last executing test programs:

1m40.600207372s ago: executing program 1 (id=117):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="2801"], 0x128}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

1m39.273596656s ago: executing program 1 (id=130):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x4b)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="f78d9ca38fff48f3ffb3163448412ba8", 0x10}], 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

1m38.810803426s ago: executing program 1 (id=132):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
sendto$packet(r1, &(0x7f0000000600)="5f0efc", 0xfffffffffffffe4c, 0x44, 0x0, 0x0)

1m38.550984286s ago: executing program 1 (id=135):
socket$inet_udplite(0x2, 0x2, 0x88)
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000002f80)={[{@utf8}, {}, {@uid={'uid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@errors_remount}, {@utf8}, {@errors_remount}, {@dmask={'dmask', 0x3d, 0x4}}, {@time_offset={'time_offset', 0x3d, 0x6}}, {@errors_remount}]}, 0x4, 0x153c, &(0x7f0000003080)="$eJzs3Am4TtX6APD3XWvt45D0dZLhsNZ6N18yLJIkQ5IMSZIkSaaEpJNcSUgcMiUdkpAMh2Q4hGQ4cdIxz/OQkCSdJAnJlKz/c8JV/7r3dkf3uef9Pc9+vvXutdfa7/7eb9uDh286D6nRqGbVBkQE/xS88JEIALEAMAAArgGAAADKxpWNy+zPLjHxn9sJ+9d6KOVKZ8CuJK5/1sb1z9q4/lkb1z9r4/pnbVz/rI3rn7Vx/RnLyjZNy38tL1l34ff/WRlf//+HZJQc88Waktd3AYj5o0O4/lkb1/9/VvBHNuL6Z21c/6wq9konwP4L8PmfFWT7iz1c/6yN689YVnal3z//+xf5V/shkhW+g79y/IwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2H/AaX+ZAoBL7SudF2OMMcYYY4wxxv51fLYrnQFjjDHGGGOMMcb+/RAESFAQQAxkg1jIDjlAAMDVkAuugQhcC3FwHeSG6yEP5IV8kB/ioQAUBA0GLBCEUAgKQxRugCJwIxSFYlAcSoCDklAKboLScDOUgVugLNwK5eA2KA8VoCJUgtuhMtwBVeBOqAp3QTWoDjWgJtwNteAeqA33Qh24D+rC/VAPHoD68CA0gIegITwMjeARaAyPQhNoCs2gObT4h8a/AN3hRegBPSERekFveAn6QF/oB/1hALwMA+EVGASvQhIMhiHwGgyF12EYvAHDYQSMhDdhFLwFo2EMjIVxkAzjYQK8DRPhHZgEk2EKTIUUmAbT4V2YATNhFrwHs+F9mANzYR7Mh1T4ABbAQkiDD2ERfATpsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAw74RPYBbthz5/r9/eMP/WL8Z/CXuiCgIACBSpUGIMxGIuxmANzYE7MibkwF0YwgnEYh7kxN+bBPJgP82E8xmNBLIgGDRISFsJCGMUoFsEiWBSLYnEsjg4dlsJSWBpvxjJYBstiWSyH5bA8VsAKWAkrYWWsjFWwClbFqlgNq2ENrIF3493YC2tjbayDdbAu1r30egobYANsiA2xETbCxtgYm2ATbIbNsAW2wJbYElthK2yDbbAttsV22A4TMAHbY3vsgB2wI3bETtgJO2Nn7IJdsWvGC9kAX8QXsSdWE72wN/bGPpiUrR/2x/74Mg7EV/AVfBWTcDAOwdfwNXwdh+FJHI4jcCSOxMriLRyNY5DEOEzGZJyAE3AiTsRJOBkn41RMwWk4HafjDJyJM/E9nI3v4/s4F+fifEzFVFyACzEN03ARnsJ0XIxLcCkuw+W4DFfiKlyJa3AtrsH1uB434kbcjJtxK27F7bgdP0YFgJ/gbtyNSbgX9+I+3If7cT8ewAOYgRl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxp+XGx1EohMSigRI2JErIgVOUQOkVPkFLlELhEREREn4kRukVvkEXlEPpFPxIt4UVAUFEYYQSKMAQARFVFRRBQRRUVRUVwUF044UUqUEqVFaVFGlBFlxa2inLhNlBcVRGtXSVQSlUUbV0XcKaqKqqKaqC5qiJqipqglaonaoraoI+qIuqKuqCceEPVFL+yHD4nMyjQSg7GxGIJNRFMhL54BLcUwbCVaizbiCTECh2M70dIliKdFezEaO4g/iTH4rOgkxmFn8bzoIrqKbuIF0V20cj1ETzEJe4neYir2EX1FP9FfzMDq4j2cnb2GeFUkicFiiHhNzMfXxTDxhhguRoiR4k0xSrwlRosxYqwYJ5LFeDFBvC0minfEJDFZTBFTRYqYJqaLd8UMMVPMEu+J2eJ9MUfMFfPEfJEqPhALxEKRJj4Ui8RHIl0sFkvEUrFMLBcrxEqxSqwWa8RasU6sFxvERrFJbBZbxFax7fR2sUN8LHaKT8QusVvsEZ+KveIzsU98LvaLL8QB8aXIEF+Jg+JrcUh8Iw6Lb8UR8Z04Ko6J4+J7cUL8IE6KU+K0OCPOih/FOfGTOC+8AIlSSCmVDGSMzCZjZXaZQ14lc8oAev387V4r4+R1Mre8XuaReWU+mV/GywKyoNTSSCtJhrKQLCyj8gZZRN4oi8pisrgsIZ0sKUvJm2RpebMsI2+RZeWtspy8TZaXFWRFWUneLivLOyRELlSwmqwua8ia8m6ZCPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JRPk07K99Bd/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VSXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpPJcrycIN+WE+U7cpKcLKfIqTJFTpP9Ls40S8q/Of7tX47PvPTKaXLQz3vfKDfJzXKL3Cq3ye1yh/xY7pQ75S65S+6Re+ReuVfuk/vkfrlfHpAHZIbMkAflQXlIHpKH5WF5RB6RR+UxeUZ+L0/IH+RJeUqekmfkWXlWnrv4HYBCJZRUSgUqRmVTsSq7yqGuUjnV1SqXukZF1LUqTl2ncqvrVR6VV+VT+VW8KqAKKq2MsopUqAqpwiqqbsCLp6Mqrkoop0qqUuqmv2e8KqJuVEVVsV+Nv5Rf4l/Ir4VqoVqqlqqVaqXaqDaqrWqr2ql2KkElqPaqveqgOqiOqqPqpDqpzqqz6qK6qG6qm+quuqseqodKVImqt3pJ9VF9VT/VXw1QL6uBaqAapAapJJWkhqghaqgaqoapYWq4Gq5GqpFqlBqlRqvRaqwaq5JVspqgJqiJaqKapCapKWqKSlEparqarmaoGWqWmqVmq9lqjpqj5ql5KlWlqgVqgUpTaWqRWqTS1WK1WC1VS9VytVytVCvVarVarVVr1Xq1XqWrTWqT2qK2qG1qm9qhdqidaqfapXapPWqP2qv2qn1qn9qv9qsD6oDKUBnqoDqoDqlD6rA6rI6oI+qoOqqOq+PqhDqhTqqT6rQ6rc6qs+qcOqfOq/MKAgEiEIEKVBATxASxQWyQI8gR5AxyBrmCXEEkiARxQVyQO7g+yBPkDfIF+YP4oEBQMNCBCWwgLhY9GtwQFAluDIoGxYLiQYnABSWDUsFNQeng5qBMcEtQNrg1KBfcFpQPKgQVg0rB7UHl4I6gSnBnUDW4K6gWVA9qBDWDu4NawT1B7eDeoE5wX1A3uD+oFzwQ1A8yf1oPBQ2Dh4NGwSNB4+DRoEnQNGgWNA9a/EvmfzBoEGTO7/3JvI+7HrqnTtS9dG/9ku6j++p+ur8eoF/WA/UrepB+VSfpwXqIfk0P1a/rYfoNPVyP0CP1m3qUfkuP1mP0WD1OJ+vxeoJ+W0/U7+hJerKeoqfqFD1NT9fv6hl6pp6l39Oz9ft6jp6r5+n5OlV/oBfohTpNf6gX6Y90ul6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536I/1Tv2J3qV36z36U71Xf6b36c/1fv2FPqC/1Bn6K31Qf60P6W/0Yf2tPqK/00f1MX1cf69P6B/0SX1Kn9Zn9Fn9oz6nf9Lntc+8uc+8vBtllIkxMSbWxJocJofJaXKaXCaXiZiIiTNxJrfJbfKYPCafyWfiTbwpaAqaTGTIFDKFTNRETRFTxBQ1RU1xU9w440wpU8qUNqVNGVPGlDVlTTlTzpQ35U1FU9Hcbm43d5g7zJ3mTnOXuctUN9VNTVPT1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MM9PMtDAtTEvT0rQyrUwb08a0NW1NO9POJJgE0960Nx1MB9PRdDSdTCfT2XQ2XUwX0810M91Nd9PD9DCJJtH0Nr1NH9PH9DP9zAAzwAw0A80gM8gkmSQzxAwxQ81QM8wMM8PNCDMy80bVvGVGmzFmrBlnkk2ymWAmmIlmoplkJpkpZopJMSlmupluZpgZZpaZZWab2WaOmWPmmXkm1aSaBWaBSTNpZpFZZNJNullilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSYDHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnDSiA0+asyXvxeulNrM1uc9irbE57tc1lr7H/P85n89t4W8AWtNrmsXl/FRtrbVFbzBa3JayzJW0pe9Nv4vK2gq1oK9nbbWV7h63ym7iWvcfWtvfaOvY+W9Pe/au4rr3f1rOP2PqIALapbWib20b2EdvYPmqb2Ka2mW1u29onbTv7lE2wT9v29pnfxAvsQrvKrrZr7Fq7y+62p+0Ze8h+Y8/aH20P29MOsC/bgfYVO8i+apPs4N/EI+2bdpR9y462Y+xYO+438RQ71abYaXa6fdfOsDN/E6faD+xsm2bn2Ll2np3/c5yZU5r90C6yH9l0G8ASu9Qus8vtCrvyz7kutevtBrvR7rSf2C12q91mt9sdl26E7W67x35q99rP7EH7td1vv7AH7GGbYb/6Oc48vsP2W3vEfmeP2mP2uP3enrA/qEujM4/9e/uTPW+9BUICkqQooBjKRrGUnXLQVZSTrqZcdA1F6FqKo+soN11PeSgv5aP8FE8FqCBpMmSJKKRCVJiidANdSq84lSBHJakU3USl6WYqQ7dQWbqVytFtVJ4qUEWqRLdTZbqDqtCdVJXuompUnWpQTbqbatE9VJvupTp0H9Wl+6kePUD16UFqQA9RQ3qYGtEj1JgepSbUlJpRc2pBj1FLepxaUWtqQ09QW3qS2tFTlEBPU3t6hjrQn6gjPUud6DnqTM9TF+pK3egF6k4vUg/qSYnUi3rTS9SH+lI/6k8D6GUaSK/QIHqVkmgwDaHXaCi9TsPoDRpOI2gkvUmj6C0aTWNoLI2jZBpPE+htmkjv0CSaTFNoKqXQNJpO79IMmkmz6D2aTe/THJpL82g+pdIHtIAWUhp9SIvoI0qnxbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjvoY9pJn9Au2k176FPaS5/RPvqc9tMXdIC+pAz6ig7S13SIvqHD9K3vSd/RUTpGx+l7OkE/0Ek6RafpDJ2lH+kc/UTnyROEGIpQhioMwpgwWxgbZg9zhFeFOcOrw1zhNWEkvDaMC68Lc4fXh3nCvGG+MH8YHxYIC4Y6NKENKQzDQmHhMBreEBYJbwyLhsXC4mGJ0IUlw1LhTWHp8OawTHhLWDa8NSwX3haWDyuEj9xXKbw9rBzeEVYJ7wyrhneF1cLqYY2wZnh3WCu8J6wd3hvWCe8Ly4T3h/XCB8L64YNhg/ChsGH4cNgofCRsHD4aNgmbhs3C5mGL8LGwZfh42CpsHbYJnwjbhk+G7cKnwoTw6bB9+MzP/fcv/Mv9iWGvsHf4UvhS6P29cl50fjQ1+kF0QXRhNC36YXRR9KNoenRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T7mtnAoRNOOuUCF+OyuViX3eVwV7mc7mqXy13jIu5aF+euc7nd9S6Py+vyufwu3hVwBZ12xllHLnSFXGEXdTe4Iu5GV9QVc8VdCedcSVfKNXctXAvX0j3uWrnWro17wj3hnnRPuqfcU+5p19494zq4P7mO7lnXyT3nnnPPuy6uq+vmXnDd3fhcF87JRNfb9XZ9XB/Xz/VzA9wAN9ANdIPcIJfkktwQN8QNdUPdMDfMDXfD3Ug30o1yo9xoN9qNdWNdskt2E9wEN9FNdJPcJDfFTXEpLsVNd9PdDDfDVZ55YS9z3Bw3z81zqS7VLXCZ94xpbpFb5NJdulvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vlr7kwqdvr9rl9br/b7w64L12G+8oddF+7Q+4bd9h9646479xRd8wdd9+7E+4Hd9KdcqfdGXfW/ejOuZ/ceeddcmR8ZELk7cjEyDuRSZHJkSmRqZGUyLTI9Mi7kRmRmZFZkfcisyPvR+ZE5kbmReZHUiMfRBZEFkbSIh9GFkU+iqRHFkeWRJZGlkWWR7wvsCX0hXxhH/U3+CL+Rl/UF/PFfQnvfElfyt/kS/ubfRl/iy/rb/Xl/G2+vK/gK/pHfRPf1DfzzX0L/5hv6R/3rXxr38Y/4dv6J307/5RP8E/79v4Z38H/yXf0z/pO/jnf2T/vu/iuvpt/wXf3L/oevqdP9L18b/+S7+P7+n6+vx/gX/YD/St+kH/VJ/nBfoh/zQ/1r/th/g0/3I/wI2Pe9KMuPSLDOJ/sx/sJ/m0/0b/jJ/nJfoqf6lP8ND/dv+tn+Jl+ln/Pz/bv+zl+rp/n5/tU/4Ff4Bf6NP+hX+Q/8ul+8aWXkn6FX+lX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F1+t9/jP/V7/Wd+n//c7/df+AP+S5/hv/IH/df+kP/GH/bf+iP+O3/UH/PH/ff+hP/Bn/Sn/Gl/xp/1P/pz/id/nv/NGmOMMcbYHzL+cvPSq9yYCx8XXuf3+p0x4hcb9waAq7fmz/hlf+Yd5bo8F9p9RXzbCAA83bPzQ5eWatUSExMvbpsuISg8F+DS3wT9OYGL8WJoA09CArSG0r+bf1/R9Sz9jfmjtwLk+MWYWLgcX57/cwBM/J35H3ti5IJy4em4vzL/XICihS+PyQ6X48XQ5uf3K62hzF/IP2/Lv5F/9i+SAVr9YkxOuBxfzr8UPA7PQMKvtvwr2v6xzRhjjDHGGGOM/W/oKyp2vPT8GVxc93vP5/Hq8phscDn+W8/njDHGGGOMMcYYu/Ke7drtqccSElp3/PsbVf6hUX+40Rh+rwvg37rTrNzwHuDSGgUA/+SEAJkN+Z88is3/kX0lXTx1/n/XsjM+gP+OUv7jjbF/XnOF/2BijDHGGGOM/ctdvvv/9Xp1pRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayoP/E/yt2pY+RMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+LwAA//8j8vzJ")
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)

1m37.998004169s ago: executing program 1 (id=139):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$tun(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="7f7215b6d68e34d5"], 0x32)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x5], 0x0, 0x0, 0x1}}, 0x40)

1m37.624707307s ago: executing program 1 (id=141):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
add_key$user(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r2)
read$FUSE(r0, &(0x7f0000001580)={0x2020}, 0x2020)

1m37.253676515s ago: executing program 32 (id=141):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
add_key$user(&(0x7f0000000100), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r2)
read$FUSE(r0, &(0x7f0000001580)={0x2020}, 0x2020)

1m28.073880412s ago: executing program 2 (id=189):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xa7f10723c5e5444d}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r3, r1}, 0x14)
syz_emit_ethernet(0x2e, &(0x7f0000002440)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3c, 0x20, 0x0, 0x0, 0x8, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x2, 0x9, 0x100, @void}}}}}}}, 0x0)

1m27.745736278s ago: executing program 2 (id=190):
r0 = socket$inet6(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_uring_setup(0x7f9, &(0x7f0000000040)={0x0, 0xc8df, 0xfc00, 0xa, 0x20002f7})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b00010065727370616e000020000280040012000500160002000000060018"], 0x50}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

1m27.359676954s ago: executing program 2 (id=193):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f071fff000100000058000b480400945f64009400050038923944000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

1m26.939034413s ago: executing program 2 (id=195):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4000, &(0x7f0000000580)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000102,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYBLOB="d6d84c0df937ed4a0cd30000f2e9ea9568eab74a46c525dc386983eade0b0ce5f1dd911706cf7d32d7d508d1823b8871e001000000eb4ce0a008f5cdea622fc6675e5486860a752ed0298a948efa72b2c8d8525181644a3124f3544a50f192b98f055ad125fd4674534413c6044136ea5aefac5267e43739626ea9391d8f346c4694f70400000000000000cee1f628d1cec3462830606bb612bfed91181cdc107bb91a2e86de2ad5", @ANYBLOB="2c000100000000000030303030003030303030303030303030303030352c00d745dcab34ff634099d402406184d688f81f99d01ce1164bfd68777e4bdfe2e9fae18a6c91c70bc34f974b265a58d1889c9c38e7e32895b1921f8e4b4b41f3ef0debac34b19aa687221a6b942eb396159ef6de9645e4b33865d6b62e564277ed35923544b6379822861ec79f423c1b0372e2b26bdba81fcea8c4d1eb657869c87c4d7cf2b187c387d632e58f44956d2d7b16ba93153514087b38676f72cab9f62f53f331bb7f952ef5ab05e9403afa22e65743c583ba30683ac5e30173cdb5c216d879ead8b3ee56d602a39e33c63ba2754ccfe231c2e1b660f2a68cc14a9186ee2e834be5f10b09"], 0x12, 0xc49, &(0x7f0000001cc0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThq3m6ZIZcVy9S+mYhXuqqbZBpBlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEWQI9O6QHLxocipJ6KFjaDogW0D+BQwmNm34pKiIloUJUr+fGzquzv73ux7M6s3FME3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiD945dzxE2m7pT9Y293WAAAPwoWxrxw/ue3rPwDwOLj0of79DwAAAAAAAAAAAAAAPAQpingyUsxeWE0T1fOu+vnOwI2b4yOjW1c7kKqa+6ry5Vf9xMlTp7/4wvCZXp7vTK/XH9ztbnw6Xhu7dK7x8sz12bn2/Hx7sjE+3bkyM9ne9h52Wn+zo9UBaFx//cbk1avzjZPPn9rw8s2h9wefODx0dvjZY8/0yo6PjI6OrRep95ev3XNDuu40w2N/FHEsUjz33Z+mVkQUsfNjUd9w7h+4A1UnjladGB8ZrToy1WlNL5QvXuwdiCKi0Vep2TtGW5+LqA080D7cWTNisWx+2eCjZffGZltzrctT7cbF1txCZ6EzM30xdVtb9qcRRZxJEUsRsbLFX8OBKKIWKb59aDVdjoh9vePwhWpi8J3bUexiH7ehbGdjIGKpeATO2R42GEW8Gil+9s6RuJLHmWqs+XzEq2V+P+KtMl+KSOUH43TEe7s+nPOg1KKIvyzP/9nVNFmNB71x5fxXG1+evjrTV7Y3rnzI68NtI8VDuj4c2JQPxh4fm+pRRKsa8VfTvX+zAwAAAAAAAAAAAAAAAMD9diCK+FSkeOXf/6SaVxzVvPRDZ4f/cOhX++eMP32X/ZRln4+IxWJ7c3L354mBF9PFlB7yXOKPsnoU8ad5/t83H3ZjAAAAAAAAAAAAAAAAAAAAPtKK+EmkePHdI2kp+tcU70xfa1xqXZ7qrgrbW/u3t2b62traWiN1s5lzIudizqWcyzlXckaR6+ds5pzIuZhzKedyzpWcsS/Xz9nMOZFzMedSzuWcKzmjluvnbOacyLmYcykvur+cn6/kjD2ydi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOOkiCJ+Him+9fXVFCkimhET0c3lwYfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJiK+F6kaPxR89a2WkSk6v+uI+Ufp6O5v8yPR3O4zJeieS5nq8pa85sPof3szEAq4seRYrD+9q0Tns//QPfZrY9BvPWN9WefrnVzX+/FofcHnzh86Ozw6G88fafHaasGHD3fmb5xszE+Mjo61re5lt/9433bhvL7Fven60TE/Btvvt6ammrP3fuD8iOwg+qP0INU+6j09NF+8Jv3a4dR2wvdeTgP7j52/P+DGKDYVeX1/71I8bvv/kfvgt+9/tfjV7rPbl3h44M/W7/+v7h5R9u8/tc218vX//KavtX1/8m+bS/m70YGahH1heuzA4cj6vNvvHmsc711rX2tPX36+PEvDQ9/6dTxgf0R9audqXb3UYqp9vH7crgAAAAAAAAAAAAAAAAAHpxUxO9HitaPV1MjIm5W87WGzg4/e+yZfbGvmm+1Yd72a2OXzjVenrk+O9een29PNsanO1dmJtvbfbt6Nd1rfGR0VzpzVwd2uf0H6i/PzL4x17n2xwtbvn6wfu7y/MJc68rWL8eBKCKa/VuOVg0eHxmtGj3VaU1XVS9uOZn+wxtIRfxnpLhyupE+m7fl+f+bZ/hvmP+/uHlHuzT//2N928r3TKmIDyLF7/zV0/HZqp0H47Zjlsv9XaQ4euYzuVzsL8v12tC9r0B3jmBZ9n8jxT/9fGPZ3nzIJ9fLntj2gX1ElOf/UKT43l98J34rb9t4/4etz//BzTvapfP/VN+2gxvuV7DjrpPP/7FI8dKTb8fn8rZfdv+P3r03juTCt+7PsUvn/xN924by+/72/ek6AAAAAAAAAADAI20gFfH3keKHo7X0Qt62nd//m9y8o136/a9P9m2bvD/rFd31wY4PKgAAAADsEQOpiJ9EimsLb9+aQ71x/nff/M/fW5//OZI2vVr9nO/XqvsG3M+f//Ubyu87sfNuAwAAAAAAAAAAAAAAAAAAwJ6SUhEv5PXUJ6r5/JN3XE99OVK88t/P5XLpcFmutw78UPVn/cLM9LFzU1MzV1oLrctT7cbYbOtKu6z7VKRY/dvP5LpFtb56b7357hrv62uxz0WK0X/ole2uxd5bm/yp9bInyrIfixT/9Y8by34ul/vEetmTZdm/iRRf+8HtZUuH18ueKst+J1L86GuNXtmDZdne/VE/uV72+R/cuiMCAAAAAAAAAAAAAAAAAAAA3LuBVMSfR4r/ub50ay5/Xv9/oO9p5a1v9K33v8nNap3/oWr9/zs9vpf1/6v7Cize6V0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODxlKKINyPF7IXVtDxYPu+qn+9M37g5PjK6dbUDqaq5rypfftVPnDx1+osvDJ/p5S+vf799Kl4bu3Su8fLM9dm59vx8e7IxPt25MjPZ3vYedlp/s6PVAWhcf/3G5NWr842Tz5/a8PLNofcHnzg8dHb42WPP9MqOj4yOjvWVqQ3c87vfJt1h+/4o4q8jxXPf/Wn64WBEETs/Fnf57Oy2A1UnjladGB8ZrToy1WlNL5QvXuwdiCKi0Vep2TtGD+Bc7EgzYrFsftngo2X3xmZbc63LU+3GxdbcQmehMzN9MXVbW/anEUWcSRFLEbEyePvuBqKI1yPFtw+tpn8ZjNjXOw5fuDD2leMn79yOYhf7uA1lOxsDEUvFI3DO9rDBKOKfI8XP3jkS/zoYUYvuV3w+4tUyvx/xVnTPdyo/GKcj3tvic8SjqRZF/F95/s+upncGy/GgN66c/2rjy9NXZ/rK9saVR/768CDt8bGpHkX8qBrxV9O/+XsNAAAAAAAAAAAAAAAAsIcU8euR4sV3j6RqfvCtOcWd6WuNS63LU91pfb25f70502tra2uN1M1mzomcizmXci7nXMkZRa6fs1lmfW1tIj9fzLmUcznnSs7Yl+vnbOacyLmYcynncs6VnFHL9XM2c07kXMy5lHM550rO2CNz9wAAAAAAAAAAAAAAAAAAgMdLUf2X4ltfX01rg931pSeim8vWA33s/SIAAP//YnX2fg==")
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)

1m26.122693045s ago: executing program 2 (id=199):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x6, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000005, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, '\x00', 0x2f}, 0xffffffff}, 0x1c)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x4, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="28000000000000002900000002"], 0x28}}], 0x1, 0x0)

1m25.196226146s ago: executing program 2 (id=201):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)='B', 0x1}], 0x1}}], 0x1, 0x400c404)
exit(0x0)
sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)="9298", 0x2}], 0x1}}], 0x1, 0x40)

1m24.772593624s ago: executing program 33 (id=201):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)='B', 0x1}], 0x1}}], 0x1, 0x400c404)
exit(0x0)
sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)="9298", 0x2}], 0x1}}], 0x1, 0x40)

6.391971444s ago: executing program 0 (id=857):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x8031, 0xffffffffffffffff, 0x5cac3000)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000040)={r1, @in6={{0xa, 0x4e24, 0xfffffff7, @private1={0xfc, 0x1, '\x00', 0x1}, 0x74}}}, &(0x7f0000000280)=0x84)

5.122670329s ago: executing program 4 (id=868):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x439, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, 0x49905, 0x9a4d}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x3}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @loopback}]}}}]}, 0x40}}, 0x4004050)
sendto$packet(r0, &(0x7f0000000400)="05d936277c6f5422007f83477ca1b278e3e4018a34e7bfd3de1a00ad6762646c95c716727eb53bcc", 0x28, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r2, 0x1, 0x4, 0x6, @local}, 0x14)

5.105487216s ago: executing program 0 (id=869):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778ceb"], 0x0}, 0x94)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d40)=@newqdisc={0x3a8, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x378, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2}}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x64, 0x2, 0x3, 0x17, 0xd, 0x8, 0x1}}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x2}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "dc542b4e237011fb38ddb228806571a8633206e26df63a43bbc516382325dedd79c1cf0a26379dfaf72cb5ab9ab7efe16f312ee9ab598d1ac0d7903ac69c51f1b6842ebecf00dec5deff737b59f0c1f0b57cc6c2b7b8c5b2c527aafa57222f4bd2355ccab39fa20d4033b6b687491532080101805feb9c6fa8a56a77186efcb394ce1a1cd7f2130835e3bf9e3ac25d0a102a808be13beb51f37da6d10046f131834545ee5013f43e41e91eb18a12c28540ab4106286e0f7568f6a9cd0c0da51df08e42848096b25d455ebec9adfd6e493d8c9725bc2d49bbbae0a5375b359f91d9dad20ed109ffbc52469cffd2cf5df7773f7a4c72ae167485315c326281efc4"}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "a2a88faa7ec665a571a9ad3d1f9512e3c591df4a4554c6c2e2cc6cb4d9aee4579684743ad4888f1522a47ddaff3d4f9450d288e8559bc4f795aa0d1bc74d926038adb808cba6e90535b2eb8ba3e8ff927207d17a86b10d604e77a459df67e7f0c842d463ca5977b7e2eb55fbb9881d15633717817c735da52a1da7d64bb22e58550d8ee20883e41ec2f119a6a6364d68900c1cce4a3b3225a9ce9e1e00b444e9e7bcd10e1dec202ce7786aa7cf10d4dd6bbcee586d7903a6239ff90b49cd7fddb0c67ddab326cdb2d0fa48a783f691be9ebaa1243b21afd04a372650aa7eb46a2675cc67ae12d3b99c9acb4d9fb7c78081d269b443affd86eededd4867311221"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x1ffff}}, @TCA_CHOKE_STAB={0x104, 0x2, "554b956aa3fcfbc4a187baf0437163b5d33108db016465f92a93480d2c246d90f03741da6ee916f7c9917dbd81da67d6150151679559af8402b932745d19fbfbd679c133c4714565f91cd05790d990818bac85598b6a844cb2c2d277aaca9a88ee0e6a834ba02b4e549f11fb13e9fe33730c55997f2d3b7e6469210db81587fc522295f49a78f4e08ddfb01172b12a19b303a0c47fa3500cdc3e6725a79dcd3731c37083c3bbe73c43e7e2ea82c72986a1499c677c565ea1cfc874e7e978e4ebe8d338f0b37807d40333ee570133982998623ec809826f1009856a9d9d8e839c65d3ead78c6b3cb8f7beee8e59f19de93d06628a2cdfa4333d96882b96c36cc3"}]}}]}, 0x3a8}}, 0x0)

4.772075642s ago: executing program 4 (id=870):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x2000877d, &(0x7f0000000180)={0x2, 0x4e23, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f0000000780)=""/4108, 0x437aba2}], 0x1, 0x0, 0xfffffdee, 0x407006}, 0x104)
shutdown(r0, 0x0)

4.591830037s ago: executing program 0 (id=872):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r0, &(0x7f0000000240)={0x27, 0x0, 0x2, 0x6, 0x0, 0x3, "e88509de7f1939e8abff005597c8ef039a5be42200", 0x13}, 0x60)
r1 = syz_io_uring_setup(0x3644, &(0x7f0000000980)={0x0, 0xe826, 0x800, 0x0, 0x188}, &(0x7f00000008c0)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x42db, 0x0, 0x0, 0x0, 0xfffffffffffffe85)

3.62514432s ago: executing program 4 (id=876):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x5, 0x0, 0x4000000000000004, 0x4, 0xfffffffffffffffb, 0x7, 0xfffffffffffffffa, 0x1a4}, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r0, 0x1, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})

3.319997311s ago: executing program 0 (id=879):
r0 = syz_usb_connect$uac1(0x2, 0xb8, &(0x7f0000000100)=ANY=[@ANYBLOB="12010103000000106b1d01014000010203010902a600030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002200a000a00040c24020203020250800009010d2406050203078887000a00000924030101010505"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2000000000000046})
syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000340)={0x0, 0x17, 0x1, "ef"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x83, 0x2, "a0ab"}, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000009c0)={0x44, 0x0, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x9}, 0x0, 0x0, &(0x7f00000008c0)={0x20, 0x82, 0x2, "b648"}, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f0000000180)={0x0, 0xe, 0x2, "c59f"}, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000b00)={0x84, &(0x7f0000000500)={0x0, 0x5, 0x2, "af9c"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.175719123s ago: executing program 5 (id=881):
r0 = socket$inet6(0xa, 0x2, 0x0)
close(0x3)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0x3, 0x1, 0x8}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x2005, 0x4)
sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0xa, 0x1, 0x80000, @dev={0xfe, 0x80, '\x00', 0xa}, 0xfffffffb}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000000000002900000036"], 0x120}, 0x1400c0c0)

3.028093465s ago: executing program 5 (id=882):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x2, 0x841, 0x4, 0x100, 0x2001, 0xb})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2.942596408s ago: executing program 5 (id=884):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="10000000feffffffa5"], 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

2.816553744s ago: executing program 5 (id=886):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009"], 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@mcast2, @in=@private=0xa010100, 0x0, 0x0, 0x4e21, 0x0, 0x2}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9c0, 0x3}, {0xffffbffffffffffc, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@empty, 0x4d3, 0x3c}, 0xa, @in=@multicast2, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x4000000, 0x1}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

2.632319248s ago: executing program 4 (id=888):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000040)={[{@clear_cache}, {@metadata_ratio}, {@ssd_spread}]}, 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x3000})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305839, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xfffc})

1.565988402s ago: executing program 4 (id=890):
r0 = socket$kcm(0x2, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd29, 0x25dfdbfe, {{@in=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x2}, {0x2000000, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffd}, {0x0, 0x5, 0x200000000000}, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2}, [@tmpl={0x44, 0x5, [{{@in6=@loopback, 0x4d6, 0x33}, 0x2, @in6=@rand_addr=' \x01\x00', 0x3502, 0x3, 0x3, 0x10, 0x9, 0x0, 0x10003}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000)
r2 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0xfe, &(0x7f0000000000)=[{&(0x7f0000000040)="0207000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x11}, @multicast1}}}], 0x20}, 0x200040c4)

1.40246777s ago: executing program 5 (id=891):
io_uring_setup(0x7d1, &(0x7f0000000580)={0x0, 0xd9f9, 0x2, 0xfffffffe, 0x183})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
close(0x3)
socket$inet6_sctp(0xa, 0x801, 0x84)

1.120156856s ago: executing program 5 (id=892):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x738, 0x1713, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xff, 0x50, 0x9, "", [{{0x9, 0x4, 0x0, 0xd, 0x1, 0x3, 0x1, 0x2, 0x0, {0x9, 0x21, 0xff7f, 0x77, 0x1, {0x22, 0xfb1}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x8, 0x64}}}}}]}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, &(0x7f00000035c0)={0x14, &(0x7f00000034c0)={0x20, 0xf, 0x5, {0x5, 0x2d, "b74a04"}}, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000004600)={0x24, 0x0, 0x0, &(0x7f0000004580), 0x0}, 0x0)

884.795621ms ago: executing program 3 (id=893):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x25, &(0x7f0000000000)={0x0, 0x0, 0x4bb8, 0x965f, 0x8}, 0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

831.82075ms ago: executing program 0 (id=894):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x802, &(0x7f0000000500)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=', @ANYRESDEC=0x0])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
fstat(r0, 0x0)

620.06909ms ago: executing program 0 (id=895):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180), 0xc06620, 0x4)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r0, 0x118, &(0x7f0000000040)=0x1, 0x0, 0x4)

608.892717ms ago: executing program 3 (id=896):
r0 = socket$kcm(0x2a, 0x2, 0x0)
r1 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, 0x0}, 0x0)
recvmsg(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40002182)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x8918, 0x0)
sendmsg$kcm(r0, &(0x7f0000001540)={&(0x7f0000000040)=@qipcrtr={0x2a, 0x1, 0x4000}, 0x80, 0x0}, 0x0)

452.584107ms ago: executing program 4 (id=897):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = io_uring_setup(0x45af, &(0x7f0000000000)={0x0, 0xb1bb, 0x40, 0x7, 0x38c})
close(r0)
pipe2(&(0x7f0000002300)={<r1=>0xffffffffffffffff}, 0x80000)
vmsplice(r1, &(0x7f0000000140)=[{&(0x7f00000002c0)="9b", 0x1}], 0x1, 0x4)
mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000000000/0x2000)=nil)

276.095143ms ago: executing program 3 (id=898):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x48, r2, 0x1, 0x1070bd0c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x5}, @L2TP_ATTR_L2SPEC_TYPE={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x40811}, 0x20)

256.481249ms ago: executing program 3 (id=899):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0c0009"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

115.670572ms ago: executing program 3 (id=900):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xffff0000, 0x1, 0xf000, 0x0, 0x7, 0x80, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x1}, {0x0, 0xddccb000, 0xa, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {0x0, 0xdddd8000, 0xc, 0x8, 0x0, 0x4, 0x81, 0x0, 0x80, 0xe, 0x4, 0x3}, {0x10b002, 0x2000, 0xc, 0xfd, 0x80, 0x0, 0x3}, {0x1000, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfd, 0x1c, 0x1a, 0xa8}, {0x10000, 0xd000, 0x0, 0x4, 0x0, 0x8f, 0x0, 0x0, 0x0, 0xfc, 0x86, 0xfe}, {0xeeee8000, 0x30000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x80, 0x0, 0x4}, {0xd000, 0x5000, 0x3, 0x82, 0x0, 0x10, 0x4, 0xe}, {0x6000}, {0x1, 0xfffe}, 0x0, 0x0, 0x0, 0x10, 0x1, 0x0, 0x900, [0x0, 0x0, 0x10000, 0x3]})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
ioctl$KVM_SET_MSRS(r2, 0x4140aecd, &(0x7f0000000100))

0s ago: executing program 3 (id=901):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
epoll_create1(0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x20000c4, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.156' (ED25519) to the list of known hosts.
[   82.324400][ T5753] cgroup: Unknown subsys name 'net'
[   82.461183][ T5753] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.160885][ T5753] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   85.708188][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.717119][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.724984][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.753438][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.761430][   T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   85.769345][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.788075][ T5081] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   85.798688][ T5081] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   85.853717][ T5770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   85.863363][ T5770] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   85.872184][ T5770] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   85.872242][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   85.881352][ T5770] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   85.894573][ T5770] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   85.895709][ T5777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   85.909417][ T5081] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   85.909658][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   85.924696][ T5777] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   85.932596][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   85.941427][ T5778] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   85.943147][ T5777] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   85.950621][ T5778] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   85.957857][ T5777] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   85.970102][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   86.390204][ T5771] chnl_net:caif_netlink_parms(): no params data found
[   86.493251][ T5765] chnl_net:caif_netlink_parms(): no params data found
[   86.572198][ T5768] chnl_net:caif_netlink_parms(): no params data found
[   86.619544][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.627763][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.635743][ T5771] bridge_slave_0: entered allmulticast mode
[   86.643116][ T5771] bridge_slave_0: entered promiscuous mode
[   86.680935][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.688430][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.695828][ T5771] bridge_slave_1: entered allmulticast mode
[   86.703053][ T5771] bridge_slave_1: entered promiscuous mode
[   86.778314][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.796138][ T5765] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.803466][ T5765] bridge_slave_0: entered allmulticast mode
[   86.810605][ T5765] bridge_slave_0: entered promiscuous mode
[   86.819719][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.826956][ T5765] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.834282][ T5765] bridge_slave_1: entered allmulticast mode
[   86.841703][ T5765] bridge_slave_1: entered promiscuous mode
[   86.906576][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.919095][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.943061][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   86.961684][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.969111][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.976652][ T5768] bridge_slave_0: entered allmulticast mode
[   86.983898][ T5768] bridge_slave_0: entered promiscuous mode
[   87.029166][ T5771] team0: Port device team_slave_0 added
[   87.038013][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.052576][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.061902][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.069567][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.077153][ T5768] bridge_slave_1: entered allmulticast mode
[   87.084788][ T5768] bridge_slave_1: entered promiscuous mode
[   87.132880][ T5771] team0: Port device team_slave_1 added
[   87.209666][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.216922][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.243159][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.258149][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.291450][ T5765] team0: Port device team_slave_0 added
[   87.301374][ T5765] team0: Port device team_slave_1 added
[   87.308473][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.315834][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.346829][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.388281][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.456669][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.464078][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.490940][ T5765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.504360][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.511342][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.537644][ T5765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.639168][ T5771] hsr_slave_0: entered promiscuous mode
[   87.648211][ T5771] hsr_slave_1: entered promiscuous mode
[   87.656144][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.673038][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.680261][ T5772] bridge_slave_0: entered allmulticast mode
[   87.692271][ T5772] bridge_slave_0: entered promiscuous mode
[   87.702367][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.713928][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.721136][ T5772] bridge_slave_1: entered allmulticast mode
[   87.731410][ T5772] bridge_slave_1: entered promiscuous mode
[   87.746386][ T5768] team0: Port device team_slave_0 added
[   87.755691][ T5768] team0: Port device team_slave_1 added
[   87.834778][ T5767] Bluetooth: hci0: command tx timeout
[   87.857862][ T5765] hsr_slave_0: entered promiscuous mode
[   87.865381][ T5765] hsr_slave_1: entered promiscuous mode
[   87.871724][ T5765] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   87.880175][ T5765] Cannot create hsr debugfs directory
[   87.899203][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.907564][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.937092][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.967276][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.980752][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.990752][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.000948][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.027343][ T5767] Bluetooth: hci2: command tx timeout
[   88.027366][ T5778] Bluetooth: hci1: command tx timeout
[   88.038870][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.072589][ T5767] Bluetooth: hci3: command tx timeout
[   88.146492][ T5768] hsr_slave_0: entered promiscuous mode
[   88.153252][ T5768] hsr_slave_1: entered promiscuous mode
[   88.159868][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.167915][ T5768] Cannot create hsr debugfs directory
[   88.182933][ T5772] team0: Port device team_slave_0 added
[   88.196395][ T5772] team0: Port device team_slave_1 added
[   88.287978][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.298186][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.325548][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.343234][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.350235][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.376989][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.601558][ T5772] hsr_slave_0: entered promiscuous mode
[   88.608450][ T5772] hsr_slave_1: entered promiscuous mode
[   88.615054][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.622760][ T5772] Cannot create hsr debugfs directory
[   88.670267][ T5771] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.696301][ T5771] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.706214][ T5771] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.726168][ T5771] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.826869][ T5765] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   88.837658][ T5765] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   88.858899][ T5765] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   88.874026][ T5765] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   88.965944][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   88.989147][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   88.999013][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.012327][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.124719][ T5772] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   89.149356][ T5772] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   89.160140][ T5772] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   89.171836][ T5772] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   89.215505][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.278595][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.321257][ T5771] 8021q: adding VLAN 0 to HW filter on device team0
[   89.339476][ T5765] 8021q: adding VLAN 0 to HW filter on device team0
[   89.354955][ T1302] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.362266][ T1302] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.395278][ T1302] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.402394][ T1302] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.431393][ T1302] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.438614][ T1302] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.455061][ T1302] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.462256][ T1302] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.486833][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.518236][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.548799][ T5768] 8021q: adding VLAN 0 to HW filter on device team0
[   89.603213][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   89.627244][ T1302] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.634431][ T1302] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.646896][ T1302] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.654100][ T1302] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.690204][ T1302] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.697405][ T1302] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.727757][ T1302] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.734978][ T1302] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.796703][ T5768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   89.899364][ T5772] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   89.911417][ T5772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   89.922812][ T5767] Bluetooth: hci0: command tx timeout
[   90.073063][ T5767] Bluetooth: hci1: command tx timeout
[   90.079323][ T5778] Bluetooth: hci2: command tx timeout
[   90.152704][ T5778] Bluetooth: hci3: command tx timeout
[   90.215067][ T5765] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.361825][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.380617][ T5765] veth0_vlan: entered promiscuous mode
[   90.399418][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.431572][ T5765] veth1_vlan: entered promiscuous mode
[   90.460647][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.513371][ T5771] veth0_vlan: entered promiscuous mode
[   90.537830][ T5765] veth0_macvtap: entered promiscuous mode
[   90.557076][ T5771] veth1_vlan: entered promiscuous mode
[   90.573302][ T5765] veth1_macvtap: entered promiscuous mode
[   90.613458][ T5772] veth0_vlan: entered promiscuous mode
[   90.652015][ T5772] veth1_vlan: entered promiscuous mode
[   90.666512][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.680504][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.699803][ T5771] veth0_macvtap: entered promiscuous mode
[   90.719450][ T5768] veth0_vlan: entered promiscuous mode
[   90.731077][ T5765] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.740796][ T5765] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.750515][ T5765] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.760235][ T5765] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.773761][ T5771] veth1_macvtap: entered promiscuous mode
[   90.807484][ T5768] veth1_vlan: entered promiscuous mode
[   90.847551][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.859523][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.875565][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.893623][ T5772] veth0_macvtap: entered promiscuous mode
[   90.921898][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.935995][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.948058][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.958951][ T5772] veth1_macvtap: entered promiscuous mode
[   90.978526][ T5771] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.987551][ T5771] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.997045][ T5771] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.006096][ T5771] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.045817][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.059520][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.069641][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.080423][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.093865][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.131755][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.142124][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.178311][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.185193][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.198363][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.199959][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.210941][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.230049][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.241371][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.258569][ T5768] veth0_macvtap: entered promiscuous mode
[   91.276971][ T5768] veth1_macvtap: entered promiscuous mode
[   91.294745][ T5772] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.310274][ T5772] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.320982][ T5772] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.329856][ T5772] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.398232][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.410736][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.423145][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.445850][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.455859][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.466495][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.478728][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.529006][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.552196][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.568152][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.580384][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.600124][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.615726][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.628763][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.647406][ T5830] syz.3.4[5830]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.684121][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.693049][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.701781][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.722545][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.766529][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.784827][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.863468][  T997] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.871355][  T997] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.921962][  T997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.940743][  T997] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.963175][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.978786][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.005674][ T5778] Bluetooth: hci0: command tx timeout
[   92.060637][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.103052][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.153436][ T5778] Bluetooth: hci2: command tx timeout
[   92.158912][ T5778] Bluetooth: hci1: command tx timeout
[   92.185047][  T966] cfg80211: failed to load regulatory.db
[   92.242802][ T5767] Bluetooth: hci3: command tx timeout
[   92.256857][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.282521][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.451274][ T5830] loop3: detected capacity change from 0 to 32768
[   92.509329][ T5830] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.4 (5830)
[   92.611719][ T5830] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   92.631600][ T5830] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[   92.656324][ T5830] BTRFS info (device loop3): setting nodatasum
[   92.687707][ T5830] BTRFS info (device loop3): force zlib compression, level 3
[   92.730695][ T5830] BTRFS info (device loop3): metadata ratio 4
[   92.754339][ T5830] BTRFS info (device loop3): enabling ssd optimizations
[   92.772024][ T5830] BTRFS info (device loop3): allowing degraded mounts
[   92.780213][ T5830] BTRFS info (device loop3): using free space tree
[   93.046806][ T5830] BTRFS info (device loop3): auto enabling async discard
[   93.301525][ T5865] loop1: detected capacity change from 0 to 2048
[   93.374944][ T5865] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   93.545159][   T28] audit: type=1800 audit(1772722160.078:2): pid=5865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9" name="file1" dev="loop1" ino=1346 res=0 errno=0
[   93.726974][ T5765] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   94.072565][ T5767] Bluetooth: hci0: command tx timeout
[   94.233798][ T5767] Bluetooth: hci1: command tx timeout
[   94.234088][ T5778] Bluetooth: hci2: command tx timeout
[   94.313476][ T5778] Bluetooth: hci3: command tx timeout
[   94.559568][ T5887] loop3: detected capacity change from 0 to 32768
[   94.593929][ T5887] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   94.732723][ T5887] XFS (loop3): Ending clean mount
[   94.758639][ T5887] XFS (loop3): Quotacheck needed: Please wait.
[   94.828516][ T5887] XFS (loop3): Quotacheck: Done.
[   94.924050][ T5899] process 'syz.2.20' launched './file2' with NULL argv: empty string added
[   95.009305][   T28] audit: type=1800 audit(1772722161.548:3): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.18" name="bus" dev="loop3" ino=9293 res=0 errno=0
[   95.133675][ T5765] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   95.441663][ T5912] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.624439][ T5920] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.671751][ T5920] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   96.396118][ T5942] loop1: detected capacity change from 0 to 512
[   96.443741][ T5942] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.480709][ T5942] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.958087][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.320478][ T5970] netlink: 'syz.3.49': attribute type 4 has an invalid length.
[   97.426296][ T5974] netlink: 'syz.3.49': attribute type 4 has an invalid length.
[   98.013128][ T5809] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   98.244411][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.300202][ T5809] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.311229][ T6004] loop1: detected capacity change from 0 to 1024
[   98.325329][ T5809] usb 4-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[   98.360928][ T5809] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.417410][ T5809] usb 4-1: config 0 descriptor??
[   98.588339][   T76] hfsplus: b-tree write err: -5, ino 3
[   98.625872][ T6004] hfsplus: b-tree write err: -5, ino 3
[   98.632256][ T6004] hfsplus: request for non-existent node 33554434 in B*Tree
[   98.672543][ T6004] hfsplus: request for non-existent node 33554434 in B*Tree
[   98.747513][ T6015] netlink: 4 bytes leftover after parsing attributes in process `syz.2.68'.
[   98.900038][ T5809] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[   98.918860][   T49] hfsplus: request for non-existent node 33554434 in B*Tree
[   98.932797][ T5809] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[   98.942516][   T49] hfsplus: request for non-existent node 33554434 in B*Tree
[   98.950504][ T5809] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[   98.976663][   T49] hfsplus: b-tree write err: -5, ino 3
[   98.982343][ T5809] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[   99.007890][ T5809] playstation 0003:054C:0DF2.0001: unknown main item tag 0x0
[   99.055867][ T5809] playstation 0003:054C:0DF2.0001: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.3-1/input0
[   99.202613][ T5809] playstation 0003:054C:0DF2.0001: Invalid reportID received, expected 9 got 0
[   99.232059][ T5809] playstation 0003:054C:0DF2.0001: Failed to retrieve DualSense pairing info: -22
[   99.267235][ T6024] loop0: detected capacity change from 0 to 4096
[   99.272786][ T5809] playstation 0003:054C:0DF2.0001: Failed to get MAC address from DualSense
[   99.315105][ T5809] playstation 0003:054C:0DF2.0001: Failed to create dualsense.
[   99.354852][ T5809] playstation: probe of 0003:054C:0DF2.0001 failed with error -22
[   99.378788][ T6024] EXT4-fs (loop0): can't read group descriptor 0
[   99.438886][ T5809] usb 4-1: USB disconnect, device number 2
[   99.771501][ T6038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.78'.
[  100.072402][ T5809] IPVS: starting estimator thread 0...
[  100.187576][   T28] audit: type=1326 audit(1772722166.728:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.0.85" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb02c79c799 code=0x0
[  100.203153][ T6052] IPVS: using max 16 ests per chain, 38400 per kthread
[  100.268810][ T6056] loop3: detected capacity change from 0 to 8
[  100.354878][ T6056] SQUASHFS error: Unable to read inode 0xa7
[  100.611075][ T6049] loop2: detected capacity change from 0 to 32768
[  100.679279][ T6049] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  100.762425][ T6049] XFS (loop2): Ending clean mount
[  101.007138][ T6072] IPVS: Scheduler module ip_vs_sip not found
[  101.020293][ T6074] IPVS: length: 141 != 8
[  101.081424][ T5768] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  104.172430][    C1] sched: RT throttling activated
[  104.350016][ T6163] loop1: detected capacity change from 0 to 131072
[  104.367119][ T6163] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[  104.375537][ T6163] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  104.393471][ T6163] F2FS-fs (loop1): invalid crc value
[  104.424796][ T6163] F2FS-fs (loop1): Found nat_bits in checkpoint
[  104.492384][ T6163] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  104.499771][ T6163] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  105.136603][   T28] audit: type=1326 audit(1772722171.678:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.119" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f25e099c799 code=0x0
[  105.183211][ T6209] netlink: 'syz.0.120': attribute type 11 has an invalid length.
[  105.191113][ T6209] netlink: 56 bytes leftover after parsing attributes in process `syz.0.120'.
[  105.211485][ T6209] netlink: 'syz.0.120': attribute type 11 has an invalid length.
[  105.219639][ T6209] netlink: 56 bytes leftover after parsing attributes in process `syz.0.120'.
[  105.229217][ T6209] netlink: 'syz.0.120': attribute type 11 has an invalid length.
[  105.237466][ T6209] netlink: 56 bytes leftover after parsing attributes in process `syz.0.120'.
[  105.246795][ T6209] Zero length message leads to an empty skb
[  105.720784][ T6220] loop0: detected capacity change from 0 to 1024
[  105.903179][ T6220] capability: warning: `syz.0.125' uses 32-bit capabilities (legacy support in use)
[  105.954081][ T6220] hfsplus: xattr searching failed
[  106.571805][ T6236] loop0: detected capacity change from 0 to 8192
[  106.597120][ T6236] =======================================================
[  106.597120][ T6236] WARNING: The mand mount option has been deprecated and
[  106.597120][ T6236]          and is ignored by this kernel. Remove the mand
[  106.597120][ T6236]          option from the mount to silence this warning.
[  106.597120][ T6236] =======================================================
[  106.631997][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.709488][ T6236] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  106.742654][ T6236] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  106.787090][ T6236] REISERFS (device loop0): using ordered data mode
[  106.826525][ T6236] reiserfs: using flush barriers
[  106.884255][ T6236] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  106.945684][ T6236] REISERFS (device loop0): checking transaction log (loop0)
[  107.036072][ T6236] REISERFS (device loop0): Using r5 hash to sort names
[  107.059482][ T6248] loop1: detected capacity change from 0 to 256
[  107.068663][ T6236] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  107.076719][ T6248] exfat: Deprecated parameter 'utf8'
[  107.092138][ T6248] exfat: Deprecated parameter 'utf8'
[  107.126112][ T6236] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  107.149448][ T6248] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x22bddf5f, utbl_chksum : 0xe619d30d)
[  107.248298][   T28] audit: type=1800 audit(1772722173.788:6): pid=6236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.131" name="file1" dev="loop0" ino=4 res=0 errno=0
[  107.292199][ T6236] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  107.361349][   T28] audit: type=1800 audit(1772722173.898:7): pid=6248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.135" name="bus" dev="loop1" ino=1048592 res=0 errno=0
[  107.384287][ T6236] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  107.849928][ T6160] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.991497][ T6160] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.039267][ T6258] netlink: 'syz.0.142': attribute type 1 has an invalid length.
[  108.070912][ T6258] netlink: 'syz.0.142': attribute type 2 has an invalid length.
[  108.147748][ T6160] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.338791][ T6160] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.582606][  T966] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  108.792991][  T966] usb 4-1: Using ep0 maxpacket: 32
[  108.815580][  T966] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  108.833873][  T966] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  108.882664][  T966] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  108.909159][  T966] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  108.981719][  T966] usb 4-1: config 0 interface 0 has no altsetting 0
[  109.012113][  T966] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  109.032862][  T966] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  109.041526][  T966] usb 4-1: Product: syz
[  109.072624][  T966] usb 4-1: Manufacturer: syz
[  109.077312][  T966] usb 4-1: SerialNumber: syz
[  109.095935][ T5767] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  109.116375][  T966] usb 4-1: config 0 descriptor??
[  109.125889][ T5767] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  109.139642][ T5767] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  109.149242][ T5767] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  109.150032][  T966] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  109.166074][ T5767] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  109.166695][ T5767] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  109.282833][  T966] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  109.488732][ T5831] usb 4-1: USB disconnect, device number 3
[  109.509832][ T5831] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  110.004407][ T6304] loop0: detected capacity change from 0 to 256
[  110.070904][ T6278] chnl_net:caif_netlink_parms(): no params data found
[  110.468608][ T6315] loop0: detected capacity change from 0 to 512
[  110.530535][ T6315] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  110.603620][ T6321] warning: `syz.2.159' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  110.642806][ T5756] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  110.948584][ T6331] loop3: detected capacity change from 0 to 4096
[  110.994287][ T6331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.065478][   T28] audit: type=1800 audit(1772722177.608:8): pid=6331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.160" name="file0" dev="loop3" ino=13 res=0 errno=0
[  111.273910][ T5778] Bluetooth: hci3: command tx timeout
[  111.429161][ T6278] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.446840][ T6278] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.463449][ T6278] bridge_slave_0: entered allmulticast mode
[  111.477449][ T6278] bridge_slave_0: entered promiscuous mode
[  111.487770][ T6278] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.532648][ T6278] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.539947][ T6278] bridge_slave_1: entered allmulticast mode
[  111.591778][ T6346] loop2: detected capacity change from 0 to 2048
[  111.608842][ T6278] bridge_slave_1: entered promiscuous mode
[  111.616036][ T6346] UDF-fs: iocharset maccenteur37ØŸ»)¬â�~\ª¹�éði®Ô�}­”îvU§~ÝÑ#ê@IË«š9€Ìx‚ÅÔHÓ¦ŸI"¡“½Áæ3:Ö not found
[  111.669717][ T5765] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.876403][ T6160] hsr_slave_0: left promiscuous mode
[  111.895805][ T6160] hsr_slave_1: left promiscuous mode
[  111.920146][ T6160] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.946013][ T6160] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.973322][ T6160] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.988803][ T6160] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.018160][ T6160] bridge_slave_1: left allmulticast mode
[  112.044589][ T6160] bridge_slave_1: left promiscuous mode
[  112.052230][ T6160] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.093503][ T6160] bridge_slave_0: left allmulticast mode
[  112.106025][ T6160] bridge_slave_0: left promiscuous mode
[  112.111913][ T6160] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.206384][ T6160] veth1_macvtap: left promiscuous mode
[  112.222988][ T6160] veth0_macvtap: left promiscuous mode
[  112.228713][ T6160] veth1_vlan: left promiscuous mode
[  112.254602][ T6160] veth0_vlan: left promiscuous mode
[  113.111297][ T6361] loop2: detected capacity change from 0 to 40427
[  113.151027][ T6361] F2FS-fs (loop2): invalid crc value
[  113.172729][ T6361] F2FS-fs (loop2): Found nat_bits in checkpoint
[  113.329394][ T6361] F2FS-fs (loop2): Start checkpoint disabled!
[  113.356601][ T5778] Bluetooth: hci3: command tx timeout
[  113.417918][ T6361] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  113.429545][ T6366] loop3: detected capacity change from 0 to 32768
[  113.448831][ T6366] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.170 (6366)
[  113.490589][ T6366] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  113.522549][ T6366] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  113.533772][ T6366] BTRFS info (device loop3): using free space tree
[  113.643786][ T6366] BTRFS info (device loop3): enabling ssd optimizations
[  113.665299][ T6366] BTRFS info (device loop3): auto enabling async discard
[  113.799855][ T6160] team0 (unregistering): Port device team_slave_1 removed
[  113.815173][   T28] audit: type=1800 audit(1772722180.358:9): pid=6366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.170" name="bus" dev="loop3" ino=263 res=0 errno=0
[  113.856952][   T28] audit: type=1800 audit(1772722180.388:10): pid=6386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.170" name="bus" dev="loop3" ino=263 res=0 errno=0
[  114.014439][ T6150] kworker/u4:12: attempt to access beyond end of device
[  114.014439][ T6150] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  114.031676][ T6150] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  114.043125][ T6160] team0 (unregistering): Port device team_slave_0 removed
[  114.068883][ T6150] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  114.075989][ T6150] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  114.083211][ T6150] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  114.167813][ T5765] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  114.209140][ T6160] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  114.442981][ T6160] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.436612][ T5778] Bluetooth: hci3: command tx timeout
[  115.504701][ T6160] bond0 (unregistering): Released all slaves
[  115.608648][   T28] audit: type=1326 audit(1772722182.148:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.3.178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f922159c799 code=0x0
[  115.653902][ T6278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.681565][ T6278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.800650][ T6278] team0: Port device team_slave_0 added
[  115.831979][ T6278] team0: Port device team_slave_1 added
[  115.920184][ T6278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.931599][ T6278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.965286][ T6278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.987525][ T6278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  116.000674][ T6278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.036013][ T6278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  116.209701][ T6278] hsr_slave_0: entered promiscuous mode
[  116.273349][ T6278] hsr_slave_1: entered promiscuous mode
[  116.288718][ T6278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  116.306855][ T6278] Cannot create hsr debugfs directory
[  116.875141][ T6278] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  116.911298][ T6278] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  116.968488][ T6278] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  117.021225][ T6278] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  117.124395][ T6437] loop2: detected capacity change from 0 to 1764
[  117.242034][ T6418] loop0: detected capacity change from 0 to 32768
[  117.270523][ T6278] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.329529][ T6418] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  117.332763][ T6278] 8021q: adding VLAN 0 to HW filter on device team0
[  117.426484][ T6144] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.433737][ T6144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.489337][ T6418] XFS (loop0): Ending clean mount
[  117.504486][ T6144] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.511714][ T6144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.519441][ T5778] Bluetooth: hci3: command tx timeout
[  117.619792][ T6453] Illegal XDP return value 4294967274 on prog  (id 11) dev syz_tun, expect packet loss!
[  117.756409][ T5771] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  117.916832][ T6459] netlink: 35 bytes leftover after parsing attributes in process `syz.2.190'.
[  117.938438][ T6438] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  117.947221][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.190'.
[  117.964147][ T6438] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  118.347734][ T6278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.446280][ T6476] loop0: detected capacity change from 0 to 128
[  118.544848][ T6476] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  118.681795][ T6476] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.849995][ T6488] loop2: detected capacity change from 0 to 2048
[  118.908542][ T6488] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  118.949053][ T6488] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  118.975529][   T28] audit: type=1800 audit(1772722185.508:12): pid=6476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.191" name="file1" dev="loop0" ino=12 res=0 errno=0
[  119.032081][ T6278] veth0_vlan: entered promiscuous mode
[  119.075322][ T6278] veth1_vlan: entered promiscuous mode
[  119.126331][ T5771] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.157313][ T6488] loop2: detected capacity change from 2048 to 0
[  119.165315][ T6494] syz.2.195: attempt to access beyond end of device
[  119.165315][ T6494] loop2: rw=0, sector=1408, nr_sectors = 1 limit=0
[  119.296995][ T6278] veth0_macvtap: entered promiscuous mode
[  119.338288][ T5768] syz-executor: attempt to access beyond end of device
[  119.338288][ T5768] loop2: rw=0, sector=1408, nr_sectors = 1 limit=0
[  119.381173][ T6278] veth1_macvtap: entered promiscuous mode
[  119.384415][ T5768] syz-executor: attempt to access beyond end of device
[  119.384415][ T5768] loop2: rw=0, sector=1408, nr_sectors = 1 limit=0
[  119.432702][ T6498] netlink: 24 bytes leftover after parsing attributes in process `syz.3.197'.
[  119.500158][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.523923][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.542539][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.554278][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.564970][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  119.575654][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.591183][ T6278] batman_adv: batadv0: Interface activated: batadv_slave_0
[  119.599789][ T5939] syz.2.36: attempt to access beyond end of device
[  119.599789][ T5939] loop2: rw=2049, sector=128, nr_sectors = 1 limit=0
[  119.649396][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.675347][ T5939] Buffer I/O error on dev loop2, logical block 128, lost sync page write
[  119.707946][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.748009][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.776681][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.803435][ T6278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  119.820090][ T6278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  119.837835][ T6278] batman_adv: batadv0: Interface activated: batadv_slave_1
[  119.981982][ T6278] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.992248][ T6278] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.043570][ T6278] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.052903][ T6278] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.419220][ T6154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.441417][ T6154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  120.568097][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  120.593677][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.001218][ T6527] netlink: 'syz.3.205': attribute type 1 has an invalid length.
[  121.188355][ T6533] loop0: detected capacity change from 0 to 256
[  121.263555][ T6533] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  121.317345][ T6533] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  121.359113][ T6533] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  121.376663][ T6156] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.648853][ T6156] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.716056][ T5767] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  121.728779][ T5767] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  121.738578][ T5767] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  121.750619][ T5767] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  121.761765][ T5767] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  121.770260][ T5767] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  121.904942][ T6156] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.039361][ T6156] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.467332][ T6549] chnl_net:caif_netlink_parms(): no params data found
[  123.451616][ T6598] netlink: 'syz.4.224': attribute type 10 has an invalid length.
[  123.473015][ T6598] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  123.581970][ T6549] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.598800][ T6549] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.612923][ T6549] bridge_slave_0: entered allmulticast mode
[  123.620272][ T6549] bridge_slave_0: entered promiscuous mode
[  123.734464][ T6549] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.741806][ T6549] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.751432][ T6549] bridge_slave_1: entered allmulticast mode
[  123.773981][ T6549] bridge_slave_1: entered promiscuous mode
[  123.832808][ T5778] Bluetooth: hci1: command tx timeout
[  123.837050][ T6609] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  124.086445][ T6549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.117433][ T6618] loop3: detected capacity change from 0 to 256
[  124.126058][ T6549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.137431][ T6618] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  124.158045][ T6619] loop0: detected capacity change from 0 to 1024
[  124.197400][ T6619] EXT4-fs: Ignoring removed orlov option
[  124.219642][ T6618] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  124.231151][ T6619] EXT4-fs (loop0): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  124.289162][ T6619] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.362749][ T6619] EXT4-fs (loop0): Online resizing not supported with bigalloc
[  124.458211][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.604784][ T6631] loop4: detected capacity change from 0 to 64
[  124.667109][ T6631] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  124.782334][ T6549] team0: Port device team_slave_0 added
[  124.805845][ T6549] team0: Port device team_slave_1 added
[  125.013856][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_0
[  125.021686][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.119945][ T6549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  125.163780][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_1
[  125.170810][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.247586][ T6549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.441575][ T6651] input: syz0 as /devices/virtual/input/input5
[  125.631191][ T6156] hsr_slave_0: left promiscuous mode
[  125.641870][ T6156] hsr_slave_1: left promiscuous mode
[  125.653732][ T6156] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.665654][ T6156] batman_adv: batadv0: Removing interface: batadv_slave_0
[  125.695238][ T6156] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  125.710474][ T6156] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.724258][ T6156] bridge_slave_1: left allmulticast mode
[  125.732255][ T6156] bridge_slave_1: left promiscuous mode
[  125.739823][ T6156] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.751485][ T6156] bridge_slave_0: left allmulticast mode
[  125.759092][ T6156] bridge_slave_0: left promiscuous mode
[  125.766377][ T6156] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.830610][ T6156] veth1_macvtap: left promiscuous mode
[  125.839374][ T6156] veth0_macvtap: left promiscuous mode
[  125.850801][ T6156] veth1_vlan: left promiscuous mode
[  125.856518][ T6156] veth0_vlan: left promiscuous mode
[  125.913162][ T5778] Bluetooth: hci1: command tx timeout
[  126.808405][ T6667] loop0: detected capacity change from 0 to 40427
[  126.842527][ T6667] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  126.848964][ T6667] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  126.880038][ T6667] F2FS-fs (loop0): invalid crc value
[  127.146698][ T6667] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  127.157627][ T6667] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  127.374491][ T5771] syz-executor: attempt to access beyond end of device
[  127.374491][ T5771] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  127.392035][ T5771] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  127.525591][ T6156] team0 (unregistering): Port device team_slave_1 removed
[  127.630255][ T6156] team0 (unregistering): Port device team_slave_0 removed
[  127.708331][ T6156] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  127.802573][ T6156] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  127.999594][ T5778] Bluetooth: hci1: command tx timeout
[  128.330860][ T6156] bond0 (unregistering): Released all slaves
[  128.473388][ T6549] hsr_slave_0: entered promiscuous mode
[  128.486400][ T6549] hsr_slave_1: entered promiscuous mode
[  128.496101][ T6549] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.512968][ T6549] Cannot create hsr debugfs directory
[  128.559268][ T6690] netlink: 'syz.4.255': attribute type 20 has an invalid length.
[  128.572562][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.4.255'.
[  128.597434][ T6690] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  128.607467][ T6690] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  128.616416][ T6690] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  128.625283][ T6690] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  128.664127][ T6690] netlink: 'syz.4.255': attribute type 20 has an invalid length.
[  128.673332][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.4.255'.
[  129.214619][ T6549] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  129.365778][ T6549] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  129.385341][ T6549] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  129.410150][ T6549] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  129.608721][ T6549] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.684641][ T6549] 8021q: adding VLAN 0 to HW filter on device team0
[  129.719704][ T6154] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.727121][ T6154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.788743][ T6154] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.796597][ T6154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.073106][ T5778] Bluetooth: hci1: command tx timeout
[  130.542148][ T6549] 8021q: adding VLAN 0 to HW filter on device batadv0
[  130.567530][ T6759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.275'.
[  130.625745][ T6759] netlink: 4 bytes leftover after parsing attributes in process `syz.4.275'.
[  130.831499][ T6769] IPv6: NLM_F_CREATE should be specified when creating new route
[  131.164274][ T6750] loop0: detected capacity change from 0 to 32768
[  131.380616][ T6750] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  131.459073][ T6549] veth0_vlan: entered promiscuous mode
[  131.470166][ T6750] JBD2: Ignoring recovery information on journal
[  131.479070][ T6549] veth1_vlan: entered promiscuous mode
[  131.521981][ T6549] veth0_macvtap: entered promiscuous mode
[  131.552259][ T6549] veth1_macvtap: entered promiscuous mode
[  131.624523][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.655679][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.685177][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.711728][ T6750] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  131.717172][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.763008][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.802528][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.835765][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.893841][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.962539][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.005323][ T6801] loop4: detected capacity change from 0 to 128
[  132.011897][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.054649][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.082503][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.116834][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.160279][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.205463][ T6549] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.239294][ T6549] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.272139][ T6809] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  132.273209][ T6549] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.316311][ T6549] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.326960][ T6798] syz.0.271 (6798) used greatest stack depth: 19632 bytes left
[  132.572230][ T5771] ocfs2: Unmounting device (7,0) on (node local)
[  132.625779][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.673984][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.758586][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.788714][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.118609][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  133.125574][ T6828] TCP: TCP_TX_DELAY enabled
[  133.126367][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.145373][ T6830] loop0: detected capacity change from 0 to 64
[  133.381459][   T28] audit: type=1800 audit(1772722199.918:13): pid=6830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.289" name="file1" dev="loop0" ino=21 res=0 errno=0
[  133.463645][ T6841] IPVS: sed: FWM 3 0x00000003 - no destination available
[  133.478124][ T5809] IPVS: starting estimator thread 0...
[  133.582905][ T6845] IPVS: using max 18 ests per chain, 43200 per kthread
[  135.173570][ T6909] loop5: detected capacity change from 0 to 128
[  135.197431][ T6909] EXT4-fs: Ignoring removed nobh option
[  135.250299][ T6909] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  135.310504][ T6909] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  135.586336][ T6549] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  135.961422][ T6903] loop0: detected capacity change from 0 to 32768
[  136.063807][ T6903] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  136.158843][ T6903] XFS (loop0): Ending clean mount
[  136.748767][ T5771] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  139.196589][ T7028] overlayfs: upper fs does not support file handles, falling back to index=off.
[  139.813831][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  140.042074][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  140.073861][    T9] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  140.102650][    T9] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  140.169321][    T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  140.184186][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  140.192344][    T9] usb 6-1: Product: syz
[  140.212720][    T9] usb 6-1: Manufacturer: syz
[  140.217400][    T9] usb 6-1: SerialNumber: syz
[  140.506015][    T9] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  140.578664][ T7076] bridge_slave_0: left allmulticast mode
[  140.587298][ T7076] bridge_slave_0: left promiscuous mode
[  140.602775][ T7076] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.670728][ T7076] bridge_slave_1: left allmulticast mode
[  140.693407][ T7076] bridge_slave_1: left promiscuous mode
[  140.699283][ T7076] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.782540][ T5810] usb 6-1: USB disconnect, device number 2
[  140.826896][ T7076] bond0: (slave bond_slave_0): Releasing backup interface
[  140.843633][ T5810] usblp0: removed
[  140.911506][ T7076] bond0: (slave bond_slave_1): Releasing backup interface
[  140.970091][ T7076] team0: Port device team_slave_0 removed
[  141.001865][ T7084] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  141.014850][ T7076] team0: Port device team_slave_1 removed
[  141.048112][ T7076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.061273][ T7076] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.105208][ T7076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.120450][ T7076] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.543775][ T7096] netlink: 4 bytes leftover after parsing attributes in process `syz.5.374'.
[  142.135909][ T7122] trusted_key: syz.5.381 sent an empty control message without MSG_MORE.
[  144.295070][ T7163] loop5: detected capacity change from 0 to 131072
[  144.318007][ T7163] F2FS-fs (loop5): invalid crc value
[  144.349145][ T7163] F2FS-fs (loop5): Found nat_bits in checkpoint
[  144.402741][ T7163] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  144.953016][ T7197] loop4: detected capacity change from 0 to 512
[  144.991569][ T7197] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  145.042827][ T7197] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  145.167069][ T7197] EXT4-fs (loop4): 1 truncate cleaned up
[  145.183985][ T7197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.339798][ T7205] rdma_op ffff88807a3839f0 conn xmit_rdma 0000000000000000
[  145.445766][ T7197] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  145.619941][ T6278] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /67/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  145.695340][ T6278] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.873863][ T7220] loop0: detected capacity change from 0 to 1024
[  145.921986][ T7220] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  146.001340][ T7220] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.047838][   T28] audit: type=1800 audit(1772722212.588:14): pid=7220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.413" name="file1" dev="loop0" ino=15 res=0 errno=0
[  146.090300][   T28] audit: type=1800 audit(1772722212.628:15): pid=7220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.413" name="file1" dev="loop0" ino=15 res=0 errno=0
[  146.135968][ T7220] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: comm syz.0.413: lblock 0 mapped to illegal pblock 0 (length 1)
[  146.166387][ T7220] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 8: comm syz.0.413: lblock 8 mapped to illegal pblock 8 (length 8)
[  146.189834][ T7220] EXT4-fs error (device loop0): ext4_ext_remove_space:2929: inode #15: comm syz.0.413: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  146.344490][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  146.578568][ T7237] "syz.0.414" (7237) uses obsolete ecb(arc4) skcipher
[  147.633958][ T7282] netlink: 28 bytes leftover after parsing attributes in process `syz.5.430'.
[  147.679318][ T7282] netlink: 28 bytes leftover after parsing attributes in process `syz.5.430'.
[  149.849566][ T7321] loop5: detected capacity change from 0 to 32768
[  150.086458][ T7347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.451'.
[  150.944348][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz.4.461'.
[  150.968108][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.461'.
[  150.986710][ T7374] loop0: detected capacity change from 0 to 4096
[  151.000151][ T7379] netlink: 'syz.4.461': attribute type 12 has an invalid length.
[  151.010893][ T7374] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.055768][ T7374] EXT4-fs (loop0): Test dummy encryption mode enabled
[  151.107247][ T7374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.287112][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz.4.461'.
[  151.365599][ T7374] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  151.381984][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.461'.
[  151.424947][ T7379] netlink: 'syz.4.461': attribute type 12 has an invalid length.
[  151.702791][ T7374] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  151.788838][ T7374] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  151.979891][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.777591][ T7453] netlink: 'syz.5.472': attribute type 3 has an invalid length.
[  153.213667][ T5809] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  153.448555][ T5809] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  153.494252][ T5809] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  153.530720][ T5809] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[  153.552570][ T5809] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  153.572850][ T5809] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  153.603786][ T5809] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.617274][ T5809] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  153.627013][ T5809] usb 6-1: Product: syz
[  153.631217][ T5809] usb 6-1: Manufacturer: syz
[  153.635940][ T5809] usb 6-1: SerialNumber: syz
[  153.653260][ T5809] cdc_mbim 6-1:1.0: skipping garbage
[  153.880167][ T7460] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  154.516104][ T7460] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  154.730278][ T5809] cdc_mbim 6-1:1.0: bind() failure
[  154.755494][ T5809] cdc_ncm: probe of 6-1:1.1 failed with error -71
[  154.770331][ T5809] cdc_mbim: probe of 6-1:1.1 failed with error -71
[  154.781604][ T5809] usbtest: probe of 6-1:1.1 failed with error -71
[  154.807374][ T5809] usb 6-1: USB disconnect, device number 3
[  155.159514][ T7524] loop0: detected capacity change from 0 to 16
[  155.235956][ T7524] erofs: (device loop0): mounted with root inode @ nid 36.
[  156.142605][ T5810] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  156.156909][ T7546] netlink: 'syz.3.502': attribute type 10 has an invalid length.
[  156.168890][ T7546] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.176715][ T7546] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.209244][ T7546] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.216508][ T7546] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.224171][ T7546] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.231369][ T7546] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.254565][ T7546] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  156.349093][ T5810] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.383209][ T5810] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.403338][ T5810] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  156.421421][ T5810] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  156.442985][ T5810] usb 1-1: SerialNumber: syz
[  156.671749][ T5810] usb 1-1: 0:2 : does not exist
[  156.676259][ T7563] fuse: Bad value for 'fd'
[  156.724899][ T5810] usb 1-1: USB disconnect, device number 2
[  156.807636][ T5756] udevd[5756]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  157.622628][   T27] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  157.666686][ T7589] netlink: 12 bytes leftover after parsing attributes in process `syz.0.519'.
[  157.826642][   T27] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.846764][   T27] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  157.871601][   T27] usb 6-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  157.896098][   T27] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.927318][   T27] usb 6-1: config 0 descriptor??
[  158.412731][   T27] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0
[  158.443992][   T27] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0
[  158.462963][   T27] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0
[  158.480672][   T27] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0
[  158.510973][   T27] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0
[  158.555487][   T27] playstation 0003:054C:0DF2.0002: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.5-1/input0
[  158.672569][   T27] playstation 0003:054C:0DF2.0002: Invalid reportID received, expected 9 got 0
[  158.710002][   T27] playstation 0003:054C:0DF2.0002: Failed to retrieve DualSense pairing info: -22
[  158.758005][   T27] playstation 0003:054C:0DF2.0002: Failed to get MAC address from DualSense
[  159.121025][ T7623] loop4: detected capacity change from 0 to 40427
[  159.129480][   T27] playstation 0003:054C:0DF2.0002: Failed to create dualsense.
[  159.140997][   T27] playstation: probe of 0003:054C:0DF2.0002 failed with error -22
[  159.149065][ T7623] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x7ffff
[  159.157486][ T7623] F2FS-fs (loop4): Image doesn't support compression
[  159.164326][ T7623] F2FS-fs (loop4): Image doesn't support compression
[  159.175195][ T7623] F2FS-fs (loop4): invalid crc value
[  159.185722][   T27] usb 6-1: USB disconnect, device number 4
[  159.239590][ T7623] F2FS-fs (loop4): Found nat_bits in checkpoint
[  159.305719][ T7623] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  159.385209][ T7623] F2FS-fs (loop4): inject orphan in f2fs_acquire_orphan_inode of __f2fs_tmpfile+0x1a8/0x340
[  159.485142][ T6278] syz-executor: attempt to access beyond end of device
[  159.485142][ T6278] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  159.532721][ T6278] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  159.539671][ T6278] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  160.227594][ T7657] kvm: apic: phys broadcast and lowest prio
[  161.354216][ T7698] loop0: detected capacity change from 0 to 64
[  162.162562][ T7724] mmap: syz.3.548 (7724) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  162.542787][ T5755] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  162.744415][ T5755] usb 6-1: config 11 has too many interfaces: 35, using maximum allowed: 32
[  162.759091][ T5755] usb 6-1: config 11 has an invalid descriptor of length 0, skipping remainder of the config
[  162.790145][ T5755] usb 6-1: config 11 has 1 interface, different from the descriptor's value: 35
[  162.837986][ T5755] usb 6-1: config 11 has no interface number 0
[  162.868054][ T5755] usb 6-1: too many endpoints for config 11 interface 6 altsetting 6: 201, using maximum allowed: 30
[  162.893824][ T5755] usb 6-1: config 11 interface 6 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 201
[  162.928629][ T5755] usb 6-1: config 11 interface 6 has no altsetting 0
[  162.941411][ T5755] usb 6-1: New USB device found, idVendor=2184, idProduct=0036, bcdDevice=68.fd
[  162.955812][ T5755] usb 6-1: New USB device strings: Mfr=21, Product=2, SerialNumber=3
[  162.967962][ T5755] usb 6-1: Product: syz
[  162.972196][ T5755] usb 6-1: Manufacturer: syz
[  162.984447][ T5755] usb 6-1: SerialNumber: syz
[  163.255439][ T5755] usb 6-1: USB disconnect, device number 5
[  163.715427][ T7766] netlink: 'syz.0.556': attribute type 39 has an invalid length.
[  164.382555][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  164.577839][    T9] usb 6-1: config 0 has no interfaces?
[  164.590979][    T9] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  164.610830][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.625658][    T9] usb 6-1: Product: syz
[  164.629961][    T9] usb 6-1: Manufacturer: syz
[  164.635145][    T9] usb 6-1: SerialNumber: syz
[  164.644416][    T9] usb 6-1: config 0 descriptor??
[  165.101899][ T7773] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  165.183994][ T7810] netlink: 16 bytes leftover after parsing attributes in process `syz.3.570'.
[  165.227533][ T7810] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (8)
[  165.259213][ T5810] usb 6-1: USB disconnect, device number 6
[  166.566187][ T7862] overlayfs: failed to resolve './cgroup': -2
[  167.050007][ T7880] netlink: 'syz.3.590': attribute type 12 has an invalid length.
[  167.102645][ T7880] netlink: 'syz.3.590': attribute type 29 has an invalid length.
[  167.111092][ T7880] netlink: 148 bytes leftover after parsing attributes in process `syz.3.590'.
[  167.166525][ T7880] netlink: 'syz.3.590': attribute type 2 has an invalid length.
[  167.218695][ T7880] netlink: 'syz.3.590': attribute type 3 has an invalid length.
[  167.242309][ T7880] netlink: 15 bytes leftover after parsing attributes in process `syz.3.590'.
[  167.300741][ T7886] netlink: 24 bytes leftover after parsing attributes in process `syz.5.588'.
[  167.836835][ T7906] netlink: 16 bytes leftover after parsing attributes in process `syz.5.597'.
[  168.058135][ T7882] loop0: detected capacity change from 0 to 40427
[  168.069930][ T7882] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7
[  168.086246][ T7882] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff
[  168.094986][ T7882] F2FS-fs (loop0): inline encryption not supported
[  168.101561][ T7882] F2FS-fs (loop0): Image doesn't support compression
[  168.120118][ T7882] F2FS-fs (loop0): invalid crc value
[  168.142971][ T7882] F2FS-fs (loop0): Found nat_bits in checkpoint
[  168.309449][ T7882] F2FS-fs (loop0): Start checkpoint disabled!
[  168.330058][ T7882] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  168.482084][ T7915] loop5: detected capacity change from 0 to 4096
[  168.550653][ T7882] F2FS-fs (loop0): inject kmalloc in f2fs_kmalloc of f2fs_getxattr+0xf3a/0x12f0
[  168.656440][ T7924] syz.0.589: attempt to access beyond end of device
[  168.656440][ T7924] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  168.887867][ T7928] loop4: detected capacity change from 0 to 256
[  168.913800][ T7928] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  169.007093][ T6150] kworker/u4:12: attempt to access beyond end of device
[  169.007093][ T6150] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  169.024621][ T6150] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  169.031650][ T6150] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  169.077481][ T7928] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  169.396311][ T7936] netlink: 20 bytes leftover after parsing attributes in process `syz.5.604'.
[  169.449406][ T7936] netlink: 20 bytes leftover after parsing attributes in process `syz.5.604'.
[  171.164790][ T7986] netlink: 'syz.5.614': attribute type 7 has an invalid length.
[  171.194626][ T7986] netlink: 'syz.5.614': attribute type 7 has an invalid length.
[  171.430113][ T7993] netlink: 'syz.0.616': attribute type 5 has an invalid length.
[  171.763140][ T8007] netlink: 24 bytes leftover after parsing attributes in process `syz.5.620'.
[  171.804663][ T8005] delete_channel: no stack
[  172.097117][ T8018] loop5: detected capacity change from 0 to 512
[  172.200477][ T8018] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.262764][ T8018] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  172.435678][ T8018] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #2: comm syz.5.622: corrupted inode contents
[  172.500819][ T8018] EXT4-fs error (device loop5): ext4_dirty_inode:6124: inode #2: comm syz.5.622: mark_inode_dirty error
[  172.546673][ T8018] EXT4-fs error (device loop5): ext4_do_update_inode:5248: inode #2: comm syz.5.622: corrupted inode contents
[  172.578918][ T8018] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #2: comm syz.5.622: mark_inode_dirty error
[  172.756851][ T6549] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.024905][ T8036] netlink: 'syz.5.623': attribute type 2 has an invalid length.
[  173.054006][ T8036] netlink: 40 bytes leftover after parsing attributes in process `syz.5.623'.
[  173.272013][ T8048] loop5: detected capacity change from 0 to 512
[  173.289280][ T8048] EXT4-fs: Ignoring removed bh option
[  173.324795][ T8048] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  173.351624][ T8048] EXT4-fs (loop5): 1 truncate cleaned up
[  173.364407][ T8048] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.754527][ T6549] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.809184][   T28] audit: type=1326 audit(1772722240.348:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.3.629" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f922159c799 code=0x0
[  175.066648][ T8090] netlink: 24 bytes leftover after parsing attributes in process `syz.0.636'.
[  175.111547][ T8075] loop5: detected capacity change from 0 to 40427
[  175.169995][ T8075] F2FS-fs (loop5): invalid crc value
[  175.224438][ T8075] F2FS-fs (loop5): Found nat_bits in checkpoint
[  175.516753][ T8075] F2FS-fs (loop5): Start checkpoint disabled!
[  175.543048][ T8075] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  175.782530][    T9] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  176.000590][    T9] usb 1-1: New USB device found, idVendor=1235, idProduct=8210, bcdDevice= 0.40
[  176.005565][   T11] kworker/u4:0: attempt to access beyond end of device
[  176.005565][   T11] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  176.042599][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.050735][    T9] usb 1-1: Product: syz
[  176.065582][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  176.073059][    T9] usb 1-1: Manufacturer: syz
[  176.077722][    T9] usb 1-1: SerialNumber: syz
[  176.085670][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  176.095695][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  176.376622][    T9] usb 1-1: 1:1 : bogus bTerminalLink 13
[  176.413646][    T9] usb 1-1: Focusrite Scarlett Gen 3 Mixer Driver enabled (pid=0x8210); report any issues to g@b4.vu
[  176.452646][    T9] usb 1-1: Error initialising Scarlett Gen 3 Mixer Driver: -22
[  176.534526][    T9] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  176.575995][    T9] usb 1-1: USB disconnect, device number 3
[  176.630471][ T5756] udevd[5756]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  177.638022][ T8143] ªªªªªª: renamed from vlan0 (while UP)
[  177.994476][ T8126] loop5: detected capacity change from 0 to 40427
[  178.031628][ T8126] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  178.095922][ T8126] F2FS-fs (loop5): invalid crc value
[  178.122161][ T8126] F2FS-fs (loop5): Found nat_bits in checkpoint
[  178.275455][ T8126] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  178.484845][   T28] audit: type=1800 audit(1772722245.018:17): pid=8126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.643" name="file1" dev="loop5" ino=10 res=0 errno=0
[  178.521658][ T8126] syz.5.643: attempt to access beyond end of device
[  178.521658][ T8126] loop5: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  178.566477][   T28] audit: type=1800 audit(1772722245.058:18): pid=8126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.643" name="file1" dev="loop5" ino=10 res=0 errno=0
[  178.591852][ T8126] syz.5.643: attempt to access beyond end of device
[  178.591852][ T8126] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  178.748637][ T6549] syz-executor: attempt to access beyond end of device
[  178.748637][ T6549] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  178.779584][ T6549] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  178.825017][ T8166] netlink: 'syz.3.654': attribute type 5 has an invalid length.
[  179.631947][ T8184] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  180.524707][ T8208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.669'.
[  180.783498][ T8217] bond0: entered promiscuous mode
[  180.788725][ T8217] bond_slave_0: entered promiscuous mode
[  180.803403][ T8217] bond_slave_1: entered promiscuous mode
[  180.809292][ T8217] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  181.147408][ T8216] bond0: left promiscuous mode
[  181.156388][ T8216] bond_slave_0: left promiscuous mode
[  181.162329][ T8216] bond_slave_1: left promiscuous mode
[  181.182766][ T8216] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  181.592196][ T8236] loop4: detected capacity change from 0 to 1024
[  181.632152][ T8239] loop0: detected capacity change from 0 to 256
[  181.706938][ T5759] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  181.834377][ T6173] hfsplus: b-tree write err: -5, ino 3
[  181.847682][ T5775] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  181.863345][ T6278] hfsplus: node 4:3 still has 2 user(s)!
[  182.062510][ T5775] usb 6-1: Using ep0 maxpacket: 16
[  182.093865][ T5775] usb 6-1: config 128 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.106789][ T5775] usb 6-1: config 128 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.125638][ T5775] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  182.154423][ T5775] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.284683][ T8251] loop4: detected capacity change from 0 to 1024
[  182.309310][ T8251] EXT4-fs: inline encryption not supported
[  182.365422][ T8251] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  182.414861][ T8251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.516757][ T8258] input: syz0 as /devices/virtual/input/input6
[  182.625921][ T5775] mcp2221 0003:04D8:00DD.0003: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  182.636701][ T8251] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4045: comm syz.4.688: Allocating blocks 497-513 which overlap fs metadata
[  182.668350][ T8251] EXT4-fs (loop4): Remounting filesystem read-only
[  182.825780][ T8249] EXT4-fs (loop4): pa ffff88805b5780e8: logic 256, phys. 385, len 8
[  182.964410][   T23] usb 6-1: USB disconnect, device number 7
[  183.037474][ T6278] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.228836][ T8278] loop4: detected capacity change from 0 to 128
[  183.259933][ T8278] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  183.289738][ T8278] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.443835][ T8278] Invalid argument reading file caps for ./file0
[  183.554471][ T6278] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  184.242268][ T8303] loop4: detected capacity change from 0 to 128
[  184.370281][ T8303] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  184.432688][ T8303] hpfs: filesystem error: improperly stopped
[  184.438785][ T8303] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  184.474846][ T8303] hpfs: You really don't want any checks? You are crazy...
[  184.501995][ T8303] hpfs: Code page index out of array
[  184.518572][ T8303] hpfs: code page support is disabled
[  184.534344][ T8303] hpfs: hpfs_map_4sectors(): unaligned read
[  184.541837][ T8303] hpfs: hpfs_map_4sectors(): unaligned read
[  184.562447][ T8303] hpfs: filesystem error: unable to find root dir
[  184.701363][ T8313] netlink: 4 bytes leftover after parsing attributes in process `syz.5.708'.
[  184.739967][ T8313] netlink: 4 bytes leftover after parsing attributes in process `syz.5.708'.
[  185.937185][ T8356] loop5: detected capacity change from 0 to 512
[  185.998287][ T8356] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  186.075812][ T8356] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  186.104994][ T8356] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.724: Corrupt directory, running e2fsck is recommended
[  186.128506][ T8362] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check.
[  186.178346][ T8356] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  186.205129][ T8356] EXT4-fs error (device loop5): ext4_iget_extra_inode:4732: inode #15: comm syz.5.724: corrupted in-inode xattr: invalid ea_ino
[  186.211145][ T8367] loop4: detected capacity change from 0 to 128
[  186.267771][ T8356] EXT4-fs (loop5): Remounting filesystem read-only
[  186.295527][ T8356] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.365173][ T8356] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  186.382690][ T8356] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  186.402591][ T8356] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.724: Corrupt directory, running e2fsck is recommended
[  186.421370][ T8369] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  186.453756][ T8369] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  186.500709][ T8369] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.724: Corrupt directory, running e2fsck is recommended
[  186.531294][ T8356] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  186.556482][ T8356] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  186.578131][ T8356] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.724: Corrupt directory, running e2fsck is recommended
[  186.593038][ T8356] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  186.674604][ T6549] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.102766][ T8386] bond0: entered promiscuous mode
[  187.138110][ T8386] bond_slave_0: entered promiscuous mode
[  187.157010][ T8386] bond_slave_1: entered promiscuous mode
[  187.186326][ T8386] bridge0: entered promiscuous mode
[  187.218196][ T8389] syz.4.732 uses obsolete (PF_INET,SOCK_PACKET)
[  187.261914][ T8385] bond0: left promiscuous mode
[  187.268571][ T8385] bond_slave_0: left promiscuous mode
[  187.275946][ T8385] bond_slave_1: left promiscuous mode
[  187.285578][ T8385] bridge0: left promiscuous mode
[  187.993285][ T8417] loop5: detected capacity change from 0 to 128
[  188.023288][ T8417] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  188.273143][   T11] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  188.743115][ T8437] netlink: 104 bytes leftover after parsing attributes in process `syz.3.753'.
[  189.123296][    C1] icmp: detected local route for 172.20.20.170 during ICMP sending, src 172.20.20.187
[  189.358829][ T8457] ALSA: mixer_oss: invalid OSS volume '1'
[  189.370245][ T8457] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  189.685578][ T8469] loop5: detected capacity change from 0 to 1024
[  190.030241][    C0] Unknown status report in ack skb
[  190.285239][ T8488] syz.5.771 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  190.302726][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  190.376130][ T8494] sctp: [Deprecated]: syz.0.772 (pid 8494) Use of int in maxseg socket option.
[  190.376130][ T8494] Use struct sctp_assoc_value instead
[  191.245057][ T8522] loop4: detected capacity change from 0 to 4096
[  191.333158][ T8522] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  191.391650][ T8522] ntfs3: loop4: Failed to load $Extend (-22).
[  191.412491][   T27] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  191.422258][ T8522] ntfs3: loop4: Failed to initialize $Extend.
[  191.626839][   T27] usb 1-1: Using ep0 maxpacket: 32
[  191.637113][   T27] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  191.664621][   T27] usb 1-1: config 0 interface 0 has no altsetting 0
[  191.671320][   T27] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  191.702550][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.723513][   T27] usb 1-1: config 0 descriptor??
[  192.310415][ T8545] loop5: detected capacity change from 0 to 128
[  192.328038][ T8545] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  192.342757][ T8545] hpfs: filesystem error: improperly stopped
[  192.352747][ T8545] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  192.362908][ T8545] hpfs: You really don't want any checks? You are crazy...
[  192.380286][ T8545] hpfs: Code page index out of array
[  192.389879][ T8546] loop4: detected capacity change from 0 to 1024
[  192.399190][ T8545] hpfs: code page support is disabled
[  192.408195][ T8546] EXT4-fs: Ignoring removed bh option
[  192.414165][ T8545] hpfs: hpfs_map_4sectors(): unaligned read
[  192.421023][ T8545] hpfs: hpfs_map_4sectors(): unaligned read
[  192.441891][ T8546] EXT4-fs: Ignoring removed nobh option
[  192.452685][ T8545] hpfs: filesystem error: unable to find root dir
[  192.487761][ T8546] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  192.527031][   T27] corsair-psu 0003:1B1C:1C09.0004: unknown main item tag 0x0
[  192.555870][   T27] corsair-psu 0003:1B1C:1C09.0004: unknown main item tag 0x0
[  192.576027][   T27] corsair-psu 0003:1B1C:1C09.0004: unknown main item tag 0x0
[  192.593922][ T8546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.630680][   T27] corsair-psu 0003:1B1C:1C09.0004: unknown main item tag 0x0
[  192.692488][   T27] corsair-psu 0003:1B1C:1C09.0004: unknown main item tag 0x0
[  192.710982][   T27] corsair-psu 0003:1B1C:1C09.0004: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.0-1/input0
[  192.749865][   T28] audit: type=1800 audit(1772722259.288:19): pid=8546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.799" name="file1" dev="loop4" ino=15 res=0 errno=0
[  192.914580][ T6278] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.142872][   T27] corsair-psu 0003:1B1C:1C09.0004: unable to initialize device (-110)
[  193.171825][   T27] corsair-psu: probe of 0003:1B1C:1C09.0004 failed with error -110
[  193.192522][ T5755] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  193.215569][   T27] usb 1-1: USB disconnect, device number 4
[  193.423596][ T5755] usb 6-1: Using ep0 maxpacket: 8
[  193.435706][ T5755] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  193.462585][ T5755] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  193.493172][ T5755] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  193.532690][ T5755] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  193.562651][ T5755] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  193.601951][ T5755] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  193.616121][ T5755] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.868601][ T5755] usb 6-1: GET_CAPABILITIES returned 0
[  193.894781][ T5755] usbtmc 6-1:16.0: can't read capabilities
[  194.202766][    T9] usb 6-1: USB disconnect, device number 8
[  194.209573][ T8557] usbtmc 6-1:16.0: usb_control_msg returned -71
[  194.216712][ T5810] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  194.437343][ T5810] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  194.463316][ T5810] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  194.481202][ T5810] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  194.502854][ T5810] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.522641][ T5810] usb 1-1: Product: syz
[  194.533283][ T5810] usb 1-1: Manufacturer: syz
[  194.537946][ T5810] usb 1-1: SerialNumber: syz
[  194.558070][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.564840][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  194.604685][ T8591] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  194.767546][ T5810] usb 1-1: 0:2 : does not exist
[  194.790481][ T5810] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  194.850664][ T5810] usb 1-1: USB disconnect, device number 5
[  194.955484][ T5756] udevd[5756]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  195.202600][   T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  195.339411][ T8613] loop5: detected capacity change from 0 to 16
[  195.352225][ T8613] erofs: (device loop5): mounted with root inode @ nid 36.
[  195.415507][   T23] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  195.440034][   T23] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  195.463263][   T23] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  195.489020][   T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  195.517919][   T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  195.551393][   T23] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  195.569074][   T23] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  195.580515][   T23] usb 5-1: Product: syz
[  195.585404][   T23] usb 5-1: Manufacturer: syz
[  195.604988][   T23] cdc_wdm 5-1:1.0: skipping garbage
[  195.610268][   T23] cdc_wdm 5-1:1.0: skipping garbage
[  195.625836][ T8619] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  195.636894][   T23] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  195.656361][ T8619] team0: Port device macvlan2 added
[  195.662568][   T23] cdc_wdm 5-1:1.0: Unknown control protocol
[  195.944837][ T8632] netlink: 'syz.5.825': attribute type 1 has an invalid length.
[  196.035893][ T8632] 8021q: adding VLAN 0 to HW filter on device bond1
[  196.330456][ T8647] loop5: detected capacity change from 0 to 8
[  196.376660][ T8647] SQUASHFS error: Unable to read inode 0x127
[  196.469937][ T5755] usb 5-1: USB disconnect, device number 2
[  196.575873][ T8653] netlink: 76 bytes leftover after parsing attributes in process `syz.3.830'.
[  196.692316][ T8658] netlink: 168 bytes leftover after parsing attributes in process `syz.3.831'.
[  197.011725][ T8672] Bluetooth: MGMT ver 1.22
[  197.807071][ T8695] loop4: detected capacity change from 0 to 128
[  197.851930][ T8695] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.939975][ T8695] ext4 filesystem being mounted at /171/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  198.157514][ T6278] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.320850][ T8709] loop4: detected capacity change from 0 to 128
[  198.373916][ T8697] loop5: detected capacity change from 0 to 32768
[  198.406007][ T8697] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  198.436391][ T8697] JBD2: Ignoring recovery information on journal
[  198.504988][ T8697] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  198.590204][ T8709] syz.4.849: attempt to access beyond end of device
[  198.590204][ T8709] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128
[  198.973507][ T6549] ocfs2: Unmounting device (7,5) on (node local)
[  200.449941][ T8746] loop5: detected capacity change from 0 to 32768
[  200.495492][ T8746] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.863 (8746)
[  200.568323][ T8746] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  200.592668][ T8746] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  200.604090][ T8746] BTRFS info (device loop5): using free space tree
[  200.736856][ T8746] BTRFS info (device loop5): enabling ssd optimizations
[  200.754381][ T8746] BTRFS info (device loop5): auto enabling async discard
[  200.844871][ T8781] 9pnet_fd: Insufficient options for proto=fd
[  200.901584][   T28] audit: type=1800 audit(1772722267.438:20): pid=8746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.863" name="file1" dev="loop5" ino=260 res=0 errno=0
[  201.037560][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.165173][ T6549] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  201.621747][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.621825][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.657630][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.679840][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.704640][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.743857][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.782916][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.797909][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.816884][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.845599][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.882711][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  201.890346][ T8785] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  202.443076][ T8811] Bluetooth: hci0: unsupported parameter 256
[  202.462624][ T8811] Bluetooth: hci0: invalid length 0, exp 2 for type 11
[  202.492656][   T27] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  202.704752][   T27] usb 1-1: unable to get BOS descriptor or descriptor too short
[  202.714638][   T27] usb 1-1: not running at top speed; connect to a high speed hub
[  202.725935][   T27] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  202.736873][   T27] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  202.761532][   T27] usb 1-1: string descriptor 0 read error: -22
[  202.768137][   T27] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  202.777820][ T8822] netlink: 12 bytes leftover after parsing attributes in process `syz.3.887'.
[  202.787541][   T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.809818][   T27] usb 1-1: 0:2 : does not exist
[  202.952881][ T5810] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  203.132529][ T5810] usb 6-1: Using ep0 maxpacket: 32
[  203.163193][ T5810] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  203.182471][ T5810] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  203.202464][ T5810] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.223830][ T5810] usb 6-1: config 0 descriptor??
[  203.243726][ T5810] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  203.269414][ T8824] loop4: detected capacity change from 0 to 32768
[  203.287492][ T8824] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.888 (8824)
[  203.320875][ T8824] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  203.336091][ T8824] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  203.346400][ T8824] BTRFS info (device loop4): force clearing of disk cache
[  203.355480][ T8824] BTRFS info (device loop4): metadata ratio 0
[  203.361627][ T8824] BTRFS info (device loop4): enabling ssd optimizations
[  203.369279][ T8824] BTRFS info (device loop4): using spread ssd allocation scheme
[  203.380781][ T8824] BTRFS info (device loop4): using free space tree
[  203.452886][ T8824] BTRFS info (device loop4): auto enabling async discard
[  203.466026][ T5755] usb 6-1: USB disconnect, device number 9
[  203.489720][ T8824] BTRFS info (device loop4): rebuilding free space tree
[  203.676764][   T28] audit: type=1800 audit(1772722270.218:21): pid=8824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.888" name="file1" dev="loop4" ino=260 res=0 errno=0
[  203.911049][ T6278] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.040082][   T27] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[  204.091516][   T27] usb 1-1: 5:0: failed to get current value for ch 1 (-22)
[  204.204077][   T27] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5)
[  204.250873][   T27] usb 1-1: USB disconnect, device number 6
[  204.662615][ T5831] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  204.857284][ T5831] usb 6-1: config 1 interface 0 has no altsetting 0
[  204.879561][ T5831] usb 6-1: string descriptor 0 read error: -22
[  204.891204][ T5831] usb 6-1: New USB device found, idVendor=0738, idProduct=1713, bcdDevice= 0.40
[  204.914837][ T5831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.236282][ T8879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.899'.
[  205.250523][ T8879] netlink: 'syz.3.899': attribute type 9 has an invalid length.
[  205.265137][ T8879] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  205.274244][ T8879] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  205.283196][ T8879] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  205.291997][ T8879] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  205.506795][ T6167] ------------[ cut here ]------------
[  205.507160][   T11] ------------[ cut here ]------------
[  205.513113][ T6167] WARNING: CPU: 0 PID: 6167 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.513197][ T6167] Modules linked in:
[  205.513228][ T6167] CPU: 0 PID: 6167 Comm: kworker/u4:17 Not tainted syzkaller #0
[  205.513248][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.513268][ T6167] Workqueue: phy12 ieee80211_csa_finalize_work
[  205.513303][ T6167] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.513330][ T6167] Code: 48 89 df e8 fa 70 d7 f7 e9 dc fc ff ff e8 20 42 7f f7 eb 24 e8 19 42 7f f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 08 42 7f f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 fa 41 7f f7 48 8b 7c 24 08 4c 8b 7c
[  205.513349][ T6167] RSP: 0018:ffffc9000ca379c0 EFLAGS: 00010293
[  205.513370][ T6167] RAX: ffffffff8a07d65e RBX: 0000000000000001 RCX: ffff888028313c00
[  205.513387][ T6167] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  205.513413][ T6167] RBP: dffffc0000000000 R08: ffff8880642ad5af R09: 1ffff1100c855ab5
[  205.513428][ T6167] R10: dffffc0000000000 R11: ffffed100c855ab6 R12: 0000000000000001
[  205.513451][ T6167] R13: ffff8880642ae5d9 R14: ffff88805c4aac70 R15: ffff88805c4aace8
[  205.513466][ T6167] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  205.513483][ T6167] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  205.513498][ T6167] CR2: 0000200000001000 CR3: 00000000637d2000 CR4: 00000000003506f0
[  205.513516][ T6167] Call Trace:
[  205.513528][ T6167]  <TASK>
[  205.513554][ T6167]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  205.519543][   T11] WARNING: CPU: 1 PID: 11 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.530289][ T6167]  ieee80211_csa_finalize+0x5a6/0xf20
[  205.530319][ T6167]  ? mutex_lock_nested+0x20/0x20
[  205.530353][ T6167]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  205.534459][   T11] Modules linked in:
[  205.542042][ T6167]  ? ieee80211_csa_finalize_work+0x140/0x140
[  205.542073][ T6167]  ? read_lock_is_recursive+0x20/0x20
[  205.552165][   T11] 
[  205.552174][   T11] CPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted syzkaller #0
[  205.558473][ T6167]  ieee80211_csa_finalize_work+0xf6/0x140
[  205.565748][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.565767][   T11] Workqueue: phy11 ieee80211_csa_finalize_work
[  205.565813][   T11] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.565839][   T11] Code: 48 89 df e8 fa 70 d7 f7 e9 dc fc ff ff e8 20 42 7f f7 eb 24 e8 19 42 7f f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 08 42 7f f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 fa 41 7f f7 48 8b 7c 24 08 4c 8b 7c
[  205.565856][   T11] RSP: 0018:ffffc900001079c0 EFLAGS: 00010293
[  205.585735][ T6167]  ? process_scheduled_works+0x96f/0x15d0
[  205.591920][   T11] RAX: ffffffff8a07d65e RBX: 0000000000000001 RCX: ffff88801a273c00
[  205.599973][ T6167]  process_scheduled_works+0xa5d/0x15d0
[  205.600035][ T6167]  ? worker_attach_to_pool+0x380/0x380
[  205.600069][ T6167]  ? assign_work+0x3d2/0x5d0
[  205.600102][ T6167]  worker_thread+0xa55/0xfc0
[  205.600157][ T6167]  kthread+0x2fa/0x390
[  205.609319][    C1] ------------[ cut here ]------------
[  205.609319][    C0] ------------[ cut here ]------------
[  205.609346][    C0] WARNING: CPU: 0 PID: 6167 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600
[  205.609346][    C1] WARNING: CPU: 1 PID: 11 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600
[  205.609387][    C1] Modules linked in:
[  205.609387][    C0] Modules linked in:
[  205.609394][    C1] 
[  205.609402][    C1] CPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted syzkaller #0
[  205.609402][    C0] CPU: 0 PID: 6167 Comm: kworker/u4:17 Not tainted syzkaller #0
[  205.609423][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.609423][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.609437][    C0] Workqueue: phy12 ieee80211_csa_finalize_work
[  205.609437][    C1] Workqueue: phy11 ieee80211_csa_finalize_work
[  205.609467][    C0] 
[  205.609466][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  205.609473][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  205.609494][    C1] Code: 24 4c 89 e7 e8 2e a7 c1 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 09 ee 83 f7 0f 0b e9 f6 f7 ff ff e8 fd ed 83 f7 <0f> 0b e9 48 fb ff ff e8 f1 ed 83 f7 48 c7 c7 00 61 64 8e 4c 89 e6
[  205.609499][    C0] Code: 24 4c 89 e7 e8 2e a7 c1 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 09 ee 83 f7 0f 0b e9 f6 f7 ff ff e8 fd ed 83 f7 <0f> 0b e9 48 fb ff ff e8 f1 ed 83 f7 48 c7 c7 00 61 64 8e 4c 89 e6
[  205.609511][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  205.609516][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
[  205.609526][    C1] 
[  205.609530][    C0] 
[  205.609532][    C1] RAX: ffffffff8a032e63 RBX: ffffffff8a031c66 RCX: ffff88801a273c00
[  205.609536][    C0] RAX: ffffffff8a032e63 RBX: ffffffff8a031c66 RCX: ffff888028313c00
[  205.609549][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  205.609552][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  205.609563][    C1] RBP: 0000000000000000 R08: ffff88801a273c00 R09: 0000000000000003
[  205.609566][    C0] RBP: 0000000000000000 R08: ffff888028313c00 R09: 0000000000000003
[  205.609578][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880642ae3c0
[  205.609580][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880272523c0
[  205.609592][    C1] R13: dffffc0000000000 R14: ffff8880642ae8b0 R15: ffff88805e627424
[  205.609595][    C0] R13: dffffc0000000000 R14: ffff8880272528b0 R15: ffff888067605824
[  205.609609][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  205.609611][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  205.609627][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  205.609629][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  205.609643][    C1] CR2: 00007f92215e9e80 CR3: 00000000240d1000 CR4: 00000000003506e0
[  205.609644][    C0] CR2: 0000200000001000 CR3: 00000000637d2000 CR4: 00000000003506f0
[  205.609662][    C0] Call Trace:
[  205.609663][    C1] Call Trace:
[  205.609671][    C1]  <IRQ>
[  205.609671][    C0]  <IRQ>
[  205.609684][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  205.609685][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  205.609720][    C0]  ieee80211_beacon_get_tim+0xbf/0x580
[  205.609728][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  205.609751][    C0]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  205.609759][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  205.609790][    C0]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  205.609797][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  205.609824][    C0]  __iterate_interfaces+0x243/0x500
[  205.609829][    C1]  __iterate_interfaces+0x243/0x500
[  205.609855][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  205.609859][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  205.609880][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  205.609884][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  205.609914][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  205.609917][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  205.609939][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  205.609942][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  205.609976][    C0]  mac80211_hwsim_beacon+0xbb/0x1b0
[  205.609978][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  205.610002][    C0]  __hrtimer_run_queues+0x520/0xc40
[  205.610004][    C1]  __hrtimer_run_queues+0x520/0xc40
[  205.610026][    C1]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  205.610027][    C0]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  205.610061][    C1]  ? hw_scan_work+0xf60/0xf60
[  205.610062][    C0]  ? hw_scan_work+0xf60/0xf60
[  205.610092][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  205.610093][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  205.610116][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  205.610116][    C0]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  205.610153][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  205.610153][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  205.610183][    C0]  handle_softirqs+0x280/0x820
[  205.610183][    C1]  handle_softirqs+0x280/0x820
[  205.610210][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  205.610210][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  205.610238][    C0]  ? do_softirq+0x1a0/0x1a0
[  205.610238][    C1]  ? do_softirq+0x1a0/0x1a0
[  205.610265][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  205.610265][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  205.610297][    C1]  __irq_exit_rcu+0xd3/0x190
[  205.610297][    C0]  __irq_exit_rcu+0xd3/0x190
[  205.610319][    C0]  ? irq_exit_rcu+0x20/0x20
[  205.610319][    C1]  ? irq_exit_rcu+0x20/0x20
[  205.610350][    C0]  irq_exit_rcu+0x9/0x20
[  205.610351][    C1]  irq_exit_rcu+0x9/0x20
[  205.610370][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  205.610370][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  205.610395][    C0]  </IRQ>
[  205.610395][    C1]  </IRQ>
[  205.610403][    C0]  <TASK>
[  205.610403][    C1]  <TASK>
[  205.610413][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  205.610413][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  205.610440][    C0] RIP: 0010:vprintk_emit+0x46f/0x610
[  205.610440][    C1] RIP: 0010:console_flush_all+0x8b1/0xd20
[  205.610467][    C1] Code: ed 01 00 00 e8 f0 83 1b 00 4d 85 ff 48 8b 5c 24 38 75 07 e8 e1 83 1b 00 eb 06 e8 da 83 1b 00 fb 49 bf 00 00 00 00 00 fc ff df <48> 8b 44 24 58 42 0f b6 04 38 84 c0 0f 85 2f 02 00 00 80 3b 01 0f
[  205.610473][    C0] Code: 85 3f 01 00 00 e8 21 a7 1b 00 45 89 f7 48 85 db 48 8b 1c 24 75 07 e8 10 a7 1b 00 eb 06 e8 09 a7 1b 00 fb 48 c7 c7 80 63 12 8d <31> f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00 45 31 c9 53 e8 99 b2
[  205.610484][    C1] RSP: 0018:ffffc90000107340 EFLAGS: 00000293
[  205.610490][    C0] RSP: 0018:ffffc9000ca37540 EFLAGS: 00000293
[  205.610498][    C1] 
[  205.610504][    C0] 
[  205.610504][    C1] RAX: ffffffff816b9886 RBX: ffffc900001074df RCX: ffff88801a273c00
[  205.610510][    C0] RAX: ffffffff816b7557 RBX: ffffffff816b73fb RCX: ffff888028313c00
[  205.610520][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  205.610527][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8d126380
[  205.610534][    C1] RBP: ffffc900001074b0 R08: ffffffff911c15c7 R09: 1ffffffff22382b8
[  205.610541][    C0] RBP: ffffc9000ca37630 R08: ffffffff911c15c7 R09: 1ffffffff22382b8
[  205.610550][    C1] R10: dffffc0000000000 R11: fffffbfff22382b9 R12: ffffffff8d8b8220
[  205.610557][    C0] R10: dffffc0000000000 R11: fffffbfff22382b9 R12: dffffc0000000000
[  205.610566][    C1] R13: 1ffffffff19f96fc R14: ffffffff8d8b8278 R15: dffffc0000000000
[  205.610574][    C0] R13: 1ffff92001946eac R14: 0000000000000014 R15: 0000000000000014
[  205.610591][    C1]  ? console_flush_all+0x8a6/0xd20
[  205.610593][    C0]  ? vprintk_emit+0x30b/0x610
[  205.610620][    C0]  ? vprintk_emit+0x467/0x610
[  205.610626][    C1]  ? __rwlock_init+0x150/0x150
[  205.610651][    C0]  ? vprintk_emit+0x30b/0x610
[  205.610655][    C1]  ? console_flush_all+0x10a/0xd20
[  205.610679][    C0]  ? printk_sprint+0x460/0x460
[  205.610694][    C1]  ? is_console_locked+0x20/0x20
[  205.610721][    C0]  _printk+0xde/0x130
[  205.610725][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  205.610750][    C0]  ? kthread+0x2fa/0x390
[  205.610763][    C1]  console_unlock+0xad/0x350
[  205.610773][    C0]  ? load_image+0x400/0x400
[  205.610792][    C1]  ? other_cpu_in_panic+0xf0/0xf0
[  205.610801][    C0]  ? is_bpf_text_address+0x28f/0x2a0
[  205.610825][    C1]  ? vprintk_emit+0x467/0x610
[  205.610827][    C0]  ? is_bpf_text_address+0x26/0x2a0
[  205.610850][    C1]  ? vprintk_emit+0x30b/0x610
[  205.610854][    C0]  ? kthread+0x2fa/0x390
[  205.610873][    C1]  ? vprintk_emit+0x30b/0x610
[  205.610876][    C0]  ? kthread+0x2fa/0x390
[  205.610897][    C0]  __show_trace_log_lvl+0x485/0x6c0
[  205.610901][    C1]  vprintk_emit+0x497/0x610
[  205.610924][    C1]  ? vprintk_emit+0x30b/0x610
[  205.610936][    C0]  ? kthread+0x2fa/0x390
[  205.610951][    C1]  ? printk_sprint+0x460/0x460
[  205.610963][    C0]  __warn+0x160/0x470
[  205.610978][    C1]  ? _printk+0xde/0x130
[  205.610986][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611003][    C1]  ? copy_from_kernel_nofault+0x1d2/0x310
[  205.611013][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611038][    C0]  report_bug+0x2be/0x4f0
[  205.611044][    C1]  _printk+0xde/0x130
[  205.611058][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611070][    C1]  ? ieee80211_vif_use_reserved_switch+0x10be/0x28f0
[  205.611083][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611094][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  205.611108][    C0]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  205.611121][    C1]  ? load_image+0x400/0x400
[  205.611133][    C0]  handle_bug+0xcf/0x120
[  205.611160][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  205.611165][    C0]  exc_invalid_op+0x1a/0x50
[  205.611184][    C1]  __show_regs+0xf3/0x600
[  205.611196][    C0]  asm_exc_invalid_op+0x1a/0x20
[  205.611210][    C1]  ? dump_stack_print_info+0xf5/0x150
[  205.611218][    C0] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611243][    C0] Code: 48 89 df e8 fa 70 d7 f7 e9 dc fc ff ff e8 20 42 7f f7 eb 24 e8 19 42 7f f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 08 42 7f f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 fa 41 7f f7 48 8b 7c 24 08 4c 8b 7c
[  205.611244][    C1]  show_regs+0x44/0x90
[  205.611259][    C0] RSP: 0018:ffffc9000ca379c0 EFLAGS: 00010293
[  205.611271][    C1]  __warn+0x160/0x470
[  205.611280][    C0] RAX: ffffffff8a07d65e RBX: 0000000000000001 RCX: ffff888028313c00
[  205.611295][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  205.611294][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611308][    C0] RBP: dffffc0000000000 R08: ffff8880642ad5af R09: 1ffff1100c855ab5
[  205.611324][    C0] R10: dffffc0000000000 R11: ffffed100c855ab6 R12: 0000000000000001
[  205.611321][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611340][    C0] R13: ffff8880642ae5d9 R14: ffff88805c4aac70 R15: ffff88805c4aace8
[  205.611345][    C1]  report_bug+0x2be/0x4f0
[  205.611364][    C0]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  205.611365][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611391][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611411][    C0]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  205.611415][    C1]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  205.611439][    C1]  handle_bug+0xcf/0x120
[  205.611442][    C0]  ieee80211_csa_finalize+0x5a6/0xf20
[  205.611471][    C1]  exc_invalid_op+0x1a/0x50
[  205.611474][    C0]  ? mutex_lock_nested+0x20/0x20
[  205.611502][    C1]  asm_exc_invalid_op+0x1a/0x20
[  205.611509][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  205.611524][    C1] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.611534][    C0]  ? ieee80211_csa_finalize_work+0x140/0x140
[  205.611549][    C1] Code: 48 89 df e8 fa 70 d7 f7 e9 dc fc ff ff e8 20 42 7f f7 eb 24 e8 19 42 7f f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 08 42 7f f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 fa 41 7f f7 48 8b 7c 24 08 4c 8b 7c
[  205.611561][    C0]  ? read_lock_is_recursive+0x20/0x20
[  205.611566][    C1] RSP: 0018:ffffc900001079c0 EFLAGS: 00010293
[  205.611586][    C1] RAX: ffffffff8a07d65e RBX: 0000000000000001 RCX: ffff88801a273c00
[  205.611594][    C0]  ieee80211_csa_finalize_work+0xf6/0x140
[  205.611601][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  205.611614][    C1] RBP: dffffc0000000000 R08: ffff8880272515af R09: 1ffff11004e4a2b5
[  205.611622][    C0]  ? process_scheduled_works+0x96f/0x15d0
[  205.611630][    C1] R10: dffffc0000000000 R11: ffffed1004e4a2b6 R12: 0000000000000001
[  205.611645][    C1] R13: ffff8880272525d9 R14: ffff888025c3ac70 R15: ffff888025c3ace8
[  205.611649][    C0]  process_scheduled_works+0xa5d/0x15d0
[  205.611670][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  205.611706][    C0]  ? worker_attach_to_pool+0x380/0x380
[  205.611722][    C1]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  205.611741][    C0]  ? assign_work+0x3d2/0x5d0
[  205.611752][    C1]  ieee80211_csa_finalize+0x5a6/0xf20
[  205.611774][    C0]  worker_thread+0xa55/0xfc0
[  205.611779][    C1]  ? mutex_lock_nested+0x20/0x20
[  205.611812][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  205.611828][    C0]  kthread+0x2fa/0x390
[  205.611836][    C1]  ? ieee80211_csa_finalize_work+0x140/0x140
[  205.611848][    C0]  ? pr_cont_work+0x560/0x560
[  205.611864][    C1]  ? read_lock_is_recursive+0x20/0x20
[  205.611876][    C0]  ? kthread_blkcg+0xd0/0xd0
[  205.611897][    C0]  ret_from_fork+0x48/0x80
[  205.611897][    C1]  ieee80211_csa_finalize_work+0xf6/0x140
[  205.611922][    C0]  ? kthread_blkcg+0xd0/0xd0
[  205.611926][    C1]  ? process_scheduled_works+0x96f/0x15d0
[  205.611945][    C0]  ret_from_fork_asm+0x11/0x20
[  205.611953][    C1]  process_scheduled_works+0xa5d/0x15d0
[  205.611989][    C0]  </TASK>
[  205.611999][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  205.612008][    C0] CPU: 0 PID: 6167 Comm: kworker/u4:17 Not tainted syzkaller #0
[  205.612009][    C1]  ? worker_attach_to_pool+0x380/0x380
[  205.612026][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.612037][    C0] Workqueue: phy12 ieee80211_csa_finalize_work
[  205.612040][    C1]  ? assign_work+0x3d2/0x5d0
[  205.612056][    C0] 
[  205.612060][    C0] Call Trace:
[  205.612067][    C0]  <IRQ>
[  205.612071][    C1]  worker_thread+0xa55/0xfc0
[  205.612073][    C0]  dump_stack_lvl+0x18c/0x250
[  205.612106][    C0]  ? show_regs_print_info+0x20/0x20
[  205.612122][    C1]  kthread+0x2fa/0x390
[  205.612134][    C0]  ? load_image+0x400/0x400
[  205.612140][    C1]  ? pr_cont_work+0x560/0x560
[  205.612165][    C1]  ? kthread_blkcg+0xd0/0xd0
[  205.612172][    C0]  panic+0x2dc/0x730
[  205.612184][    C1]  ret_from_fork+0x48/0x80
[  205.612201][    C0]  ? bpf_jit_dump+0xd0/0xd0
[  205.612206][    C1]  ? kthread_blkcg+0xd0/0xd0
[  205.612225][    C1]  ret_from_fork_asm+0x11/0x20
[  205.612233][    C0]  ? ret_from_fork_asm+0x11/0x20
[  205.612266][    C1]  </TASK>
[  205.612266][    C0]  __warn+0x2e0/0x470
[  205.612283][    C1] irq event stamp: 3842036
[  205.612284][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  205.612289][    C1] hardirqs last  enabled at (3842038): [<ffffffff816b6923>] vprintk_store+0xa33/0xda0
[  205.612311][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  205.612316][    C1] hardirqs last disabled at (3842039): [<ffffffff816b6080>] vprintk_store+0x190/0xda0
[  205.612334][    C0]  report_bug+0x2be/0x4f0
[  205.612342][    C1] softirqs last  enabled at (3841312): [<ffffffff81527063>] __irq_exit_rcu+0xd3/0x190
[  205.612352][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  205.612382][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  205.612402][    C1] softirqs last disabled at (3841317): [<ffffffff81527063>] __irq_exit_rcu+0xd3/0x190
[  205.612405][    C0]  ? __ieee80211_beacon_get+0x1235/0x1600
[  205.612426][    C1] ---[ end trace 0000000000000000 ]---
[  205.612429][    C0]  handle_bug+0xcf/0x120
[  205.612464][    C0]  exc_invalid_op+0x1a/0x50
[  205.612493][    C0]  asm_exc_invalid_op+0x1a/0x20
[  205.612511][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  205.612535][    C0] Code: 24 4c 89 e7 e8 2e a7 c1 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 09 ee 83 f7 0f 0b e9 f6 f7 ff ff e8 fd ed 83 f7 <0f> 0b e9 48 fb ff ff e8 f1 ed 83 f7 48 c7 c7 00 61 64 8e 4c 89 e6
[  205.612551][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
[  205.612567][    C0] RAX: ffffffff8a032e63 RBX: ffffffff8a031c66 RCX: ffff888028313c00
[  205.612581][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  205.612593][    C0] RBP: 0000000000000000 R08: ffff888028313c00 R09: 0000000000000003
[  205.612606][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff8880272523c0
[  205.612619][    C0] R13: dffffc0000000000 R14: ffff8880272528b0 R15: ffff888067605824
[  205.612636][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  205.612661][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  205.612690][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  205.612715][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  205.612747][    C0]  ieee80211_beacon_get_tim+0xbf/0x580
[  205.612775][    C0]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  205.612811][    C0]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  205.612840][    C0]  __iterate_interfaces+0x243/0x500
[  205.612868][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  205.612891][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  205.612922][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  205.612945][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  205.612978][    C0]  mac80211_hwsim_beacon+0xbb/0x1b0
[  205.613001][    C0]  __hrtimer_run_queues+0x520/0xc40
[  205.613022][    C0]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  205.613053][    C0]  ? hw_scan_work+0xf60/0xf60
[  205.613081][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  205.613102][    C0]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  205.613136][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  205.613162][   T11] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  205.613163][    C0]  handle_softirqs+0x280/0x820
[  205.613176][   T11] RBP: dffffc0000000000 R08: ffff8880272515af R09: 1ffff11004e4a2b5
[  205.613190][   T11] R10: dffffc0000000000 R11: ffffed1004e4a2b6 R12: 0000000000000001
[  205.613192][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  205.613202][   T11] R13: ffff8880272525d9 R14: ffff888025c3ac70 R15: ffff888025c3ace8
[  205.613215][   T11] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  205.613219][    C0]  ? do_softirq+0x1a0/0x1a0
[  205.613230][   T11] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  205.613242][   T11] CR2: 00007f92215e9e80 CR3: 00000000240d1000 CR4: 00000000003506e0
[  205.613245][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  205.613257][   T11] Call Trace:
[  205.613263][   T11]  <TASK>
[  205.613275][    C0]  __irq_exit_rcu+0xd3/0x190
[  205.613285][   T11]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  205.613295][    C0]  ? irq_exit_rcu+0x20/0x20
[  205.613315][   T11]  ieee80211_csa_finalize+0x5a6/0xf20
[  205.613324][    C0]  irq_exit_rcu+0x9/0x20
[  205.613339][   T11]  ? mutex_lock_nested+0x20/0x20
[  205.613343][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  205.613365][    C0]  </IRQ>
[  205.613372][    C0]  <TASK>
[  205.613370][   T11]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  205.613380][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  205.613392][   T11]  ? ieee80211_csa_finalize_work+0x140/0x140
[  205.613404][    C0] RIP: 0010:vprintk_emit+0x46f/0x610
[  205.613417][   T11]  ? read_lock_is_recursive+0x20/0x20
[  205.613429][    C0] Code: 85 3f 01 00 00 e8 21 a7 1b 00 45 89 f7 48 85 db 48 8b 1c 24 75 07 e8 10 a7 1b 00 eb 06 e8 09 a7 1b 00 fb 48 c7 c7 80 63 12 8d <31> f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00 45 31 c9 53 e8 99 b2
[  205.613446][    C0] RSP: 0018:ffffc9000ca37540 EFLAGS: 00000293
[  205.613448][   T11]  ieee80211_csa_finalize_work+0xf6/0x140
[  205.613466][    C0] 
[  205.613471][    C0] RAX: ffffffff816b7557 RBX: ffffffff816b73fb RCX: ffff888028313c00
[  205.613474][   T11]  ? process_scheduled_works+0x96f/0x15d0
[  205.613486][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8d126380
[  205.613500][    C0] RBP: ffffc9000ca37630 R08: ffffffff911c15c7 R09: 1ffffffff22382b8
[  205.613498][   T11]  process_scheduled_works+0xa5d/0x15d0
[  205.613515][    C0] R10: dffffc0000000000 R11: fffffbfff22382b9 R12: dffffc0000000000
[  205.613529][    C0] R13: 1ffff92001946eac R14: 0000000000000014 R15: 0000000000000014
[  205.613547][    C0]  ? vprintk_emit+0x30b/0x610
[  205.613554][   T11]  ? worker_attach_to_pool+0x380/0x380
[  205.613572][    C0]  ? vprintk_emit+0x467/0x610
[  205.613585][   T11]  ? assign_work+0x3d2/0x5d0
[  205.613603][    C0]  ? vprintk_emit+0x30b/0x610
[  205.613615][   T11]  worker_thread+0xa55/0xfc0
[  205.613628][    C0]  ? printk_sprint+0x460/0x460
[  205.613670][   T11]  kthread+0x2fa/0x390
[  205.613669][    C0]  _printk+0xde/0x130
[  205.613688][   T11]  ? pr_cont_work+0x560/0x560
[  205.613695][    C0]  ? kthread+0x2fa/0x390
[  205.613716][    C0]  ? load_image+0x400/0x400
[  205.613719][   T11]  ? kthread_blkcg+0xd0/0xd0
[  205.613738][   T11]  ret_from_fork+0x48/0x80
[  205.613742][    C0]  ? is_bpf_text_address+0x28f/0x2a0
[  205.613759][   T11]  ? kthread_blkcg+0xd0/0xd0
[  205.613765][    C0]  ? is_bpf_text_address+0x26/0x2a0
[  205.613779][   T11]  ret_from_fork_asm+0x11/0x20
[  205.613790][    C0]  ? kthread+0x2fa/0x390
[  205.613810][    C0]  ? kthread+0x2fa/0x390
[  205.613822][   T11]  </TASK>
[  205.613827][   T11] irq event stamp: 3842239
[  205.613829][    C0]  __show_trace_log_lvl+0x485/0x6c0
[  205.613834][   T11] hardirqs last  enabled at (3842241): [<ffffffff816b6923>] vprintk_store+0xa33/0xda0
[  205.613861][   T11] hardirqs last disabled at (3842242): [<ffffffff816b6080>] vprintk_store+0x190/0xda0
[  205.613866][    C0]  ? kthread+0x2fa/0x390
[  205.613886][   T11] softirqs last  enabled at (3842182): [<ffffffff81527063>] __irq_exit_rcu+0xd3/0x190
[  205.613890][    C0]  __warn+0x160/0x470
[  205.613908][   T11] softirqs last disabled at (3841317): [<ffffffff81527063>] __irq_exit_rcu+0xd3/0x190
[  205.613910][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.613930][   T11] ---[ end trace 0000000000000000 ]---
[  205.613936][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.613958][    C0]  report_bug+0x2be/0x4f0
[  205.613973][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.613991][    C0]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.614011][    C0]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  205.614034][    C0]  handle_bug+0xcf/0x120
[  205.614063][    C0]  exc_invalid_op+0x1a/0x50
[  205.614085][    C0]  asm_exc_invalid_op+0x1a/0x20
[  205.614100][    C0] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  205.614118][    C0] Code: 48 89 df e8 fa 70 d7 f7 e9 dc fc ff ff e8 20 42 7f f7 eb 24 e8 19 42 7f f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 08 42 7f f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 fa 41 7f f7 48 8b 7c 24 08 4c 8b 7c
[  205.614131][    C0] RSP: 0018:ffffc9000ca379c0 EFLAGS: 00010293
[  205.614145][    C0] RAX: ffffffff8a07d65e RBX: 0000000000000001 RCX: ffff888028313c00
[  205.614156][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  205.614165][    C0] RBP: dffffc0000000000 R08: ffff8880642ad5af R09: 1ffff1100c855ab5
[  205.614176][    C0] R10: dffffc0000000000 R11: ffffed100c855ab6 R12: 0000000000000001
[  205.614186][    C0] R13: ffff8880642ae5d9 R14: ffff88805c4aac70 R15: ffff88805c4aace8
[  205.614204][    C0]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  205.614239][    C0]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  205.614262][    C0]  ieee80211_csa_finalize+0x5a6/0xf20
[  205.614281][    C0]  ? mutex_lock_nested+0x20/0x20
[  205.614305][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  205.614323][    C0]  ? ieee80211_csa_finalize_work+0x140/0x140
[  205.614342][    C0]  ? read_lock_is_recursive+0x20/0x20
[  205.614366][    C0]  ieee80211_csa_finalize_work+0xf6/0x140
[  205.614385][    C0]  ? process_scheduled_works+0x96f/0x15d0
[  205.614405][    C0]  process_scheduled_works+0xa5d/0x15d0
[  205.614446][    C0]  ? worker_attach_to_pool+0x380/0x380
[  205.614480][    C0]  ? assign_work+0x3d2/0x5d0
[  205.614503][    C0]  worker_thread+0xa55/0xfc0
[  205.614544][    C0]  kthread+0x2fa/0x390
[  205.614557][    C0]  ? pr_cont_work+0x560/0x560
[  205.614577][    C0]  ? kthread_blkcg+0xd0/0xd0
[  205.614592][    C0]  ret_from_fork+0x48/0x80
[  205.614609][    C0]  ? kthread_blkcg+0xd0/0xd0
[  205.614625][    C0]  ret_from_fork_asm+0x11/0x20
[  205.614659][    C0]  </TASK>
[  205.615910][    C0] Kernel Offset: disabled