last executing test programs:

13.008911777s ago: executing program 0 (id=468):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0xf)
accept4$unix(r1, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000480)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x20}, 0x5000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x854)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

11.701087013s ago: executing program 0 (id=472):
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)

11.640565954s ago: executing program 0 (id=474):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x80002, 0x88)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r2, 0x0, <r3=>0xffffffffffffffff, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48, 0x7, r3, 0x0, 0x10001, 0x0, 0x6, 0xa9613, 0x313829, 0x2838310000000000})
openat(0xffffffffffffff9c, 0x0, 0x193042, 0x0)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000480)={[{0x2b, 'rdma'}]}, 0x6)
fallocate(0xffffffffffffffff, 0x8, 0x4000, 0x4000)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0xb, &(0x7f00000000c0)=0x7, 0x4)
syz_emit_ethernet(0x83, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x3f00, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB="340200e1", @ANYRES16=r9, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

8.463698136s ago: executing program 3 (id=481):
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x801, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0xfffffffffffffd58, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000740))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000003c0)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r3, 0x3, r1, 0x5})

8.350055868s ago: executing program 2 (id=483):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54b24f15655595860608d70ff6e425a6c36af37b33facd22dc8a9c7044410d324b03e654156762092a62fea8f13441431ce248bfc73a6726ee61b5191d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d100a05e97ed3dcad452db6e08a991e2c78b057f55deebde6f0b11ce65700c0a1ad7946ff7c355db87566e3e5abb7a37b52876fd9fa194c09273031900"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=ANY=[@ANYBLOB="f800000018000100000000000000000000000000000000000000000000000000e000000200000000000000000000000000000000000000000000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000ad9fad315e1b11d4f30bb00000000000000000000010000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000570e00000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000000000000000000000000000000000000000020c0000000000"], 0xf8}}, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r8, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

6.821054368s ago: executing program 2 (id=485):
r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_QUERYCTRL(r0, 0xc0445624, &(0x7f00000000c0)={0xfffffff7, 0x6, "68a3f4afd4be62715137efb9df8bfed768b98395ef938ab28bc063a7f2127e91", 0x2a1d, 0xb, 0xb3, 0x6, 0x30})

6.681076061s ago: executing program 3 (id=486):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r1})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000400)={0x50, 0x0, 0x0, 0x0, {}, {{}, 0x0, 0x0, [{}, {}]}})

6.68087161s ago: executing program 2 (id=487):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000, 0x2, &(0x7f0000ffc000/0x3000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x4, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd}, 0x50)

6.559979543s ago: executing program 1 (id=488):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54b24f15655595860608d70ff6e425a6c36af37b33facd22dc8a9c7044410d324b03e654156762092a62fea8f13441431ce248bfc73a6726ee61b5191d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d100a05e97ed3dcad452db6e08a991e2c78b057f55deebde6f0b11ce65700c0a1ad7946ff7c355db87566e3e5abb7a37b52876fd9fa194c09273031900"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=ANY=[@ANYBLOB="f800000018000100000000000000000000000000000000000000000000000000e000000200000000000000000000000000000000000000000000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000ad9fad315e1b11d4f30bb00000000000000000000010000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000570e00000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000000000000000000000000000000000000000020c0000000000"], 0xf8}}, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r8, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

6.508721234s ago: executing program 0 (id=489):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x7}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x34, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x6071, 0x0, 0xeb, {[@generic={0x8, 0xa, "09df168a00000000"}]}}}}}}}, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
openat$ptmx(0xffffffffffffff9c, 0x0, 0x60081, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
pwritev2(r1, 0x0, 0x0, 0xe7b, 0x0, 0x0)
unlink(&(0x7f0000000d00)='./file1\x00')
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0002}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x136, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsopen(&(0x7f0000000200)='hpfs\x00', 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
clock_gettime(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
close(0x3)
close_range(r2, 0xffffffffffffffff, 0x0)

6.432342045s ago: executing program 3 (id=490):
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x101000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x100, 0x22, 0x1b7}, &(0x7f0000000300)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)

5.060968952s ago: executing program 3 (id=491):
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)

5.041907412s ago: executing program 1 (id=492):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000500)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
ioprio_set$pid(0x2, 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x106}}, 0x20)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x5c, 0x24, 0x1, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5, 0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{0x0, 0x195a, 0x3, 0xfffffffc, 0x4, 0x4c7}, [@TCA_NETEM_ECN={0x8}]}}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000ffdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="8400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e636500400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000080000008000600", @ANYRES32=0x0, @ANYBLOB], 0xa0}, 0x1, 0x0, 0x0, 0x404}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="e80100000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff020d40f799000000000000000000011400040020010000000000000000000000000001080007400000000010000d800c000380060002004e210000080007400000000da800068004000380080002006401010124000380060001004e230000060001004e230000060001004e210000060002004e24000008000200e000000234000380060002004e230000060002004e240000060001004e200000060002004e200000060002004e230000060001004e200000140004000000000000000000000000000000000008000200ac1414aa140005000000000000000000000000000000000008000100e000000284000e801400018008000100ac141409080002000a0101010600034000000000060003400001000006000340000300000c000280050001009f0000000c00028005000100000000002c0001"], 0x1e8}}, 0x0)

4.596039041s ago: executing program 3 (id=493):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54b24f15655595860608d70ff6e425a6c36af37b33facd22dc8a9c7044410d324b03e654156762092a62fea8f13441431ce248bfc73a6726ee61b5191d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d100a05e97ed3dcad452db6e08a991e2c78b057f55deebde6f0b11ce65700c0a1ad7946ff7c355db87566e3e5abb7a37b52876fd9fa194c09273031900"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=ANY=[@ANYBLOB="f800000018000100000000000000000000000000000000000000000000000000e000000200000000000000000000000000000000000000000000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000ad9fad315e1b11d4f30bb00000000000000000000010000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000570e00000000000000000000000000000000000000000000fcffffffffffffff000000000000000000000000000000000000000000000000000000000000020c0000000000"], 0xf8}}, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r8, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

3.559584471s ago: executing program 1 (id=494):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000568000800", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010", @ANYRES8=0x0, @ANYRES64=r0], 0x48}, 0x1, 0x0, 0x0, 0x4044080}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x15, 0x3, "7339f2f30455afb9fdd672bad09dfb78c7"}, @NFTA_TARGET_REV={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x80}}, 0x20040040)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010028bd7000000008000100"], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000140)={r6, 0xe0d, 0x4, 0x7, 0x2, 0x8001}, 0x14)

2.220974007s ago: executing program 0 (id=495):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x8001, 0x5, 0xde, 0xffff}, 0x8)
sendto$inet6(r0, &(0x7f00000001c0)="ad", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, 0x0, 0x0)

2.220724557s ago: executing program 1 (id=496):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0x4}, 0x18)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000600)=0x6)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c000000190a010400000000000000000200000009000200730500000000000009000100"], 0x2c}}, 0x8004)

2.148361799s ago: executing program 3 (id=497):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x80002, 0x88)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r2, 0x0, <r3=>0xffffffffffffffff, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48, 0x7, r3, 0x0, 0x10001, 0x0, 0x6, 0xa9613, 0x313829, 0x2838310000000000})
openat(0xffffffffffffff9c, 0x0, 0x193042, 0x0)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000480)={[{0x2b, 'rdma'}]}, 0x6)
fallocate(0xffffffffffffffff, 0x8, 0x4000, 0x4000)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0xb, &(0x7f00000000c0)=0x7, 0x4)
syz_emit_ethernet(0x83, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x3f00, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB="340200e1", @ANYRES16=r9, @ANYBLOB="010000000000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2.08383065s ago: executing program 2 (id=498):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000002a82, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="200000001000010700000000e9ffffff0a0000000c0002006e6c3830323131"], 0x20}}, 0x400c0)

1.928935253s ago: executing program 1 (id=499):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x2000c89, &(0x7f0000001e40)=ANY=[], 0x1, 0x60c4, &(0x7f0000001f80)="$eJzs3U9vHGcdB/Df7K7Xf9KmUYWqECHhplBaSvM/gfKvKQcOcAAJ9Uwi160CKaAkIFpFxFUOiAvwEuDSC4e+BV5AXwPiBRAp6akHyqCxnycZb9ZZu4l3dv18PpIz85tnx/ubfD3eXe/MTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8aMf/ux0FRGXfpcWHIl4KvoRvYjlpl6NZuZivv0gIo7G5nA8FxH9xYhm/c1/nok4FxEfH464e+/mWrP4zC77OH/qxrXPfvyDf/3xL7eP/uKtn384Ov7TL5z96E+3Io785LWPPrv1ZLYdAAAASlHXdV2ll/nH0uv7XtdNAQBTkR//6yQvV6sfq66iilnqR63uvv5zby+3f+pQ1/2qD2jdVo93q11ExEZ7neY5g7fjAWDObMSnXbdAh+RftEFEHOq6CWCmVV03wL64e+/mWpXyrdqPB6tb4/nvlNvy36jun9+x03SS0WNMpvXzdTv68ewO/SxPqYdZkvPvjeZ/aWt8mG633/lPy075D7dOfSpOzr8/mv+Ibfn/NSIekf9u9qPu8u+Nzb9UOf/BXvLf6M/x/i9/AAAAAAAOvvz3/yMdv/+7+PibsiuPev93dUo9AAAAAAAAAMCT9rjX/7vP9f8AAABgZjWv1Rt/O/xg2U6fxdYsf7OKeHrk9kBhVlsfDggAAAAAAAAAAAAATMcgYiUd178QEU+vrNR13Xy1jdZ79bjrz7vStx9K1vUveQAA2PLx4ZFz+auIpYh4M33W38LKykpdLy2v1Cv18mJ+PjtcXKqXW69r87RZtjjcxRPiwbBuvtlSa722Sa+XJ42Pfr/mvoZ1fxeNTUeHgQNARGw9Gt31iHTA1PUz0fWzHOaD/f/gsf+zG13/nAIAAAD7r67rukof530sveff67opAGAq8uP/6PsCarV6xuvFiJnqZ57rT7YWzkw/avU+1m31eLfaRURstNdpnjO4HD8AzJmN+LTrFuiQ/Is2iIijXTcBzLSq6wbYF3fv3VyrUr5V+/FgdWs8HwuyLf+NanO9vP646SSjx5hM6+frdvTj2R36eW5KPcySnH9vNP9LW+P5Ev/7nf+07JR/s51HOuinazn//mj+Ix4n/+Ux36+7/Htj8y9Vzn+wp/z7c7z/yx8AAAAAgIMv//3/iPd/8yYDAAAAAAAAwNy5e+/mWj7vNb///6Uxt6vac3N9/q/z/9py/tWu85/387/l35bz743mP3JATr81f+eNB/l/cu/m2oc3/vPFPJ35/Bf6w+a+F6pef5CO+akX3o4rcTXW49RDtx9sGz/90PhCRCzdHz8zdvzB+mcfGh8248t5/ESsxa/jarx1f3xxwoFRSxPG6wnjOf++/b9IOf9B66vJfyWNVyPTxp0Peg/t9+3puPu5+I//vvjw3jV9t6N/f9vamu073kE/m/8nh4bx2+vr1078/vKNG9dOR5psW3om0uQJy/kvpK+c/0svbI3n3/vt/fXOB8M95z8rbsdgx/xfaM032/vylHvrQs5/mL5y/vkRaPz+P8/577z/v9JBPwAAAAAAAAAAAAAAAPAodV1vniJ6MSIupPN/ujo3EwCYrvz4Xyd5uVqtPlB1VUXMUj9q9V7q4Yz1M9d1Wz3e6+0iIv7ZXqd5zvCHcd8MAJhl/4uIf3fdBJ2Rf8Hy5/0106903QwwVdffe/+Xl69eXb92vetOAAAAAAAAAIDPK1//c7V1/efN44BGrhu97fqvb8Tq3F7/szfsb17rPG3Q8/Ho638fj0df/3sw4f4WJowPJ4wvThhfmjA+9kSPlpz/8ynjnP+xtGElXf/1pQ766VrO/3i61nPO/2sjt2vnX/99W/51FTFH+fe25X/yxru/OXn9vfdfvfLu5XfW31n/1elTF86dPX/u7PnzJ9++cnX91Na/HXa8v3L++drXjgMtS84/Zy7/suT8v5pq+Zcl5/9iquVflpx/fr4n/7Lk/PNrH/mXJef/cqrlX5ac/9dTLf+y5PxfSbX8y5Lz/0aq5V+WnP+rqZZ/WXL+J1It/7Lk/E+mWv5lyfnnd7jkX5acfz6yQf5lyfmfSbX8y5LzP5tq+Zcl538u1fIvS87/fKrlX5ac/4VUy78sOf9vplr+Zcn5fyvV8i9Lzv+1VMu/LDn/b6da/mXJ+X8n1fIvS87/u6mWf1ly/t9LtfzLkvP/fqrlX5ac/+upln9ZHnz+v5k9z6zMRhtmxs98eTbamNOZrn8zAQAAAAAAAAAAAACjpnE4cdfbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9nBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYu7sYuc76fuDPvnqdBOI/CSGEQBwnBEM22V2/JSY4mNd/GkqbBkJLC3WMvXYMfpPXJgmKyNLQFgRSI7UX9KIUKEVIbZWoQiqVKIpU1PauXBVFrVArcWFVUBkLKoEgW505z/N4ZnZ2Zr0v3plzPp8o+dk7Z2aeOXNmdr8bfecAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECzW98x+4dDIYTi38Z/toRwTfHnzWF/8df5PRu9QgAAAGC1ftn4719fm7+wfxlXatrmn1/3r99YWFhYCB+5eP6lP15YyBdsDWFkUwiNy5J/+dlPF5q3iZ4JE0PDTX8f7nH3Iz0uH+1x+ViPy8d7XL6px+UTPS5ftAMW2Vz+PqZxY7c3/ril3KXh+jDWuOz2Dtd6ZmjT8HD6XU7DUOM6C2NHwrFwPMyG6UXXGWr8E8K3bi3u64GQ7mu46b5uDiFc+PFTh9IahuI+vj203FlD83P3o7eFrRd//NShr5394asv/ngkzqfy7LkbFq00hO3binV+OoRLv64KQ2FT3idpncNN67y5wzpHWtY51Lhe8efm9RXzwjLXmR73RFznd7us8+b4tSduCyHMhyW3afdMGA5Xtd1r3t8T5RFR3EbxVL4ijF7WcXLrMo6T4jo/uK31OGk/JtP+vzXuk9El1tD8dPzoU+OL9vtKj5PiUa/+WF3dGkLcVw8Vdzox0fyr1ZZjtdjmqdcvfQx0fO46HAP5WG46Brb1OgaGx0cax8DwpTVvazkGZhZdZzgMNe7rfLHmidF8X+3HwNTZE6en5p78xF3HThw8Ont09uTM9J5dO3fv2rl799SRY8dnp8v/Xt4uHSBXheF8DG6L7zXpGHxD27bNh+TCl9fudTCx4a+DzY07Kh77++8oFnTNcFjiGC+2+fT21b8O8vf9ptfBaNProON7aofXwegyXgfFNhe2L+975mjTv53WsF7vhVuajoGN/H44GobmP/TGpd8Lb47r+sybLvf74ciiYyA9rKH42iu+kn/em7g37pfFx8VNxQVXj4dzc7Nn7n7i4NmzZ2ZCHFfEdU3PVfvxclXTYwqLjpfhyz5e9v/VL+64qcPXt8R9NXFn9+eq2GbXZPfnqvHu3nl/tnx1R4hjjV3p/dnpu1mxP3OW6LI/i20+fdfqfxbMuaTp/W+s1/vfyNho+f43kvfGWMv73+KnZqSxshAu3LW897+x+O+Vfv+7vk/e/4p99aG7ux8DxTafmbrcY2C06/vfbXEOxfW8MSaGiabc/1Lj8vnyMG16LnseN6OjY/G4GU332Hrc7Fx0neLWivvePr2y42b7ba3PVcvPLRU8bop99SfT3Y+bYpsXZlb/3rE5/bHpvWO81zEwNjJerHcsHwTl+93C5nQM3B0OhVPheDicr1M8y8V9Te5Y3jEwHv+90u8dN/bJMVDsqy/s6H4MFNt8Z+fa/uy0PX4lb9P0s1P77xeWyvw3jV66vfbdttaZv1jnO3d1/91Qsc0Pd11uzui+n+6MX7m6w35qf/0sdUwfDldmP90Y13l8d/ffTRXbXL9nmcfT/hDCizMvNn7fFX+/+7fn/u0bLb/37fQ75RdnXnxw6uHvXc76AQBYuZca/50fL3/WbPo/1sv5//8AAADAQEi5fzjOTP4HAACAyki5fyTOTP4HAACAyki5fzTOrCb5/7F79z73y6dD/jTAhShdnnZD6sWnjvf8/eX1ti5cUnz97V8de+6zTy/vvodDCL948DUdt3/s/rSu0um0zje3fn2RG29Z1v0/+sil7Zo/P+HC3vL20+NZ7mGQusrfmtrRuN2tT8405gsPhsZ8eP4zz5S3X/49bX9+Z7n9n8UPLdl/ZKjl+tvjem6Pc2v8TJmH9l/aD8VM13vu5tf943UfuHR/6XpD217eeJhf+GR5u+kzop69rtw+Pe6l1v8Pn/v6c8X2T7y+8/qfHu68/vPxdn8Q58/2lds37/PPNq3/9+P60/2l6939lW93XP/zryq3fz4eF1+Ks339b/uj1/6y0/OV7mf/feX10v1P/++uxvXS7aXbb1//xNMzLfuj/fZfuFjezr6P/2Skefv09XQ/yaP3tR7fQ/H5bemRhxC+/gehZT+Ht5TX+/u29afbO31f5/Xf2bbO00O3NK5/6fFsaXlcX/zLHR0fb1rP/r/Z0vJ4nn1X3H8Xp75T3O75h+PxGC//+XfL22v/LNPn4/VG2vbnl7aUr9t0e1Nt63+2bf3ztxT7rvf6H7hYrv/5t25qWf/+d8fj6YFy9lr/0T+/tuX6X/5a+XyceXyo5S63tL2ON01svurqa1728mvje2n73w+cOvvY7Jmt01unQ9g6gB8ZuN7r/0qc/1OO+bW/h9L3flIed59/T/l96w0/Lf/+bPz6o/H5TN8fv/inYy3Ha/vzPv/Wcq52/W+K61iuV33uv25Z1obnP/ytc3/3ez9s/7kgPZ7Tr5xoPL4v3HpD47KhF8rL29+vevnPV7a+rr8/Ot2Y34z7dSF+MvO2G8r7a7/99Nkkn39f+fotf5JbyNcPbZ8nsmWk9XGsdv3fjz/HfPvG1ve/dHx88+m2T3PeEoaKJczH94cwX16etkr7+/MXbgjh0F8sur/0OTxh/tWXs8wlzT05N3X82IWFJ6bOzs6dnZp78hMHTpw6d/LsgcZnlx74aK/rX3p9X9V4fR+e3bMrNF7tp8qxzsr1nzy3Ues//cihw/dM33F49sjBc0fOPnJ69szRQ3Nzh2YPz91x8MiR2cd7Xf/Y4X0zO/buvGfH5NFjh/fdu3fvzr2Tx06eKpZRLqqHPdMfmzx55kDjKnP7du2d2b171/TkiVOHZ/fdMz09ea7X9U/NnTt2eLK49scnz8weP3j22InZybljn5jdN7N3z54dPT/98cTpI3Nbp86cOzl1bm72zFT5WLaebXz5zOOTJ3tdn3qYOxXf79oMxZ/OP3jnnvz5uIWvfmrJmyo3af3xNPwofhZU+v7W6+8p94/FmdUk/wMAAEAdpNwfP/j/0gXyPwAAAFRGyv2b4szkfwAAAKiMlPsn4sxqkv+X2/9/6P7WPq7+fyv9/87r1//X/9f/D+HM45MnGx3Lpr2q/7929P/1/8Oi/n+oRv+/g/Xp/29cf37Q16//r/9Pb/3W/0+5f3MItcz/AAAAUAcp918VZyb/AwAAQGWk3H91nJn8DwAAAJWRcv81cWb1yP9j7X/U/9f/1/9v7v+nbfX/g/6//v8K6f/r/3ej/6//P8jr78P+/2b9f/pNv/X/U+5/WZxZPfI/AAAA1ELK/S+PM5P/AQAAoDJS7r82zkz+BwAAgMpIuX9LnFlN8r/z/9eo/58+7UH/3/n/4+3o/5f0/9eX/r/+fzf6//r/g7z+Puz/O/8/faff+v8p9/+/OLOa5H8AAACog5T7XxFnJv8DAABAZaTcf12cmfwPAAAAlZFy//VxZjXJ//r/Ner/O///oudL/791nfr/+v/rQf//CvT//3v52+v/tz4O/X/9f/3/K9v/b/+eT/X1W/8/5f5XxpnVJP8DAABAHaTcf0OcmfwPAAAAlZFy/6vizOR/AAAAqIyU+2+MM6tJ/tf/1//X/9f/1//X/19P+v/O/9+N/r/+/yCvX//f+f/prd/6/yn3vzrOrCb5HwAAAOog5f6b4sw65P/2/2cEAAAADIaU+18TZ+b//wMAAEBlpNx/c5xZTfK//r/+/8b2/4f0//X/9f/1/1dlbfv/w0teov9f0v9vpf+v/6//r/9Pd/3W/0+5/7VxZjXJ/wAAAFAHKfe/Ls5M/gcAAIDKSLn/ljgz+R8AAAAqI+X+rXFmNcn/+v+r6f+P5j/p/3dev/P/6//r/+v/D1b/f2n6/yX9/1b6//r/+v/6/3TXb/3/lPtvjTOrSf4HAACAOki5f1ucmfwPAAAAlZFy/21xZvI/AAAAVEbK/bfHmdUk/+v/9935/4P+v/5/8+3o/+v/6/93p/+v/x8Guf//mvLL+v+DuX79/+X1/8d73RCV1m/9/5T7Xx9nVpP8DwAAAHWQcv8dcWbyPwAAAFRGyv1viDOT/wEAAKAyUu7fHmdWk/yv/993/X/n/9f/b7kd/X/9f/3/7gat/z8Rluz/b17JuvT/SwPb/3f+/4Fev/7/Ks7///PLeqkxwPqt/59y/xvjzGqS/wEAAKAOUu5/U5yZ/A8AAACVkXL/nXFm8j8AAABURsr9k3FmNcn/+v/17f/P6//r/7etU/9f/389VLX/nz9Hxfn/9f/1//X/9f8vv/9PbfRb/z/l/rvizGqS/wEAAKAOUu6/O85M/gcAAIDKSLl/Ks5M/gcAAIDKSLl/Os6sJvlf/7++/f+g/6//37ZO/X/9//VQ1f7/Ss//r//fSv9f/3+Q179U/388hKD/r/9Pqd/6/yn3z8SZ1ST/AwAAQB2k3L8jzkz+BwAAgMpIuX9nnJn8DwAAAJWRcv+uOLOa5H/9f/1//X/9f/3/5v7/e/89XUf/f23o/w9A/3+sw4b6/8ui/6//v9rz/78Q9P+pjuEOX+u3/n/K/bvjzGqS/wEAAKAOUu7fE2cm/wMAAEBlpNx/T5yZ/A8AAACVkXL/vXFmNcn/69T/H1/Ofev/6/8H/X/9/679/9b7d/5//f9O9P+d/z/o/6/Yqvrzn9L/X4v+v/P/U3Vr2/+/dtX9/5T798aZ1ST/AwAAQB2k3P/mODP5HwAAACoj5f774szkfwAAABgonc5DmKTc/5Y4s5rkf+f/r3r/f2GT/n8d+v9pj1St/9+6P/X/9f870f/X/w/6/yu20f35QV+//r/+P72tbf9/0Y+nl93/T7l/X5xZTfI/AAAA1EHK/ffHmcn/AAAAUBkp9781zkz+BwAAgMpIuX9/nFlN8r/+f9X7//13/v+hoP/v/P8l/X/9/7Wg/6//H/T/V2yl/fn4Y4v+fx/1/4tjSP+fftRv/f+U+98WZ1aT/A8AAAB1kHL/2+PM5H8AAACojJT73xFnJv8DAABAZaTc/844s5rkf/1//X/n/9f/1//X/19P+v/6/93o/w9m/z/R/++f/r/z/9Ov+q3/n3L/u+LMapL/AQAAoA5S7n93nJn8DwAAAJWRcv//jzOT/wEAAKAyUu5/IM6sJvlf/1//X/9f/1//X/9/Pen/90H/f+GT+Y/6/62PQ/9f/78S/f9h/X/6V7/1/1Pu/5U4s5rkfwAAAKiSzUt8PeX+B+PM5H8AAACojJT73xNnJv8DAABAZaTc/6txZjXJ//Xp/z/a0qG60v3/4Xz7dej/F5fq/wf9f/1//f8G/f8+6P832ej+/9Bo69/1/2vQ/29/k19D+v/O/0//67f+f8r9740zq0n+BwAAgDpIuf/X4szkfwAAAKiMlPt/Pc5M/gcAAIDKSLn/oTizmuT/+vT/Wzn/f8n5/7v2/4vDXf+/yRXv/4+27k/9f/3/TvT/B6v/307/vwb9/3W00evX/9f/p7d+6/+n3P8bcWY1yf8AAABQByn3PxxnJv8DAABAZaTc/744M/kfAAAAKiPl/vfHmdUk/+v/6//r/zv/f9/2/9v2p/6//n8n+v/6/0H/f8U2uj8/6OvX/9f/p7d+6/+n3P9InFlN8j8AAADUQcr9H4gzk/8BAACgMlLu/804M/kfAAAAKiPl/t+KM6tJ/tf/1//X/9f/1//X/19P+v+L+//Fe9hG9v/Hl7Oh/v+y6P/r/+v/6//TXb/1/1Pu/2CcWU3yPwAAANRByv2/HWcm/wMAAEBlpNz/O3Fm8j8AAABURsr9H4ozq0n+1//X/9f/r1P/v3yP0/9vpf+/vvT/nf+/m7Xv//9T4+/6/8uz0f35QV+//r/+P731W/8/5f4Px5nVJP8DAABAHaTc/7txZvI/AAAAVEbK/QfizOR/AAAAqIyU+x+NM6tJ/tf/1//X/69T/9/5//X/rzz9f/3/bpz/X/9/kNev/6//T2/91v9Puf9gnFlN8j8AAADUQcr9H4kzk/8BAACgMlLuPxRnJv8DAABAZaTcfzjOrCb5X/9f/1//X/9f/7/f+///kd9l9f8X0//X/w/6/yu2mv58WrP+v/6//j/d9Fv/P+X+2TizmuR/AAAAqIOU+4/Emcn/AAAAUBkp9x+NM5P/AQAAoDJS7n8szqwm+V//X/9f/1//X/+/3/v/zv/fjf6//n/Q/1+xje7PD/r69f/1/+mt3/r/KfcfizOrSf4HAACAOki5/6NxZvI/AAAAVEbK/R+LM5P/AQAAoDJS7j8eZ1aT/K//r/+v/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+mt3/r/KfefiDOrSf4HAACAOki5/2ScmfwPAAAAlZFy/6k4M/kfAAD4P/bua9muq8rj8D52q22Xq9v9Kv0E8Abc8ALccEcVOQeTsck555xzzsnkZJLJGUwwmAyGwpR0xhhWOFprW+yts9Yc33czqkFuLZAt6l+qX01gGLn77x63NNn/+n/9v/5/+/7/huvP/Htmsf2/9/9P0f8vg/5f/z9F/6//X/P36//1/8xbWv+fu/8ecUuT/Q8AAAAd5O6/Z9xi/wMAAMAwcvffK26x/wEAAGAYufvvHbc02f/6f/2//n/A9//1/6fo/5dB/6//n6L/1/+v+fv1//p/5i2t/8/df5+4pcn+BwAAgA5y9983brH/AQAAYBi5++8Xt9j/AAAAMIzc/fePW5rsf/3/Mvr//Bf0//9Z/5/O/v5LN6vo/w87P/2//l//f7vo//X/G/3/BTvufn7t36//1/8zb2n9f+7+B8QtTfY/AAAAdJC7/4Fxi/0PAAAAw8jd/6C4xf4HAACAYeTuf3Dc0mT/6/+X0f97/7/v+/9XnvbXef8/fl1H7P8Pbvtp9f+7pf/X/2/0/xfsuPv5tX+//l//z7yl9f+5+x8StzTZ/wAAANBB7v6Hxi32PwAAAAwjd//D4hb7HwAAAIaRu//quKXJ/tf/6//1/4t5/1//n7+uI/b/3v/X/+v/j6T/1/+v+fv1//p/5i2t/8/d//C4pcn+BwAAgA5y9z8ibrH/AQAAYBi5+x8Zt9j/AAAAMIzc/Y+KW5rsf/2//l//r//X/+v/90n/r/+fov/X/6/5+/X/+n/mLa3/z93/6Lilyf4HAACADnL3PyZusf8BAABgGLn7Hxu32P8AAAAwjNz9j4tbmux//b/+X/+v/9f/6//3Sf+v/5+i/9f/r/n79f/6f+btvf+/0zWn7rb9f+7+a+KWJvsfAAAAOsjdf23cYv8DAADAMHL3Pz5usf8BAABgGLn7nxC3NNn/R/T/l270/037/1sPFtj//6/+X/9/sLklfpfR/+v/z6X/1/9v9P8X7Pz9/Hb/Tej/9f/6f+bsvf+f6f3P/r9z9z8xbmmy/wEAAKCD3P1PilvsfwAAABhG7v4nxy32PwAAAAwjd/9T4pYm+9/7//r/Xb7/n/9/vf9/SP/v/X/9v/5f/z9tj/3/XfO/zJH6/1u8/7+o75/q/++wxffr/+lgaf1/7v6nxi1N9j8AAAB0kLv/aXGL/Q8AAADDyN3/9LjF/gcAAIBh5O5/RtzSZP/voP//b/2//n+P7/8vs/+/4vCv1/+f+T36f/3/UfT/+v8p3v9f6vv/+n/v/+v/2Y2l9f+5+58ZtzTZ/wAAANBB7v5nxS32PwAAAAwjd/+z4xb7HwAAAIaRu/85cUuT/e/9f/2//t/7/6f1/1ed+Z9ki/7/Uv2//n+a/l//P0X/r/9f8/fr//X/zFta/5+7/7lxS5P9DwAAAB3k7n9e3GL/AwAAwDBy9z8/brH/AQAAYBi5+18QtzTZ//p//b/+X//v/X/9/z7p/4fr/w/0/7fR/+v/9f/6f6Ytrf/P3f/CuKXJ/gcAAIAOcve/KG6x/wEAAGAYuftfHLfY/wAAADCM3P0viVua7H/9v/5f/6//1//r//dJ/z9c/+/9/9Po//X/+n/9P9OW1v/n7n9p3NJk/wMAAEAHuftfFrfY/wAAADCM3P0vj1vsfwAAABhG7v5XxC1N9r/+X/+v/9f/L7T/v0T/r//fhv5f/78ZsP+//Dw/n/5/Wd+/m/4/f/X1/4xpaf1/7v5Xxi1N9j8AAAB0kLv/VXGL/Q8AAADDyN3/6rjF/gcAAIBh5O5/TdzSZP+fr/+/+crDf1//vx39/9Hfr//X/3v/X/+v/+/Q/9+o//f+v/7f+//6f460tP4/d/9r45Ym+x8AAAA6yN3/urjF/gcAAIBh5O5/fdxi/wMAAMAwcve/IW5psv+9/6//1//r//X/+v990v9fhP7/xPY/3vv/Z/7nuB3ff9lR/6L+X/+v/9f/M21p/X/u/jfGLU32PwAAAHSQu/9NcYv9DwAAAMPI3f/muMX+BwAAgGHk7n9L3NJk/+v/9f/H3v9fov9P+v/4dT26/7/q5G/Z+v/N6uj/O7z/36L/P5L+X/+v/9f/M21p/X/u/rfGLU32PwAAAHSQu/9tcYv9DwAAAMPI3f/2uMX+BwAAgGHk7n9H3NJk/+v/9f/H3v97/7/o/+PX1fv/+v/bQf+v/9/o/y/Ycffza/9+/b/+n3lL6/9z978zbmmy/wEAAKCD3P3vilvsfwAAABhG7v53xy32PwAAAAwjd/974pYm+1//r//X//fq/09s9P/6/4tL/6//n6L/1/+v+fv1//p/5i2t/8/d/964pcn+BwAAgA5y978vbrH/AQAAYBi5+98ft9j/AAAAMIzc/R+IW5rsf/3/2vv/u9wUX6D/1/97/1//v0j6f/3/FP2//n/N36//1/8zb2n9f+7+D8YtTfY/AAAAdJC7/0Nxi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/T5zzw8bp/73/r//X/+v/l03/f0T/n/+zpP/X/+v/V/39+n/9P/OW1v/n7v9o3NJk/wMAAEAHufs/FrfY/wAAADCM3P0fj1vsfwAAABhG7v5PxC1N9n+P/v9c+v9DO+//b71K/6//L/p//f9G/7/I9//P/mfgSPr/rej/V9f//+v0v6X1/xP9/8FG/89OLK3/z93/ybilyf4HAACADnL3Xxe32P8AAAAwjNz9n4pb7H8AAAAYRu7+T8cN//8/x/dJF5X+X//v/X/9v/5f/79P+v/l9f9b/UD9/1b0/6vr/3f6/UP3/97/Z0eW1v/n7v9M3OLP/wEAAGAYufs/G7fY/wAAADCM3P2fi1vsfwAAABhG7v7Pxy1N9r/+X/+v/9f/6/930v9fvdls9P9H0P+P2v8f/k6i/9f/6/+b9//5T5j+n/NYWv+fu/8LcUuT/Q8AAAAd5O7/Ytxi/wMAAMAwcvd/KW6x/wEAAGAYufu/HLcMsv9PzPz7o/b//zfzc+v/D+n/9f8b/b/3//dM/z9q/+/9/43+X/+v//f+P7OW1v/n7v9K3DLI/gcAAIC+DvKPD2v3Xx+32P8AAAAwjNz9X41b7H8AAAAYRu7+r8UtTfb/qP3/HP3/If2//n+j/9f/75n+X/8/Rf+v/1/z9+v/9f/MW1r/n7v/63FLk/0PAAAAHeTu/0bcYv8DAADAMHL3fzNusf8BAABgGLn7b4hbmuz/ffX/V2zxc++7/5/6Yfr/Q/vp/0/+vaT/3+j/9f8Xof/f5vfa46b/1/9P0f/r/9f8/fp//T/zltb/5+7/VtzSZP8DAABAB7n7vx232P8AAAAwjNz934lb7H8AAAAYRu7+78YtTfa/9//1/97/1//r/9fb/6+B/l//P0X/36z/v3Inn318338W/b/+n3lL6/9z938vbmmy/wEAAKCD3P3fj1vsfwAAABhG7v4fxC32PwAAAAwjd/8P45Ym+1//r//X/+v/19b/X3ud/n9N9P/6/yn6/2b9/44d9/fr//X/zFta/5+7/0dxS5P9DwAAAB3k7v9x3GL/AwAAwDBy9/8kbrH/AQAAYBi5+38atzTZ//p//b/+X/+/tv7f+//rov/X/0/R/+v/1/z9+n/9P/OW1v/n7v9Z3NJk/wMAAEAHuft/HrfY/wAAADCM3P2/iFvsfwAAABhG7v4b45Y7npOkDkn/r//X/+v/9f/6/31q2/+f/J9V/f8s/b/+f83fr//X/zNvaf1/7v5fxi3+/B8AAACGkbv/V3GL/Q8AAADDyN3/67jF/gcAAIBh5O7/TdzSZP/r//X/+n/9v/5f/79Pbft/7/9vRf+v/1/z9+v/9f/MW1r/n7v/prilyf4HAACADnL3/zZusf8BAABgGLn7fxe32P8AAAAwjNz9N8ctTfa//l//P2T/f5n+X/+v/18K/b/+f4r+X/+/5u8/1f8fxD+4+n/9P0daWv+fu//3cUuT/Q8AAAAd5O7/Q9xi/wMAAMAwcvf/MW45Z//f7SJ+FQAAALBLufv/FLc0+fN//b/+f8j+/0Lf/z/566D/1/8H/f9u6P/1/1P0//r/NX+/9//1/8xbWv+fu//PcUuT/Q8AAAAd5O7/S9xi/wMAAMAwcvf/NW6x/wEAAGAYufv/Frc02f/6f/2//t/7//p//f8+6f/1/1P0//r/NX+//l//z7yl9f+5+/8etzTZ/wAAANBB7v5b4hb7HwAAAIaRu/8fcYv9DwAAAMPI3f/PuGWL/f9fe/uqi0f/r//X/+v/9f/6/33S/+v/p+j/l97/3/nyqb9e/6//1/8zZ2n9f+7+fwcAAP//mwoIrQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x11)
fdatasync(r0)
socket$packet(0x11, 0x2, 0x300)
r1 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0xc0185879, &(0x7f00000004c0)={0x0, 0xffffffffffffffff, 0x400000, 0x1ff, 0x0, 0x0, 0x2401})

1.098488719s ago: executing program 2 (id=500):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x2f, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0xfff1}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}]}}]}]}]}}]}, 0x70}}, 0x20040054)

844.968984ms ago: executing program 2 (id=501):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x111})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)

41.006979ms ago: executing program 0 (id=502):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f00000001c0), 0x10)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000007c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0300000100000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x48}}, 0x20000000)
recvmmsg(r0, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000004c0)=""/188, 0xbc}, {0x0}], 0x2}, 0x200}], 0x1, 0x60000163, 0x0)

0s ago: executing program 1 (id=503):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='jbd2_handle_extend\x00'}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfe33)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x8)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
writev(r5, &(0x7f0000001040)=[{&(0x7f0000000040)='\n', 0x1}], 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)=ANY=[], 0x20)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2}, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.45' (ED25519) to the list of known hosts.
[   74.553754][ T5777] cgroup: Unknown subsys name 'net'
[   74.694333][ T5777] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   76.351391][ T5777] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   78.687860][ T5796] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   78.690911][ T5799] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   78.696196][ T5796] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   78.704215][ T5799] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   78.711417][ T5796] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   78.718369][ T5799] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   78.724719][ T5796] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.732056][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   78.739494][ T5796] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.745759][ T5799] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   78.753267][ T5796] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.759519][ T5799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.767920][ T5796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.773652][ T5799] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   78.781120][ T5796] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   78.787957][ T5799] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   78.794994][ T5796] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   78.837093][ T5799] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   78.846961][ T5799] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   78.866166][ T5791] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   78.876101][ T5791] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   78.883283][ T5799] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   78.894478][ T5799] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   78.901640][ T5791] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   79.326091][ T5789] chnl_net:caif_netlink_parms(): no params data found
[   79.398879][ T5787] chnl_net:caif_netlink_parms(): no params data found
[   79.492868][ T5786] chnl_net:caif_netlink_parms(): no params data found
[   79.605191][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.615146][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.622637][ T5787] bridge_slave_0: entered allmulticast mode
[   79.629743][ T5787] bridge_slave_0: entered promiscuous mode
[   79.652423][ T5788] chnl_net:caif_netlink_parms(): no params data found
[   79.668434][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.675611][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.683278][ T5787] bridge_slave_1: entered allmulticast mode
[   79.690350][ T5787] bridge_slave_1: entered promiscuous mode
[   79.697592][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.704725][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.712017][ T5789] bridge_slave_0: entered allmulticast mode
[   79.719411][ T5789] bridge_slave_0: entered promiscuous mode
[   79.772051][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.779311][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.786435][ T5789] bridge_slave_1: entered allmulticast mode
[   79.794078][ T5789] bridge_slave_1: entered promiscuous mode
[   79.845567][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.859493][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.883730][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.893402][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.900890][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.908297][ T5786] bridge_slave_0: entered allmulticast mode
[   79.915229][ T5786] bridge_slave_0: entered promiscuous mode
[   79.939713][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.961800][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.969888][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.977635][ T5786] bridge_slave_1: entered allmulticast mode
[   79.984600][ T5786] bridge_slave_1: entered promiscuous mode
[   80.033573][ T5787] team0: Port device team_slave_0 added
[   80.048852][ T5789] team0: Port device team_slave_0 added
[   80.067533][ T5787] team0: Port device team_slave_1 added
[   80.075854][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.111369][ T5789] team0: Port device team_slave_1 added
[   80.142763][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.153272][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.161015][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.168347][ T5788] bridge_slave_0: entered allmulticast mode
[   80.175396][ T5788] bridge_slave_0: entered promiscuous mode
[   80.196410][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.203721][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.230193][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.254684][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.261991][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.270091][ T5788] bridge_slave_1: entered allmulticast mode
[   80.277172][ T5788] bridge_slave_1: entered promiscuous mode
[   80.303151][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.311037][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.337021][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.380224][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.387484][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.413882][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.428006][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.434986][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.461138][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.477684][ T5786] team0: Port device team_slave_0 added
[   80.498569][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.517212][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.528480][ T5786] team0: Port device team_slave_1 added
[   80.603626][ T5787] hsr_slave_0: entered promiscuous mode
[   80.610977][ T5787] hsr_slave_1: entered promiscuous mode
[   80.632579][ T5788] team0: Port device team_slave_0 added
[   80.666227][ T5789] hsr_slave_0: entered promiscuous mode
[   80.673692][ T5789] hsr_slave_1: entered promiscuous mode
[   80.680200][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.688918][ T5789] Cannot create hsr debugfs directory
[   80.695968][ T5788] team0: Port device team_slave_1 added
[   80.713083][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.720298][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.746379][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.759208][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.766180][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.792341][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.857498][   T50] Bluetooth: hci0: command tx timeout
[   80.863536][ T5791] Bluetooth: hci3: command tx timeout
[   80.887623][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.894620][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.920999][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.939077][ T5791] Bluetooth: hci1: command tx timeout
[   80.946701][ T5791] Bluetooth: hci2: command tx timeout
[   80.973129][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.980357][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.006649][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.033504][ T5786] hsr_slave_0: entered promiscuous mode
[   81.040768][ T5786] hsr_slave_1: entered promiscuous mode
[   81.047078][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.054659][ T5786] Cannot create hsr debugfs directory
[   81.178236][ T5788] hsr_slave_0: entered promiscuous mode
[   81.184634][ T5788] hsr_slave_1: entered promiscuous mode
[   81.191169][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.198809][ T5788] Cannot create hsr debugfs directory
[   81.450907][ T5787] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   81.465666][ T5787] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   81.482053][ T5787] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   81.493537][ T5787] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   81.567149][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   81.579213][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   81.591700][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   81.601631][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   81.683772][ T5786] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   81.708261][ T5786] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   81.720158][ T5786] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   81.730088][ T5786] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   81.858189][ T5788] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.870335][ T5788] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.896150][ T5788] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.918544][ T5788] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.953017][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.030798][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.066386][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[   82.134655][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[   82.166773][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.174174][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.202889][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.232963][  T190] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.240179][  T190] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.274164][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.304231][  T190] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.311498][  T190] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.325939][  T190] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.333218][  T190] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.403329][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   82.415239][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[   82.465984][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.499523][ T1072] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.506760][ T1072] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.525131][ T1072] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.532335][ T1072] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.544623][ T1072] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.551821][ T1072] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.563469][ T1072] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.570620][ T1072] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.701702][ T5789] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   82.715282][ T5789] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.742648][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.937649][ T5791] Bluetooth: hci0: command tx timeout
[   82.950048][ T5791] Bluetooth: hci3: command tx timeout
[   83.018865][ T5791] Bluetooth: hci2: command tx timeout
[   83.024338][ T5791] Bluetooth: hci1: command tx timeout
[   83.032301][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.127301][ T5787] veth0_vlan: entered promiscuous mode
[   83.145675][ T5787] veth1_vlan: entered promiscuous mode
[   83.219882][ T5787] veth0_macvtap: entered promiscuous mode
[   83.274921][ T5787] veth1_macvtap: entered promiscuous mode
[   83.304945][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.320336][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.332685][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.352204][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.371548][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.385623][ T5787] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.395039][ T5787] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.404026][ T5787] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.412808][ T5787] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.553788][ T5788] veth0_vlan: entered promiscuous mode
[   83.593856][ T5788] veth1_vlan: entered promiscuous mode
[   83.602577][ T5789] veth0_vlan: entered promiscuous mode
[   83.638809][ T5786] veth0_vlan: entered promiscuous mode
[   83.649528][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.661827][ T5789] veth1_vlan: entered promiscuous mode
[   83.667254][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.735688][ T1080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.749296][ T5786] veth1_vlan: entered promiscuous mode
[   83.756368][ T1080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.773265][ T5788] veth0_macvtap: entered promiscuous mode
[   83.803509][ T5789] veth0_macvtap: entered promiscuous mode
[   83.812168][ T5788] veth1_macvtap: entered promiscuous mode
[   83.859978][ T5789] veth1_macvtap: entered promiscuous mode
[   83.884830][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.896103][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.909184][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.935447][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.968014][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.987334][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.998505][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.011184][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.032833][ T5786] veth0_macvtap: entered promiscuous mode
[   84.044446][ T5786] veth1_macvtap: entered promiscuous mode
[   84.072754][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.086727][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.106759][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.117743][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.132644][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.144787][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.161630][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.204206][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.215952][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.229652][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.244724][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.260135][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.272803][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.284461][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.299338][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.309338][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.321737][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.136646][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.178269][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.189018][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.216822][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.233349][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.251623][ T5791] Bluetooth: hci3: command tx timeout
[   85.268585][   T50] Bluetooth: hci0: command tx timeout
[   85.268783][ T5103] Bluetooth: hci2: command tx timeout
[   85.274050][   T50] Bluetooth: hci1: command tx timeout
[   85.292775][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.302215][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.326691][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.335529][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.360550][ T5786] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.374782][ T5786] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.385476][ T5786] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.398232][ T5786] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.424018][ T5788] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.438880][ T5788] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.454132][ T5788] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.468348][ T5788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.257018][  T190] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.264901][  T190] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.383301][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.426823][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.447529][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.476609][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.620556][ T1072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.664223][ T1072] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.738879][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.757772][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.796184][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.813002][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.070170][  T787] cfg80211: failed to load regulatory.db
[   87.168253][ T5900] syz.1.2[5900]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   87.203608][ T5900] loop1: detected capacity change from 0 to 128
[   87.341855][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   87.658911][ T5103] Bluetooth: hci1: command tx timeout
[   87.664395][ T5103] Bluetooth: hci0: command tx timeout
[   88.045116][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   88.069990][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   88.147515][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   88.156503][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   88.218555][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   88.249987][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   89.171150][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   89.497652][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   89.816978][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   89.975641][ T5900] sched: RT throttling activated
[   90.011782][ T5791] Bluetooth: hci2: command tx timeout
[   90.146081][ T5799] Bluetooth: hci3: command tx timeout
[   91.391986][ T5920] loop1: detected capacity change from 0 to 4096
[   91.428446][ T5920] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[   91.625890][ T5920] ntfs3: loop1: ino=1e, "file1" ntfs_sync_inode failed, -22.
[   91.640260][ T5920] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[   91.670432][ T5920] ntfs3: loop1: ino=1e, "file1" ntfs_sync_inode failed, -22.
[   91.729659][ T1145] ntfs3: loop1: ino=1e, ntfs3_write_inode failed, -22.
[   91.753268][ T5915] loop3: detected capacity change from 0 to 32768
[   91.870073][ T5915] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[   91.936513][ T5915] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   91.949222][ T5931] loop1: detected capacity change from 0 to 1024
[   92.250581][ T5923] loop0: detected capacity change from 0 to 32768
[   92.454839][ T5923] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   92.545608][ T5915] XFS (loop3): Ending clean mount
[   92.684098][ T5924] loop2: detected capacity change from 0 to 32768
[   92.939662][ T5924] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[   92.948774][ T5924] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   92.968013][ T5786] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   93.005822][ T5923] XFS (loop0): Ending clean mount
[   93.082289][ T5923] XFS (loop0): Quotacheck needed: Please wait.
[   93.121907][ T5924] XFS (loop2): Ending clean mount
[   93.155094][ T5924] XFS (loop2): Quotacheck needed: Please wait.
[   93.244375][ T5923] XFS (loop0): Quotacheck: Done.
[   93.281467][ T5924] XFS (loop2): Quotacheck: Done.
[   93.516642][   T28] audit: type=1804 audit(1757574564.278:2): pid=5924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.12" name="/newroot/4/file0/file1" dev="loop2" ino=6150 res=1 errno=0
[   93.644323][ T5788] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   93.646037][ T5787] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   94.359941][ T5966] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   94.541661][ T5968] loop2: detected capacity change from 0 to 128
[   94.554381][ T5968] =======================================================
[   94.554381][ T5968] WARNING: The mand mount option has been deprecated and
[   94.554381][ T5968]          and is ignored by this kernel. Remove the mand
[   94.554381][ T5968]          option from the mount to silence this warning.
[   94.554381][ T5968] =======================================================
[   94.691174][ T5968] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   94.705848][ T5968] hpfs: filesystem error: improperly stopped
[   94.712320][ T5968] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   94.720182][ T5968] hpfs: You really don't want any checks? You are crazy...
[   94.729821][ T5968] hpfs: hpfs_map_sector(): read error
[   94.735275][ T5968] hpfs: code page support is disabled
[   94.767772][ T5968] hpfs: hpfs_map_4sectors(): unaligned read
[   94.774737][ T5968] hpfs: hpfs_map_4sectors(): unaligned read
[   94.780812][ T5968] hpfs: filesystem error: unable to find root dir
[   94.822848][ T5968] hpfs: hpfs_map_4sectors(): unaligned read
[   95.884606][ T5976] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   96.841544][ T5799] Bluetooth: hci0: Malformed Event: 0x02
[   98.661952][ T5993] loop1: detected capacity change from 0 to 65536
[   99.961914][ T6013] loop2: detected capacity change from 0 to 128
[  100.017373][ T6013] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  100.029670][ T6013] hpfs: filesystem error: improperly stopped
[  100.035766][ T6013] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  100.043761][ T6013] hpfs: You really don't want any checks? You are crazy...
[  100.052883][ T6013] hpfs: hpfs_map_sector(): read error
[  100.058461][ T6013] hpfs: code page support is disabled
[  100.065786][ T6013] hpfs: hpfs_map_4sectors(): unaligned read
[  100.072346][ T6013] hpfs: hpfs_map_4sectors(): unaligned read
[  100.078397][ T6013] hpfs: filesystem error: unable to find root dir
[  100.104078][ T6013] hpfs: hpfs_map_4sectors(): unaligned read
[  104.945384][ T5993] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/loop1": -EINTR
[  107.499142][ T6025] loop3: detected capacity change from 0 to 4096
[  107.735439][ T6025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.952023][ T6016] loop2: detected capacity change from 0 to 32768
[  108.013640][ T6016] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.31 (6016)
[  108.263267][ T6016] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  108.287176][ T6016] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  108.308692][ T6016] BTRFS info (device loop2): using free space tree
[  108.317991][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  108.320499][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  108.337488][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  108.357277][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  108.376972][ T5887] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[  108.399484][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  108.407517][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  108.427841][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  108.443397][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  108.479755][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  108.502629][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  108.526096][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  108.547974][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  108.569743][ T6048] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.35: corrupted inode contents
[  108.599635][ T6016] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  108.605225][ T6016] BTRFS error (device loop2): open_ctree failed: -12
[  108.626198][ T5887] usb 2-1: config index 0 descriptor too short (expected 1307, got 27)
[  108.642472][ T5887] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[  108.661822][ T5887] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[  108.693145][ T5887] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  108.730116][ T5887] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  108.762077][ T5887] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  108.810586][ T5887] usb 2-1: string descriptor 0 read error: -22
[  108.920898][ T5887] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  108.930492][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.951203][ T5887] usb 2-1: config 0 descriptor??
[  108.966779][ T6032] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  108.979321][ T6048] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #15: comm syz.3.35: mark_inode_dirty error
[  109.006047][ T5887] hub 2-1:0.0: bad descriptor, ignoring hub
[  109.021971][ T5887] hub: probe of 2-1:0.0 failed with error -5
[  109.060947][ T5887] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input5
[  109.076849][ T6048] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.35: corrupted inode contents
[  109.100276][ T6058] loop0: detected capacity change from 0 to 64
[  109.260859][ T6048] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.35: mark_inode_dirty error
[  109.459995][ T6048] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.35: corrupted inode contents
[  110.783787][ T6048] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.35: mark_inode_dirty error
[  110.827964][ T6048] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.35: corrupted inode contents
[  110.944270][ T6048] EXT4-fs error (device loop3): ext4_truncate:4288: inode #15: comm syz.3.35: mark_inode_dirty error
[  110.956148][ T6048] EXT4-fs error (device loop3) in ext4_setattr:5645: Corrupt filesystem
[  110.972682][ T6052] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.35: corrupted inode contents
[  111.224230][ T6060] loop2: detected capacity change from 0 to 32768
[  111.236004][ T6060] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.40 (6060)
[  111.275464][ T6060] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  111.303205][ T6060] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  111.327059][ T6060] BTRFS info (device loop2): setting nodatacow, compression disabled
[  111.353528][ T6060] BTRFS info (device loop2): setting datacow
[  111.381059][ T6060] BTRFS info (device loop2): doing ref verification
[  111.416591][ T6060] BTRFS info (device loop2): force clearing of disk cache
[  111.423976][ T6060] BTRFS info (device loop2): setting datasum
[  111.447677][ T6060] BTRFS info (device loop2): turning on sync discard
[  111.471105][ T6060] BTRFS info (device loop2): doing ref verification
[  111.487337][ T6060] BTRFS info (device loop2): enabling ssd optimizations
[  111.504948][ T6060] BTRFS info (device loop2): using spread ssd allocation scheme
[  111.524302][ T6060] BTRFS info (device loop2): using free space tree
[  111.745565][ T6060] BTRFS info (device loop2): rebuilding free space tree
[  111.787146][   T27] usb 2-1: USB disconnect, device number 2
[  111.860732][ T5786] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  111.937884][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.332064][ T5787] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  112.401401][ T6089] loop3: detected capacity change from 0 to 256
[  112.463937][ T6089] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  112.522560][ T6089] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  112.606028][ T6089] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  112.629978][ T6092] Zero length message leads to an empty skb
[  112.738768][ T6094] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  115.742002][ T6117] Bluetooth: MGMT ver 1.22
[  116.808948][ T6126] loop0: detected capacity change from 0 to 4096
[  116.843148][ T6126] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  117.039773][ T6126] ntfs3: loop0: ino=1b, "file0" The size of extended attributes must not exceed 64KiB
[  117.695961][ T6134] loop0: detected capacity change from 0 to 128
[  117.836981][ T5799] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  117.928849][ T6134] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  117.940898][ T6134] hpfs: filesystem error: improperly stopped
[  117.948038][ T6134] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  117.955876][ T6134] hpfs: You really don't want any checks? You are crazy...
[  117.964995][ T6134] hpfs: hpfs_map_sector(): read error
[  117.970493][ T6134] hpfs: code page support is disabled
[  117.984568][ T6134] hpfs: hpfs_map_4sectors(): unaligned read
[  117.992167][ T6134] hpfs: hpfs_map_4sectors(): unaligned read
[  117.998235][ T6134] hpfs: filesystem error: unable to find root dir
[  118.030803][ T5799] Bluetooth: hci0: command 0x1407 tx timeout
[  118.228427][ T6128] loop1: detected capacity change from 0 to 32768
[  118.893136][ T6128] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.52 (6128)
[  119.259963][ T6137] loop2: detected capacity change from 0 to 131072
[  119.305782][ T6137] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[  119.313003][ T6137] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  119.326946][ T6137] F2FS-fs (loop2): invalid crc value
[  119.405309][ T6128] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  119.441200][ T6137] F2FS-fs (loop2): Found nat_bits in checkpoint
[  119.521769][ T6128] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  119.531398][ T6137] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  119.538771][ T6137] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  120.196016][ T6128] BTRFS info (device loop1): setting nodatacow, compression disabled
[  120.249291][ T6128] BTRFS info (device loop1): setting datacow
[  120.255336][ T6128] BTRFS info (device loop1): doing ref verification
[  120.262104][ T6128] BTRFS info (device loop1): force clearing of disk cache
[  120.271514][ T6128] BTRFS info (device loop1): setting datasum
[  120.292423][ T6128] BTRFS info (device loop1): turning on sync discard
[  120.325849][ T6128] BTRFS info (device loop1): doing ref verification
[  120.344887][ T6128] BTRFS info (device loop1): enabling ssd optimizations
[  120.374430][ T6128] BTRFS info (device loop1): using spread ssd allocation scheme
[  120.423704][ T6128] BTRFS info (device loop1): using free space tree
[  120.431351][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  120.439834][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  120.449767][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  120.459789][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  120.473175][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  120.482955][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  120.509799][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  120.551509][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  120.600071][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  120.612525][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  120.691813][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  120.751825][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  120.783694][ T6128] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  120.819140][ T6128] BTRFS error (device loop1): open_ctree failed: -12
[  121.102855][ T5798] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by udevd (5798)
[  121.517714][ T6159] loop0: detected capacity change from 0 to 32768
[  121.588257][ T6159] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.59 (6159)
[  121.657149][ T6159] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  121.695206][ T6159] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  121.712778][ T6159] BTRFS info (device loop0): using free space tree
[  121.922218][ T6190] loop3: detected capacity change from 0 to 256
[  121.936948][ T6190] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  121.966928][ T6159] BTRFS info (device loop0): enabling ssd optimizations
[  121.973925][ T6159] BTRFS info (device loop0): auto enabling async discard
[  121.992440][ T6190] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  122.052836][ T6190] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  122.564418][ T5788] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  123.649007][ T6195] Invalid option length (377) for dns_resolver key
[  124.173135][ T6202] loop1: detected capacity change from 0 to 8
[  124.207869][ T6202] SQUASHFS error: Unknown inode type 8194 in squashfs_iget!
[  124.244072][ T5798] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  124.396756][ T5790] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  124.591237][ T5790] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  124.614744][ T5790] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  124.638012][ T5790] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  124.660950][ T5790] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  124.686353][ T5790] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  124.716655][ T5790] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  124.742649][ T5790] usb 1-1: string descriptor 0 read error: -22
[  124.764411][ T5790] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  124.846717][ T5790] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.886467][ T5790] usb 1-1: config 0 descriptor??
[  124.894521][ T6206] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  124.921184][ T5790] hub 1-1:0.0: bad descriptor, ignoring hub
[  124.929502][ T5790] hub: probe of 1-1:0.0 failed with error -5
[  124.958072][ T5790] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6
[  125.190995][ T6217] loop1: detected capacity change from 0 to 32768
[  125.321735][    T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  125.324315][ T6217] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  125.347824][ T6217] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  125.359564][ T6217] BTRFS info (device loop1): setting nodatacow, compression disabled
[  125.367743][ T6217] BTRFS info (device loop1): setting datacow
[  125.373904][ T6217] BTRFS info (device loop1): doing ref verification
[  125.380949][ T6217] BTRFS info (device loop1): force clearing of disk cache
[  125.389107][ T6217] BTRFS info (device loop1): setting datasum
[  125.395133][ T6217] BTRFS info (device loop1): turning on sync discard
[  125.402138][ T6217] BTRFS info (device loop1): doing ref verification
[  125.801212][ T6217] BTRFS info (device loop1): enabling ssd optimizations
[  126.014071][ T6217] BTRFS info (device loop1): using spread ssd allocation scheme
[  126.067785][ T6217] BTRFS info (device loop1): using free space tree
[  126.139421][ T6217] BTRFS info (device loop1): rebuilding free space tree
[  126.180436][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  126.200509][    T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  126.221405][    T8] usb 3-1: New USB device found, idVendor=06cd, idProduct=010c, bcdDevice= a.f0
[  126.237461][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.256476][    T8] usb 3-1: Product: syz
[  126.266601][    T8] usb 3-1: Manufacturer: syz
[  126.276651][    T8] usb 3-1: SerialNumber: syz
[  126.290023][    T8] usb 3-1: config 0 descriptor??
[  126.309232][    T8] keyspan 3-1:0.0: Keyspan 1 port adapter converter detected
[  126.327017][    T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 84
[  126.347770][    T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81
[  126.356498][    T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 1
[  126.391149][    T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2
[  126.413671][    T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 83
[  126.426686][    T8] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 3
[  126.467703][    T8] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  126.536334][ T6219] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.572719][ T6219] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.933216][ T6241] trusted_key: encrypted_key: insufficient parameters specified
[  126.955301][ T6241] process 'syz.2.71' launched './file0' with NULL argv: empty string added
[  127.038357][ T6242] BTRFS info (device loop1): scrub: started on devid 1
[  128.633292][ T6242] BTRFS info (device loop1): scrub: finished on devid 1 with status: 0
[  128.779520][    T8] usb 3-1: USB disconnect, device number 2
[  128.791527][    T8] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  128.802276][    T8] keyspan 3-1:0.0: device disconnected
[  129.039358][ T5790] usb 1-1: USB disconnect, device number 2
[  129.053271][ T5789] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  130.256857][ T6261] loop0: detected capacity change from 0 to 256
[  130.283621][ T6261] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  130.327583][ T6264] loop2: detected capacity change from 0 to 64
[  130.353418][ T6261] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  130.433346][ T6261] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  130.556370][   T28] audit: type=1800 audit(1757574601.318:3): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.77" name="file1" dev="loop2" ino=21 res=0 errno=0
[  132.101402][ T6282] loop2: detected capacity change from 0 to 2048
[  132.185612][ T6282] UDF-fs: bad mount option "session=000000" or missing value
[  132.986496][ T6291] loop1: detected capacity change from 0 to 512
[  133.112985][ T6291] ext4: Unknown parameter 'context'
[  133.126445][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  133.133639][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  134.079407][ T6296] geneve2: entered promiscuous mode
[  134.104979][ T6296] geneve2: entered allmulticast mode
[  134.661831][ T5887] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[  135.456627][    T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  135.579549][ T5887] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  135.588081][ T5887] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  135.596192][ T5887] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  135.599473][ T6312] loop1: detected capacity change from 0 to 4096
[  135.609077][ T5887] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  135.623152][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  135.646655][    T8] usb 4-1: Using ep0 maxpacket: 8
[  135.654582][ T5887] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  135.669591][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  135.689049][ T6312] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.692979][    T8] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xEE, skipping
[  135.723408][ T6314] syzkaller0: entered promiscuous mode
[  135.729256][ T6314] syzkaller0: entered allmulticast mode
[  135.920892][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  135.933396][    T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[  135.943470][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  135.953883][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 65535, setting to 1024
[  135.966408][    T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 1024
[  135.980572][ T5887] usb 3-1: string descriptor 0 read error: -22
[  135.986961][ T5887] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  135.997050][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.014441][ T5887] usb 3-1: config 0 descriptor??
[  136.027304][    T8] usb 4-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  136.030758][ T6301] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  136.063758][ T5887] hub 3-1:0.0: bad descriptor, ignoring hub
[  136.070665][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.104559][ T5887] hub: probe of 3-1:0.0 failed with error -5
[  136.112037][    T8] usb 4-1: Product: syz
[  136.116243][    T8] usb 4-1: Manufacturer: syz
[  136.127594][ T6319] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.89: corrupted inode contents
[  136.151145][    T8] usb 4-1: SerialNumber: syz
[  136.160361][ T5887] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input7
[  136.191382][    T8] usb 4-1: config 0 descriptor??
[  136.228440][ T6319] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #15: comm syz.1.89: mark_inode_dirty error
[  136.237199][ T6305] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  136.266416][ T6305] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  136.313267][ T6319] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.89: corrupted inode contents
[  136.411515][    T8] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  136.497947][ T6319] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.89: mark_inode_dirty error
[  137.086652][ T6319] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.89: corrupted inode contents
[  137.112351][ T6319] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.89: mark_inode_dirty error
[  137.124844][ T6319] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.89: corrupted inode contents
[  137.222135][ T6319] EXT4-fs error (device loop1): ext4_truncate:4288: inode #15: comm syz.1.89: mark_inode_dirty error
[  137.272593][ T6319] EXT4-fs error (device loop1) in ext4_setattr:5645: Corrupt filesystem
[  137.282638][    T8] snd-usb-audio: probe of 4-1:0.0 failed with error -2
[  137.338110][    T8] usb 4-1: USB disconnect, device number 2
[  137.404267][ T6320] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.89: corrupted inode contents
[  137.495190][ T5804] udevd[5804]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  137.522534][ T6319] syz.1.89 (6319) used greatest stack depth: 20560 bytes left
[  138.206425][ T5887] usb 3-1: USB disconnect, device number 3
[  138.454835][ T5789] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  138.519857][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.630528][ T6341] loop3: detected capacity change from 0 to 64
[  140.730079][ T5799] Bluetooth: hci3: unexpected cc 0x203c length: 9 > 1
[  140.754713][   T28] audit: type=1800 audit(1757574611.518:4): pid=6341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.95" name="file1" dev="loop3" ino=21 res=0 errno=0
[  140.856015][   T28] audit: type=1326 audit(1757574611.618:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.95" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe16cb8eba9 code=0x0
[  140.966238][ T6348] loop1: detected capacity change from 0 to 256
[  141.049198][ T6348] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  141.112223][ T6348] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  141.362092][ T6348] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  142.837388][ T6361] loop1: detected capacity change from 0 to 4096
[  142.902101][ T6361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.237044][ T6365] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.101: corrupted inode contents
[  143.358780][ T6365] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #15: comm syz.1.101: mark_inode_dirty error
[  143.409846][ T6365] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.101: corrupted inode contents
[  143.515276][ T6365] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.101: mark_inode_dirty error
[  143.662987][ T6365] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.101: corrupted inode contents
[  143.811197][ T6365] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.101: mark_inode_dirty error
[  143.979962][ T6365] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.101: corrupted inode contents
[  144.040928][ T6365] EXT4-fs error (device loop1): ext4_truncate:4288: inode #15: comm syz.1.101: mark_inode_dirty error
[  144.085079][ T6365] EXT4-fs error (device loop1) in ext4_setattr:5645: Corrupt filesystem
[  144.132087][ T6366] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.101: corrupted inode contents
[  144.816250][ T6354] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  144.841624][ T6354] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0
[  145.027511][ T5789] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  145.068408][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.706503][ T6391] loop0: detected capacity change from 0 to 256
[  146.804523][ T6391] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  146.977844][ T6391] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  146.992802][ T6391] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  148.732732][ T6405] netlink: 20 bytes leftover after parsing attributes in process `syz.3.112'.
[  149.539876][ T6411] binder: 6408:6411 ioctl 4018620d 0 returned -22
[  149.864405][ T6418] netlink: 'syz.3.118': attribute type 10 has an invalid length.
[  149.906500][ T6418] 8021q: adding VLAN 0 to HW filter on device team0
[  149.933493][ T6418] bond0: (slave team0): Enslaving as an active interface with an up link
[  151.617349][ T6434] loop3: detected capacity change from 0 to 40427
[  151.647370][ T6434] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  151.655097][ T6434] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  151.667340][ T6434] F2FS-fs (loop3): invalid crc value
[  151.677293][ T6434] F2FS-fs (loop3): Found nat_bits in checkpoint
[  151.767368][ T6434] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  151.774510][ T6434] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  151.909738][ T6413] loop2: detected capacity change from 0 to 32768
[  153.116694][ T5799] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  153.126560][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  153.832858][ T6456] netlink: 'syz.3.129': attribute type 10 has an invalid length.
[  154.032220][ T6456] team0: Port device wlan1 added
[  154.493791][ T6439] loop0: detected capacity change from 0 to 32768
[  154.527616][ T6459] loop2: detected capacity change from 0 to 256
[  154.556849][ T6439] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.597941][ T6459] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  154.673262][ T6459] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  154.776261][ T6459] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  154.802236][ T6451] loop1: detected capacity change from 0 to 32768
[  155.898295][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  156.011606][ T6451] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  156.093647][ T6439] XFS (loop0): Ending clean mount
[  156.133036][ T6439] XFS (loop0): Quotacheck needed: Please wait.
[  156.212253][ T6439] XFS (loop0): Quotacheck: Done.
[  156.269340][ T5788] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.342560][ T5789] ocfs2: Unmounting device (7,1) on (node local)
[  156.466654][ T5850] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  156.680305][ T5850] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.691412][ T5850] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.723831][ T5850] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  156.733640][ T5850] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  156.752189][ T5850] usb 4-1: SerialNumber: syz
[  157.107040][ T6489] loop1: detected capacity change from 0 to 512
[  157.119280][ T6489] ext4: Unknown parameter 'smackfsdef'
[  157.547962][ T5850] usb 4-1: 0:2 : does not exist
[  157.576458][ T5803] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  157.630650][ T6488] binder: 6487:6488 unknown command 1074553619
[  157.636956][ T6488] binder: 6487:6488 ioctl c0306201 200000000540 returned -22
[  157.669688][ T5850] usb 4-1: USB disconnect, device number 3
[  157.771078][ T6322] udevd[6322]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  159.702537][ T6507] loop3: detected capacity change from 0 to 1024
[  161.166122][ T6518] trusted_key: encrypted_key: insufficient parameters specified
[  161.651539][ T1080] hfsplus: b-tree write err: -5, ino 4
[  161.853258][ T6524] loop3: detected capacity change from 0 to 256
[  162.116702][ T6524] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  162.296641][ T6524] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  162.398618][ T6524] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  162.422129][ T6528] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  162.430334][ T6528] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  165.241706][ T6533] loop2: detected capacity change from 0 to 262144
[  165.258996][ T6533] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 scanned by syz.2.148 (6533)
[  165.294969][ T6533] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  165.305265][ T6533] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  165.314778][ T6533] BTRFS info (device loop2): using free space tree
[  165.389951][ T6533] BTRFS info (device loop2): enabling ssd optimizations
[  165.547680][ T6533] BTRFS info (device loop2): balance: start -d -m -s
[  165.579566][ T6533] BTRFS info (device loop2): relocating block group 30408704 flags metadata|dup
[  165.668406][ T6533] BTRFS info (device loop2): found 3 extents, stage: move data extents
[  165.720588][ T6533] BTRFS info (device loop2): relocating block group 22020096 flags system|dup
[  165.776419][ T6533] BTRFS info (device loop2): balance: canceled
[  165.851632][ T5787] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  167.049014][ T6581] loop0: detected capacity change from 0 to 128
[  167.305492][ T6581] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  167.317669][ T6581] hpfs: filesystem error: improperly stopped
[  167.323772][ T6581] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  167.332068][ T6581] hpfs: You really don't want any checks? You are crazy...
[  167.340843][ T6581] hpfs: hpfs_map_sector(): read error
[  167.346292][ T6581] hpfs: code page support is disabled
[  167.373983][ T6581] hpfs: hpfs_map_4sectors(): unaligned read
[  167.380783][ T6581] hpfs: hpfs_map_4sectors(): unaligned read
[  167.386841][ T6581] hpfs: filesystem error: unable to find root dir
[  170.425390][ T6612] loop0: detected capacity change from 0 to 256
[  170.456471][ T6612] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  170.540807][ T6612] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  170.635843][ T6612] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  171.392106][ T6621] loop0: detected capacity change from 0 to 128
[  171.666886][ T5799] Bluetooth: hci0: command 0x1407 tx timeout
[  171.676661][   T50] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  171.957719][ T6621] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  171.969847][ T6621] hpfs: filesystem error: improperly stopped
[  171.975891][ T6621] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  171.983810][ T6621] hpfs: You really don't want any checks? You are crazy...
[  171.991401][ T6621] hpfs: hpfs_map_sector(): read error
[  171.996840][ T6621] hpfs: code page support is disabled
[  172.002333][ T6621] hpfs: hpfs_map_4sectors(): unaligned read
[  172.008441][ T6621] hpfs: hpfs_map_4sectors(): unaligned read
[  172.015010][ T6621] hpfs: filesystem error: unable to find root dir
[  173.316881][ T6629] netlink: 'syz.0.169': attribute type 10 has an invalid length.
[  173.367454][ T6629] 8021q: adding VLAN 0 to HW filter on device team0
[  173.395895][ T6629] bond0: (slave team0): Enslaving as an active interface with an up link
[  173.630636][ T6642] loop2: detected capacity change from 0 to 256
[  173.664201][ T6642] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  173.702536][ T6642] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  173.770078][ T6642] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  174.642496][ T6656] loop3: detected capacity change from 0 to 128
[  174.686198][ T6656] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  174.698400][ T6656] hpfs: filesystem error: improperly stopped
[  174.704481][ T6656] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  174.712359][ T6656] hpfs: You really don't want any checks? You are crazy...
[  174.721143][ T6656] hpfs: hpfs_map_sector(): read error
[  174.726706][ T6656] hpfs: code page support is disabled
[  174.742609][ T6656] hpfs: hpfs_map_4sectors(): unaligned read
[  174.749658][ T6656] hpfs: hpfs_map_4sectors(): unaligned read
[  174.755953][ T6656] hpfs: filesystem error: unable to find root dir
[  175.394751][ T6662] loop3: detected capacity change from 0 to 512
[  175.561996][ T6662] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  175.783798][ T6662] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  176.049291][ T5799] Bluetooth: hci0: command 0x1407 tx timeout
[  176.055426][   T50] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  176.120105][ T6662] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.180: bad orphan inode 131083
[  176.183685][ T6662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.281216][ T6658] loop0: detected capacity change from 0 to 32768
[  176.323208][ T6658] JBD2: Ignoring recovery information on journal
[  176.385618][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.440153][ T6658] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  176.590435][ T6658] syz.0.178 (6658) used greatest stack depth: 18736 bytes left
[  176.671905][ T5788] ocfs2: Unmounting device (7,0) on (node local)
[  177.192663][ T6682] loop1: detected capacity change from 0 to 256
[  177.401057][ T6682] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  177.477552][ T6682] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  177.512472][ T6682] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  178.161928][ T6692] loop3: detected capacity change from 0 to 128
[  178.283049][ T6692] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  178.295301][ T6692] hpfs: filesystem error: improperly stopped
[  178.301749][ T6692] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  178.309861][ T6692] hpfs: You really don't want any checks? You are crazy...
[  178.319570][ T6692] hpfs: hpfs_map_sector(): read error
[  178.325029][ T6692] hpfs: code page support is disabled
[  178.335815][ T6692] hpfs: hpfs_map_4sectors(): unaligned read
[  178.343412][ T6692] hpfs: hpfs_map_4sectors(): unaligned read
[  178.349500][ T6692] hpfs: filesystem error: unable to find root dir
[  178.529508][ T6691] loop0: detected capacity change from 0 to 4096
[  178.694819][ T6691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.764785][ T6705] loop1: detected capacity change from 0 to 4096
[  179.788401][ T6705] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  179.903302][ T6709] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  179.933609][ T6705] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  179.955957][ T6705] ntfs3: loop1: Failed to initialize $Extend/$ObjId.
[  180.317919][ T6713] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #15: comm syz.0.184: corrupted inode contents
[  180.421814][ T6713] EXT4-fs error (device loop0): ext4_dirty_inode:6106: inode #15: comm syz.0.184: mark_inode_dirty error
[  180.506012][ T6713] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #15: comm syz.0.184: corrupted inode contents
[  180.633185][ T6713] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #15: comm syz.0.184: mark_inode_dirty error
[  180.949218][ T6713] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #15: comm syz.0.184: corrupted inode contents
[  181.366822][ T6713] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #15: comm syz.0.184: mark_inode_dirty error
[  181.385040][ T6713] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #15: comm syz.0.184: corrupted inode contents
[  181.406320][ T6713] EXT4-fs error (device loop0): ext4_truncate:4288: inode #15: comm syz.0.184: mark_inode_dirty error
[  181.479114][ T6713] EXT4-fs error (device loop0) in ext4_setattr:5645: Corrupt filesystem
[  181.675766][ T6718] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #15: comm syz.0.184: corrupted inode contents
[  181.692430][ T6732] loop1: detected capacity change from 0 to 256
[  181.757923][ T6732] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  181.800019][ T6732] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  181.921382][ T6734] loop2: detected capacity change from 0 to 128
[  181.979949][ T6734] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  181.992048][ T6734] hpfs: filesystem error: improperly stopped
[  181.998229][ T6734] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  182.006046][ T6734] hpfs: You really don't want any checks? You are crazy...
[  182.014871][ T6734] hpfs: hpfs_map_sector(): read error
[  182.020382][ T6734] hpfs: code page support is disabled
[  182.043544][ T6734] hpfs: hpfs_map_4sectors(): unaligned read
[  182.050913][ T6734] hpfs: hpfs_map_4sectors(): unaligned read
[  182.057249][ T6734] hpfs: filesystem error: unable to find root dir
[  182.204053][ T6732] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  183.793582][ T5788] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  183.898350][ T6745] netlink: 2052 bytes leftover after parsing attributes in process `syz.1.200'.
[  183.902676][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.911005][ T6745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.200'.
[  186.192419][ T6768] loop3: detected capacity change from 0 to 128
[  187.858968][ T6772] loop2: detected capacity change from 0 to 256
[  187.878393][ T6772] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  187.951505][ T6772] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  188.110318][ T6772] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  189.763829][ T6789] netlink: 'syz.1.211': attribute type 10 has an invalid length.
[  189.897506][ T6789] team0: Port device wlan1 added
[  190.232835][ T6793] loop0: detected capacity change from 0 to 128
[  190.298687][ T6793] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  190.361991][ T6793] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  190.434388][ T6793] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  190.466200][    C0] vkms_vblank_simulate: vblank timer overrun
[  191.363787][ T6807] loop2: detected capacity change from 0 to 1024
[  191.384452][ T6807] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  191.412944][ T6807] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  191.756691][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  191.760097][ T6812] loop1: detected capacity change from 0 to 128
[  191.838258][ T6807] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  191.872281][ T5788] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  191.883196][ T6807] EXT4-fs (loop2): orphan cleanup on readonly fs
[  191.891657][ T6807] EXT4-fs error (device loop2): ext4_free_blocks:6676: comm syz.2.218: Freeing blocks not in datazone - block = 0, count = 4096
[  191.909596][ T6807] EXT4-fs (loop2): Remounting filesystem read-only
[  191.917484][ T6807] EXT4-fs (loop2): 1 orphan inode deleted
[  191.924642][ T6807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  193.149282][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.164049][ T6829] loop1: detected capacity change from 0 to 256
[  194.199459][ T6829] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  194.329609][ T6829] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  195.771663][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  195.781351][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  196.135163][ T6839] netlink: 'syz.0.224': attribute type 10 has an invalid length.
[  196.581446][ T6829] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  196.699912][ T6839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.711374][ T6839] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  197.466790][ T6848] loop0: detected capacity change from 0 to 764
[  197.818625][ T6856] loop3: detected capacity change from 0 to 24
[  197.860233][ T6856] romfs: bad initial checksum on dev loop3.
[  197.877597][ T6857] loop1: detected capacity change from 0 to 256
[  197.923910][ T5803] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  197.929588][ T6848] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  197.978882][ T6848] ref_ctr increment failed for inode: 0x102 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88807ed94c00
[  199.164503][ T6865] loop1: detected capacity change from 0 to 512
[  199.689483][ T6877] loop1: detected capacity change from 0 to 256
[  199.821818][ T6877] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  199.986097][ T6877] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  200.335217][ T6877] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  201.042214][ T6892] loop1: detected capacity change from 0 to 256
[  201.082991][ T6892] FAT-fs (loop1): Directory bread(block 64) failed
[  201.095617][ T6892] FAT-fs (loop1): Directory bread(block 65) failed
[  201.120673][ T6892] FAT-fs (loop1): Directory bread(block 66) failed
[  201.148823][ T6892] FAT-fs (loop1): Directory bread(block 67) failed
[  201.173822][ T6892] FAT-fs (loop1): Directory bread(block 68) failed
[  201.194647][ T6892] FAT-fs (loop1): Directory bread(block 69) failed
[  201.215807][ T6892] FAT-fs (loop1): Directory bread(block 70) failed
[  201.239198][ T6892] FAT-fs (loop1): Directory bread(block 71) failed
[  201.246131][ T6892] FAT-fs (loop1): Directory bread(block 72) failed
[  201.265481][ T6892] FAT-fs (loop1): Directory bread(block 73) failed
[  201.325549][ T6892] syz.1.240: attempt to access beyond end of device
[  201.325549][ T6892] loop1: rw=2051, sector=1192, nr_sectors = 32 limit=256
[  201.664388][ T5794] Bluetooth: hci3: command 0x0406 tx timeout
[  201.670755][ T5794] Bluetooth: hci2: command 0x0406 tx timeout
[  201.676898][ T5802] Bluetooth: hci1: command 0x0406 tx timeout
[  201.682986][ T5794] Bluetooth: hci0: command 0x1407 tx timeout
[  202.130106][ T6908] netlink: 'syz.2.244': attribute type 10 has an invalid length.
[  202.748280][ T6908] team0: Port device wlan1 added
[  203.552020][ T6904] sp0: Synchronizing with TNC
[  205.487172][ T6916] loop1: detected capacity change from 0 to 128
[  205.649617][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  205.788015][ T6916] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  205.799796][ T6916] hpfs: filesystem error: improperly stopped
[  205.806222][ T6916] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  205.814007][ T6916] hpfs: You really don't want any checks? You are crazy...
[  205.821554][ T6916] hpfs: hpfs_map_sector(): read error
[  205.826974][ T6916] hpfs: code page support is disabled
[  205.832440][ T6916] hpfs: hpfs_map_4sectors(): unaligned read
[  205.838489][ T6916] hpfs: hpfs_map_4sectors(): unaligned read
[  205.844383][ T6916] hpfs: filesystem error: unable to find root dir
[  205.962586][ T6920] loop2: detected capacity change from 0 to 256
[  206.068145][ T6922] loop3: detected capacity change from 0 to 64
[  206.120468][ T6920] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  206.147856][ T6920] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  206.251578][ T6920] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  206.353010][ T6926] loop0: detected capacity change from 0 to 128
[  206.620309][ T6926] EXT4-fs (loop0): Test dummy encryption mode enabled
[  206.709928][ T6926] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  207.979165][ T6926] ext4 filesystem being mounted at /49/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  208.587000][ T6924] loop1: detected capacity change from 0 to 262144
[  208.667613][ T6924] F2FS-fs (loop1): invalid crc value
[  208.681927][ T6924] F2FS-fs (loop1): Found nat_bits in checkpoint
[  208.729293][ T6924] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  208.851411][ T6946] netlink: 60 bytes leftover after parsing attributes in process `syz.2.253'.
[  208.870823][ T6926] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  209.243268][ T6951] netlink: 'syz.3.254': attribute type 10 has an invalid length.
[  209.717787][ T6937] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  210.031620][ T5788] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  210.563129][ T6966] loop0: detected capacity change from 0 to 128
[  210.759220][ T6966] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  210.775011][ T6966] hpfs: filesystem error: improperly stopped
[  210.781172][ T6966] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  210.789024][ T6966] hpfs: You really don't want any checks? You are crazy...
[  210.797702][ T6966] hpfs: hpfs_map_sector(): read error
[  210.803178][ T6966] hpfs: code page support is disabled
[  210.829299][ T6966] hpfs: hpfs_map_4sectors(): unaligned read
[  210.835908][ T6966] hpfs: hpfs_map_4sectors(): unaligned read
[  210.841923][ T6966] hpfs: filesystem error: unable to find root dir
[  211.196562][ T5103] Bluetooth: hci0: command 0x1407 tx timeout
[  211.382881][ T6972] loop2: detected capacity change from 0 to 256
[  211.426841][ T6972] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  211.462748][ T6972] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  211.493983][ T6972] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  214.524932][ T6985] loop0: detected capacity change from 0 to 64
[  214.551712][ T6985] hfs: unable to locate alternate MDB
[  214.557713][ T6985] hfs: continuing without an alternate MDB
[  214.849785][ T6998] loop3: detected capacity change from 0 to 128
[  216.014489][ T6998] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  216.026364][ T6998] hpfs: filesystem error: improperly stopped
[  216.032482][ T6998] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  216.040265][ T6998] hpfs: You really don't want any checks? You are crazy...
[  216.048182][ T6998] hpfs: hpfs_map_sector(): read error
[  216.053585][ T6998] hpfs: code page support is disabled
[  216.059247][ T6998] hpfs: hpfs_map_4sectors(): unaligned read
[  216.065275][ T6998] hpfs: hpfs_map_4sectors(): unaligned read
[  216.071271][ T6998] hpfs: filesystem error: unable to find root dir
[  216.471069][ T7007] loop3: detected capacity change from 0 to 256
[  216.490244][ T7007] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  216.501497][ T7007] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  216.537991][ T7007] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  216.870934][ T7002] loop2: detected capacity change from 0 to 32768
[  216.910543][ T7002] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  217.008878][ T7002] XFS (loop2): Ending clean mount
[  217.160742][ T5787] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  218.310273][ T7042] loop3: detected capacity change from 0 to 128
[  218.362879][ T7042] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  218.374872][ T7042] hpfs: filesystem error: improperly stopped
[  218.381023][ T7042] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  218.388912][ T7042] hpfs: You really don't want any checks? You are crazy...
[  218.397695][ T7042] hpfs: hpfs_map_sector(): read error
[  218.403670][ T7042] hpfs: code page support is disabled
[  218.410481][ T7042] hpfs: hpfs_map_4sectors(): unaligned read
[  218.417090][ T7042] hpfs: hpfs_map_4sectors(): unaligned read
[  218.423085][ T7042] hpfs: filesystem error: unable to find root dir
[  218.960965][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.282'.
[  219.308619][ T7026] loop1: detected capacity change from 0 to 32768
[  219.377721][ T7049] loop0: detected capacity change from 0 to 128
[  219.402901][ T7049] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  219.410668][ T7026] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  219.441551][ T7049] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  219.633096][ T7061] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.651508][ T7064] loop2: detected capacity change from 0 to 1024
[  219.673804][ T7026] XFS (loop1): Metadata corruption detected at xfs_dinode_verify+0x2b9/0x1140, inode 0x1802 dinode
[  219.686159][ T7064] hfsplus: unable to parse mount options
[  219.723301][ T7026] XFS (loop1): Unmount and run xfs_repair
[  219.880829][ T7061] bond0: (slave rose0): Enslaving as an active interface with an up link
[  219.889644][ T7026] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  219.907777][ T7026] 00000000: 49 4e 80 00 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  219.917177][ T7026] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  219.926245][ T7026] 00000020: 1d cd 65 00 00 00 00 00 34 f7 58 68 7f c1 86 28  ..e.....4.Xh...(
[  220.577904][ T7057] warning: `syz.3.284' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  220.595785][ T7026] 00000030: 34 f7 58 68 7f c1 86 28 00 00 00 00 00 00 00 00  4.Xh...(........
[  220.609329][ T7026] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  220.618859][ T7026] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  220.628076][ T7026] 00000060: ff ff ff ff bc 69 0f 52 00 00 00 00 00 00 00 02  .....i.R........
[  220.636997][ T7026] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08  ................
[  220.646164][ T7026] XFS (loop1): failed to read RT inodes
[  220.858685][ T1072] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  220.873645][ T7073] loop3: detected capacity change from 0 to 256
[  220.962745][ T7073] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  221.014132][ T7073] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  221.127591][ T7073] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  221.870642][ T7095] loop2: detected capacity change from 0 to 128
[  221.940546][ T7095] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  221.952762][ T7095] hpfs: filesystem error: improperly stopped
[  221.958942][ T7095] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  221.966786][ T7095] hpfs: You really don't want any checks? You are crazy...
[  221.975288][ T7095] hpfs: hpfs_map_sector(): read error
[  221.980819][ T7095] hpfs: code page support is disabled
[  222.000566][ T7095] hpfs: hpfs_map_4sectors(): unaligned read
[  222.007204][ T7095] hpfs: hpfs_map_4sectors(): unaligned read
[  222.013197][ T7095] hpfs: filesystem error: unable to find root dir
[  222.155900][ T7097] loop3: detected capacity change from 0 to 1024
[  222.172108][ T7097] hfsplus: unable to parse mount options
[  223.271900][ T7114] loop1: detected capacity change from 0 to 8
[  223.285019][ T7114] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  223.292071][ T5790] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  223.306142][ T6322] udevd[6322]: incorrect cramfs checksum on /dev/loop1
[  223.329078][ T7114] cramfs: Error -3 while decompressing!
[  223.356250][ T7114] cramfs: ffffffff96fda308(26)->ffff88807557a000(4096)
[  223.364331][ T7114] cramfs: bad data blocksize 3489655184
[  223.371031][ T7114] cramfs: Error -3 while decompressing!
[  223.376906][ T7114] cramfs: ffffffff96fda308(26)->ffff88807557a000(4096)
[  223.384240][   T28] audit: type=1800 audit(1757574694.148:6): pid=7114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.298" name="file2" dev="loop1" ino=348 res=0 errno=0
[  223.412307][ T7089] loop0: detected capacity change from 0 to 32768
[  223.430014][ T7117] loop3: detected capacity change from 0 to 128
[  223.489076][ T7089] JFS: block map error in dbBackSplit
[  223.634258][ T5790] usb 3-1: Using ep0 maxpacket: 8
[  223.644847][ T5790] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  223.686055][ T7089] ERROR: (device loop0): dbDiscardAG: -EIO
[  223.686055][ T7089] 
[  223.800430][ T5790] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  223.865047][ T5790] usb 3-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  223.899834][ T7089] ERROR: (device loop0): remounting filesystem as read-only
[  224.065146][ T7089] syz.0.294: attempt to access beyond end of device
[  224.065146][ T7089] loop0: rw=2051, sector=2629632, nr_sectors = 8192 limit=32768
[  224.095767][ T5790] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  224.317597][ T5790] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  224.350180][ T7089] JFS: sb_issue_discard(ffff88807e91a000, 328704, 1024, GFP_NOFS, 0) = -5 => failed!
[  224.374283][ T5790] usb 3-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  224.409346][ T7089] blkno = 50400, nblocks = 400
[  224.414264][ T7089] ERROR: (device loop0): dbFree: block to be freed is outside the map
[  224.414264][ T7089] 
[  224.445573][ T5790] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  224.481435][ T5790] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  224.569003][ T5790] usb 3-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  224.636292][ T5790] usb 3-1: string descriptor 0 read error: -22
[  224.659530][ T5790] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  224.678693][ T5790] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.728952][ T5790] adutux 3-1:168.0: interrupt endpoints not found
[  224.932303][ T5829] usb 3-1: USB disconnect, device number 4
[  224.986330][ T7140] loop3: detected capacity change from 0 to 1024
[  225.023492][ T7140] hfsplus: unable to parse mount options
[  225.197014][ T7141] loop1: detected capacity change from 0 to 512
[  226.346960][ T7141] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.304: invalid indirect mapped block 4294967295 (level 1)
[  226.408550][ T7141] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.304: invalid indirect mapped block 4294967295 (level 1)
[  226.480630][ T7141] EXT4-fs (loop1): 2 truncates cleaned up
[  226.490984][ T7141] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.577826][ T7147] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  226.828708][ T7148] loop0: detected capacity change from 0 to 256
[  226.845776][ T7148] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  226.921891][ T7148] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  227.121982][ T7148] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  227.686227][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.291760][ T7168] loop2: detected capacity change from 0 to 128
[  228.522018][ T7166] loop3: detected capacity change from 0 to 1024
[  229.349810][ T7166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.536898][ T7166] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.966368][ T7176] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set
[  231.545319][ T7191] loop0: detected capacity change from 0 to 1024
[  231.595014][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.607569][ T7191] hfsplus: unable to parse mount options
[  231.701672][ T6322] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  231.956898][ T7205] loop1: detected capacity change from 0 to 256
[  232.280170][ T7205] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  232.700510][ T7205] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  232.837219][ T7205] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  233.017787][ T7213] loop3: detected capacity change from 0 to 512
[  234.309268][ T7213] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.316: invalid block
[  234.356761][ T7213] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.316: invalid indirect mapped block 4294967295 (level 1)
[  234.375713][ T7213] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.316: invalid indirect mapped block 4294967295 (level 1)
[  234.394713][ T7213] EXT4-fs (loop3): 2 truncates cleaned up
[  234.406344][ T7213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.534870][ T7231] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  235.564136][ T7231] loop0: detected capacity change from 0 to 1024
[  235.624843][ T7229] loop1: detected capacity change from 0 to 764
[  235.697606][ T7231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.728347][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.745398][ T7237] loop2: detected capacity change from 0 to 128
[  235.777138][ T5800] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  236.749524][ T7232] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  236.761045][ T7232] ref_ctr increment failed for inode: 0x1db offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888024d9f200
[  237.090252][ T7246] loop3: detected capacity change from 0 to 512
[  237.181352][ T7246] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  237.287891][ T5788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.306460][ T7246] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128
[  237.341580][ T7253] loop2: detected capacity change from 0 to 1024
[  237.361600][ T7253] hfsplus: unable to parse mount options
[  237.521204][ T7256] loop0: detected capacity change from 0 to 256
[  237.604362][ T7256] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  237.632116][ T7256] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  237.799402][ T7256] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  238.179875][ T5916] usb 4-1: new low-speed USB device number 4 using dummy_hcd
[  238.859472][ T7271] random: crng reseeded on system resumption
[  240.667400][ T5916] usb 4-1: device descriptor read/all, error -71
[  241.076975][ T7281] loop0: detected capacity change from 0 to 128
[  241.986991][ T7281] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  241.998801][ T7281] hpfs: filesystem error: improperly stopped
[  242.004804][ T7281] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  242.012606][ T7281] hpfs: You really don't want any checks? You are crazy...
[  242.020229][ T7281] hpfs: hpfs_map_sector(): read error
[  242.025616][ T7281] hpfs: code page support is disabled
[  242.272565][ T7281] hpfs: hpfs_map_4sectors(): unaligned read
[  242.278630][ T7281] hpfs: hpfs_map_4sectors(): unaligned read
[  242.284548][ T7281] hpfs: filesystem error: unable to find root dir
[  245.410696][ T7309] loop1: detected capacity change from 0 to 256
[  245.463032][ T7309] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  245.496599][ T7309] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  245.553356][ T7309] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  246.420405][ T7321] loop2: detected capacity change from 0 to 128
[  247.512304][ T7321] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  247.524402][ T7321] hpfs: filesystem error: improperly stopped
[  247.530493][ T7321] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  247.538268][ T7321] hpfs: You really don't want any checks? You are crazy...
[  247.545860][ T7321] hpfs: hpfs_map_sector(): read error
[  247.551291][ T7321] hpfs: code page support is disabled
[  247.641168][ T7321] hpfs: hpfs_map_4sectors(): unaligned read
[  247.647400][ T7321] hpfs: hpfs_map_4sectors(): unaligned read
[  247.653663][ T7321] hpfs: filesystem error: unable to find root dir
[  247.746611][  T786] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  248.024214][  T786] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  248.036068][  T786] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  248.054781][  T786] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  248.073529][  T786] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  248.094402][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  248.146757][  T786] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  248.220671][  T786] usb 4-1: string descriptor 0 read error: -22
[  248.280846][  T786] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  248.296772][  T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.167186][  T786] usb 4-1: config 0 descriptor??
[  249.207576][ T7317] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  249.219595][  T786] hub 4-1:0.0: bad descriptor, ignoring hub
[  249.236573][  T786] hub: probe of 4-1:0.0 failed with error -5
[  249.255797][  T786] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input9
[  249.896611][ T5829] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  250.086738][ T5829] usb 3-1: Using ep0 maxpacket: 32
[  250.101369][ T5829] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xA6, skipping
[  250.129638][ T5829] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  250.155049][ T5829] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  250.185999][ T5829] usb 3-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  250.212054][ T5829] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.236228][ T5829] usb 3-1: Product: syz
[  250.240630][ T5829] usb 3-1: Manufacturer: syz
[  250.246213][ T5829] usb 3-1: SerialNumber: syz
[  250.261212][ T5829] usb 3-1: config 0 descriptor??
[  250.491775][ T5790] usb 4-1: USB disconnect, device number 6
[  250.927551][ T7366] loop1: detected capacity change from 0 to 4096
[  251.201652][ T7366] ntfs3: loop1: Failed to load $MFT (-22).
[  254.116988][    T8] usb 3-1: USB disconnect, device number 5
[  254.594116][ T7387] bridge_slave_0: left allmulticast mode
[  254.625731][ T7387] bridge_slave_0: left promiscuous mode
[  254.678328][ T7387] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.778379][ T7387] bridge_slave_1: left allmulticast mode
[  254.784077][ T7387] bridge_slave_1: left promiscuous mode
[  254.863131][ T7387] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.209614][ T7387] bond0: (slave bond_slave_0): Releasing backup interface
[  255.603560][ T7387] bond0: (slave bond_slave_1): Releasing backup interface
[  255.700360][    T8] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  255.712729][ T7387] team0: Port device team_slave_0 removed
[  255.734082][ T7387] team0: Port device team_slave_1 removed
[  255.757997][ T7387] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.765431][ T7387] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.781202][ T7387] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.789406][ T7387] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.833291][ T7387] team0: Port device wlan1 removed
[  255.900530][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  255.916581][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  255.927363][    T8] usb 2-1: config index 0 descriptor too short (expected 1307, got 27)
[  255.946598][    T8] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[  255.954719][    T8] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[  255.974005][    T8] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  256.050524][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  256.060979][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  256.098937][    T8] usb 2-1: string descriptor 0 read error: -22
[  256.112058][    T8] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  256.321287][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  256.332997][ T5103] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  256.339450][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.362102][    T8] usb 2-1: config 0 descriptor??
[  256.368348][ T7396] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  257.142005][    T8] hub 2-1:0.0: bad descriptor, ignoring hub
[  257.156841][    T8] hub: probe of 2-1:0.0 failed with error -5
[  257.173272][    T8] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input10
[  258.365574][ T5888] usb 2-1: USB disconnect, device number 3
[  259.281909][ T7424] loop1: detected capacity change from 0 to 2048
[  259.315173][ T7424] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  259.335900][ T7426] loop2: detected capacity change from 0 to 1024
[  259.390909][ T7426] hfsplus: unable to parse mount options
[  259.708533][ T5916] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  259.805372][ T7430] loop3: detected capacity change from 0 to 4096
[  259.928421][ T6322] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  259.945129][ T5916] usb 3-1: Using ep0 maxpacket: 16
[  260.769481][ T5916] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  260.788102][ T5916] usb 3-1: config 0 has no interface number 0
[  260.798253][ T5916] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  260.807923][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.833661][ T5916] usb 3-1: Product: syz
[  260.840615][ T5916] usb 3-1: Manufacturer: syz
[  260.848407][ T5916] usb 3-1: SerialNumber: syz
[  260.876955][ T5916] usb 3-1: config 0 descriptor??
[  260.908848][ T5916] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  261.732915][ T7426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.765033][ T7426] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.886883][    T8] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  262.036885][ T5916] gspca_spca1528: reg_w err -110
[  262.085894][ T5916] spca1528: probe of 3-1:0.1 failed with error -110
[  262.108082][    T8] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  262.131540][    T8] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  262.186596][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  262.206600][    T8] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  262.226700][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  262.246637][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  262.281465][    T8] usb 4-1: string descriptor 0 read error: -22
[  262.300723][    T8] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  262.316618][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.347505][    T8] usb 4-1: config 0 descriptor??
[  262.362707][ T7446] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  262.371775][    T8] hub 4-1:0.0: bad descriptor, ignoring hub
[  262.385255][    T8] hub: probe of 4-1:0.0 failed with error -5
[  262.411301][    T8] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input11
[  263.592230][ T5888] usb 3-1: USB disconnect, device number 6
[  263.680581][ T7460] binder: BINDER_SET_CONTEXT_MGR already set
[  263.700335][ T7460] binder: 7459:7460 ioctl 40046207 0 returned -16
[  264.802829][ T7470] loop2: detected capacity change from 0 to 64
[  264.861293][   T28] audit: type=1800 audit(1757574735.628:7): pid=7470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.384" name="file1" dev="loop2" ino=21 res=0 errno=0
[  264.893580][ T5888] usb 4-1: USB disconnect, device number 7
[  264.984798][   T28] audit: type=1326 audit(1757574735.748:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.2.384" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c5258eba9 code=0x0
[  265.487166][ T7474] syz.3.385 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  265.736797][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  265.762608][ T5103] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  267.738492][ T7489] loop1: detected capacity change from 0 to 32768
[  267.749486][ T7489] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.391 (7489)
[  267.796328][ T7489] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  267.819619][ T7489] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  267.838613][ T7489] BTRFS info (device loop1): setting nodatacow, compression disabled
[  267.856305][ T7489] BTRFS info (device loop1): setting datacow
[  267.871272][ T7489] BTRFS info (device loop1): doing ref verification
[  267.885380][ T7489] BTRFS info (device loop1): force clearing of disk cache
[  267.901027][ T7489] BTRFS info (device loop1): setting datasum
[  267.914559][ T7489] BTRFS info (device loop1): turning on sync discard
[  267.929908][ T7489] BTRFS info (device loop1): doing ref verification
[  267.945097][ T7489] BTRFS info (device loop1): enabling ssd optimizations
[  267.959614][ T7489] BTRFS info (device loop1): using spread ssd allocation scheme
[  267.980520][ T7489] BTRFS info (device loop1): using free space tree
[  268.111347][ T7489] BTRFS info (device loop1): rebuilding free space tree
[  270.615857][ T5789] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  270.637052][   T27] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  271.922720][   T27] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  272.619024][   T27] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  272.634071][   T27] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  272.646599][   T27] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  272.657701][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  272.667893][   T27] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  272.691103][   T27] usb 4-1: string descriptor 0 read error: -71
[  272.698635][   T27] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  272.708135][   T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.718751][   T27] usb 4-1: config 0 descriptor??
[  272.725668][   T27] usb 4-1: can't set config #0, error -71
[  272.748017][   T27] usb 4-1: USB disconnect, device number 8
[  272.815734][ T7528] loop1: detected capacity change from 0 to 64
[  272.936655][ T5103] Bluetooth: hci0: command 0x1407 tx timeout
[  272.952915][ T5789] hfs: node 4:3 still has 1 user(s)!
[  275.191980][ T7547] loop1: detected capacity change from 0 to 32768
[  275.248219][ T7547] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.404 (7547)
[  275.305769][ T7547] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  275.345620][ T7547] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  275.346666][    T8] usb 4-1: new low-speed USB device number 9 using dummy_hcd
[  275.365568][ T7547] BTRFS info (device loop1): setting nodatacow, compression disabled
[  275.386550][ T7547] BTRFS info (device loop1): setting datacow
[  275.392754][ T7547] BTRFS info (device loop1): doing ref verification
[  275.399548][ T7547] BTRFS info (device loop1): force clearing of disk cache
[  275.406955][ T7547] BTRFS info (device loop1): setting datasum
[  275.412968][ T7547] BTRFS info (device loop1): turning on sync discard
[  275.420244][ T7547] BTRFS info (device loop1): doing ref verification
[  275.426928][ T7547] BTRFS info (device loop1): enabling ssd optimizations
[  275.434288][ T7547] BTRFS info (device loop1): using spread ssd allocation scheme
[  275.442815][ T7547] BTRFS info (device loop1): using free space tree
[  275.579419][    T8] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  275.597041][    T8] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  275.601647][ T7547] BTRFS info (device loop1): rebuilding free space tree
[  275.615382][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  275.624485][    T8] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  275.650436][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  275.676519][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  275.713572][    T8] usb 4-1: string descriptor 0 read error: -22
[  275.739041][    T8] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  275.766539][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.801667][    T8] usb 4-1: config 0 descriptor??
[  275.826675][ T7555] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  275.835501][    T8] hub 4-1:0.0: bad descriptor, ignoring hub
[  275.860693][    T8] hub: probe of 4-1:0.0 failed with error -5
[  275.899908][    T8] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12
[  277.256728][   T50] Bluetooth: hci0: command 0x1407 tx timeout
[  277.263013][ T5103] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  277.869613][ T7583] loop2: detected capacity change from 0 to 40427
[  277.886266][ T5789] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  277.903445][ T7583] F2FS-fs (loop2): build fault injection attr: rate: 14, type: 0x7ffff
[  278.114658][    T8] usb 4-1: USB disconnect, device number 9
[  278.517851][ T7591] loop3: detected capacity change from 0 to 64
[  279.607973][ T7589] loop2: detected capacity change from 0 to 40427
[  279.638200][ T7589] F2FS-fs (loop2): build fault injection attr: rate: 25, type: 0x7ffff
[  279.671982][ T7589] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x7698c
[  279.861863][ T7589] F2FS-fs (loop2): invalid crc value
[  279.878218][ T7589] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920
[  279.944928][ T7589] F2FS-fs (loop2): Found nat_bits in checkpoint
[  280.031812][ T7589] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  280.114116][ T7589] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  280.172292][ T7589] F2FS-fs (loop2): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  280.231074][   T28] audit: type=1800 audit(1757574750.998:9): pid=7589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.412" name="file1" dev="loop2" ino=11 res=0 errno=0
[  280.253002][ T7589] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910
[  280.301754][ T7589] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_map_blocks+0xda5/0x3d60
[  280.422406][ T5787] syz-executor: attempt to access beyond end of device
[  280.422406][ T5787] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  280.475293][ T5787] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  281.320846][ T7610] loop0: detected capacity change from 0 to 32768
[  281.345168][ T7610] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.419 (7610)
[  281.371968][ T7610] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  281.396841][ T7610] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  281.405571][ T7610] BTRFS info (device loop0): setting nodatacow, compression disabled
[  281.426742][ T7610] BTRFS info (device loop0): setting datacow
[  281.432873][ T7610] BTRFS info (device loop0): doing ref verification
[  281.446324][ T7610] BTRFS info (device loop0): force clearing of disk cache
[  281.454418][ T7610] BTRFS info (device loop0): setting datasum
[  281.460868][ T7610] BTRFS info (device loop0): turning on sync discard
[  281.468078][ T7610] BTRFS info (device loop0): doing ref verification
[  281.475106][ T7610] BTRFS info (device loop0): enabling ssd optimizations
[  281.483739][ T7610] BTRFS info (device loop0): using spread ssd allocation scheme
[  281.493834][ T7610] BTRFS info (device loop0): using free space tree
[  281.553794][ T7610] BTRFS info (device loop0): rebuilding free space tree
[  281.912666][ T7636] loop1: detected capacity change from 0 to 40427
[  281.983081][ T7636] F2FS-fs (loop1): invalid crc value
[  281.993260][ T7636] F2FS-fs (loop1): Found nat_bits in checkpoint
[  282.056013][ T7636] F2FS-fs (loop1): Start checkpoint disabled!
[  282.359403][ T7636] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  283.685244][ T5788] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  283.890149][ T1080] kworker/u4:7: attempt to access beyond end of device
[  283.890149][ T1080] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  283.933913][ T1080] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  283.942276][ T1080] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  283.949392][ T1080] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  283.956278][ T1080] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  284.046042][ T7652] netlink: 28 bytes leftover after parsing attributes in process `syz.3.426'.
[  285.143467][ T7659] loop3: detected capacity change from 0 to 256
[  285.596022][ T7659] FAT-fs (loop3): Directory bread(block 64) failed
[  285.636681][ T7659] FAT-fs (loop3): Directory bread(block 65) failed
[  285.661636][ T7659] FAT-fs (loop3): Directory bread(block 66) failed
[  285.702755][ T7659] FAT-fs (loop3): Directory bread(block 67) failed
[  285.737220][ T7659] FAT-fs (loop3): Directory bread(block 68) failed
[  285.756587][ T7659] FAT-fs (loop3): Directory bread(block 69) failed
[  285.766961][ T7659] FAT-fs (loop3): Directory bread(block 70) failed
[  285.783777][ T7659] FAT-fs (loop3): Directory bread(block 71) failed
[  285.796601][ T7659] FAT-fs (loop3): Directory bread(block 72) failed
[  285.813325][ T7659] FAT-fs (loop3): Directory bread(block 73) failed
[  287.842658][ T7678] loop3: detected capacity change from 0 to 8192
[  288.032845][   T28] audit: type=1800 audit(1757574758.758:10): pid=7678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.433" name="file1" dev="loop3" ino=1048623 res=0 errno=0
[  288.988905][ T5103] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  288.995310][ T5103] Bluetooth: hci0: command 0x1407 tx timeout
[  289.076361][   T28] audit: type=1800 audit(1757574758.758:11): pid=7678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.433" name="file1" dev="loop3" ino=1048623 res=0 errno=0
[  289.248830][ T7688] loop2: detected capacity change from 0 to 764
[  289.266060][ T7693] loop1: detected capacity change from 0 to 1024
[  289.822435][   T42] hfsplus: b-tree write err: -5, ino 4
[  291.663394][ T7711] loop2: detected capacity change from 0 to 128
[  291.694869][ T7711] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  291.706913][ T7711] hpfs: filesystem error: improperly stopped
[  291.712977][ T7711] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  291.721226][ T7711] hpfs: You really don't want any checks? You are crazy...
[  291.729725][ T7711] hpfs: hpfs_map_sector(): read error
[  291.735164][ T7711] hpfs: code page support is disabled
[  291.741992][ T7711] hpfs: hpfs_map_4sectors(): unaligned read
[  291.748419][ T7711] hpfs: hpfs_map_4sectors(): unaligned read
[  291.754365][ T7711] hpfs: filesystem error: unable to find root dir
[  293.002530][ T7715] sp0: Synchronizing with TNC
[  293.029223][ T7722] loop2: detected capacity change from 0 to 764
[  293.352363][ T7730] loop3: detected capacity change from 0 to 2048
[  293.381219][ T7730] UDF-fs: bad mount option "session=000000" or missing value
[  295.628364][ T7747] loop2: detected capacity change from 0 to 8
[  296.877452][ T7765] overlayfs: failed to resolve './bus': -2
[  297.052122][ T7765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.458'.
[  297.061290][ T7765] netlink: 36 bytes leftover after parsing attributes in process `syz.3.458'.
[  297.096649][ T5103] Bluetooth: hci0: command 0x1407 tx timeout
[  297.102916][   T50] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  297.482762][ T7771] netlink: 44 bytes leftover after parsing attributes in process `syz.3.460'.
[  301.185189][ T7818] loop1: detected capacity change from 0 to 16
[  301.380317][ T6322] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  301.685540][ T7818] loop1: detected capacity change from 0 to 1024
[  301.692414][ T6322] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  301.706081][ T6322] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  301.716882][ T6322] Buffer I/O error on dev loop1, logical block 0, async page read
[  301.718751][ T7818] EXT4-fs: Ignoring removed oldalloc option
[  301.841079][ T7818] EXT4-fs: Ignoring removed bh option
[  301.997846][ T7818] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  302.077577][ T7818] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.226125][ T7836] loop3: detected capacity change from 0 to 128
[  302.276923][ T7836] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  304.290572][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.746026][ T7852] capability: warning: `syz.1.478' uses 32-bit capabilities (legacy support in use)
[  305.068836][ T7857] netlink: 'syz.2.483': attribute type 10 has an invalid length.
[  305.753455][ T7857] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.763246][ T7857] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  306.191728][ T7867] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  306.589029][ T7876] loop0: detected capacity change from 0 to 4096
[  306.685118][ T7879] netlink: 'syz.1.488': attribute type 10 has an invalid length.
[  307.654872][ T7879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.668407][ T7879] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  307.888188][ T7883] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  308.398845][ T7893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.492'.
[  308.453398][ T7893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.492'.
[  308.662709][ T7893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.492'.
[  308.674328][ T7893] netlink: 4 bytes leftover after parsing attributes in process `syz.1.492'.
[  308.683872][ T7893] netlink: 'syz.1.492': attribute type 3 has an invalid length.
[  309.928527][ T7899] netlink: 'syz.3.493': attribute type 10 has an invalid length.
[  310.552084][ T7899] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.563420][ T7899] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  312.050939][ T7911] loop1: detected capacity change from 0 to 32768
[  312.581702][ T7911] ERROR: (device loop1): dbAdjCtl: the maximum free buddy is not the old root
[  312.581702][ T7911] 
[  312.796104][ T5789] BUG: Bad page state in process syz-executor  pfn:30230
[  312.818730][ T5789] page:ffffea0000c08c00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x4 pfn:0x30230
[  312.837816][ T5789] flags: 0xfff1000000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  312.860345][ T5789] page_type: 0xffffffff()
[  312.864894][ T5789] raw: 00fff1000000820c ffffea000075cc88 ffffc900043ef900 0000000000000000
[  312.874385][ T5789] raw: 0000000000000004 ffff88801b39f0f8 00000000ffffffff 0000000000000000
[  312.883628][ T5789] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  312.891651][ T5789] page_owner tracks the page as allocated
[  312.898455][ T5789] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 7911, tgid 7910 (syz.1.499), ts 312580021392, free_ts 311935194996
[  312.925818][ T5789]  post_alloc_hook+0x1cd/0x210
[  312.930815][ T5789]  get_page_from_freelist+0x195c/0x19f0
[  312.936650][ T5789]  __alloc_pages+0x1e3/0x460
[  312.941285][ T5789]  folio_alloc+0x1e/0x30
[  312.945556][ T5789]  filemap_alloc_folio+0xdf/0x470
[  312.966500][ T5789]  do_read_cache_folio+0x36c/0x7e0
[  312.971717][ T5789]  do_read_cache_page+0x32/0x250
[  312.982526][ T5789]  __get_metapage+0x31a/0xfa0
[  312.992858][ T5789]  dbAllocCtl+0xd4/0x9b0
[  313.006517][ T5789]  dbAllocAG+0xc23/0xfe0
[  313.010875][ T5789]  dbDiscardAG+0x2ce/0x8f0
[  313.020375][ T5789]  jfs_ioc_trim+0x42f/0x660
[  313.029362][ T5789]  jfs_ioctl+0x2b9/0x3d0
[  313.039245][ T5789]  __se_sys_ioctl+0xfd/0x170
[  313.048360][ T5789]  do_syscall_64+0x55/0xb0
[  313.057305][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.063877][ T5789] page last free stack trace:
[  313.069036][ T5789]  free_unref_page_prepare+0x7ce/0x8e0
[  313.074539][ T5789]  free_unref_page_list+0xbe/0x860
[  313.080416][ T5789]  release_pages+0x1fa0/0x2220
[  313.085210][ T5789]  tlb_flush_mmu+0x368/0x4f0
[  313.090297][ T5789]  tlb_finish_mmu+0xc3/0x1d0
[  313.094918][ T5789]  exit_mmap+0x3f0/0xb50
[  313.099516][ T5789]  __mmput+0x118/0x3c0
[  313.103685][ T5789]  exit_mm+0x1da/0x2c0
[  313.108254][ T5789]  do_exit+0x88e/0x23c0
[  313.112517][ T5789]  do_group_exit+0x21b/0x2d0
[  313.117595][ T5789]  __x64_sys_exit_group+0x3f/0x40
[  313.123772][ T5789]  do_syscall_64+0x55/0xb0
[  313.128691][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.149888][ T5789] Modules linked in:
[  313.163658][ T5789] CPU: 1 PID: 5789 Comm: syz-executor Not tainted syzkaller #0
[  313.171238][ T5789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.181318][ T5789] Call Trace:
[  313.184608][ T5789]  <TASK>
[  313.187557][ T5789]  dump_stack_lvl+0x16c/0x230
[  313.192254][ T5789]  ? show_regs_print_info+0x20/0x20
[  313.197493][ T5789]  ? swiotlb_print_info+0x70/0x70
[  313.202536][ T5789]  ? dump_page+0xba7/0x14d0
[  313.207082][ T5789]  bad_page+0x14b/0x170
[  313.211281][ T5789]  free_unref_page_prepare+0x887/0x8e0
[  313.216775][ T5789]  free_unref_page_list+0xbe/0x860
[  313.221927][ T5789]  ? __folio_memcg+0x63/0x160
[  313.226628][ T5789]  ? folio_memcg+0x127/0x480
[  313.231244][ T5789]  release_pages+0x1fa0/0x2220
[  313.236043][ T5789]  ? lru_cache_disable+0x30/0x30
[  313.241036][ T5789]  ? mlock_drain_local+0x79/0x490
[  313.246096][ T5789]  ? mlock_drain_local+0x79/0x490
[  313.251137][ T5789]  ? mlock_drain_local+0x28d/0x490
[  313.256260][ T5789]  __folio_batch_release+0x71/0xe0
[  313.261390][ T5789]  truncate_inode_pages_range+0x358/0xf00
[  313.267143][ T5789]  ? mapping_evict_folio+0x510/0x510
[  313.272473][ T5789]  ? proc_nr_inodes+0x230/0x230
[  313.277346][ T5789]  ? do_raw_spin_unlock+0x121/0x230
[  313.282572][ T5789]  ? _raw_spin_unlock+0x28/0x40
[  313.287450][ T5789]  dbUnmount+0x109/0x180
[  313.291720][ T5789]  jfs_umount+0x258/0x3c0
[  313.296090][ T5789]  jfs_put_super+0x8c/0x190
[  313.300610][ T5789]  ? jfs_free_inode+0x30/0x30
[  313.305282][ T5789]  generic_shutdown_super+0x134/0x2b0
[  313.310664][ T5789]  kill_block_super+0x44/0x90
[  313.315334][ T5789]  deactivate_locked_super+0x97/0x100
[  313.320716][ T5789]  cleanup_mnt+0x429/0x4c0
[  313.325166][ T5789]  task_work_run+0x1ce/0x250
[  313.329781][ T5789]  ? task_work_cancel+0x240/0x240
[  313.334827][ T5789]  ? exit_to_user_mode_loop+0x3b/0x110
[  313.340284][ T5789]  exit_to_user_mode_loop+0xe6/0x110
[  313.345565][ T5789]  exit_to_user_mode_prepare+0xb1/0x140
[  313.351116][ T5789]  syscall_exit_to_user_mode+0x1a/0x50
[  313.356582][ T5789]  do_syscall_64+0x61/0xb0
[  313.360990][ T5789]  ? clear_bhb_loop+0x40/0x90
[  313.365657][ T5789]  ? clear_bhb_loop+0x40/0x90
[  313.370341][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.376240][ T5789] RIP: 0033:0x7ff90a18fed7
[  313.380668][ T5789] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  313.400273][ T5789] RSP: 002b:00007ffe23fd0548 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  313.408687][ T5789] RAX: 0000000000000000 RBX: 00007ff90a211c05 RCX: 00007ff90a18fed7
[  313.416660][ T5789] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe23fd0600
[  313.424656][ T5789] RBP: 00007ffe23fd0600 R08: 0000000000000000 R09: 0000000000000000
[  313.432623][ T5789] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe23fd1690
[  313.440592][ T5789] R13: 00007ff90a211c05 R14: 000000000004c56e R15: 00007ffe23fd16d0
[  313.448572][ T5789]  </TASK>
[  313.455311][ T5789] Disabling lock debugging due to kernel taint
[  313.461723][ T5789] BUG: Bad page state in process syz-executor  pfn:1d732
[  313.468823][ T5789] page:ffffea000075cc80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x3 pfn:0x1d732
[  313.479073][ T5789] flags: 0xfff1800000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  313.489618][ T5789] page_type: 0xffffffff()
[  313.493953][ T5789] raw: 00fff1800000820c ffffea0001761788 ffffc900043ef900 0000000000000000
[  313.502887][ T5789] raw: 0000000000000003 ffff8880237ed000 00000000ffffffff 0000000000000000
[  313.511988][ T5789] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  313.519342][ T5789] page_owner tracks the page as allocated
[  313.525060][ T5789] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 7911, tgid 7910 (syz.1.499), ts 312579057158, free_ts 311935207547
[  313.543469][ T5789]  post_alloc_hook+0x1cd/0x210
[  313.548312][ T5789]  get_page_from_freelist+0x195c/0x19f0
[  313.553882][ T5789]  __alloc_pages+0x1e3/0x460
[  313.558612][ T5789]  folio_alloc+0x1e/0x30
[  313.562879][ T5789]  filemap_alloc_folio+0xdf/0x470
[  313.569126][ T5789]  do_read_cache_folio+0x36c/0x7e0
[  313.574299][ T5789]  do_read_cache_page+0x32/0x250
[  313.579292][ T5789]  __get_metapage+0x31a/0xfa0
[  313.583984][ T5789]  dbAllocAG+0x3dc/0xfe0
[  313.588308][ T5789]  dbDiscardAG+0x2ce/0x8f0
[  313.592742][ T5789]  jfs_ioc_trim+0x42f/0x660
[  313.597290][ T5789]  jfs_ioctl+0x2b9/0x3d0
[  313.601537][ T5789]  __se_sys_ioctl+0xfd/0x170
[  313.606117][ T5789]  do_syscall_64+0x55/0xb0
[  313.610607][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.616568][ T5789] page last free stack trace:
[  313.621249][ T5789]  free_unref_page_prepare+0x7ce/0x8e0
[  313.626779][ T5789]  free_unref_page_list+0xbe/0x860
[  313.632332][ T5789]  release_pages+0x1fa0/0x2220
[  313.637159][ T5789]  tlb_flush_mmu+0x368/0x4f0
[  313.641763][ T5789]  tlb_finish_mmu+0xc3/0x1d0
[  313.646366][ T5789]  exit_mmap+0x3f0/0xb50
[  313.650703][ T5789]  __mmput+0x118/0x3c0
[  313.654787][ T5789]  exit_mm+0x1da/0x2c0
[  313.658891][ T5789]  do_exit+0x88e/0x23c0
[  313.663065][ T5789]  do_group_exit+0x21b/0x2d0
[  313.667905][ T5789]  __x64_sys_exit_group+0x3f/0x40
[  313.672947][ T5789]  do_syscall_64+0x55/0xb0
[  313.677430][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.683381][ T5789] Modules linked in:
[  313.687324][ T5789] CPU: 1 PID: 5789 Comm: syz-executor Tainted: G    B              syzkaller #0
[  313.696347][ T5789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.706415][ T5789] Call Trace:
[  313.709695][ T5789]  <TASK>
[  313.712624][ T5789]  dump_stack_lvl+0x16c/0x230
[  313.717301][ T5789]  ? show_regs_print_info+0x20/0x20
[  313.722496][ T5789]  ? swiotlb_print_info+0x70/0x70
[  313.727517][ T5789]  ? dump_page+0xba7/0x14d0
[  313.732023][ T5789]  bad_page+0x14b/0x170
[  313.736200][ T5789]  free_unref_page_prepare+0x887/0x8e0
[  313.741663][ T5789]  free_unref_page_list+0xbe/0x860
[  313.746786][ T5789]  ? __folio_memcg+0x63/0x160
[  313.751460][ T5789]  ? folio_memcg+0x127/0x480
[  313.756046][ T5789]  release_pages+0x1fa0/0x2220
[  313.760812][ T5789]  ? lru_cache_disable+0x30/0x30
[  313.765745][ T5789]  ? mlock_drain_local+0x79/0x490
[  313.770772][ T5789]  ? mlock_drain_local+0x79/0x490
[  313.775801][ T5789]  ? mlock_drain_local+0x28d/0x490
[  313.780910][ T5789]  __folio_batch_release+0x71/0xe0
[  313.786018][ T5789]  truncate_inode_pages_range+0x358/0xf00
[  313.791735][ T5789]  ? mapping_evict_folio+0x510/0x510
[  313.797039][ T5789]  ? proc_nr_inodes+0x230/0x230
[  313.801885][ T5789]  ? do_raw_spin_unlock+0x121/0x230
[  313.807080][ T5789]  ? _raw_spin_unlock+0x28/0x40
[  313.811921][ T5789]  dbUnmount+0x109/0x180
[  313.816168][ T5789]  jfs_umount+0x258/0x3c0
[  313.820504][ T5789]  jfs_put_super+0x8c/0x190
[  313.825007][ T5789]  ? jfs_free_inode+0x30/0x30
[  313.829678][ T5789]  generic_shutdown_super+0x134/0x2b0
[  313.835051][ T5789]  kill_block_super+0x44/0x90
[  313.839731][ T5789]  deactivate_locked_super+0x97/0x100
[  313.845109][ T5789]  cleanup_mnt+0x429/0x4c0
[  313.849524][ T5789]  task_work_run+0x1ce/0x250
[  313.854118][ T5789]  ? task_work_cancel+0x240/0x240
[  313.859149][ T5789]  ? exit_to_user_mode_loop+0x3b/0x110
[  313.864615][ T5789]  exit_to_user_mode_loop+0xe6/0x110
[  313.869922][ T5789]  exit_to_user_mode_prepare+0xb1/0x140
[  313.875470][ T5789]  syscall_exit_to_user_mode+0x1a/0x50
[  313.880931][ T5789]  do_syscall_64+0x61/0xb0
[  313.885343][ T5789]  ? clear_bhb_loop+0x40/0x90
[  313.890018][ T5789]  ? clear_bhb_loop+0x40/0x90
[  313.894690][ T5789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  313.900587][ T5789] RIP: 0033:0x7ff90a18fed7
[  313.904994][ T5789] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  313.924593][ T5789] RSP: 002b:00007ffe23fd0548 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  313.932998][ T5789] RAX: 0000000000000000 RBX: 00007ff90a211c05 RCX: 00007ff90a18fed7
[  313.940965][ T5789] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe23fd0600
[  313.948930][ T5789] RBP: 00007ffe23fd0600 R08: 0000000000000000 R09: 0000000000000000
[  313.956896][ T5789] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe23fd1690
[  313.964860][ T5789] R13: 00007ff90a211c05 R14: 000000000004c56e R15: 00007ffe23fd16d0
[  313.972836][ T5789]  </TASK>
[  316.306538][   T50] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  316.306552][ T5103] Bluetooth: hci0: command 0x1407 tx timeout
[  317.340696][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  317.348213][ T1284] ieee802154 phy1 wpan1: encryption failed: -22