnWv6qgf2Fq/5faaoecbPuKXL+U2y/fz/Tm2oEO51uoojq63a+TwVw//zBaqGadq9qPj6T23dSuPMv8cvaJoRRDT7P8++OpNRJa5i2GWJ/LSrNfas5tSNef68dcv5Trl3tz11U/b1po5Rjnj2f75cazx3FPGl/e+qxu446C8fNTW0lf1JNZP+T/aKie9kfzuuqyumb+pJa/Q6nlGdRuvDnxaTKqaawal5x2zO9tZNum1z99aXnDB0eGC+qIe2PKj13lb/1sZPCuN3c+PFqUv7GU8ktd5X+39uhPd+58+cXC/Oey/HJX+VceHDix9sMdKwrvz0x2f3rOKD+mfrbt7mMfPbPs//dMtpvrev6eLL/SVf3XTx3tG5o7eKiw/tXZ/envKv+b6275/vUv9x8vzA9Z/kBX+RumHny2b2zu8sL8Q42vQrW+QrtYPz9PXv3V2NiP40X5X2T3f6hNfuyY/9rE7mtfWbxrTeH6XJfdn+GU339W9d92yYHtg3P7Lyp6dsY95+qXE+C/aWn6H+up1O/0nrlvttT2PXOhWt4XXhjvafwCDabP0Lk8UU7tPIv+wnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAPduCABAAAAEDQ/9ftCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeCgAA//86OCSl")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
read$FUSE(r5, &(0x7f0000004200)={0x2020}, 0x2051)

2.416797886s ago: executing program 3 (id=536):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1e6b0b725ad99b817fd98cd824498949714e32f21dcc4ae5437aca55f21f3ca9e822d182054d54d53cd2b6da714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed00000000000000000000000000000000000000006c63b40e0c00000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f79829c90bd2114252581567acae715cbe1b57d5cda432c5b9443999f7d24195405f2e76ba88454cc9227069ccb7b37b41215c000000003be991e5e897284cdd6043058cec00000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg(r1, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000a80)=""/20, 0x14}], 0x1}, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000480)={r4, &(0x7f0000000440)}, 0x20)

1.887195279s ago: executing program 3 (id=537):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xff}, 0x2f)
r1 = openat$cgroup_pressure(r0, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x10}], 0x1, 0x0, 0x0, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000100)={'some', 0x20, 0x4, 0x20, 0xffffa}, 0x2f)
close(r1)

929.614476ms ago: executing program 1 (id=538):
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x4dc8aa39}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe0b5bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

796.884188ms ago: executing program 0 (id=539):
socket$kcm(0x10, 0x2, 0x0)
io_setup(0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write(r0, &(0x7f0000000000)="29000000140005d8ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29)

655.224084ms ago: executing program 4 (id=540):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
write$cgroup_subtree(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="2b68756765603ac4"], 0x9)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', 0x0}}, 0x40)

69.993266ms ago: executing program 3 (id=541):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0], [], [0x1000], [0x0, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r4, 0x0, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r5})

68.65387ms ago: executing program 1 (id=542):
syz_usb_connect(0x5, 0x5f, &(0x7f0000000480)={{0x12, 0x1, 0x200, 0x6e, 0x96, 0x4e, 0x20, 0xf11, 0x2060, 0x9059, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4d, 0x1, 0x50, 0x9, 0x20, 0x4, [{{0x9, 0x4, 0xcf, 0x3, 0x5, 0x8a, 0x87, 0x84, 0x4, [], [{{0x9, 0x5, 0x7, 0x0, 0x20, 0x0, 0xbc, 0x4, [@generic={0x7, 0x5, "eba7c5b6c9"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x8, 0x1, 0x2, 0xf}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x3, 0x8, 0xd3}}, {{0x9, 0x5, 0xd, 0x10, 0x40, 0x3, 0xe0, 0x8}}, {{0x9, 0x5, 0xa, 0x3, 0x400, 0x5, 0xff, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xdd, 0x7}]}}]}}]}}]}}, 0x0)

68.324222ms ago: executing program 4 (id=543):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000002100)=[{&(0x7f0000002200)=""/275, 0x113}, {&(0x7f0000000500)=""/229, 0xe5}, {&(0x7f0000003100)=""/4056, 0xfd8}, {&(0x7f0000000380)=""/203, 0xcb}, {&(0x7f00000006c0)=""/191, 0xbf}, {0x0}, {&(0x7f0000001100)=""/4077, 0xfed}, {&(0x7f00000007c0)=""/211, 0xd3}, {&(0x7f0000000e00)=""/216, 0xd8}, {&(0x7f0000000940)=""/198, 0xc6}, {&(0x7f0000000600)=""/37, 0x25}, {&(0x7f0000000bc0)=""/133, 0x85}], 0xc}, 0x40012100)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

67.874606ms ago: executing program 3 (id=544):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3200004, &(0x7f0000000900)={[{@nls={'nls', 0x3d, 'macinuit'}}, {@gid}, {@umask={'umask', 0x3d, 0x1000}}, {@uid}, {@type={'type', 0x3d, "8cc687ef"}}, {@force}, {@nodecompose}, {@type={'type', 0x3d, "664b981f"}}]}, 0x3, 0x6b9, &(0x7f0000000240)="$eJzs3U1sHGcZB/D/bJx1Nkip26ZtQEi1GqmCRiR2ViVBQmpACOUQoQguvVqJ01jZpJXtorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHh5BuHSNw45AAYzezsem1vHDuOvab9/aTJvLPv1zOP52N37GgDfGpdfD2Huyly8dSl2+X2yr12Z+Ve+2a/nGQySSOZ6K1StJLi4+RCeks+W75YD1c8bJ5X739UTLz/Ybu3NVEvVfvGVv02GdmymxwZbBxKMt0r/nvbw24ar1qqca6sjfeYikHcZcJO9hMH47a6SXetsvHI7ts/b4ED607vvrnJVHI0vbtr+T4g9dXh0VeG8dvy2tTdvzgAAABgr4z8LD/sqQd5kNs5tj/hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCdD0fvOwKJeGv3ydIr+9/83h75TvznmcHfpvWvV6ttPjTsQAAAAAAAAANiVFx/kQW7nWH97tah+5/9StXG8+vczeTtLmc9iTud25rKc5SxmNsnU0EDN23PLy4uzwz2rPxJY+nnKnqurq3fqnmdH9jy7Pq7uxkBH/aXBpkYAAAAAAAAA8Kn1g1xc+/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBEVyqLeqluP98lQaE0mOJGkW04PmzbEG+wT8cdwBAAAAwN5r1etjxX97hdWi+sz/fPW5/0jezq0sZyHL6WQ+V6tnAb1P/Y2/dtudlXvtm+WyeeCv/XNHcVQjpvfsYfTMM1WL5wY9Luab+U5OZTqXs5iFfDdzWc58pvONqjSXIlP104uplXut9GPdHO+FdVuXN8b24lC5jO9EFUkr17JQxXY6V5r90Bt1uxNDs/2+mWyY8W6ZneK12jZzdLVel3v0s3p9MExVe354kJGZOvdlNp4ezvvm3O/wONk402wag2dQx9dmKTc3zvRYOT9ar8tc/3hvc77DR2nrM9H9abnVP/qe3zrnyRf/9qfL1xu3bly/tnTq4BxGj2njMdEeysQL28pEp8xEdxeZOLKb+J+cZp2N3lV0Z1fLl6q+x7KQb+XNXM18zmUmszmfmXwlZ9PO2aG8Prd1XqtzrbGzc+3kF+pCeU/6ydC9ad9MPqyizOvTQ3kdvtJNVXXDr6xl6ZltZKloZnSW/j4ylInP1YVyjh8O3XHGb5CJxtq1uR/ds1tn4pf/WU2y1Ll1Y/H63FvbnO/lel2etu+tvzb/6ons0M7Vu1seL8+UP6z0bhvDR0dZ92y/bt2RM1vVHR/Urb/PNZupzude3aPO1HKk5++OGqlX98LIWdpV3YmhunXvcvJmOoN3IQAcYEdfOdps3W/9pfVB60et661LR74+eX7y880c/vPEHw79pvHrxleLV/JBvp9j444UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CZbeeffGXKczv3gAC2k84QHvjqzqp6L3SvNg7PtWhcP7O+mhnTSe3OqI+m2SLbo3x5HMVpID8DOd62RiH+aazIiqS4NXWkljEE+SGwfkC+6AvXBm+eZbZ5beefdLCzfn3ph/Y/7W2fPnXjvX/vLsnTPXFjrzM71/xx0lsBfW3gaMOxIAAAAAAAAAAABgu3bz3wn+cWl7jUdMW3THsK8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/6eLr+dwN0VmZ07PlNsr99qdcumX11pOJGkkKb6XFB8nF9JbMjU0XPGweV69/9EvXn7/w/baWBP99o0N/X73r9XVHe5Ft14yneRQvX60yW2Nd2VovO4OA+spBntYJuxkP3Ewbv8LAAD///zfBvQ=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1fe)
llistxattr(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)

0s ago: executing program 2 (id=545):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xa007, 0x10100}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000100)={0x1, "fa02c8098000", <r6=>0xffffffffffffffff})
r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000040)={0x80109, "fa02946a000000001dda524f03000000000000000000003673000000002000", <r8=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r8, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45bebe3f5b53e0ca34dd02acecdc67c5e3126628168", r6, <r9=>0xffffffffffffffff})
ppoll(&(0x7f0000000000)=[{r9, 0x200}], 0x1, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.240' (ED25519) to the list of known hosts.
[   85.123529][ T5827] cgroup: Unknown subsys name 'net'
[   85.223854][ T5827] cgroup: Unknown subsys name 'cpuset'
[   85.233737][ T5827] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   86.826164][ T5827] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   91.161083][ T1219] cfg80211: failed to load regulatory.db
[   91.369788][ T5862] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   91.372692][ T5865] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   91.377397][ T5862] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   91.384905][ T5865] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   91.411154][ T5862] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   91.429428][ T5866] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   91.436849][ T5862] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   91.445224][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   91.445790][ T5867] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   91.452635][ T5866] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   91.461143][ T5867] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   91.474420][ T5865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   91.479919][ T5866] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   91.482194][ T5867] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   91.488923][ T5866] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   91.495803][ T5865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   91.502364][ T5862] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   91.509484][ T5865] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   91.516804][ T5866] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   91.526473][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   91.533595][ T5866] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   91.538255][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   91.544824][ T5866] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   91.552011][ T5865] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   91.570270][ T5866] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   91.570822][ T5867] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   91.584967][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   91.586688][ T5865] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   91.592346][ T5852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   91.606797][ T5852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   92.367645][ T5844] chnl_net:caif_netlink_parms(): no params data found
[   92.432456][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   92.520654][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   92.736501][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   92.843984][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   92.856590][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.864810][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.872351][ T5844] bridge_slave_0: entered allmulticast mode
[   92.879977][ T5844] bridge_slave_0: entered promiscuous mode
[   92.954370][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.965572][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.972876][ T5844] bridge_slave_1: entered allmulticast mode
[   92.981161][ T5844] bridge_slave_1: entered promiscuous mode
[   93.008393][ T5851] chnl_net:caif_netlink_parms(): no params data found
[   93.020350][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.027470][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.035025][ T5850] bridge_slave_0: entered allmulticast mode
[   93.042589][ T5850] bridge_slave_0: entered promiscuous mode
[   93.075001][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.082144][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.089516][ T5846] bridge_slave_0: entered allmulticast mode
[   93.097144][ T5846] bridge_slave_0: entered promiscuous mode
[   93.149262][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.159551][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.167194][ T5850] bridge_slave_1: entered allmulticast mode
[   93.176032][ T5850] bridge_slave_1: entered promiscuous mode
[   93.199552][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.206792][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.214373][ T5846] bridge_slave_1: entered allmulticast mode
[   93.222851][ T5846] bridge_slave_1: entered promiscuous mode
[   93.249014][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.336836][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.348571][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.433680][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.475990][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.486847][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.494090][ T5847] bridge_slave_0: entered allmulticast mode
[   93.502530][ T5847] bridge_slave_0: entered promiscuous mode
[   93.518828][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.551774][ T5844] team0: Port device team_slave_0 added
[   93.560706][ T5846] team0: Port device team_slave_0 added
[   93.567983][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.575380][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.586843][ T5847] bridge_slave_1: entered allmulticast mode
[   93.594467][ T5847] bridge_slave_1: entered promiscuous mode
[   93.611514][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.621542][ T5852] Bluetooth: hci2: command tx timeout
[   93.636253][ T5852] Bluetooth: hci4: command tx timeout
[   93.641801][ T5856] Bluetooth: hci3: command tx timeout
[   93.647286][ T5856] Bluetooth: hci0: command tx timeout
[   93.673975][ T5844] team0: Port device team_slave_1 added
[   93.685648][ T5846] team0: Port device team_slave_1 added
[   93.699882][ T5863] Bluetooth: hci1: command tx timeout
[   93.705456][ T5856] Bluetooth: hci5: command tx timeout
[   93.745538][ T5850] team0: Port device team_slave_0 added
[   93.817894][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.843259][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.850562][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.857882][ T5851] bridge_slave_0: entered allmulticast mode
[   93.866271][ T5851] bridge_slave_0: entered promiscuous mode
[   93.876101][ T5850] team0: Port device team_slave_1 added
[   93.897319][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.904764][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.912287][ T5849] bridge_slave_0: entered allmulticast mode
[   93.919806][ T5849] bridge_slave_0: entered promiscuous mode
[   93.961182][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.973601][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.981006][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.988141][ T5851] bridge_slave_1: entered allmulticast mode
[   93.996239][ T5851] bridge_slave_1: entered promiscuous mode
[   94.019261][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.026703][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.034099][ T5849] bridge_slave_1: entered allmulticast mode
[   94.042270][ T5849] bridge_slave_1: entered promiscuous mode
[   94.052434][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.059365][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.085588][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.098219][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.105408][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.131787][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.144910][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.152078][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.178517][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.236465][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.245152][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.272687][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.300238][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.307216][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.333561][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.380711][ T5847] team0: Port device team_slave_0 added
[   94.402290][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.409265][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.436966][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.495873][ T5847] team0: Port device team_slave_1 added
[   94.506142][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.519201][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.541781][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.572996][ T5846] hsr_slave_0: entered promiscuous mode
[   94.579813][ T5846] hsr_slave_1: entered promiscuous mode
[   94.622089][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.673878][ T5844] hsr_slave_0: entered promiscuous mode
[   94.680770][ T5844] hsr_slave_1: entered promiscuous mode
[   94.686944][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.695044][ T5844] Cannot create hsr debugfs directory
[   94.767669][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.774721][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.801549][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.814386][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.821792][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.847796][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.865619][ T5851] team0: Port device team_slave_0 added
[   94.906237][ T5849] team0: Port device team_slave_0 added
[   94.916119][ T5849] team0: Port device team_slave_1 added
[   94.938962][ T5851] team0: Port device team_slave_1 added
[   95.046566][ T5850] hsr_slave_0: entered promiscuous mode
[   95.053746][ T5850] hsr_slave_1: entered promiscuous mode
[   95.060357][ T5850] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.067914][ T5850] Cannot create hsr debugfs directory
[   95.133050][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.143558][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.169714][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.186251][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   95.194026][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.220152][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   95.233739][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.240719][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.266855][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.314704][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   95.321722][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.347862][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   95.400585][ T5847] hsr_slave_0: entered promiscuous mode
[   95.407344][ T5847] hsr_slave_1: entered promiscuous mode
[   95.414765][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.422534][ T5847] Cannot create hsr debugfs directory
[   95.572343][ T5851] hsr_slave_0: entered promiscuous mode
[   95.578993][ T5851] hsr_slave_1: entered promiscuous mode
[   95.589099][ T5851] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.596878][ T5851] Cannot create hsr debugfs directory
[   95.701792][ T5849] hsr_slave_0: entered promiscuous mode
[   95.709646][ T5856] Bluetooth: hci0: command tx timeout
[   95.710826][ T5849] hsr_slave_1: entered promiscuous mode
[   95.715055][ T5856] Bluetooth: hci4: command tx timeout
[   95.722019][ T5849] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.726237][ T5863] Bluetooth: hci2: command tx timeout
[   95.734082][ T5852] Bluetooth: hci3: command tx timeout
[   95.745286][ T5849] Cannot create hsr debugfs directory
[   95.779963][ T5852] Bluetooth: hci5: command tx timeout
[   95.780032][ T5865] Bluetooth: hci1: command tx timeout
[   96.133494][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   96.176415][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.188726][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.200173][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.371808][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   96.392233][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   96.428991][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   96.450618][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   96.525664][ T5850] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   96.537627][ T5850] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   96.548801][ T5850] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   96.564620][ T5850] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   96.742430][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.772798][ T5847] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   96.817643][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   96.834026][ T4131] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.841387][ T4131] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.850888][ T5847] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   96.880534][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.901311][ T5847] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   96.915062][ T5847] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   96.959275][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.966495][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.991679][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.026790][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   97.065582][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.072782][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.119317][ T5849] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   97.130774][ T5849] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   97.149281][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[   97.163833][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.170990][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.185650][ T5849] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   97.230379][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.237551][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.248797][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.255970][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.266847][ T5849] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   97.361316][ T5851] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   97.384567][ T5851] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   97.412103][ T5851] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   97.488800][ T5851] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   97.786361][ T5865] Bluetooth: hci3: command tx timeout
[   97.786560][ T5852] Bluetooth: hci4: command tx timeout
[   97.792121][ T5856] Bluetooth: hci2: command tx timeout
[   97.797244][ T5852] Bluetooth: hci0: command tx timeout
[   97.813930][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.868290][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.871661][ T5856] Bluetooth: hci5: command tx timeout
[   97.880725][ T5865] Bluetooth: hci1: command tx timeout
[   97.930472][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   97.956155][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.046440][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.053716][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.073834][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.081045][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.184873][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   98.230856][ T5846] veth0_vlan: entered promiscuous mode
[   98.257489][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.264687][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.287915][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.301299][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.338169][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.345388][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.377428][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.386360][ T5846] veth1_vlan: entered promiscuous mode
[   98.475645][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   98.566806][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.574020][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.617634][ T5847] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   98.637074][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.644308][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.664010][ T5846] veth0_macvtap: entered promiscuous mode
[   98.691660][ T5846] veth1_macvtap: entered promiscuous mode
[   98.808770][ T5844] veth0_vlan: entered promiscuous mode
[   98.860479][ T5844] veth1_vlan: entered promiscuous mode
[   98.881237][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.986974][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.007891][ T5846] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.030322][ T5846] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.039038][ T5846] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.069744][ T5846] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.127817][ T5844] veth0_macvtap: entered promiscuous mode
[   99.160541][ T5844] veth1_macvtap: entered promiscuous mode
[   99.238655][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.284853][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.339029][ T5850] veth0_vlan: entered promiscuous mode
[   99.368690][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.409958][ T5844] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.418717][ T5844] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.433360][ T5844] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.442123][ T5844] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.469036][ T5850] veth1_vlan: entered promiscuous mode
[   99.505310][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.557826][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.610525][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.626042][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.715083][ T5849] veth0_vlan: entered promiscuous mode
[   99.728168][ T5850] veth0_macvtap: entered promiscuous mode
[   99.749522][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.768836][ T5849] veth1_vlan: entered promiscuous mode
[   99.780276][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.869713][ T5856] Bluetooth: hci2: command tx timeout
[   99.875160][ T5856] Bluetooth: hci3: command tx timeout
[   99.879733][ T5852] Bluetooth: hci0: command tx timeout
[   99.896447][ T5865] Bluetooth: hci4: command tx timeout
[   99.904444][ T5850] veth1_macvtap: entered promiscuous mode
[   99.921754][ T5846] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   99.941232][ T5852] Bluetooth: hci1: command tx timeout
[   99.946819][ T5865] Bluetooth: hci5: command tx timeout
[   99.961971][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.972576][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.057965][ T5847] veth0_vlan: entered promiscuous mode
[  100.170758][ T5849] veth0_macvtap: entered promiscuous mode
[  100.188087][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  100.407437][ T5849] veth1_macvtap: entered promiscuous mode
[  100.425205][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.432934][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.441729][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.450512][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.459503][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.473504][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.395291][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.411818][ T5847] veth1_vlan: entered promiscuous mode
[  101.417838][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  101.426725][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.435410][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.443959][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.465805][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.490671][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.375172][ T5850] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.388876][ T5850] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.403777][ T5850] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.412774][ T5850] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.598100][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.634164][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.746505][ T5993] loop2: detected capacity change from 0 to 64
[  102.760857][ T5993] =======================================================
[  102.760857][ T5993] WARNING: The mand mount option has been deprecated and
[  102.760857][ T5993]          and is ignored by this kernel. Remove the mand
[  102.760857][ T5993]          option from the mount to silence this warning.
[  102.760857][ T5993] =======================================================
[  104.633293][ T5849] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.650559][ T5849] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.660248][ T5849] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.155622][ T5849] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.410862][ T5851] veth0_vlan: entered promiscuous mode
[  105.425065][ T5851] veth1_vlan: entered promiscuous mode
[  105.492154][ T5851] veth0_macvtap: entered promiscuous mode
[  105.715440][ T5851] veth1_macvtap: entered promiscuous mode
[  105.773262][ T5847] veth0_macvtap: entered promiscuous mode
[  105.881853][ T5995] loop0: detected capacity change from 0 to 40427
[  105.903526][ T5995] F2FS-fs (loop0): invalid crc value
[  106.075774][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.145750][ T5995] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  106.633141][ T5847] veth1_macvtap: entered promiscuous mode
[  106.673033][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.684915][ T5851] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.718884][ T5851] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.759828][ T5851] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.770525][ T5851] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.784339][ T4131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.817998][ T4131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.945086][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.048738][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.134394][ T5847] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.170123][ T5847] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.178901][ T5847] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.204542][ T5847] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.215841][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.231148][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.239351][ T6011] loop2: detected capacity change from 0 to 64
[  107.415870][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.451849][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.575703][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.598352][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.671921][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.686257][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.860228][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.920289][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.360656][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.368574][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.760100][ T6023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'.
[  108.771010][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.778841][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.226398][ T6016] loop0: detected capacity change from 0 to 32768
[  109.453729][ T6033] loop3: detected capacity change from 0 to 40427
[  109.558106][ T6033] F2FS-fs (loop3): invalid crc value
[  110.154932][ T6033] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  110.244383][ T6016] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  110.770623][ T6016] XFS (loop0): Ending clean mount
[  110.804574][ T6043] loop2: detected capacity change from 0 to 40427
[  110.902469][ T5844] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  111.510888][ T6043] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  111.687127][ T6064] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.738935][ T6064] batadv_slave_0: entered promiscuous mode
[  111.816608][ T6068] loop3: detected capacity change from 0 to 64
[  111.831145][ T6066] binder: 6065:6066 ioctl 4018620d 0 returned -22
[  111.886242][ T6066] binder: 6065:6066 ioctl c0306201 200000000240 returned -11
[  111.938233][ T6070] pimreg: entered allmulticast mode
[  112.014227][ T6076] netlink: 'syz.3.20': attribute type 10 has an invalid length.
[  112.045354][ T6073] pimreg: left allmulticast mode
[  112.224534][ T6076] veth0_macvtap: left promiscuous mode
[  112.267039][ T5962] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  112.339547][ T5846] syz-executor: attempt to access beyond end of device
[  112.339547][ T5846] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  112.383212][ T6076] batman_adv: batadv0: Adding interface: macvtap0
[  112.393511][ T6076] batman_adv: batadv0: The MTU of interface macvtap0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.425444][ T6076] batman_adv: batadv0: Not using interface macvtap0 (retrying later): interface not active
[  112.447202][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  112.447234][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.447249][ T5846] Call Trace:
[  112.447258][ T5846]  <TASK>
[  112.447268][ T5846]  dump_stack_lvl+0x189/0x250
[  112.447307][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.447337][ T5846]  ? __pfx_queue_work_on+0x10/0x10
[  112.447369][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.447397][ T5846]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  112.447424][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.447449][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.447476][ T5846]  ? f2fs_hw_is_readonly+0x39b/0x470
[  112.447516][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  112.447549][ T5846]  f2fs_write_end_io+0x495/0x810
[  112.447577][ T5846]  ? blkg_put+0x22/0x240
[  112.447632][ T5846]  __submit_merged_bio+0x27a/0x6a0
[  112.447665][ T5846]  __submit_merged_write_cond+0x255/0x530
[  112.447714][ T5846]  f2fs_write_data_pages+0x261d/0x3000
[  112.447783][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  112.447809][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.447894][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.447948][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.447975][ T5846]  ? __lock_acquire+0xab9/0xd20
[  112.448010][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448037][ T5846]  ? do_raw_spin_lock+0x121/0x290
[  112.448079][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448111][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448137][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  112.448173][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  112.448203][ T5846]  do_writepages+0x32e/0x550
[  112.448242][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448274][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448300][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  112.448341][ T5846]  filemap_fdatawrite+0x191/0x230
[  112.448376][ T5846]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  112.448459][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448494][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  112.448540][ T5846]  f2fs_sync_dirty_inodes+0x31f/0x830
[  112.448588][ T5846]  f2fs_write_checkpoint+0x94a/0x1de0
[  112.448648][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  112.448735][ T5846]  ? kill_f2fs_super+0x298/0x6c0
[  112.448771][ T5846]  kill_f2fs_super+0x2c3/0x6c0
[  112.448810][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  112.448837][ T5846]  ? radix_tree_delete_item+0x2b6/0x400
[  112.448870][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.448897][ T5846]  ? shrinker_free+0x2ce/0x3e0
[  112.448925][ T5846]  deactivate_locked_super+0xbc/0x130
[  112.448958][ T5846]  cleanup_mnt+0x425/0x4c0
[  112.448984][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.449011][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.449041][ T5846]  task_work_run+0x1d4/0x260
[  112.449082][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  112.449116][ T5846]  ? __x64_sys_umount+0x122/0x160
[  112.449155][ T5846]  ? exit_to_user_mode_loop+0x40/0x110
[  112.449186][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  112.449211][ T5846]  do_syscall_64+0x2bd/0x3b0
[  112.449238][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.449263][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.449286][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.449313][ T5846]  ? exc_page_fault+0x9f/0xf0
[  112.449341][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.449364][ T5846] RIP: 0033:0x7f6739b8fcd7
[  112.449385][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  112.449404][ T5846] RSP: 002b:00007fff851c0648 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  112.449429][ T5846] RAX: 0000000000000000 RBX: 00007f6739c10b55 RCX: 00007f6739b8fcd7
[  112.449445][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff851c0700
[  112.449460][ T5846] RBP: 00007fff851c0700 R08: 0000000000000000 R09: 0000000000000000
[  112.449475][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff851c1790
[  112.449490][ T5846] R13: 00007f6739c10b55 R14: 000000000001b468 R15: 00007fff851c17d0
[  112.449537][ T5846]  </TASK>
[  112.463530][ T5962] usb 1-1: config 64 has an invalid interface number: 19 but max is 0
[  112.479799][ T5846] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  112.548683][ T5962] usb 1-1: config 64 has no interface number 0
[  112.711838][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  112.711869][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.711883][ T5846] Call Trace:
[  112.711893][ T5846]  <TASK>
[  112.711903][ T5846]  dump_stack_lvl+0x189/0x250
[  112.711941][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.711967][ T5846]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  112.711993][ T5846]  ? __pfx_queue_work_on+0x10/0x10
[  112.712023][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712050][ T5846]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  112.712074][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.712099][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712126][ T5846]  ? f2fs_hw_is_readonly+0x39b/0x470
[  112.712157][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  112.712189][ T5846]  f2fs_write_end_io+0x495/0x810
[  112.712216][ T5846]  ? blkg_put+0x22/0x240
[  112.712270][ T5846]  __submit_merged_bio+0x27a/0x6a0
[  112.712302][ T5846]  __submit_merged_write_cond+0x255/0x530
[  112.712350][ T5846]  f2fs_write_data_pages+0x261d/0x3000
[  112.712418][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  112.712443][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712533][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712585][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712611][ T5846]  ? __lock_acquire+0xab9/0xd20
[  112.712645][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712671][ T5846]  ? do_raw_spin_lock+0x121/0x290
[  112.712712][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712743][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712769][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  112.712803][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  112.712833][ T5846]  do_writepages+0x32e/0x550
[  112.712871][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712903][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.712929][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  112.712968][ T5846]  filemap_fdatawrite+0x191/0x230
[  112.713002][ T5846]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  112.713084][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.713116][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  112.713156][ T5846]  f2fs_sync_dirty_inodes+0x31f/0x830
[  112.713203][ T5846]  f2fs_write_checkpoint+0x94a/0x1de0
[  112.713261][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  112.713347][ T5846]  ? kill_f2fs_super+0x298/0x6c0
[  112.713384][ T5846]  kill_f2fs_super+0x2c3/0x6c0
[  112.713421][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  112.713448][ T5846]  ? radix_tree_delete_item+0x2b6/0x400
[  112.713481][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.713511][ T5846]  ? shrinker_free+0x2ce/0x3e0
[  112.713540][ T5846]  deactivate_locked_super+0xbc/0x130
[  112.713572][ T5846]  cleanup_mnt+0x425/0x4c0
[  112.713599][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.713625][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.713655][ T5846]  task_work_run+0x1d4/0x260
[  112.713695][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  112.713728][ T5846]  ? __x64_sys_umount+0x122/0x160
[  112.713767][ T5846]  ? exit_to_user_mode_loop+0x40/0x110
[  112.713797][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  112.713823][ T5846]  do_syscall_64+0x2bd/0x3b0
[  112.713849][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.713874][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.713896][ T5846]  ? srso_alias_return_thunk+0x5/0xfbef5
[  112.713922][ T5846]  ? exc_page_fault+0x9f/0xf0
[  112.713949][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.713972][ T5846] RIP: 0033:0x7f6739b8fcd7
[  112.713993][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  112.714011][ T5846] RSP: 002b:00007fff851c0648 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  112.714035][ T5846] RAX: 0000000000000000 RBX: 00007f6739c10b55 RCX: 00007f6739b8fcd7
[  112.714051][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff851c0700
[  112.714065][ T5846] RBP: 00007fff851c0700 R08: 0000000000000000 R09: 0000000000000000
[  112.714080][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff851c1790
[  112.714095][ T5846] R13: 00007f6739c10b55 R14: 000000000001b468 R15: 00007fff851c17d0
[  112.714133][ T5846]  </TASK>
[  112.714142][ T5846] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  113.401598][ T5962] usb 1-1: config 64 interface 19 altsetting 0 endpoint 0x2 is Bulk; changing to Interrupt
[  113.411730][ T5962] usb 1-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  113.503545][ T5962] usb 1-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  113.531874][ T5962] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.636232][ T5962] usb 1-1: probing VID:PID(2201:012C)   
[  113.690814][ T5962] usb 1-1: vub300 testing UNKNOWN EndPoint(0) 02
[  113.697197][ T5962] usb 1-1: vub300 ignoring EndPoint(0) 02
[  113.743587][ T5962] usb 1-1: Could not find two sets of bulk-in/out endpoint pairs
[  113.792110][ T5962] vub300 1-1:64.19: probe with driver vub300 failed with error -22
[  113.857942][ T5962] usb 1-1: USB disconnect, device number 2
[  114.142755][ T6080] loop1: detected capacity change from 0 to 32768
[  114.204981][ T6080] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.27 (6080)
[  114.363643][ T6080] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  114.424854][ T6080] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  114.469335][ T6080] BTRFS info (device loop1): using free-space-tree
[  114.832508][   T30] audit: type=1800 audit(1753169679.040:2): pid=6080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.27" name="file1" dev="loop1" ino=260 res=0 errno=0
[  114.878120][ T6082] loop5: detected capacity change from 0 to 32768
[  114.976396][ T6082] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.28 (6082)
[  115.103792][ T6082] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  115.173805][ T6082] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm
[  115.292620][ T5847] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  115.351387][ T6107] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  115.382011][ T6082] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  115.382917][ T6082] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  115.497677][ T6082] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  115.534368][ T6122] input: syz0 as /devices/virtual/input/input5
[  115.628024][ T6082] BTRFS error (device loop5): open_ctree failed: -12
[  116.229486][ T6134] netlink: 16 bytes leftover after parsing attributes in process `syz.5.36'.
[  116.289661][ T5925] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  116.530425][ T5925] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  116.569930][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.670595][ T5925] usb 2-1: config 0 descriptor??
[  116.750148][ T5934] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  116.915852][ T5925] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  116.929755][ T5934] usb 4-1: Using ep0 maxpacket: 16
[  116.943954][ T5934] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  116.961763][ T6152] loop5: detected capacity change from 0 to 128
[  116.978721][ T5934] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  116.999845][ T6152] EXT4-fs warning (device loop5): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  117.035689][ T5934] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  117.055115][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.073648][ T5934] usb 4-1: Product: syz
[  117.093888][ T5934] usb 4-1: Manufacturer: syz
[  117.102485][ T6152] EXT4-fs (loop5): Encoding requested by superblock is unknown
[  117.109780][ T5934] usb 4-1: SerialNumber: syz
[  117.149770][ T5934] usb 4-1: config 0 descriptor??
[  117.156289][ T5925] [drm:udl_init] *ERROR* Selecting channel failed
[  117.174959][ T5934] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  117.463500][ T5934] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  118.396608][ T5925] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  118.403477][   T30] audit: type=1326 audit(1753169681.700:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  118.438163][ T5925] [drm] Initialized udl on minor 2
[  118.459805][ T5925] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  118.476347][   T30] audit: type=1326 audit(1753169681.700:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  118.524043][ T5925] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  118.573491][ T1557] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  118.587747][ T5925] usb 2-1: USB disconnect, device number 2
[  118.644688][   T30] audit: type=1326 audit(1753169681.700:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  118.660535][ T5934] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  118.705112][   T30] audit: type=1326 audit(1753169681.700:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  118.727421][ T1557] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  118.767525][ T5934] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  118.915296][   T30] audit: type=1326 audit(1753169681.710:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  119.071271][   T30] audit: type=1326 audit(1753169681.710:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  119.212443][   T30] audit: type=1326 audit(1753169681.710:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  119.945665][   T30] audit: type=1326 audit(1753169681.710:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  119.989733][ T5934] em28xx 4-1:0.0: Unknown AC97 audio processor detected!
[  120.009975][   T30] audit: type=1326 audit(1753169681.710:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  120.111961][   T30] audit: type=1326 audit(1753169681.710:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  120.502529][   T30] audit: type=1326 audit(1753169681.720:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  120.852381][   T30] audit: type=1326 audit(1753169681.720:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  120.901400][   T30] audit: type=1326 audit(1753169681.720:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  121.014274][   T30] audit: type=1326 audit(1753169681.720:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  121.079234][ T6176] Zero length message leads to an empty skb
[  121.093860][ T5934] em28xx 4-1:0.0: couldn't setup AC97 register 4
[  121.119798][ T5934] em28xx 4-1:0.0: couldn't setup AC97 register 6
[  121.126622][ T5934] em28xx 4-1:0.0: couldn't setup AC97 register 54
[  121.138603][   T30] audit: type=1326 audit(1753169681.720:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  121.161710][ T5934] em28xx 4-1:0.0: couldn't setup AC97 register 56
[  121.209364][ T5934] usb 4-1: USB disconnect, device number 2
[  121.283704][   T30] audit: type=1326 audit(1753169681.720:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  121.519856][   T30] audit: type=1326 audit(1753169681.720:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.5.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f774cf8e9e3 code=0x7ffc0000
[  121.963450][ T6190] netlink: 16 bytes leftover after parsing attributes in process `syz.4.54'.
[  122.118665][ T6197] loop3: detected capacity change from 0 to 256
[  122.170813][ T6197] exfat: Deprecated parameter 'namecase'
[  122.304039][ T6197] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  124.255656][ T6206] loop1: detected capacity change from 0 to 256
[  124.566318][ T6206] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  124.639517][ T6206] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  124.699310][ T6206] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  125.530520][ T6221] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.538915][ T6221] batadv_slave_0: entered promiscuous mode
[  125.538941][ T6219] process 'syz.4.61' launched './file0' with NULL argv: empty string added
[  125.580996][ T6219] ptrace attach of "./syz-executor exec"[6225] was attempted by "./syz-executor exec"[6219]
[  125.628917][ T6224] netlink: 'syz.3.64': attribute type 29 has an invalid length.
[  125.814855][ T6219] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  125.829550][ T6229] netlink: 'syz.3.64': attribute type 29 has an invalid length.
[  125.911101][ T6224] netlink: 'syz.3.64': attribute type 29 has an invalid length.
[  126.010349][ T6229] netlink: 'syz.3.64': attribute type 29 has an invalid length.
[  128.679774][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  128.679794][   T30] audit: type=1800 audit(1753169692.800:33): pid=6265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.76" name="bus" dev="overlay" ino=80 res=0 errno=0
[  129.955567][ T1154] Bluetooth: hci6: Frame reassembly failed (-84)
[  132.001718][ T6294] netlink: 'syz.0.84': attribute type 29 has an invalid length.
[  132.032875][ T5865] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  132.057623][ T6294] netlink: 'syz.0.84': attribute type 29 has an invalid length.
[  132.083532][ T6294] netlink: 'syz.0.84': attribute type 29 has an invalid length.
[  132.104441][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  132.111212][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  132.135585][ T6294] netlink: 'syz.0.84': attribute type 29 has an invalid length.
[  132.276285][ T6297] loop4: detected capacity change from 0 to 4096
[  132.922762][ T6303] loop2: detected capacity change from 0 to 32768
[  133.158611][ T6303] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  133.158633][ T6303]   allowing incompatible features above 0.0: (unknown version)
[  133.158644][ T6303]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  133.198255][ T6303] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  133.206548][ T6303] bcachefs (loop2): initializing new filesystem
[  133.213907][ T6297] ntfs3(loop4): ino=1a, mi_enum_attr
[  133.221776][ T6303] bcachefs (loop2): going read-write
[  133.254710][ T6297] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  133.434277][ T6303] bcachefs (loop2): marking superblocks
[  133.450556][ T6303] bcachefs (loop2): initializing freespace
[  133.460587][ T6303] bcachefs (loop2): done initializing freespace
[  133.471501][ T6303] bcachefs (loop2): reading snapshots table
[  133.477473][ T6303] bcachefs (loop2): reading snapshots done
[  133.519934][ T6303] bcachefs (loop2): done starting filesystem
[  133.935382][ T6303] syz.2.89 (6303) used greatest stack depth: 15320 bytes left
[  134.309217][ T5846] bcachefs (loop2): shutting down
[  134.348455][ T5846] bcachefs (loop2): going read-only
[  134.369107][ T5846] bcachefs (loop2): finished waiting for writes to stop
[  134.483859][ T6327] loop1: detected capacity change from 0 to 256
[  134.500493][ T5846] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  134.552603][ T6327] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  134.849423][ T6275] ntfs3(loop4): ino=5, mi_enum_attr
[  135.723185][ T5846] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  135.811467][ T5846] bcachefs (loop2): clean shutdown complete, journal seq 4
[  135.846028][ T5846] bcachefs (loop2): marking filesystem clean
[  137.013583][ T5846] bcachefs (loop2): shutdown complete
[  138.676841][   T30] audit: type=1326 audit(1753169702.880:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.4.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247cd8e9a9 code=0x7ffc0000
[  138.799806][   T30] audit: type=1326 audit(1753169702.880:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.4.107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247cd8e9a9 code=0x7ffc0000
[  140.273564][ T6358] loop3: detected capacity change from 0 to 32768
[  140.339930][ T6358] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.102 (6358)
[  142.175134][ T6409] loop4: detected capacity change from 0 to 256
[  142.239730][ T6409] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  142.270889][ T6409] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  142.282881][ T6411] loop5: detected capacity change from 0 to 16
[  142.342843][ T6411] erofs (device loop5): mounted with root inode @ nid 36.
[  142.389670][ T6409] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  142.479885][ T6414] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  143.496611][ T6420] loop5: detected capacity change from 0 to 256
[  143.584305][ T6420] exfat: Deprecated parameter 'namecase'
[  143.880112][ T6420] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  143.887347][ T5925] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  144.481975][ T5925] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  144.519640][ T5925] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  144.617779][ T5925] usb 5-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  144.679387][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.726424][ T5925] usb 5-1: config 0 descriptor??
[  144.975989][ T6440] netlink: 'syz.3.129': attribute type 29 has an invalid length.
[  145.000852][ T6440] netlink: 'syz.3.129': attribute type 29 has an invalid length.
[  145.030489][ T6440] netlink: 'syz.3.129': attribute type 29 has an invalid length.
[  145.068391][ T6440] netlink: 'syz.3.129': attribute type 29 has an invalid length.
[  145.373521][ T6444] ptrace attach of "./syz-executor exec"[6445] was attempted by "./syz-executor exec"[6444]
[  145.785587][ T6444] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  146.059178][ T5925] kye 0003:0458:0138.0001: hidraw0: USB HID v0.00 Device [HID 0458:0138] on usb-dummy_hcd.4-1/input0
[  146.445862][ T5925] usb 5-1: USB disconnect, device number 2
[  146.754440][ T6454] fido_id[6454]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  147.224603][ T6468] loop2: detected capacity change from 0 to 1024
[  147.236847][ T6464] loop4: detected capacity change from 0 to 4096
[  147.244319][ T6470] loop5: detected capacity change from 0 to 256
[  147.260740][ T6468] EXT4-fs: Ignoring removed orlov option
[  147.266413][ T6468] EXT4-fs: Ignoring removed nomblk_io_submit option
[  147.284335][ T6470] exfat: Deprecated parameter 'namecase'
[  147.393108][ T6468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.400019][ T6470] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  147.475952][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.569940][ T5962] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  147.925778][ T6488] ptrace attach of "./syz-executor exec"[6491] was attempted by "./syz-executor exec"[6488]
[  147.927834][ T5962] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.984968][ T5962] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  148.067985][ T5962] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.187001][ T5962] usb 1-1: config 0 descriptor??
[  148.250031][ T5962] pwc: Askey VC010 type 2 USB webcam detected.
[  148.266550][ T6488] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  148.380225][ T6500] bridge0: port 3(syz_tun) entered blocking state
[  148.400534][ T6500] bridge0: port 3(syz_tun) entered disabled state
[  148.672383][ T6500] syz_tun: entered allmulticast mode
[  148.962979][ T5962] pwc: recv_control_msg error -32 req 02 val 2b00
[  149.182344][ T5962] pwc: recv_control_msg error -32 req 02 val 2c00
[  149.282663][ T6500] syz_tun: entered promiscuous mode
[  149.328849][ T6500] bridge0: port 3(syz_tun) entered blocking state
[  149.335599][ T6500] bridge0: port 3(syz_tun) entered forwarding state
[  149.374499][ T5962] pwc: recv_control_msg error -71 req 04 val 1000
[  149.409755][ T5962] pwc: recv_control_msg error -71 req 04 val 1300
[  149.481720][ T5962] pwc: recv_control_msg error -71 req 04 val 1400
[  149.524258][ T5962] pwc: recv_control_msg error -71 req 02 val 2000
[  149.556344][ T5962] pwc: recv_control_msg error -71 req 02 val 2100
[  149.584402][ T5962] pwc: recv_control_msg error -71 req 04 val 1500
[  149.604729][ T5962] pwc: recv_control_msg error -71 req 02 val 2500
[  149.633680][ T5962] pwc: recv_control_msg error -71 req 02 val 2400
[  149.660310][ T5962] pwc: recv_control_msg error -71 req 02 val 2600
[  149.667453][ T5962] pwc: recv_control_msg error -71 req 02 val 2900
[  149.687686][ T5962] pwc: recv_control_msg error -71 req 02 val 2800
[  149.697434][ T5962] pwc: recv_control_msg error -71 req 04 val 1100
[  149.718521][ T5962] pwc: recv_control_msg error -71 req 04 val 1200
[  149.740704][   T43] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  149.763887][ T5962] pwc: Registered as video103.
[  149.782908][ T5962] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input7
[  149.841242][ T5962] usb 1-1: USB disconnect, device number 3
[  149.970567][   T43] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  149.987017][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.022629][   T43] usb 2-1: config 0 descriptor??
[  150.215248][ T6523] loop0: detected capacity change from 0 to 128
[  150.265020][ T6523] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  150.284918][ T6525] loop2: detected capacity change from 0 to 1024
[  150.301030][ T6525] EXT4-fs: Ignoring removed orlov option
[  150.322112][ T6523] EXT4-fs (loop0): Encoding requested by superblock is unknown
[  150.330001][ T6525] EXT4-fs: Ignoring removed nomblk_io_submit option
[  150.415000][ T6525] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.458209][ T6523] loop0: detected capacity change from 0 to 764
[  150.465650][ T6523] iso9660: Unknown parameter 'sched_switch'
[  150.768469][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.558312][   T43] usb 2-1: Cannot set autoneg
[  151.646665][   T43] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  151.789820][   T43] usb 2-1: USB disconnect, device number 3
[  151.835506][ T6535] loop4: detected capacity change from 0 to 4096
[  152.226089][   T30] audit: type=1800 audit(1753169716.440:36): pid=6535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.157" name="file1" dev="loop4" ino=33 res=0 errno=0
[  152.363484][ T6549] x_tables: duplicate underflow at hook 1
[  152.473835][   T30] audit: type=1800 audit(1753169716.630:37): pid=6547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.157" name="file1" dev="loop4" ino=33 res=0 errno=0
[  152.904034][ T6558] netlink: 4 bytes leftover after parsing attributes in process `syz.4.165'.
[  152.913094][   T30] audit: type=1326 audit(1753169717.120:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6555 comm="syz.0.166" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x0
[  152.964388][ T6558] netlink: 28 bytes leftover after parsing attributes in process `syz.4.165'.
[  153.050353][ T6562] loop0: detected capacity change from 0 to 1024
[  153.184526][ T6562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.841095][ T6545] loop3: detected capacity change from 0 to 32768
[  153.985288][ T6579] loop5: detected capacity change from 0 to 128
[  154.048921][ T6579] EXT4-fs warning (device loop5): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  154.120050][ T6579] EXT4-fs (loop5): Encoding requested by superblock is unknown
[  154.240394][ T6545] (syz.3.161,6545,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  154.495945][ T6545] (syz.3.161,6545,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  154.715185][ T6545] JBD2: Ignoring recovery information on journal
[  155.009327][ T6545] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  155.037781][ T6588] pimreg: entered allmulticast mode
[  155.069457][ T6588] pimreg: left allmulticast mode
[  155.777912][ T6559] 9pnet_fd: Insufficient options for proto=fd
[  156.153011][ T5849] ocfs2: Unmounting device (7,3) on (node local)
[  156.159686][ T5934] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  157.139497][ T5934] usb 2-1: config 64 has an invalid interface number: 19 but max is 0
[  157.195994][ T5934] usb 2-1: config 64 has no interface number 0
[  157.236429][ T5934] usb 2-1: config 64 interface 19 altsetting 0 endpoint 0x2 is Bulk; changing to Interrupt
[  157.334161][ T6603] netlink: 7 bytes leftover after parsing attributes in process `syz.4.177'.
[  157.401840][ T5934] usb 2-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  158.006658][ T5934] usb 2-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  158.121872][ T5934] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.190267][ T5934] usb 2-1: can't set config #64, error -71
[  158.221390][ T5934] usb 2-1: USB disconnect, device number 4
[  158.529997][ T6615] netlink: 88 bytes leftover after parsing attributes in process `syz.5.181'.
[  158.568131][ T6615] netlink: 'syz.5.181': attribute type 2 has an invalid length.
[  159.687122][ T6611] loop4: detected capacity change from 0 to 4096
[  159.939663][ T6630] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  160.834662][  T971] IPVS: starting estimator thread 0...
[  160.970416][ T6640] IPVS: using max 32 ests per chain, 76800 per kthread
[  161.119636][ T5925] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  161.312468][ T5925] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.358367][ T5925] usb 5-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[  161.402109][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.414979][ T6651] netlink: 4 bytes leftover after parsing attributes in process `syz.5.191'.
[  161.447121][ T5925] usb 5-1: config 0 descriptor??
[  161.808150][   T30] audit: type=1326 audit(1753169726.020:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6654 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  161.894080][   T30] audit: type=1326 audit(1753169726.020:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6654 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  161.894554][ T6658] pimreg: entered allmulticast mode
[  162.847527][ T6659] pimreg: left allmulticast mode
[  163.035131][ T5925] usbhid 5-1:0.0: can't add hid device: -71
[  163.075420][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.094173][ T5925] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  163.139932][ T1219] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  163.205483][ T6667] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.264161][ T6667] batadv_slave_0: entered promiscuous mode
[  163.359160][ T1219] usb 6-1: config 64 has an invalid interface number: 19 but max is 0
[  163.396980][ T1219] usb 6-1: config 64 has no interface number 0
[  163.397989][ T5925] usb 5-1: USB disconnect, device number 3
[  163.449355][ T1219] usb 6-1: config 64 interface 19 altsetting 0 endpoint 0x2 is Bulk; changing to Interrupt
[  163.501571][ T1219] usb 6-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  163.536154][ T1219] usb 6-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  163.641390][ T1219] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.709913][ T6676] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  163.716579][ T6676] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  163.851472][ T1219] usb 6-1: probing VID:PID(2201:012C)   
[  163.878540][ T6676] vhci_hcd vhci_hcd.0: Device attached
[  163.932803][ T1219] usb 6-1: vub300 testing UNKNOWN EndPoint(0) 02
[  163.939227][ T1219] usb 6-1: vub300 ignoring EndPoint(0) 02
[  164.070268][ T1219] usb 6-1: Could not find two sets of bulk-in/out endpoint pairs
[  164.093580][ T6682] loop4: detected capacity change from 0 to 1024
[  164.111786][ T1219] vub300 6-1:64.19: probe with driver vub300 failed with error -22
[  164.137220][  T971] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  164.158006][ T1219] usb 6-1: USB disconnect, device number 2
[  164.203304][ T6682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.222007][ T6684] loop2: detected capacity change from 0 to 1024
[  164.237356][ T6684] EXT4-fs: Ignoring removed orlov option
[  164.269681][ T6678] vhci_hcd: connection reset by peer
[  164.277396][ T6684] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.301743][ T6171] vhci_hcd: stop threads
[  164.321868][ T6171] vhci_hcd: release socket
[  164.370154][ T6171] vhci_hcd: disconnect device
[  164.445095][ T6684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.672863][ T6693] 9pnet_fd: Insufficient options for proto=fd
[  165.096252][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.256442][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.379486][ T6696] netlink: 'syz.3.204': attribute type 29 has an invalid length.
[  165.445207][ T6698] netlink: 'syz.3.204': attribute type 29 has an invalid length.
[  165.473592][ T6704] netlink: 'syz.3.204': attribute type 29 has an invalid length.
[  165.531373][ T6696] netlink: 'syz.3.204': attribute type 29 has an invalid length.
[  165.585292][ T6707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.207'.
[  165.792096][   T30] audit: type=1326 audit(1753169729.990:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.5.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  166.169425][   T30] audit: type=1326 audit(1753169730.380:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6714 comm="syz.5.211" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x0
[  166.245147][ T6717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.210'.
[  166.264405][ T6717] netlink: 'syz.2.210': attribute type 5 has an invalid length.
[  166.290902][ T6717] netlink: 48 bytes leftover after parsing attributes in process `syz.2.210'.
[  166.408596][ T6717] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 39928 - 0
[  166.494339][ T6717] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 39928 - 0
[  166.519835][ T6717] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 39928 - 0
[  166.536779][ T6717] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 39928 - 0
[  166.558410][ T6717] geneve2: entered promiscuous mode
[  166.564397][ T6717] geneve2: entered allmulticast mode
[  167.245729][ T6731] loop5: detected capacity change from 0 to 1024
[  167.286491][ T6731] EXT4-fs: Ignoring removed orlov option
[  167.327938][ T6731] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.518457][ T6731] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.518985][ T6738] pimreg: entered allmulticast mode
[  167.543137][ T6738] pimreg: left allmulticast mode
[  167.839660][   T43] usb 5-1: new low-speed USB device number 4 using dummy_hcd
[  167.967877][ T5851] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.104086][   T43] usb 5-1: config 64 has an invalid interface number: 19 but max is 0
[  168.134568][   T43] usb 5-1: config 64 has no interface number 0
[  168.167781][   T43] usb 5-1: config 64 interface 19 altsetting 0 endpoint 0x2 is Bulk; changing to Interrupt
[  168.206956][   T43] usb 5-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  168.237736][   T43] usb 5-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  168.252444][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.303499][   T43] usb 5-1: probing VID:PID(2201:012C)   
[  168.316881][   T43] usb 5-1: vub300 testing UNKNOWN EndPoint(0) 02
[  168.333130][   T43] usb 5-1: vub300 ignoring EndPoint(0) 02
[  168.344293][   T43] usb 5-1: Could not find two sets of bulk-in/out endpoint pairs
[  168.371364][   T43] vub300 5-1:64.19: probe with driver vub300 failed with error -22
[  168.423304][ T6758] netlink: 'syz.5.226': attribute type 29 has an invalid length.
[  168.533300][ T6758] netlink: 'syz.5.226': attribute type 29 has an invalid length.
[  169.391675][ T5934] usb 5-1: USB disconnect, device number 4
[  169.396216][ T6760] netlink: 'syz.5.226': attribute type 29 has an invalid length.
[  169.406089][   T30] audit: type=1326 audit(1753169733.610:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6761 comm="syz.0.229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x0
[  169.445435][  T971] vhci_hcd: vhci_device speed not set
[  169.472861][ T6758] netlink: 'syz.5.226': attribute type 29 has an invalid length.
[  169.580271][ T6770] netlink: 28 bytes leftover after parsing attributes in process `syz.5.231'.
[  170.108385][ T6766] ptrace attach of "./syz-executor exec"[6777] was attempted by "./syz-executor exec"[6766]
[  170.175793][ T6766] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  170.349891][ T5865] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  170.355695][ T5852] Bluetooth: hci6: command 0x1003 tx timeout
[  170.429712][   T30] audit: type=1326 audit(1753169734.630:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  170.457030][ T6780] mmap: syz.5.233 (6780) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  171.453890][ T6784] loop3: detected capacity change from 0 to 256
[  171.494090][   T30] audit: type=1326 audit(1753169734.630:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  171.588036][ T6784] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  171.685959][   T30] audit: type=1326 audit(1753169734.630:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  171.847640][   T30] audit: type=1326 audit(1753169734.630:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  172.395064][ T6802] input: syz1 as /devices/virtual/input/input8
[  172.741653][   T30] audit: type=1326 audit(1753169734.630:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  173.599779][   T30] audit: type=1326 audit(1753169734.630:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  173.623888][   T30] audit: type=1326 audit(1753169734.630:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  173.646336][   T30] audit: type=1326 audit(1753169734.630:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  173.675425][   T30] audit: type=1326 audit(1753169734.630:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.5.233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f774cf8e9a9 code=0x7ffc0000
[  174.047101][ T6811] binder: 6810:6811 ioctl c0306201 0 returned -14
[  174.104880][ T6811] binder: 6810:6811 ioctl c0306201 200000000240 returned -11
[  174.275389][   T43] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  174.550723][ T6821] ufs: You didn't specify the type of your ufs filesystem
[  174.550723][ T6821] 
[  174.550723][ T6821] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  174.550723][ T6821] 
[  174.550723][ T6821] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  174.594224][   T43] usb 4-1: unable to get BOS descriptor or descriptor too short
[  174.639328][   T43] usb 4-1: not running at top speed; connect to a high speed hub
[  174.691894][   T43] usb 4-1: config 129 has an invalid interface number: 28 but max is 0
[  174.713189][ T6821] ufs: ufstype=old is supported read-only
[  174.727453][   T43] usb 4-1: config 129 has an invalid descriptor of length 0, skipping remainder of the config
[  174.792450][   T43] usb 4-1: config 129 has no interface number 0
[  174.819406][   T43] usb 4-1: config 129 interface 28 altsetting 250 has an endpoint descriptor with address 0x4F, changing to 0xF
[  174.836749][ T6821] ufs: ufs_fill_super(): bad magic number
[  174.889783][   T43] usb 4-1: config 129 interface 28 altsetting 250 endpoint 0xF has invalid maxpacket 117, setting to 64
[  174.954320][   T43] usb 4-1: config 129 interface 28 has no altsetting 0
[  175.008634][   T43] usb 4-1: New USB device found, idVendor=108c, idProduct=0159, bcdDevice=db.57
[  175.219645][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.544590][ T6825] ptrace attach of "./syz-executor exec"[6827] was attempted by "./syz-executor exec"[6825]
[  175.557621][   T43] usb 4-1: Product: syz
[  175.562279][   T43] usb 4-1: Manufacturer: syz
[  175.566894][   T43] usb 4-1: SerialNumber: syz
[  175.584233][ T6812] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  175.674587][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  175.674607][   T30] audit: type=1326 audit(1753169739.880:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.4.249" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f247cd8e9a9 code=0x0
[  175.814107][ T6825] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  175.941877][   T43] etas_es58x 4-1:129.28: Starting syz syz (Serial Number syz)
[  175.982933][ T6832] loop2: detected capacity change from 0 to 256
[  176.011229][   T43] usb 4-1: USB disconnect, device number 3
[  176.033068][ T6832] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.087960][ T6832] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.126230][ T6832] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  176.163239][ T6835] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.218164][ T6835] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  176.251420][ T6836] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.258351][ T6836] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.350870][ T6836] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.358117][ T6832] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.387001][ T6832] FAT-fs (loop2): Directory bread(block 1285) failed
[  176.549852][   T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  176.958110][   T43] usb 2-1: Using ep0 maxpacket: 32
[  176.967088][   T43] usb 2-1: config 0 has an invalid interface number: 96 but max is 0
[  177.024308][   T43] usb 2-1: config 0 has no interface number 0
[  177.047847][   T43] usb 2-1: config 0 interface 96 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  177.109096][   T43] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10ad, bcdDevice=b7.e9
[  177.135879][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.469693][   T43] usb 2-1: Product: syz
[  178.478061][   T43] usb 2-1: Manufacturer: syz
[  178.483592][   T43] usb 2-1: SerialNumber: syz
[  178.491452][   T43] usb 2-1: config 0 descriptor??
[  178.499977][ T6840] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  178.544412][   T43] em28xx 2-1:0.96: New device syz syz @ 480 Mbps (0ccd:10ad, interface 96, class 96)
[  178.561677][   T43] em28xx 2-1:0.96: Video interface 96 found: bulk
[  179.146756][ T6856] 9pnet_fd: Insufficient options for proto=fd
[  179.219416][   T43] em28xx 2-1:0.96: unknown em28xx chip ID (0)
[  179.362703][   T43] em28xx 2-1:0.96: reading from i2c device at 0xa0 failed (error=-5)
[  179.418773][   T43] em28xx 2-1:0.96: board has no eeprom
[  179.429495][ T6858] loop3: detected capacity change from 0 to 2048
[  179.529905][ T6858] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  179.548698][   T43] em28xx 2-1:0.96: Identified as Terratec Cinergy H5 (card=79)
[  179.568900][   T43] em28xx 2-1:0.96: Currently, V4L2 is not supported on this model
[  179.590746][ T6858] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  179.598401][ T6858] UDF-fs: Scanning with blocksize 512 failed
[  179.606141][ T5925] em28xx 2-1:0.96: Binding DVB extension
[  179.613174][ T5925] em28xx 2-1:0.96: no endpoint for DVB mode and transfer type 0
[  179.634509][   T43] usb 2-1: USB disconnect, device number 5
[  179.658771][ T5925] em28xx 2-1:0.96: failed to pre-allocate USB transfer buffers for DVB.
[  179.691485][   T43] em28xx 2-1:0.96: Disconnecting em28xx
[  179.702325][ T6862] binder: 6860:6862 ioctl c0306201 200000000240 returned -11
[  179.714444][ T5925] em28xx 2-1:0.96: Remote control support is not available for this card.
[  179.763562][   T43] em28xx 2-1:0.96: Closing input extension
[  179.770159][ T6858] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  179.856706][   T43] em28xx 2-1:0.96: Freeing device
[  179.921785][ T6861] loop0: detected capacity change from 0 to 4096
[  180.086891][ T6866] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  180.854999][ T5925] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  185.178557][  T971] hid-generic 0000:0004:0034.0002: unknown main item tag 0x0
[  185.985254][  T971] hid-generic 0000:0004:0034.0002: unknown main item tag 0x0
[  186.107670][  T971] hid-generic 0000:0004:0034.0002: unknown main item tag 0x0
[  186.140076][ T5925] usb 1-1: device descriptor read/all, error -71
[  186.210977][  T971] hid-generic 0000:0004:0034.0002: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  187.144891][ T6889] fido_id[6889]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  187.258936][ T6893] overlayfs: failed to resolve './file0': -2
[  187.573066][   T30] audit: type=1326 audit(1753169751.780:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.268" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x0
[  187.665606][ T6904] loop1: detected capacity change from 0 to 1024
[  187.727328][ T6904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.536645][ T6921] ptrace attach of "./syz-executor exec"[6922] was attempted by "./syz-executor exec"[6921]
[  189.258840][ T6921] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  189.550988][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.5.274'.
[  189.660872][ T6928] netlink: 28 bytes leftover after parsing attributes in process `syz.5.274'.
[  189.800824][ T6930] binder: 6929:6930 ioctl c0306201 200000000240 returned -11
[  190.246283][ T6937] evm: overlay not supported
[  190.467127][ T6941] 9pnet_fd: Insufficient options for proto=fd
[  190.591390][ T6943] loop0: detected capacity change from 0 to 256
[  190.598663][ T6943] exfat: Deprecated parameter 'namecase'
[  190.673711][ T6945] netlink: 'syz.4.281': attribute type 29 has an invalid length.
[  190.698809][ T6943] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  190.710765][ T6945] netlink: 'syz.4.281': attribute type 29 has an invalid length.
[  190.725670][ T6945] netlink: 'syz.4.281': attribute type 29 has an invalid length.
[  190.754853][ T6945] netlink: 'syz.4.281': attribute type 29 has an invalid length.
[  193.103895][ T6940] loop5: detected capacity change from 0 to 32768
[  193.160278][ T6940] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/loop5": -EINTR
[  193.544375][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  193.569968][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  194.724092][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.006534][ T6977] loop1: detected capacity change from 0 to 1024
[  195.021078][ T6979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.290'.
[  195.060319][ T6977] EXT4-fs: Ignoring removed orlov option
[  195.066034][ T6977] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.080855][ T6979] netlink: 28 bytes leftover after parsing attributes in process `syz.4.290'.
[  195.103983][ T6983] loop3: detected capacity change from 0 to 8
[  195.252978][ T6983] SQUASHFS error: xz decompression failed, data probably corrupt
[  195.272934][ T6977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.460318][ T6983] SQUASHFS error: Failed to read block 0x108: -5
[  195.466726][ T6983] SQUASHFS error: Unable to read metadata cache entry [106]
[  195.809871][ T6983] SQUASHFS error: Unable to read inode 0x11f
[  195.936522][ T6992] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.294'.
[  195.957027][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.224405][ T6994] loop5: detected capacity change from 0 to 256
[  196.260699][ T6994] exfat: Deprecated parameter 'namecase'
[  196.319037][ T6994] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  196.361877][ T7000] tipc: Started in network mode
[  196.366926][ T7000] tipc: Node identity fe3393509eed, cluster identity 4711
[  196.436776][ T7000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  196.479934][ T7001] syzkaller0: entered promiscuous mode
[  196.521725][ T7001] syzkaller0: entered allmulticast mode
[  197.691184][ T7001] tipc: Resetting bearer <eth:syzkaller0>
[  197.704789][ T5925] tipc: Node number set to 1625199440
[  199.465389][ T6998] tipc: Resetting bearer <eth:syzkaller0>
[  199.560766][   T30] audit: type=1326 audit(1753169763.760:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7017 comm="syz.3.301" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8e9a9 code=0x0
[  199.642782][ T7019] loop3: detected capacity change from 0 to 1024
[  199.717296][ T7019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.965504][ T6998] tipc: Disabling bearer <eth:syzkaller0>
[  200.522669][ T7031] Bluetooth: MGMT ver 1.23
[  200.529174][ T7030] Bluetooth: hci0: Opcode 0x0c1a failed: -112
[  200.593908][   T30] audit: type=1326 audit(1753169764.810:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.649945][   T30] audit: type=1326 audit(1753169764.810:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.672178][   T30] audit: type=1326 audit(1753169764.810:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.694341][   T30] audit: type=1326 audit(1753169764.810:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.718250][   T30] audit: type=1326 audit(1753169764.810:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.768842][   T30] audit: type=1326 audit(1753169764.810:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.900167][   T30] audit: type=1326 audit(1753169764.810:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  200.992682][ T7040] loop2: detected capacity change from 0 to 256
[  201.169228][   T30] audit: type=1326 audit(1753169764.810:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  201.782099][ T7042] loop5: detected capacity change from 0 to 1024
[  201.789522][ T7042] EXT4-fs: Ignoring removed orlov option
[  201.897661][   T30] audit: type=1326 audit(1753169764.810:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7028 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f32ad18e9a9 code=0x7ffc0000
[  201.939627][ T7042] EXT4-fs: Ignoring removed nomblk_io_submit option
[  202.057454][ T7042] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.147841][ T7048] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.310'.
[  202.347793][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  202.356217][ T5865] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  202.546131][ T7053] 9pnet_fd: Insufficient options for proto=fd
[  202.869813][ T5851] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.298125][ T7060] netlink: 536 bytes leftover after parsing attributes in process `syz.2.313'.
[  204.420259][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout
[  205.623464][ T7083] netlink: 116 bytes leftover after parsing attributes in process `syz.5.321'.
[  206.228799][ T5849] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.952396][ T7102] capability: warning: `syz.0.327' uses deprecated v2 capabilities in a way that may be insecure
[  207.974776][ T7103] netlink: 536 bytes leftover after parsing attributes in process `syz.5.328'.
[  208.405097][ T7105] loop3: detected capacity change from 0 to 40427
[  209.042336][ T7105] F2FS-fs (loop3): invalid crc value
[  209.050063][ T7110] loop0: detected capacity change from 0 to 128
[  209.161163][ T7105] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  209.239576][ T7110] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  209.293175][ T7110] EXT4-fs (loop0): Encoding requested by superblock is unknown
[  209.444099][ T7110] loop0: detected capacity change from 0 to 764
[  209.486730][ T7110] Symlink component flag not implemented
[  209.492633][ T7110] Symlink component flag not implemented
[  209.498406][ T7110] Symlink component flag not implemented (128)
[  209.504610][ T7110] Symlink component flag not implemented (122)
[  211.243997][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  211.244112][   T30] audit: type=1326 audit(1753169775.450:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7132 comm="syz.0.336" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32ad18e9a9 code=0x0
[  212.019228][ T7136] loop0: detected capacity change from 0 to 1024
[  212.278416][ T7136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.250584][   T30] audit: type=1326 audit(1753169778.460:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7157 comm="syz.1.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  214.521790][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.831840][   T43] hid-generic 0000:0004:0034.0003: unknown main item tag 0x0
[  214.904325][   T43] hid-generic 0000:0004:0034.0003: unknown main item tag 0x0
[  214.963347][   T43] hid-generic 0000:0004:0034.0003: unknown main item tag 0x0
[  215.218136][   T43] hid-generic 0000:0004:0034.0003: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  215.590327][ T7172] fido_id[7172]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  216.130718][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  216.137007][ T5858] Bluetooth: hci0: command 0x0c1a tx timeout
[  216.143358][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  216.149915][ T5858] Bluetooth: hci3: command 0x0406 tx timeout
[  216.156376][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  216.162930][ T5858] Bluetooth: hci4: command 0x0406 tx timeout
[  216.747664][ T7153] loop5: detected capacity change from 0 to 40427
[  217.141628][ T7164] loop3: detected capacity change from 0 to 32768
[  217.408614][ T7164] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/loop3": -EINTR
[  218.024735][ T7192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.353'.
[  218.124195][ T7195] loop1: detected capacity change from 0 to 256
[  218.210419][ T7195] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  219.270594][ T5925] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  219.384199][   T30] audit: type=1326 audit(1753169783.590:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7206 comm="syz.1.359" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x0
[  219.405770][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.479997][ T5925] usb 4-1: config 6 has an invalid interface number: 2 but max is 0
[  219.486283][ T7209] comedi comedi0: pcl730: I/O port conflict (0xee,4)
[  219.490124][ T5925] usb 4-1: config 6 has no interface number 0
[  219.506101][ T7210] loop1: detected capacity change from 0 to 1024
[  219.521434][ T5925] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  219.553143][ T5925] usb 4-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.612543][ T5925] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  219.614490][ T7210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.660517][ T5925] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  219.741303][ T5925] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  219.767029][ T5925] usb 4-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3
[  219.810222][ T5925] usb 4-1: Product: syz
[  219.839287][ T5925] usb 4-1: Manufacturer: syz
[  219.847975][ T5925] usb 4-1: SerialNumber: syz
[  219.891826][ T5925] hso 4-1:6.2: Failed to find BULK IN ep
[  220.184859][ T7219] loop0: detected capacity change from 0 to 64
[  220.723873][ T7222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.117080][ T7222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.195307][ T7229] binder: BINDER_SET_CONTEXT_MGR already set
[  221.266487][ T7229] binder: 7227:7229 ioctl 4018620d 200000000040 returned -16
[  221.307494][ T7229] binder: 7227:7229 ioctl c0306201 0 returned -14
[  223.124104][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.133328][ T7239] overlayfs: failed to resolve './bus': -2
[  223.716678][ T7246] warning: `syz.1.367' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  224.923351][ T7256] ufs: You didn't specify the type of your ufs filesystem
[  224.923351][ T7256] 
[  224.923351][ T7256] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  224.923351][ T7256] 
[  224.923351][ T7256] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  224.954495][ T7256] ufs: ufstype=old is supported read-only
[  224.963119][ T7256] ufs: ufs_fill_super(): bad magic number
[  226.370172][ T5925] usb 4-1: USB disconnect, device number 4
[  226.582604][ T7263] binder: 7262:7263 ioctl c0306201 0 returned -14
[  227.857732][ T7276] loop0: detected capacity change from 0 to 128
[  227.901457][ T7276] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  227.972549][ T7276] EXT4-fs (loop0): Encoding requested by superblock is unknown
[  229.747869][ T7287] block device autoloading is deprecated and will be removed.
[  229.757088][ T7287] syz.5.382: attempt to access beyond end of device
[  229.757088][ T7287] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  230.622829][ T7295] loop0: detected capacity change from 0 to 256
[  230.921689][ T7295] exfat: Deprecated parameter 'namecase'
[  231.207908][ T7295] exfat: Deprecated parameter 'namecase'
[  231.330917][ T7295] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  231.795080][ T7306] loop1: detected capacity change from 0 to 64
[  231.812436][ T7309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  231.837594][ T7309] batadv_slave_0: entered promiscuous mode
[  234.112608][ T7323] loop3: detected capacity change from 0 to 1024
[  234.202625][ T7323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.627581][ T7337] 9pnet_fd: Insufficient options for proto=fd
[  235.865523][ T5849] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.018384][ T7342] netlink: 'syz.1.399': attribute type 29 has an invalid length.
[  236.070450][ T7342] netlink: 'syz.1.399': attribute type 29 has an invalid length.
[  236.130826][ T7347] netlink: 'syz.1.399': attribute type 29 has an invalid length.
[  236.151882][ T7342] netlink: 'syz.1.399': attribute type 29 has an invalid length.
[  237.597922][ T7368] ufs: You didn't specify the type of your ufs filesystem
[  237.597922][ T7368] 
[  237.597922][ T7368] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  237.597922][ T7368] 
[  237.597922][ T7368] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  237.629645][ T7368] ufs: ufstype=old is supported read-only
[  237.638199][ T7368] ufs: ufs_fill_super(): bad magic number
[  238.451355][ T7366] loop3: detected capacity change from 0 to 64
[  238.858256][ T7373] loop1: detected capacity change from 0 to 1024
[  238.927936][ T7373] EXT4-fs: Ignoring removed orlov option
[  238.940998][ T7373] EXT4-fs: Ignoring removed nomblk_io_submit option
[  239.228768][ T7373] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.011660][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.106012][ T7376] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  240.416472][ T7400] loop1: detected capacity change from 0 to 256
[  240.441156][ T7400] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  240.451861][ T7400] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  240.478661][ T7400] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  241.533910][ T7416] ufs: You didn't specify the type of your ufs filesystem
[  241.533910][ T7416] 
[  241.533910][ T7416] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  241.533910][ T7416] 
[  241.533910][ T7416] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  241.565171][ T7416] ufs: ufstype=old is supported read-only
[  241.573320][ T7416] ufs: ufs_fill_super(): bad magic number
[  242.164330][   T30] audit: type=1326 audit(1753169806.380:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8e9a9 code=0x7ffc0000
[  242.236742][   T30] audit: type=1326 audit(1753169806.380:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.3.428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bf6d8e9a9 code=0x7ffc0000
[  242.538813][   T30] audit: type=1326 audit(1753169806.750:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.281260][   T30] audit: type=1326 audit(1753169806.780:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.306794][   T30] audit: type=1326 audit(1753169807.500:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.331962][   T30] audit: type=1326 audit(1753169807.500:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.389605][   T30] audit: type=1326 audit(1753169807.500:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.499775][   T30] audit: type=1326 audit(1753169807.520:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.549917][   T30] audit: type=1326 audit(1753169807.520:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.578231][ T7431] loop2: detected capacity change from 0 to 512
[  243.598546][   T30] audit: type=1326 audit(1753169807.520:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c8698e9a9 code=0x7ffc0000
[  243.665740][ T7431] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.431: casefold flag without casefold feature
[  243.705801][ T7431] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.431: couldn't read orphan inode 15 (err -117)
[  243.765761][ T7431] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.066135][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.520290][ T7435] loop3: detected capacity change from 0 to 32768
[  246.565990][ T7460] syz.5.441 uses obsolete (PF_INET,SOCK_PACKET)
[  246.647123][ T7435] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  246.706791][ T7435] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop3": -EINTR
[  246.730166][ T7435] XFS (loop3): log mount failed
[  247.019152][ T7473] loop0: detected capacity change from 0 to 256
[  247.077570][ T7473] exfat: Deprecated parameter 'namecase'
[  247.099708][ T7473] exfat: Deprecated parameter 'namecase'
[  247.192948][ T7473] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  248.377711][ T7470] loop1: detected capacity change from 0 to 32768
[  248.419743][ T7485] netlink: 'syz.2.449': attribute type 72 has an invalid length.
[  248.444311][ T7485] netlink: 'syz.2.449': attribute type 8 has an invalid length.
[  248.616086][ T7470] JBD2: Ignoring recovery information on journal
[  248.704251][ T7470] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  249.001148][ T5847] ocfs2: Unmounting device (7,1) on (node local)
[  249.049003][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  249.049022][   T30] audit: type=1326 audit(1753169813.260:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7501 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6739b8e9a9 code=0x7ffc0000
[  249.166359][   T30] audit: type=1326 audit(1753169813.260:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7501 comm="syz.2.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6739b8e9a9 code=0x7ffc0000
[  251.081366][ T7528] loop1: detected capacity change from 0 to 256
[  251.213452][ T7528] exfat: Deprecated parameter 'namecase'
[  251.597216][ T7528] exfat: Deprecated parameter 'namecase'
[  251.881715][ T7528] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  252.218633][ T7537] netlink: 'syz.3.464': attribute type 72 has an invalid length.
[  252.312117][ T7537] netlink: 'syz.3.464': attribute type 8 has an invalid length.
[  252.605777][ T7515] loop2: detected capacity change from 0 to 32768
[  253.207530][   T30] audit: type=1326 audit(1753169817.420:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.2.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6739b8e9a9 code=0x7ffc0000
[  253.852414][ T7558] loop1: detected capacity change from 0 to 1024
[  253.991133][ T7558] EXT4-fs: Ignoring removed orlov option
[  254.062463][ T7558] EXT4-fs: Ignoring removed nomblk_io_submit option
[  254.855610][ T7563] netlink: 'syz.3.475': attribute type 10 has an invalid length.
[  254.894430][ T7558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.986803][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  254.994847][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  256.029446][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.590824][ T7576] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.600988][ T7576] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.647220][ T7576] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.663573][ T7576] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.716551][ T7576] batman_adv: batadv0: Removing interface: macvtap0
[  257.904176][ T7584] loop1: detected capacity change from 0 to 64
[  258.158829][ T7582] loop2: detected capacity change from 0 to 4096
[  258.278856][ T7588] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  258.584282][   T43] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  258.782776][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.874662][   T43] usb 3-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[  258.909750][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.953717][   T43] usb 3-1: config 0 descriptor??
[  259.329190][ T7591] netlink: 892 bytes leftover after parsing attributes in process `syz.3.482'.
[  259.398826][   T43] usbhid 3-1:0.0: can't add hid device: -71
[  259.405122][   T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  259.540155][   T43] usb 3-1: USB disconnect, device number 2
[  260.202586][  T971] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  260.435727][  T971] usb 2-1: Using ep0 maxpacket: 8
[  260.520003][  T971] usb 2-1: config index 0 descriptor too short (expected 18, got 10)
[  260.623275][  T971] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  260.762943][  T971] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  260.968556][  T971] usb 2-1: New USB device found, idVendor=0586, idProduct=401a, bcdDevice= 2.4d
[  261.183607][  T971] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.220936][  T971] usb 2-1: Product: syz
[  261.225265][  T971] usb 2-1: Manufacturer: syz
[  261.249636][  T971] usb 2-1: SerialNumber: syz
[  261.290012][  T971] usb 2-1: config 0 descriptor??
[  261.529637][  T971] usb 2-1: USB disconnect, device number 6
[  263.919662][  T971] usb 2-1: new low-speed USB device number 7 using dummy_hcd
[  264.127932][  T971] usb 2-1: config 64 has an invalid interface number: 19 but max is 0
[  264.184936][  T971] usb 2-1: config 64 has no interface number 0
[  264.209714][  T971] usb 2-1: config 64 interface 19 altsetting 0 endpoint 0x2 is Bulk; changing to Interrupt
[  264.263600][  T971] usb 2-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  264.299628][  T971] usb 2-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  264.347563][  T971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.398884][  T971] usb 2-1: probing VID:PID(2201:012C)   
[  264.448792][  T971] usb 2-1: vub300 testing UNKNOWN EndPoint(0) 02
[  264.489636][  T971] usb 2-1: vub300 ignoring EndPoint(0) 02
[  264.526357][  T971] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs
[  264.619182][  T971] vub300 2-1:64.19: probe with driver vub300 failed with error -22
[  264.700378][ T7642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.502'.
[  264.709409][ T7642] veth0_macvtap: Device is already in use.
[  265.690790][  T971] usb 2-1: USB disconnect, device number 7
[  265.790719][ T7649] netlink: 4 bytes leftover after parsing attributes in process `syz.2.503'.
[  265.813442][ T7654] loop0: detected capacity change from 0 to 64
[  267.215847][ T5867] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  267.224749][ T5867] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  267.233078][ T5867] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  267.241823][ T5867] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  267.249650][ T5867] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  269.340162][ T5867] Bluetooth: hci6: command tx timeout
[  270.178325][ T7700] loop2: detected capacity change from 0 to 512
[  271.044101][ T7700] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  271.057331][ T7700] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  272.005120][ T5867] Bluetooth: hci6: command tx timeout
[  272.717832][ T7700] EXT4-fs: error -4 creating inode table initialization thread
[  272.726443][ T7700] EXT4-fs (loop2): mount failed
[  273.029176][ T1219] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  274.029850][ T5867] Bluetooth: hci6: command tx timeout
[  274.916699][ T7665] chnl_net:caif_netlink_parms(): no params data found
[  275.197738][ T7720] ufs: You didn't specify the type of your ufs filesystem
[  275.197738][ T7720] 
[  275.197738][ T7720] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  275.197738][ T7720] 
[  275.197738][ T7720] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  275.228721][ T7720] ufs: ufstype=old is supported read-only
[  275.237208][ T7720] ufs: ufs_fill_super(): bad magic number
[  276.099738][ T5867] Bluetooth: hci6: command tx timeout
[  277.003094][ T7736] netlink: 112 bytes leftover after parsing attributes in process `syz.3.525'.
[  277.440933][ T7747] afs: Unknown parameter 'dy'
[  277.923431][ T7665] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.968320][ T7665] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.001374][ T7665] bridge_slave_0: entered allmulticast mode
[  278.365189][ T7665] bridge_slave_0: entered promiscuous mode
[  278.896049][ T7665] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.937436][ T7665] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.973279][ T7665] bridge_slave_1: entered allmulticast mode
[  279.017196][ T7665] bridge_slave_1: entered promiscuous mode
[  279.136532][ T7665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.204868][ T7665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.282096][ T5934] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  279.792697][ T5934] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.870980][ T5934] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.014665][ T5934] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  280.180378][ T5934] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  280.201873][ T5934] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.216134][ T5934] usb 5-1: config 0 descriptor??
[  280.373778][ T7665] team0: Port device team_slave_0 added
[  280.409452][ T7665] team0: Port device team_slave_1 added
[  280.721044][ T7772] loop0: detected capacity change from 0 to 32768
[  280.756368][ T5934] usbhid 5-1:0.0: can't add hid device: -71
[  280.779425][ T5934] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  280.820788][ T5934] usb 5-1: USB disconnect, device number 5
[  280.884957][ T7772] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  280.884985][ T7772]   allowing incompatible features above 0.0: (unknown version)
[  280.884999][ T7772]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  280.926733][ T7772] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  280.934986][ T7772] bcachefs (loop0): initializing new filesystem
[  280.949005][ T7772] bcachefs (loop0): going read-write
[  280.981027][ T7772] bcachefs (loop0): marking superblocks
[  280.996237][ T7772] bcachefs (loop0): initializing freespace
[  281.007151][ T7772] bcachefs (loop0): done initializing freespace
[  281.016303][ T7772] bcachefs (loop0): reading snapshots table
[  281.022728][ T7772] bcachefs (loop0): reading snapshots done
[  281.108162][ T7772] bcachefs (loop0): done starting filesystem
[  281.762230][   T30] audit: type=1800 audit(1753169845.960:118): pid=7789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.534" name="bus" dev="overlay" ino=654 res=0 errno=0
[  281.831460][ T7665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.916389][ T7665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.981151][ T7665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.011880][ T7665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.019493][ T7665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.039655][ T5844] bcachefs (loop0): shutting down
[  282.079955][ T7665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.113858][ T7498] Set syz1 is full, maxelem 65536 reached
[  282.149867][ T5844] bcachefs (loop0): going read-only
[  282.186969][ T5844] bcachefs (loop0): finished waiting for writes to stop
[  282.333673][ T5844] bcachefs (loop0): flushing journal and stopping allocators, journal seq 4
[  282.505324][ T5844] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 4
[  282.554902][ T5844] bcachefs (loop0): clean shutdown complete, journal seq 5
[  282.601929][ T5844] bcachefs (loop0): marking filesystem clean
[  282.739158][ T5844] bcachefs (loop0): shutdown complete
[  282.742031][ T7665] hsr_slave_0: entered promiscuous mode
[  282.792792][ T7665] hsr_slave_1: entered promiscuous mode
[  282.799209][ T7665] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  282.830096][ T7665] Cannot create hsr debugfs directory
[  282.839644][ T7808] loop3: detected capacity change from 0 to 1024
[  282.840030][ T7806] netlink: 'syz.4.543': attribute type 29 has an invalid length.
[  282.854027][ T1219] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  282.986501][ T7808] ==================================================================
[  282.994700][ T7808] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x680/0x1270
[  283.002442][ T7808] Read of size 2 at addr ffff88802eb52a18 by task syz.3.544/7808
[  283.010196][ T7808] 
[  283.012523][ T7808] CPU: 1 UID: 0 PID: 7808 Comm: syz.3.544 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  283.012551][ T7808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.012565][ T7808] Call Trace:
[  283.012580][ T7808]  <TASK>
[  283.012589][ T7808]  dump_stack_lvl+0x189/0x250
[  283.012621][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.012650][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.012677][ T7808]  ? __kasan_check_byte+0x12/0x40
[  283.012713][ T7808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.012740][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.012767][ T7808]  ? rcu_is_watching+0x15/0xb0
[  283.012795][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.012822][ T7808]  ? lock_release+0x4b/0x3e0
[  283.012849][ T7808]  ? __virt_addr_valid+0x1c8/0x5c0
[  283.012881][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.012908][ T7808]  ? __virt_addr_valid+0x4a5/0x5c0
[  283.012941][ T7808]  print_report+0xca/0x230
[  283.012963][ T7808]  ? hfsplus_uni2asc+0x680/0x1270
[  283.012997][ T7808]  kasan_report+0x118/0x150
[  283.013034][ T7808]  ? hfsplus_uni2asc+0x680/0x1270
[  283.013074][ T7808]  hfsplus_uni2asc+0x680/0x1270
[  283.013114][ T7808]  ? hfsplus_bnode_read+0x255/0x2a0
[  283.013147][ T7808]  hfsplus_listxattr+0x58e/0xb80
[  283.013174][ T7808]  ? __pfx_hfsplus_listxattr+0x10/0x10
[  283.013200][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.013227][ T7808]  ? __asan_memset+0x22/0x50
[  283.013259][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.013286][ T7808]  ? path_lookupat+0x30d/0x430
[  283.013316][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.013343][ T7808]  ? filename_lookup+0x3d1/0x570
[  283.013390][ T7808]  ? strncpy_from_user+0x150/0x290
[  283.013413][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.013443][ T7808]  ? __pfx_hfsplus_listxattr+0x10/0x10
[  283.013464][ T7808]  listxattr+0x10d/0x2a0
[  283.013495][ T7808]  path_listxattrat+0x179/0x3a0
[  283.013525][ T7808]  ? __pfx_path_listxattrat+0x10/0x10
[  283.013551][ T7808]  ? rcu_is_watching+0x15/0xb0
[  283.013590][ T7808]  ? do_syscall_64+0xbe/0x3b0
[  283.013622][ T7808]  do_syscall_64+0xfa/0x3b0
[  283.013648][ T7808]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.013673][ T7808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.013696][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.013723][ T7808]  ? exc_page_fault+0x9f/0xf0
[  283.013748][ T7808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.013771][ T7808] RIP: 0033:0x7f1bf6d8e9a9
[  283.013791][ T7808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.013810][ T7808] RSP: 002b:00007f1bf7bb1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  283.013834][ T7808] RAX: ffffffffffffffda RBX: 00007f1bf6fb5fa0 RCX: 00007f1bf6d8e9a9
[  283.013851][ T7808] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  283.013866][ T7808] RBP: 00007f1bf6e10d69 R08: 0000000000000000 R09: 0000000000000000
[  283.013881][ T7808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  283.013896][ T7808] R13: 0000000000000000 R14: 00007f1bf6fb5fa0 R15: 00007ffca632bda8
[  283.013923][ T7808]  </TASK>
[  283.013932][ T7808] 
[  283.016477][ T7809] netlink: 'syz.4.543': attribute type 29 has an invalid length.
[  283.024078][ T7808] Allocated by task 7808:
[  283.024092][ T7808]  kasan_save_track+0x3e/0x80
[  283.024125][ T7808]  __kasan_kmalloc+0x93/0xb0
[  283.079921][ T1219] usb 2-1: Using ep0 maxpacket: 32
[  283.082641][ T7808]  __kmalloc_noprof+0x27a/0x4f0
[  283.087846][ T7806] netlink: 'syz.4.543': attribute type 29 has an invalid length.
[  283.092293][ T7808]  hfsplus_find_init+0x8c/0x1d0
[  283.092332][ T7808]  hfsplus_listxattr+0x38f/0xb80
[  283.092353][ T7808]  listxattr+0x10d/0x2a0
[  283.376441][ T7808]  path_listxattrat+0x179/0x3a0
[  283.381428][ T7808]  do_syscall_64+0xfa/0x3b0
[  283.385942][ T7808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.391841][ T7808] 
[  283.394157][ T7808] The buggy address belongs to the object at ffff88802eb52800
[  283.394157][ T7808]  which belongs to the cache kmalloc-1k of size 1024
[  283.408203][ T7808] The buggy address is located 0 bytes to the right of
[  283.408203][ T7808]  allocated 536-byte region [ffff88802eb52800, ffff88802eb52a18)
[  283.422688][ T7808] 
[  283.425000][ T7808] The buggy address belongs to the physical page:
[  283.431397][ T7808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2eb50
[  283.440235][ T7808] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  283.448723][ T7808] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  283.456257][ T7808] page_type: f5(slab)
[  283.460233][ T7808] raw: 00fff00000000040 ffff88801a441dc0 ffffea0001413400 dead000000000002
[  283.468835][ T7808] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  283.477433][ T7808] head: 00fff00000000040 ffff88801a441dc0 ffffea0001413400 dead000000000002
[  283.486120][ T7808] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  283.494790][ T7808] head: 00fff00000000003 ffffea0000bad401 00000000ffffffff 00000000ffffffff
[  283.503455][ T7808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  283.512114][ T7808] page dumped because: kasan: bad access detected
[  283.518624][ T7808] page_owner tracks the page as allocated
[  283.524325][ T7808] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5851, tgid 5851 (syz-executor), ts 105456876649, free_ts 105444780385
[  283.545989][ T7808]  post_alloc_hook+0x240/0x2a0
[  283.550788][ T7808]  get_page_from_freelist+0x21e4/0x22c0
[  283.556337][ T7808]  __alloc_frozen_pages_noprof+0x181/0x370
[  283.562140][ T7808]  alloc_pages_mpol+0x232/0x4a0
[  283.566991][ T7808]  allocate_slab+0x8a/0x3b0
[  283.571578][ T7808]  ___slab_alloc+0xbfc/0x1480
[  283.576247][ T7808]  __kmalloc_node_noprof+0x2fd/0x4e0
[  283.581536][ T7808]  qdisc_alloc+0x97/0xaa0
[  283.585899][ T7808]  qdisc_create_dflt+0x8e/0x4e0
[  283.590807][ T7808]  dev_activate+0x378/0x1150
[  283.595411][ T7808]  __dev_open+0x69c/0x880
[  283.599745][ T7808]  __dev_change_flags+0x1ea/0x6d0
[  283.604774][ T7808]  netif_change_flags+0x88/0x1a0
[  283.609716][ T7808]  do_setlink+0xc55/0x41c0
[  283.614157][ T7808]  rtnl_newlink+0x160b/0x1c70
[  283.618841][ T7808]  rtnetlink_rcv_msg+0x7cf/0xb70
[  283.623802][ T7808] page last free pid 5851 tgid 5851 stack trace:
[  283.630128][ T7808]  __free_frozen_pages+0xc71/0xe70
[  283.635249][ T7808]  __put_partials+0x161/0x1c0
[  283.639920][ T7808]  put_cpu_partial+0x17c/0x250
[  283.644703][ T7808]  __slab_free+0x2f7/0x400
[  283.649135][ T7808]  qlist_free_all+0x97/0x140
[  283.653731][ T7808]  kasan_quarantine_reduce+0x148/0x160
[  283.659195][ T7808]  __kasan_slab_alloc+0x22/0x80
[  283.664047][ T7808]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  283.669968][ T7808]  __alloc_skb+0x112/0x2d0
[  283.674389][ T7808]  netlink_sendmsg+0x5c6/0xb30
[  283.679169][ T7808]  __sock_sendmsg+0x21c/0x270
[  283.683849][ T7808]  __sys_sendto+0x3bd/0x520
[  283.688359][ T7808]  __x64_sys_sendto+0xde/0x100
[  283.693660][ T7808]  do_syscall_64+0xfa/0x3b0
[  283.698165][ T7808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.704164][ T7808] 
[  283.706476][ T7808] Memory state around the buggy address:
[  283.712115][ T7808]  ffff88802eb52900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  283.720168][ T7808]  ffff88802eb52980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  283.728218][ T7808] >ffff88802eb52a00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  283.736285][ T7808]                             ^
[  283.741228][ T7808]  ffff88802eb52a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  283.749279][ T7808]  ffff88802eb52b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  283.757328][ T7808] ==================================================================
[  283.765585][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.835739][ T7808] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  283.842966][ T7808] CPU: 1 UID: 0 PID: 7808 Comm: syz.3.544 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  283.853116][ T7808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.863171][ T7808] Call Trace:
[  283.866446][ T7808]  <TASK>
[  283.869375][ T7808]  dump_stack_lvl+0x99/0x250
[  283.873972][ T7808]  ? __asan_memcpy+0x40/0x70
[  283.878565][ T7808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.883805][ T7808]  ? __pfx__printk+0x10/0x10
[  283.888404][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.894038][ T7808]  panic+0x2db/0x790
[  283.897934][ T7808]  ? __pfx_preempt_schedule+0x10/0x10
[  283.903331][ T7808]  ? __pfx_panic+0x10/0x10
[  283.907774][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.913425][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.919063][ T7808]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  283.924958][ T7808]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  283.931371][ T7808]  ? hfsplus_uni2asc+0x680/0x1270
[  283.936411][ T7808]  check_panic_on_warn+0x89/0xb0
[  283.941369][ T7808]  ? hfsplus_uni2asc+0x680/0x1270
[  283.946497][ T7808]  end_report+0x78/0x160
[  283.950772][ T7808]  kasan_report+0x129/0x150
[  283.955294][ T7808]  ? hfsplus_uni2asc+0x680/0x1270
[  283.960333][ T7808]  hfsplus_uni2asc+0x680/0x1270
[  283.965204][ T7808]  ? hfsplus_bnode_read+0x255/0x2a0
[  283.970408][ T7808]  hfsplus_listxattr+0x58e/0xb80
[  283.975350][ T7808]  ? __pfx_hfsplus_listxattr+0x10/0x10
[  283.980811][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.986454][ T7808]  ? __asan_memset+0x22/0x50
[  283.991052][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  283.996689][ T7808]  ? path_lookupat+0x30d/0x430
[  284.001463][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  284.007094][ T7808]  ? filename_lookup+0x3d1/0x570
[  284.012055][ T7808]  ? strncpy_from_user+0x150/0x290
[  284.017172][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  284.022822][ T7808]  ? __pfx_hfsplus_listxattr+0x10/0x10
[  284.028284][ T7808]  listxattr+0x10d/0x2a0
[  284.032529][ T7808]  path_listxattrat+0x179/0x3a0
[  284.037394][ T7808]  ? __pfx_path_listxattrat+0x10/0x10
[  284.042790][ T7808]  ? rcu_is_watching+0x15/0xb0
[  284.047561][ T7808]  ? do_syscall_64+0xbe/0x3b0
[  284.052242][ T7808]  do_syscall_64+0xfa/0x3b0
[  284.056750][ T7808]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.061949][ T7808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.068024][ T7808]  ? srso_alias_return_thunk+0x5/0xfbef5
[  284.073659][ T7808]  ? exc_page_fault+0x9f/0xf0
[  284.078334][ T7808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.084228][ T7808] RIP: 0033:0x7f1bf6d8e9a9
[  284.088638][ T7808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.108249][ T7808] RSP: 002b:00007f1bf7bb1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  284.116667][ T7808] RAX: ffffffffffffffda RBX: 00007f1bf6fb5fa0 RCX: 00007f1bf6d8e9a9
[  284.124639][ T7808] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  284.132608][ T7808] RBP: 00007f1bf6e10d69 R08: 0000000000000000 R09: 0000000000000000
[  284.140575][ T7808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  284.148538][ T7808] R13: 0000000000000000 R14: 00007f1bf6fb5fa0 R15: 00007ffca632bda8
[  284.156514][ T7808]  </TASK>
[  284.159784][ T7808] Kernel Offset: disabled
[  284.164101][ T7808] Rebooting in 86400 seconds..