last executing test programs:

17.728808435s ago: executing program 0 (id=1065):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x550b, 0x0)

17.599368919s ago: executing program 0 (id=1068):
mprotect(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0)
r0 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x3)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000001500), 0x588, 0x0)

17.303096584s ago: executing program 0 (id=1071):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xd3, &(0x7f0000000340)=""/211}, 0x90)

16.997267809s ago: executing program 0 (id=1073):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000001c0)='./file1\x00', 0x2000800, &(0x7f00000002c0)={[{@fat=@nocase}, {@fat=@quiet}, {@shortname_mixed}, {@uni_xlate}, {@uni_xlateno}, {@fat=@umask={'umask', 0x3d, 0xb741}}, {@utf8no}, {@rodir}, {@shortname_win95}, {@fat=@sys_immutable}, {@shortname_winnt}, {@uni_xlate}, {@rodir}, {@fat=@nfs}, {@utf8}, {@shortname_win95}]}, 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000dc0)='./file0/file0\x00', 0x0, 0x1145d10, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
faccessat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0\x00', 0x0)

16.698183971s ago: executing program 0 (id=1075):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000140)='\n', 0x1}], 0x1)

16.257423076s ago: executing program 0 (id=1080):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x6, [@struct={0x0, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x4}, {0x4}]}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, &(0x7f00000003c0)=""/214, 0x42, 0xd6, 0x9}, 0x20)

8.433730346s ago: executing program 3 (id=1108):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[], 0x0)
syz_emit_ethernet(0xaa, &(0x7f00000000c0)=ANY=[], 0x0)

8.349472581s ago: executing program 2 (id=1109):
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0x0, 0x0, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x608, 0x360, 0x11, 0x148, 0x360, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'team_slave_0\x00', {0x459, 0x0, 0x48, 0x0, 0x0, 0x3, 0x2, 0x80}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x668)

7.06129717s ago: executing program 3 (id=1110):
r0 = io_uring_setup(0x253d, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[], 0x78)
sendfile(r1, r2, &(0x7f0000000180), 0x8)
fcntl$addseals(r2, 0x409, 0x8)
fallocate(r2, 0x3, 0x0, 0x3)
close_range(r0, 0xffffffffffffffff, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @local}, 0x10)

6.947509752s ago: executing program 4 (id=1111):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000000100))
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
capset(0x0, &(0x7f0000000280))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$unix(0x1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(r1, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000740)=""/4096, 0x1000}, {0x0}, {0x0}], 0x3}}], 0x2, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)

6.711141129s ago: executing program 3 (id=1112):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000"], 0x0)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000011c0)={0x2c, &(0x7f0000000400)=ANY=[@ANYBLOB="000002", @ANYRES64=r0, @ANYRESOCT, @ANYRES32, @ANYBLOB="6593f0fab67de4be92b025a6933a801ec83e849bf5c2cbd6a170ea649ca72d36da8118974eb14af5375d429a179519b73e25ca0e465cee632b2e5964ac4f88fc7bcd2c87d5efbdceeb43d21b9ac07557eae05b50bc763d163b4223de3654da2c45fd"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x400, 0x161000)
ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f00000001c0)=""/171)

5.932715215s ago: executing program 4 (id=1113):
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$binfmt_script(r0, &(0x7f00000003c0), 0xb)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000002c0)=[@acquire], 0x0, 0x0, 0x0})
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @dev}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @empty}}}})
r8 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000240)={'erspan0\x00', &(0x7f0000000680)={'sit0\x00', 0x0, 0x0, 0x700, 0x1, 0x5, {{0x3a, 0x4, 0x3, 0xe, 0xe8, 0x67, 0x0, 0x6, 0x4, 0x0, @remote, @empty, {[@rr={0x7, 0x17, 0x25, [@remote, @local, @multicast2, @empty, @local]}, @timestamp_prespec={0x44, 0x2c, 0x73, 0x3, 0x0, [{@rand_addr=0x64010102, 0x5}, {@rand_addr=0x64010101, 0x9}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x46}, {@rand_addr=0x64010100, 0x7fff}, {@empty, 0xfffffff7}]}, @lsrr={0x83, 0x17, 0x0, [@local, @loopback, @remote, @remote, @dev={0xac, 0x14, 0x14, 0x1e}]}, @ssrr={0x89, 0x17, 0x36, [@broadcast, @remote, @broadcast, @remote, @broadcast]}, @cipso={0x86, 0x3a, 0xfffffffffffffffd, [{0x0, 0x10, "eab0a6d16f1135990a59404d7c89"}, {0x7, 0xf, "e680b5a7c6a6d8c1502e45a64c"}, {0x6, 0xf, "3a4f64a464919cf6ebbf2b3b16"}, {0x5, 0x6, "cee02bf5"}]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x24, 0xc, 0x0, 0x8, [0x9, 0xc, 0x7, 0x8b5, 0x5, 0x10000000, 0x6, 0x8]}]}}}}})
fchmodat(r8, &(0x7f00000000c0)='./file1\x00', 0x1ba)
openat(r8, &(0x7f00000001c0)='./file1\x00', 0x5, 0x0)

4.882448149s ago: executing program 4 (id=1114):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000800)=[{&(0x7f0000000480)=""/218, 0xda}], 0x1, 0x10001, 0x0)

4.881309634s ago: executing program 2 (id=1115):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000300)={0x0, @in={{0x2, 0x0, @empty}}}, 0x90)

4.765481175s ago: executing program 1 (id=1116):
pipe(&(0x7f0000000100))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700400000004000000060ec97000fc83a00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

4.764881751s ago: executing program 2 (id=1117):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r3, &(0x7f0000002200), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000ff030000000000950000004b0a00000c01222441acc95e18f4ecc582d259013342cc092a798169f7b41fb1157bec9d3a5822c7c4c3ce921ee3a5905ad985b0880babee9c00af027dd55de49c619f2f66018e08cba4acf3b308a36d5b2ce2758bd47f4952b4f904843df4344738fa4a9d0fb0418dc9ce34b5c992e794e9e513adfb7d31"], &(0x7f0000000600)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file1\x00', 0x0, 0x10}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf]}, &(0x7f0000000300)='GPL\x00', 0x4, 0xffd, &(0x7f00000004c0)=""/4093}, 0x90)

4.73700616s ago: executing program 4 (id=1118):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x1a8, [], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000001b000012"]}, 0xb5)
syz_emit_ethernet(0x46, &(0x7f0000000480)=ANY=[@ANYBLOB="ffffffffffe3ffffffffffff86dd600111fa00101100fe8000000000000000000000000000bbfe8000000000000000000000000000aa"], 0x0)

4.42991172s ago: executing program 4 (id=1119):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000140)='./bus\x00', 0x28108c0, &(0x7f0000006980)=ANY=[@ANYRES64=0x0], 0xfe, 0x6191, &(0x7f0000006c00)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/kO/vmmdknAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID4/vd+sNKJiGs/TwuWIj4TvYhuxEJdL0fEwvJSXr8fEc/FTnM8GxGDuYj69jv/PB3xakR89FTE1vb6ar344iH78d0//v13P3zirb/9YXD+v3+603tt0np37/7qP3++d7RtBgAAgNJUVVV10sf8M+nzfbftTgEAU5Ff/6skLz/19a//+dZfZqk/arVarVZPoW6qxrvXLCJio3mb+j2Dw/EAcMJsxMdtd4EWyb9o/Yh4ou1OADOt03YHOBZb2+urnZRvp/l6sLzbns8F2Zf/RufB9R2TpgcZPcdkWvvXZvTimQn9WZhSH2ZJzr87mv+13fZhWu+485+WSfkPdy99Kk7Ovzea/4jTk393bP6lyvn3Hyn/nvwBAAAAAGCG5b//L7V8/Hfu6JtyKJ90/Hd5Sn0AAAAAAAAAgMftqOP/PWD8PwAAAJhZ9Wf12m+e2ls26bvY6uVXOxFPjqwPFCZdLLPYdj8AAAAAAAAAAAAAoCT93XN4r3YiBhHx5OJiVVX1T9No/aiOevuTrvTth5K1/SQPAAC7Pnpq5Fr+TsR8RFxN3/U3WFxcrKr5hcVqsVqYy+9nh3Pz1ULjc22e1svmhod4Q9wfVvUvm2/crumgz8sHtY/+vvq+hlXvEB17TAbpf3NCc0thA0Cy+2q05RXplKmqpye9+YB9PP5PoaVYanu/Yva1vZsCAAAAx6+qqqqTvs77TDrm3227UwDAVOTX/9HjAkequxPaIx7P71er1Wq1Wv2p6qZqvHvNIiI2mrep3zMYjh8ATpiN+LjtLtAi+RetHxHPtd0JYKZ12u4Ax2Jre321k/LtNF8P0vju+VyQfflvdHZul28/bnqQ0XNMprV/bUYvnpnQn2en1IdZkvPvjuZ/bbd9mNY77vynZVL+w51L5sqT8++N5j/i9OTfHZt/qXL+/UfKvyd/AAAAAACYYfnv/0uO/+ZNBgAAAAAAAIATZ2t7fTVf95qP/39uzHqu/zydcv6dR81/Ic3L/0TL+XdH8v/yyHq9xvz9N/ce///eXl/9/Z1/fTZPD5v/XJ7ppD2rk/aITrqnTj9Nj7J1D9sc9Ib1PQ063V4/nfNTDd6JG3Ez1uLCvnW76f9jr31lX3vd08G+9ov72vsPtV/a1z5I3ztQLeT2c7EaP4mb8fZOe902d8D2zx/QXh3QnvPvef4vUs6/3/ip819M7Z2Rae3+h92HHvfN6bj7eePG53954fg350CbMT92eb19Z6fem9h9xnliGD+7vXbr3N3rd+7cWok02bf0YqTJY5bzH+z8zO09/7+w256f95uP1/sfDh85/1mxGf0H+3ZTnf8Ljfl6e1+act/akPMfpp+c/9upffzj/yTn35uY/8st9AcAAAAAAAAAAAAAAAA+SVVVO5eIvhERl9P1P21dmwkATFd+/a+SvFytVqvVavXpq5uq8V5vFhHx1+Zt6vcMvxj3ywCAWfa/iPhH252gNfIvWP6+v3r6YtudAabq9vsf/Oj6zZtrt2633RMAAAAAAAAA4NPK438uN8Z/fjEilkbW2zf+65uxfNTxP/t55sEAo495oO8JNrvDXrcx3PjzsTM+97lJ43+fjYfH/85j4vaa2zHB4ID24QHtcwe0jx/NeC+tsRd6NOT8n2+Md17nf2Zk+PUSxn8dHfO+BDn/s439uc7/SyPrNfOvfjtz+W8cdsXN6O7L//yd9356/vb7H7xy473r7669u/bjSysrFy5dvnzlypXz79y4uXZh99/j6fUMyPnnsa+dB1qWnH/OXP5lyfl/IdXyL0vO/4upln9Zcv75/Z78y5Lzz5995F+WnP9LqZZ/WXL+X0m1/Muytb0+V+f/cqrlX5b8+P9qquVflpz/K6mWf1ly/udSLf+y5PzPp/oQ+ft6+FMk55+PcHn8lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xch113cAP7MXe+0QYiAEJzWwdowxzpJdX+ILrRsTrg1QCiQUesF2vWuz4BteuwSKZNNAiYRRUUXV9KEtINRGqiqsigdaUZqHqpen0j7Ql4qqElKjKkQBFamtaLaaOf//3zOzszO73vF69vw/H8n+7c6cmXPmzJnZ/a793QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs61vmvlcrSiK+p/GX5uK4kX1jzeMb2pc9oZbvYUAAADASv1f4+/n70gXHFnCjZqW+btX/eM35ufn54sPDP/u6Jfm59MV40Uxur4oGtdF1/79g7XmZYLHi7HaUNPnQz1WP9zj+pEe14/2uH5dj+vX97h+rMf1C3bAAhvKn8c07mx748NN5S4t7ixGG9dt73Crx2vrh4biz3Iaao3bzI+eLGaL08VMMdWyfLlsrbH8t7bW1/X2Iq5rqGldW+pHyA8/dSJuQy3s4+0t67p+n9EP3liM/+iHnzrxxxefvbvT7LkbWu6v3M6d2+rb+ZlwSbmttWJ92idxO4eatnNLh+dkuGU7a43b1T9u387nl7idw9c3c1W1P+djxVDj4+809tNI84/10n7aEi7773uLorhyfbPbl1mwrmKo2NhyydD152esPCLr91E/lF5ajCzrON26hOO0Pqe3tx6n7a+J+PxvDbcbWWQbmp+mH3x63YLnfbnHaVR/1Iu9VtqPwX6/VgblGIzHxXcaD/qJjsfg9vD4P7Vj8WOw47HT4RhMj7vpGNzW6xgcWjfc2Ob0JNQat7l+DO5uWX64saZaYz6zo/sxOHnxzPnJuU988vWzZ46fmjk1c3bv7t1Te/fvP3jw4OTJ2dMzU+XfN7i3B9/GYii9BraFfRdfA69tW7b5UJ3/Sv9eh2NdXoeb2pbt9+twpP3B1VbnBbnwmC5fG4/Ud/rY1aFikddY4/nZtfLXYXrcTa/DkabXYcevKR1ehyNLeB3Wlzm/a2nfs4w0/em0DTfra8GmpmOw/fuR9mOw39+PDMoxOBaOi3/dtfjXgi1he5+YWO73I8MLjsH0cMN7T/2S9P3+2MHG6HRc3lO/4rZ1xaW5mQv3P3b84sULu4swVsXLmo6V9uN1Y9NjKhYcr0PLPl6PzL7qiXs6XL4p7Kux19f/Glv0uaovs+/+7s9V46tb5/3ZcumeIow+W+392emreX1/pizZZX/Wl/nM5Mq/F0+5tOn9d3SR99+Y+18o15fu6vHh0ZHy9Tuc9s5oy/tx61M10njvqjXW/fzk0t6PR8Of1X4/vrPL+/HmtmX7/X482v7g4vtxrddPO1am/fkcC8fJ6anu78f1ZTbvWe4xOdL1/fjeMGth/78uJIWUi5qOncWO27SukZHR8LhG4hpaj9O9LcuPhmxWX9dTe27sON15b3lfw+nRXbdax+l427L9Pk7T+9Vix2mt10/fbkz78zkWjos793Y/TuvLPL1v5e+dG+KHTe+d63odg6PD6+rbPJoOwvL9fn5DPAbvL04U54rTxXTj2nWN46nWWNfEA0s7BteFP6v9Xrm5yzG4s23Zfh+D6evYYsdebWThg++D9udzLBwXTz7Q/RisL/PmA/393nVnuCQt0/S9a/vP1xb7mdc9bbvpZv7Mq76df3Og+89m68ucPrjcnNl9P90XLrmtw35qf/0u9pqaLlZnP20O2/nswcX3U3176st86dASj6cjRVFc/thDjZ/3hn9f+fNL3/1Gy7+7dPo3ncsfe+i520/+7XK2H4C174VybCy/1jX9y9RS/v0fAAAAWBNi7h8KM5H/AQAAoDJi7o//KzyR/wEAAKAyYu4fCTPJJP9vfvOzsy9cLlIzfz6I16fd8HC5XOy4ToXPx+evq1/+0NdmfvyXl5e27qGiKH7y8G90XH7zw3G7SuNhO6+9pfXyhTe8vKT1H3v0+nLN/fUvh/uPj2eph0GnCu5UURTfuuMLjfWMf/BqYz798LHGfO+VJx6vL/P8ofLzePtnXlYu/weh/Hvk5PGW2z8T9sP3w5x6R+f9EW/39auv23Lg/dfXF29X2/bixsN+8kPl/cbfk/PFx8vl435ebPv/6vNPfb2+/GOv6bz9l4c6b/9T4X6/Fub/vLJcvvk5qH8eb/fZsP1xffF293/12x23/9rnyuXPv7Vc7liYcf07w+fb3/rsbPP+eqx2vOVxFW8rl4vrn/rubzeuj/cX7799+8eOXm3ZH+3Hx9P/XN7PZNvy8fK4nugv2tZfv5/m4zOu/6nfOtayn3ut/9p7n3ll/X7b139f23LDbbdv/41Nf/jZL3RcX9yeI392vuXxHHlPeB2H9T/5oXA8huv/99oXWtYbHXtP6/tPXP7Lmy63PJ7o7T8q13/twVON+R/jP/792150+4uvvLq+74riO+8r76/X+k/90bmW7f/KXbsaz0e8Pnb029e/mLj+Cx+fOHtu7tLsdNNebfzunHeW27N+bMPG+vbeEd5b2z8/eu7ih2cujE+NTxXFeHV/hd4N+2qYz5XjynJvv+vR8Hze83vf2rjjnz4fL/+XR8rLr76j/Lr12rDcF8Plm8rnb762wvU/ufWuxuu79nT5eUuPvQ+2bP/Pg0taMDz+9u8L4vF+/uUfbuyH+nWNrxvxdb3C7f/edHk/3wz7dT78ZuZtd11fX/Py8XcjXH1f+Xpf8f4Lb3Pxef2T8Hy/6/vl/cftio/3e+H7mG9vbn2/i8fHNy8Ptd9/47d4XAnvJ8WV8vq4VNzfV5+/q+Pmxd9DUly5u/H576T7uXtZD3Mxc5+Ymzw9e/bSY5MXZ+YuTs594pNHz5y7dPbi0cbv8jz6kV63v/7+tLHx/jQ9s39fMbWhKIpzxdQqvGHdnO2vf7S07T//6InpA1M7pmdOHr908uKj52cunDoxN3diZnpux/GTJ2c+3uv2s9OHd+85tPfAnolTs9OHDx46tPfQxOzZc/XNKDeqh/1TH504e+Fo4yZzh/cd2v3AA/umJs6cm545fGBqauJSr9s3vjZN1G/96xMXZk4fvzh7ZmZibvaTM4d3H9q/f0/P3wZ45vzJufHJC5fOTl6am7kwWT6W8YuNi+tf+3rdnmqa+7fy+9l2tfIX8RXvvm9/+v2sdV/79KJ3VS7S9gtEnw2/i+YfXnL+4FI+j7l/NMwkk/wPAAAAOYi5f12YifwPAAAAlRFz//owE/kfAAAAKiPm/rEwk0zyv/6//v/S+v/l9fr/efX/z3+s7JWu9f5/7M/r/+fhFvf/V7x+/X/9/+r1/5fen1/r26//r//PQoPW/4+5f0NRZJn/AQAAIAcx928MM5H/AQAAoDJi7r8tzET+BwAAgMqIuf9FYSaZ5H/9/yX1//f0KlxVv//v/P/6/8Xa7P/HJ0f/PxvL7t+//5GWT/X/A/1//X/9f/1//X9WbHTRa25V/z/m/tvDTDLJ/wAAAJCDmPtfHGYi/wMAAEBlxNx/R5iJ/A8AAACVEXP/pjCTTPK//r/z/+v/6/9Xuv+/0vP/N22M/v/a4Pz/3en/93DD/f8x/f+12P8f7e/2D3b/v+fm6/9zUwza+f9j7n9JmEkm+R8AAAByEHP/S8NM5H8AAACojJj7XxZmIv8DAABAZcTcf2eYSSb5X/9f/1//X/9f/7/z+nuf/7/8SP9/sOj/d6f/34Pz/+fV/+/z9g92/7/f5/8ffUv77fX/6WTQ+v8x9788zCST/A8AAAA5iLn/rjAT+R8AAAAqI+b+V4SZyP8AAABQGTH3bw4zyST/6//r/+v/6//r/3def+/+f0n/f7Do/3en/9+D/r/+v/7/0vr/Hb751f+nk0Hr/8fcf3eYSSb5HwAAAHIQc/89YSbyPwAAAFRGzP0/FWYi/wMAAEBlxNy/Jcwkk/yv/6//r/+fV///vnX6//r/1ab/391N7P/Ht2L9f/1//f8c+v8dLKf/v77XnVEZg9b/j7n/lWEmmeR/AAAAyEHM/a8KM5H/AQAAoDJi7n91mIn8DwAAAJURc/94mEkm+V//v1r9/z/96ydfXej/6//3WH8/+v+1cOkA9f/jYTDw/f8H9f9vKv3/7pz/vwf9f/1//f9V6f+Tj0Hr/8fcvzXMJJP8DwAAADmIuX9bmIn8DwAAAJURc/+9YSbyPwAAAFRGzP3bw0wyyf/6/9Xq/0f6//r/3dbv/P/O/19l+v8dNL1I9f970P/X/8++/x+/+9X/pz8Grf8fc/9rwkwyyf8AAACQg5j7d4SZyP8AAABQGTH3vzbMRP4HAACAyoi5f2eYSSb5X/9f/1//X/9f/7/z+vX/1yb9/+6W2/9fp/+v/6//n1n/f2Xn/98QPtb/Jxq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxP+/Wf6/V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f8/z3o/+v/6/+vqP/v/P+0G7T+f8z9rw8zyST/AwAAQA5i7r8/zET+BwAAgMqIuX8yzET+BwAAgMqIuX8qzCST/K//r/+fU//f+f/1//X/q0//vzv9/x70//X/q9b/Lwr9f26pQev/x9y/O8wkk/wPAAAAOYi5f0+YifwPAAAAlRFz/94wE/kfAAAAKiPm/n1hJpnkf/1//X/9f/1//f/O69f/X5v0/7vT/+9B/1//v2r9f+f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p//XDQAAAKwtMfcfDDPJ5N//9f8r0v//zb9vWbf+v/5/t/X3p/+/Qf8/TP3/wVLR/n/7y+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b+p3/X/+/yira/++bSvX/h/T/9f8Ha/v1//X/Wejm9//jR0vr/8fcfzjMJJP8DwAAADmIuf9nw0zkfwAAAKiMmPsfDDOR/wEAAKAyYu4/EmaSSf7X/9f/1//X/785/f8Hi3aD2P+vHzz6/9Wi/99dpfr/zv+v/z9g26//r//PQoN2/v+Y+98YZpJJ/gcAAIAcxNz/UJiJ/A8AAACVEXP/m8JM5H8AAACojJj73xxmkkn+1//X/9f/1/93/v/O69f/X5v0/7vT/+9B/1//X/9f/5++GrT+f8z9bwkzyST/AwAAQA5i7n9rmIn8DwAAAJURc//bwkzkfwAAAKiMmPvfHmaSSf7X/9f/1//X/9f/77x+/f+1Sf+/O/3/HvT/9f/1//X/6atB6//H3P9zYSaZ5H8AAADIQcz9D4eZyP8AAABQGTH3vyPMRP4HAACAyoi5/51hJpnkf/3/Ndz/H9H/1//X/9f/773e3Oj/d6f/34P+v/6//r/+P301aP3/mPvfFWaSSf4HAACAHMTc//NhJvI/AAAAVEbM/e8OM5H/AQAAoDJi7v+FMJNM8n/f+/8H9P8j5/+/kf7//OXm21Ws/19fTP//VvX/6zfS/8+C/n93+v89dOj/r9f/1//X/9f/54YNWv8/5v73hJlkkv8BAAAgBzH3vzfMRP4HAACAyoi5/31hJvI/AAAAVEbM/Y+EmWSS/53/P8v+f3rIg9f/d/5//X/n/9f/X5nq9v+XfVcd6f/34Pz/+v/6//r/9NWg9f9j7n80zCST/A8AAAA5iLn//WEm8j8AAABURsz9vxhmIv8DAABAZcTc/4Ewk0zyv/5/lv3/AT7/f9X6/yMtx0dO/f+xpuczHZf6//r/q6C6/f/+0P/vQf9f/3+Q+//haN6wyO31/xlEg9b/j7n/g2EmmeR/AAAAyEHM/b8UZiL/AwAAQGXE3P/LYSbyPwAAAFRGzP2/EmaSSf7X/9f/1/93/n/n/++8fv3/tUn/vzv9/x70//X/B7n/34P+P4No0Pr/Mff/apjJosHvuf9awsMEAAAABkjM/R8KM8nk3/8BAAAgBzH3Hw0zkf8BAACgMmLuPxZmkkn+1/9v7//HM6rq/+v/6//r/+v/r0X96/+/4vai0P+vTP9/bIkboP+v/6//r/9PXw1a/z/m/uNhJpnkfwAAAMhBzP2/FmYi/wMAAEBlxNx/IsxE/gcAAIDKiLl/Oswkk/x/C/v/o4PZ/3f+/xvt//9E/1//P9D/70z/f3U4/3932fb/l0r/X/9f/1//n74atP5/zP0zYSaZ5H8AAACosPTj4Jj7T4aZyP8AAABQGTH3nwozkf8BAACgMmLu/3CYSSb53/n/9f+d//9W9P9HWpbX/y/p/+v/94P+f3f6/z3o/+v/6//r/9NXg9b/j7l/Nswkk/wPAAAAOYi5/yNhJvI/AAAAVEbM/R8NM5H/AQAAoDJi7j8dZpJJ/tf/1//Pvf9fK4orzv+v/99p/fr/a5P+f3f6/z3o/+v/6//r/9NXg9b/j7n/TJhJJvkfAAAAchBz/9kwE/kfAID/Z+8+muS6qz6ON0aWRmzgJXjNiiWszEtgy44q1hTJJoMtcgaRczDZ5JzB5JxzNjlHEw1VQ3l0zpFG3XOvpLmavvf//3wWz3lGpaF7rLHhx/CtC0AzcvffN26x/wEAAKAZufvvF7d0sv/1//r/3vv/1Vae/7//9+v/z9D/6/+nsNbfH9v8+w6Kwg/s/+9y12vupf/X/+v/B+n/9f/6f843t/4/d//945ZO9j8AAAD0IHf/A+IW+x8AAACakbv/gXGL/Q8AAADNyN1/TdzSyf7X/+v/9f/6/339/036f/3/snn+/zD9/wj9v/5f/6//Z1Jz6/9z918bt3Sy/wEAAKAH1+5N/p3Vg1Yr+x8AAAAalbv/wXGL/Q8AAADNyN3/kLilk/2v/9f/6/+X0v8f9/z/874e/b/+fxP9/zD9/wj9v/5f/6//Z1Jz6/9z9z80bulk/wMAAEAPcvc/LG6x/wEAAKAZufsfHrfY/wAAANCM3P2PiFs62f/6f/2//n8p/f8RPf9f/6//X7gbVmf/maD/X6f/HzHS/69W+v8hF9zPb/7ylvP+D6D/1/+zbm79f+7+R8Ytd1+tjl/qFwkAAADMSu7+R8Utnfz8HwAAAHqQu/+6uMX+BwAAgGbk7r8+bulk/+v/9f/6f/2//n/z6+v/l8nz/4cdvv+/853uc+9++/9mnv+/u+k/uWy/nz+sbb//6fv/274z9P8s29z6/9z9p+KWTvY/AAAA9CB3/6PjFvsfAAAAmpG7/zFxi/0PAAAAzcjd/9i4pZP9r/9vrf+//b7PO6f/36td9P/6f/2//r91+v9hnv8/Yu8fcyfrw2b7/wNsu59f+vv3/H/9P+vm1v/n7n9c3NLJ/gcAAIAe5O5/fNxi/wMAAEAzcvc/IW6x/wEAAKAZufufGLd0sv/1/631//s/z/P/9f+bXl//r/9vmf5/mP5/RCvP/7/E75pt9/OHte33r//X/7Nubv1/7v4nxS2d7H8AAADoQe7+J8ct9j8AAAA0I3f/U+IW+x8AAACakbv/qXFLJ/tf/6//X0b/n6+g/9f/X/7+P+n/l+cO+v9R+v8RrfT/l2jb/fzS37/+X//Purn1/7n7nxa3dLL/AQAAoAe5+58et9j/AAAA0Izc/c+IW+x/AAAAaEbu/mfGLZ3sf/2//n8Z/b/n/+v/Pf9f/39h9P/D9P8j9P/6f/2//p9Jza3/z91/Om7pZP8DAABAD3L3Pytusf8BAACgGbn7nx232P8AAADQjNz9z4lbOtn/+n/9v/5f/6//3/z6+v9l0v8P0/+P0P/r//X/+n8mNaP+/5zP2lk9N27pZP8DAABAD3L3Py9usf8BAACgGbn7nx+32P8AAADQjNz9L4hbOtn/+v/Z9P97OV9b/f/J1Wql/1912v+fPOfPs74v9f/6/yOg/x+m/x+h/9f/6//1/0xqRv3/3se5+18Yt3Sy/wEAAKAHuftfFLfY/wAAANCM3P0vjlvsfwAAAGhG7v6XxC2d7H/9/2z6/z1t9f9Lff7/Mf2/5//v0f8vk/5/mP5/hP5f/6//1/8zqbn1/7n7Xxo3Hb/ykr9EAAAAYGZy978sbunk5/8AAADQg9z9L49b7H8AAABYqNNrv5K7/xVxSyf7X/8/bf9//Jxf0/8vtf/3/H/9/xn6/2XS/w/T/4/Q/+v/9f/6fyY1t/4/d/8r45ZO9j8AAAD0IHf/DXGL/Q8AAADNyN3/qrjF/gcAAIBm5O5/ddzSyf7X/3v+v/5f/6//3/z6+v9l0v8P0/+PuJT+f0f/n/T/h+7/T5z9f/X/tOEi+v/d3d3rLnv/n7v/NXFLJ/sfAAAAmnTez0pz9782brH/AQAAoBm5+18Xt9j/AAAA0Izc/a+PWzrZ//r/Tvv//FZfVv9//Wql/9f/6//1/8P0/8P0/yM8/1//7/n/+n8mNbfn/+fuf0Pc0sn+BwAAgB7k7r8xbrH/AQAAoBm5+98Yt9j/AAAA0Izc/W+KWzrZ//r/Tvt/z//X/+v/j7r/v3Wl/z8Si+j/Tx78+nPv/0/p//X/A7rr/+9xt30f6v/1/6ybW/+fu//NcUsn+x8AAAB6kLv/LXGL/Q8AAADNyN3/1rjF/gcAAIBm5O5/W9x0rJP9r//X/+v/9f/6/82vf8TP/z++Wq30/xNYRP8/YO79/zTP/z//7/Kz9P/6/yW/f/2//p91c+v/c/e/PW7pZP8DAABAD3L3vyNusf8BAACgGbn73xm32P8AAADQjNz974pbOtn/+n/9v/5f/998/39qEf2/5/9PRP8/bB79/8H0//r/Jb9//b/+nwu3rf4/d/+745ZO9j8AAAD0IHf/e+IW+x8AAACakbv/vXGL/Q8AAADNyN3/vrilk/2v/9f/X0z/n+9T/99W/39idv3/zr5/vU6e/6//n4j+f5j+f4T+X/+v/z+t/2dKc3v+f+7+98ctnex/AAAA6EHu/g/Erf/q1v4HAACAZuTu/2DcYv8DAABAM3L3fyhu6WT/6//1/57/r/9v/vn/+v+u6P+H6f9H6P/1//p/z/9nUnPr/3P3fzhu6WT/AwAAQA9y938kbrH/AQAAoBm5+z8at9j/AAAA0Izc/TfFLZ3sf/2//l//r//X/5/5M9T/t0H/P+xo+v+T+n/9f/Xzt4u/C/T/+v+xz6dNc+v/c/d/LG7pZP8DAABAD3L3fzxusf8BAACgGbn7PxG32P8AAACwSMc2/Fru/k/GLZ3sf/2//l//r//X/29+ff3/Mm2l/89vCv2/5/+Hfvr/q/Z9tLTn/5//71/6f/0/05tb/5+7/1NxSyf7HwAAAHqQu//TcYv9DwAAAM3I3f+ZuMX+BwAAgGbk7v9s3NLJ/tf/6/8P0f+f0v/r//X/+v+58fz/Yfr/Efr/rT4/f+nvX/+v/2fd3Pr/3P2fi1s62f8AAADQg9z9n49b7H8AAABoRu7+L8Qt9j8AAAA0Y2/3Z1zW4f7X/+v/Pf9f/6//3/z6+v9l0v8P0/+P0P/r//X/+n8mNbf+/4t7n7Wz+lLc0sn+BwAAgB7k7v9y3GL/AwAAQDNy938lbrH/AQAAoBm5+78at3Sy//X/+v9l9P+7u7vX6f/1//u/nrP9/836f4r+f5j+f4T+X/+v/9f/M6m59f+5+78Wt3Sy/wEAAKAHufu/HrfY/wAAANCM3P3fiFvsfwAAAGhG7v5vxi2d7H/9/wz6/x39v+f/6/9Xnv+v/5+I/n+Y/n9Ei/3/zoV/+dvu5w9r2+9f/6//Z93c+v/c/d+KWzrZ/wAAANCD3P3fjlvsfwAAAGhG7v7vxC32PwAAADQjd/9345ZO9r/+/+j6/9v+2vXy/P+Tq83vX/+v/9f/6/8vN/3/MP3/iBb7/4uw7X5+6e9f/6//Z93c+v/c/d+LW/YPvysv7qsEAAAA5iR3//fjlk5+/g8AAAA9yN3/g7jF/gcAAIBm5O7/YdzSyf7X/8/g+f8N9v+e/7/5+0P/P+v+/wr9fxv0/8P0/yP0//p//f9E/X9+N+v/eze3/j93/4/ilk72PwAAAPQgd/+P4xb7HwAAAJqRu/8ncYv9DwAAAM3I3X9z3HLO/t/UdrdC/6//1//r//X/m19f/79M+v9hF9r/n1gdrv9P+n/9v/6/1/7f8/85Y279f+7+n8Ytfv4PAAAAi3PlAb+eu/9ncYv9DwAAAM3I3f/zuMX+BwAAgGbk7v9F3HLLFdt6S0dK/6//1//r//X/m19f/79M+v9hnv8/Qv8/RT9/tf6/jf5/tdL/c3hz6/9z9/8ybvHzfwAAAGhG7v5fxS32PwAAADQjd/+v4xb7HwAAAJqRu/83cUsn+1//r/8/ZP+/l2bq/8/Q/5+h/99M/3809P/D9P8j9P+e/6//9/x/JjW3/j93/2/jlk72PwAAAPQgd//v4hb7HwAAAJqRu//3cYv9DwAAAM3I3f+HuKWT/T9p/39jVNgX0v/HX2r9/+L7f8//1//r//X/s6L/H6b/H6H/1//r//X/TGpu/X/u/j/GLZ3sfwAAAOhB7v4/xS32PwAAADQj//dWf977v/Y/AAAAtCh3/1/ilk72v+f/6//1//p//f/m19f/L5P+f5j+f7P6g9L/6//1//p/JjW3/j93/1/jlk72PwAAAPQgd//f4hb7HwAAAJqRu/+WuMX+BwAAgGbk7v973NLJ/tf/6//1//p//f/m19f/L9Os+v9j+v9zP/eedxx/Wc//33r/n29B/6//1/8zibn1/7n7/xG3dLL/AQAAoAe5+/8Zt9j/AAAA0Izc/f+KW+x/AAAAaEbu/n/HLZ3s/5H+/0T9Rv3/IP3//vev/9/8/aH/1//r/y+/WfX/nv+/mOf/F/2/5//r//X/TGpu/X/u/v/ELZ3sfwAAAOhB7v5b4xb7HwAAAJqRu/+/cYv9DwAAAM3I3f+/uKWT/e/5/0vq/6/W/+v/9f/6f/3/CP3/MP3/CP2//v8i3v9V532s/9f/s25u/X/u/v8HAAD///X8SrI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$inet6(0xa, 0x40000080806, 0x100004)
ioctl$FIBMAP(0xffffffffffffffff, 0x2285, &(0x7f0000000040)=0x53)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x2000, 0x0)
socket$tipc(0x1e, 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e0021768238324ee0d5b18eabeda10c06e6143315"], 0x1c}}, 0x0)
r4 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r4, 0x0, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="be"], 0x1)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f00000000c0)={<r5=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x77, r5})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
r7 = socket(0xa, 0x1, 0x0)
ioctl(r7, 0x8916, &(0x7f0000000300))
ioctl(r7, 0x8936, &(0x7f0000000000))
recvmmsg(r3, &(0x7f0000000140), 0x41, 0x0, 0x0)
bind$inet6(r1, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
close(r8)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r8, 0x8b07, &(0x7f0000000000)={'wlan1\x00', @random="c210011f0081"})

3.88122267s ago: executing program 1 (id=1120):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@ipv4_newroute={0x24, 0x18, 0x113, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@RTA_NH_ID={0x8, 0x1e, 0x7}]}, 0x24}}, 0x0)

3.799264104s ago: executing program 2 (id=1121):
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0xfffffffffffffffe)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000080)='./file0/../file0\x00')
r0 = memfd_create(&(0x7f0000000000)='secer\x03\x00\x00\x00selin\x8cB\xabl\xa6e\x15ux\x00\xab', 0x0)
pwrite64(r0, &(0x7f000003bfff)='/', 0x1, 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchmod(r1, 0x0)

3.79405993s ago: executing program 1 (id=1122):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0)
r1 = getpid()
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000240)=ANY=[], 0xfdef)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
sched_setscheduler(r1, 0x7, &(0x7f0000000000)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200))
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
syz_emit_ethernet(0x61, 0x0, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000080)=0x200000000)
preadv(r5, &(0x7f0000000600)=[{&(0x7f0000000280)=""/117, 0x75}], 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
accept4$tipc(r2, &(0x7f0000000240), &(0x7f0000000280)=0x10, 0x800)
mmap(&(0x7f00007c8000/0x4000)=nil, 0x4000, 0x0, 0x10010, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

3.66067242s ago: executing program 2 (id=1123):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)='ub\xce\x00\x00\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e}, 0x90)
syz_open_dev$I2C(&(0x7f0000000040), 0x3ff, 0x0)
mount(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000bc0))
tkill(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x96dca55c25fb4027, &(0x7f0000000180)=0x40000000010001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x84, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x5)
mount(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='ubifs\x00', 0x8000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f00000002c0), 0xfd, 0x76b, &(0x7f0000001400)="$eJzs3M1rXOUaAPDnnGaSfuTeyYUL9+pChBZaKJ0kzaZdNW7cFQoFtzUkJyHkJBMyk9qJhbauhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzmSS0piZpEnaadPfD07P856v531mDm/nQN4TwCvrzeKfJGIwIq5ERLm9PY2I/lZ0NOL2+nFrj25OFksSzebVX5PitFhrljevlbTXJ6J1Svw/Ih6UIs5+8M+8tcbK3ESeZ0vt9nB9fnG41lg5Nzs/MZPNZAujYxdHLoyNXRgZ27GG/+2y1lPvXDx277u3V1e//7p+942+c0mMt+qOdm27vMxTWf9MSjG+ZfvCs0jWQ0mXfUefYz8AAOiu+J1/JCL6Wr9Sy3GkFQEAAACHSXOguaN041gAAADgJZV4rgcAAIBDbuPvADbm9j6rebCd/PJWRAxtl7+vNYc44miUIuL4WvLEzIRk/TTYl9t3IuL++Nb778viDru9z2uPbGk/OUe6f59X5yDcL8af8e3Gn3Rz/Iltxp++jXcn7FPn8e9x/iMdxr8ru8zxzWevlTrmvxPxet92+ZPN/EmH/O+2op0/hburH97rtK/5RcTpbf//SZ7I1eX9EOPTs3m31w/Eg7/OPOxW//FO+ZPu9S/uWPm699d+n+s0lhT5z5zs8P3f6py/uCc+avcjjYh77XXRXt2S4+T8D992q38qormX7//zXdb/01cDN3Z5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVrZjNO0Uok4ERH/jeNpXq3Vz05Xlxemin0RQ1FKp2fzbCQiyuvtpGiPtuLH7fNb2mMR8Z8fj60nnc2zymQ1n+p18QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGw6ERGDkaSViEgj4o9ymlYqEX27OHfgOfQPAAAAOCBDve4AAAAA8Mx5/gcAAIDDb6/P/8kB9wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41K5cvlwszbVHNyeL9tT1xvJc9fq5qaw2V5lfnqxMVpcWKzPV6kyeVSar8ztdL69WF0cvxvKN4XpWqw/XGivX5qvLC/Vrs/MTM9m1rPRcqgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBpDbaWJK1ERNqK07RSifhXRAxFKZmezbORiPh3RDwslwaK9mivOw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCBqzVW5ibyPFsSCF6KoL99574o/dlbcCsiXoBudAl6PDABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANATtcbK3ESeZ0u1XvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3kp/TiKiWE6XTw1u3duf/FlurSPivU+vfnxjol5fGi22/7a5vf5Je/v5XvQfAAAAXgmXnubgjef0jed4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3ao1VuYm8jxb2l9wKRorzaTDMb2uEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Ju/AwAA///+/bx6")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)

2.834021623s ago: executing program 1 (id=1124):
io_setup(0x6, &(0x7f00000003c0)=<r0=>0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f00000015c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
ioctl$SNDCTL_SEQ_OUTOFBAND(r1, 0x40085112, &(0x7f0000000040)=@e={0xff, 0x0, 0x0, 0x0, @SEQ_NOTEON=@special})

2.694006773s ago: executing program 2 (id=1125):
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0x0, 0x0, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x608, 0x360, 0x11, 0x148, 0x360, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'team_slave_0\x00', {0x459, 0x0, 0x48, 0x0, 0x0, 0x3, 0x2, 0x80}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x668)

2.388939746s ago: executing program 1 (id=1126):
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$binfmt_script(r0, &(0x7f00000003c0), 0xb)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000002c0)=[@acquire], 0x0, 0x0, 0x0})
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @dev}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @empty}}}})
r8 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000240)={'erspan0\x00', &(0x7f0000000680)={'sit0\x00', 0x0, 0x0, 0x700, 0x1, 0x5, {{0x3a, 0x4, 0x3, 0xe, 0xe8, 0x67, 0x0, 0x6, 0x4, 0x0, @remote, @empty, {[@rr={0x7, 0x17, 0x25, [@remote, @local, @multicast2, @empty, @local]}, @timestamp_prespec={0x44, 0x2c, 0x73, 0x3, 0x0, [{@rand_addr=0x64010102, 0x5}, {@rand_addr=0x64010101, 0x9}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x46}, {@rand_addr=0x64010100, 0x7fff}, {@empty, 0xfffffff7}]}, @lsrr={0x83, 0x17, 0x0, [@local, @loopback, @remote, @remote, @dev={0xac, 0x14, 0x14, 0x1e}]}, @ssrr={0x89, 0x17, 0x36, [@broadcast, @remote, @broadcast, @remote, @broadcast]}, @cipso={0x86, 0x3a, 0xfffffffffffffffd, [{0x0, 0x10, "eab0a6d16f1135990a59404d7c89"}, {0x7, 0xf, "e680b5a7c6a6d8c1502e45a64c"}, {0x6, 0xf, "3a4f64a464919cf6ebbf2b3b16"}, {0x5, 0x6, "cee02bf5"}]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x24, 0xc, 0x0, 0x8, [0x9, 0xc, 0x7, 0x8b5, 0x5, 0x10000000, 0x6, 0x8]}]}}}}})
fchmodat(r8, &(0x7f00000000c0)='./file1\x00', 0x1ba)
openat(r8, &(0x7f00000001c0)='./file1\x00', 0x5, 0x0)

2.388318492s ago: executing program 3 (id=1127):
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1014494, &(0x7f0000000000)={[{@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@mode={'mode', 0x3d, 0x6}}, {@fileset={'fileset', 0x3d, 0x7e}}, {@gid_forget}, {@undelete}, {@gid_forget}, {@uid_forget}]}, 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r0, 0x0)
syz_mount_image$iso9660(&(0x7f00000003c0), &(0x7f0000000400)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00056467df1d7e51024709ba80ded5bcf7d7b878086b77b4f6890d0c8518daec08a45899"], 0x1, 0x3b4, &(0x7f0000000480)="$eJzs3M9O3EYcwPExf1REJVQpaiCEw6TpgR6ysU1ZtMrJ9c4uk3g91ow3glMVFYhQ2bRqUqnhxoW2UvsQufYh+kZRH6GV7d0UWGBTIGwafT8Smln755nfWKsZrdFYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4cVN3w88kei0uyHPFjet6ZxzftDeZ8eKc/oVwiv+xMyMWKgOLdz49/SnVSPz1ad5MVMUM2L/45ufPLgxNTG4/pyErsXzl/vfPtnb2/5h3ImMSVul2hndidpKamdko17376+3nGzpRLlNl6uOjK2KcmPlcvyFDBqNFalqm6abtptRogYH1+6Fvl+XD2uZiqwz6f2HNRev6yTRabuMKU4XMWvFF/GRzmWuoo6UO7t72yujkiyCgrcJCkcFhX4YBkEYBvXVxuqa708NHfBPEEMR4//SYryueAYHLu7v/voPAAAAAAA+XF75jL34/T9dPof3REsnyh93WgAAAAAA4AqV//mfL4rporYgPH7/AwAAAADwofll5B47l33k/fmXsHbaO8g2Pvd6UREX9Sar6yZPtpi3Fr25fiNlUZ/qf4rVknerCro1iH7dL3ZG5eFdQQLiN7FYxSxuVeXW4EzVy2xLJ6oWm+RBIKJobiJXG/mPz3Z/EuXwf007c57Y2d3brn3z3d5WmctB0cpBr7+BYmgfxTm5vHiz7/H0EU+XD2L6/c5W/fpHxz9RXT7xH/o8FLermNuzVTl7fPwzRZ9B7azR97MILjnyQ7FUxSwt3y2Ku8unZBGOyiI8msWF7sVbZLEyKouVS2YBAOOyM2IV8oYX/gvMctezuh+KO1XMncVyYp1aPGVG90fN6P4lV7c/ht6BcNYaW/T7+4lV9VVxwasz+3VJ6BW3cPJF73tx8/nL/Xu7vSdPt59uPwvDlbr/pe+vhmK6HEa/YO0BAJxC2dfebP6zZ63Ovg4ajSDK15W0Jn4krW62ldRprmy8HqVtJTNrchObpKg81k3lpOtmmbG5bBkrM+P0RvnmF9l/9YtTnSjNdeyyREVOydikeRTnsqldLLPuV4l268qWF7tMxbql4yjXJpXOdG2salI6pY4E6qZKc93SRTWVmdWdyG7KxybpdpRsKhdbneWmanDQl05bxnbKZmvjvtkAALwn3rzB7h1Wxj1GAABwHKs0AAAAAAAAAAAAAAAAAAAAAADvv+vY/0eFCpX/W2XcMxOAd+2fAAAA//+pa6O/")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

492.302796ms ago: executing program 4 (id=1128):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000001c0))
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f00000003c0)={0xffffffffffffffff, 0x3, 0x3, 0x0, 0x3})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
lgetxattr(0x0, 0x0, 0x0, 0x0)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0xe6da)
pipe2(0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000000)=0x2)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)

312.673813ms ago: executing program 1 (id=1129):
pipe(&(0x7f0000000100))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700400000004000000060ec97000fc83a00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

192.083806ms ago: executing program 3 (id=1130):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x40)
syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}}, 0x0)

0s ago: executing program 3 (id=1131):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r3, &(0x7f0000002200), 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000ff030000000000950000004b0a00000c01222441acc95e18f4ecc582d259013342cc092a798169f7b41fb1157bec9d3a5822c7c4c3ce921ee3a5905ad985b0880babee9c00af027dd55de49c619f2f66018e08cba4acf3b308a36d5b2ce2758bd47f4952b4f904843df4344738fa4a9d0fb0418dc9ce34b5c992e794e9e513adfb7d31"], &(0x7f0000000600)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file1\x00', 0x0, 0x10}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf]}, &(0x7f0000000300)='GPL\x00', 0x4, 0xffd, &(0x7f00000004c0)=""/4093}, 0x90)

kernel console output (not intermixed with test programs):

5451][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.265778][ T1183] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.275086][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.284449][ T9326] FAT-fs (loop3): Directory bread(block 73) failed
[  334.295558][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.307342][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.316001][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.327739][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.340463][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.349239][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.358327][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.375991][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.392287][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.401497][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.437719][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.450180][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.461994][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.479197][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.492058][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.509883][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.521299][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.541956][ T5367] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  334.551365][ T5367] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  334.565093][ T5367] usb 2-1: config 0 interface 0 has no altsetting 0
[  334.580631][ T5367] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  334.591613][ T5367] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  334.608371][ T5367] usb 2-1: Product: syz
[  334.612925][ T5367] usb 2-1: Manufacturer: syz
[  334.617764][ T5367] usb 2-1: SerialNumber: syz
[  334.651381][ T5367] usb 2-1: config 0 descriptor??
[  334.699186][ T5367] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  335.116855][   T25] usb 2-1: USB disconnect, device number 6
[  335.136940][   T25] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  335.383037][ T1183] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  335.404363][ T1183] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  335.421523][ T1183] bond0 (unregistering): Released all slaves
[  336.104814][ T5237] Bluetooth: hci4: command tx timeout
[  336.128541][ T9343] loop3: detected capacity change from 0 to 4096
[  336.143103][ T9343] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  336.206140][ T9153] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  336.246840][ T9153] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  336.321064][ T9153] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  336.374229][ T1183] hsr_slave_0: left promiscuous mode
[  336.397625][ T1183] hsr_slave_1: left promiscuous mode
[  336.416301][ T9350] loop3: detected capacity change from 0 to 64
[  336.430682][ T1183] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.451967][ T1183] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.482170][ T1183] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  336.500274][ T1183] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.539882][ T1183] veth1_macvtap: left promiscuous mode
[  336.557300][ T1183] veth0_macvtap: left promiscuous mode
[  336.568245][ T1183] veth1_vlan: left promiscuous mode
[  336.579048][ T1183] veth0_vlan: left promiscuous mode
[  336.593383][ T9352] loop3: detected capacity change from 0 to 256
[  336.606293][ T9352] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  336.678563][ T9352] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  336.747685][ T9348] loop4: detected capacity change from 0 to 32768
[  336.769923][ T9348] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.843 (9348)
[  336.810380][ T9348] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  336.832452][ T9348] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  336.861899][ T9348] BTRFS info (device loop4): using free-space-tree
[  336.893079][ T9354] netlink: 16 bytes leftover after parsing attributes in process `syz.3.846'.
[  337.118733][    C1] eth0: bad gso: type: 1, size: 1408
[  337.167628][ T8312] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  337.508584][    C0] vkms_vblank_simulate: vblank timer overrun
[  337.918687][ T1183] team0 (unregistering): Port device team_slave_1 removed
[  337.990523][ T1183] team0 (unregistering): Port device team_slave_0 removed
[  338.174085][ T5237] Bluetooth: hci4: command tx timeout
[  338.659852][ T9153] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  338.811325][ T9325] chnl_net:caif_netlink_parms(): no params data found
[  339.081504][ T9325] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.106818][ T9325] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.133992][ T9325] bridge_slave_0: entered allmulticast mode
[  339.153683][ T9325] bridge_slave_0: entered promiscuous mode
[  339.184817][ T9325] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.213924][ T9325] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.233758][ T9325] bridge_slave_1: entered allmulticast mode
[  339.241166][ T9325] bridge_slave_1: entered promiscuous mode
[  339.339250][ T9325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.368083][ T9406] loop1: detected capacity change from 0 to 512
[  339.378962][ T9325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.394966][ T9406] ext4: Unknown parameter 'defcontext'
[  339.555021][ T9325] team0: Port device team_slave_0 added
[  339.567759][ T9153] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.611673][ T9325] team0: Port device team_slave_1 added
[  339.707087][ T9325] batman_adv: batadv0: Adding interface: batadv_slave_0
[  339.725369][ T9325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.783054][ T9325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  339.814448][ T9400] loop3: detected capacity change from 0 to 40427
[  339.835898][ T9325] batman_adv: batadv0: Adding interface: batadv_slave_1
[  339.847912][ T9400] F2FS-fs (loop3): invalid crc value
[  339.853422][ T9325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  339.892201][ T9400] F2FS-fs (loop3): Found nat_bits in checkpoint
[  339.943971][ T9325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.028334][ T9400] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  340.041906][ T9153] 8021q: adding VLAN 0 to HW filter on device team0
[  340.084833][ T9325] hsr_slave_0: entered promiscuous mode
[  340.106961][ T9325] hsr_slave_1: entered promiscuous mode
[  340.144406][ T9325] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  340.152030][ T9325] Cannot create hsr debugfs directory
[  340.255248][ T5237] Bluetooth: hci4: command tx timeout
[  340.266721][ T5239] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.273933][ T5239] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.294227][ T5281] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.301418][ T5281] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.586241][ T9409] loop1: detected capacity change from 0 to 32768
[  340.620492][ T9409] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.857 (9409)
[  340.689481][ T9409] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  340.721406][ T9409] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  340.754052][ T9409] BTRFS info (device loop1): using free-space-tree
[  340.932911][ T9414] loop4: detected capacity change from 0 to 32768
[  340.976249][ T9414] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.858 (9414)
[  340.991680][ T9153] 8021q: adding VLAN 0 to HW filter on device batadv0
[  341.026735][ T9414] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  341.052460][ T9414] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  341.062694][ T9414] BTRFS info (device loop4): using free-space-tree
[  341.122434][ T9153] veth0_vlan: entered promiscuous mode
[  341.137362][ T9153] veth1_vlan: entered promiscuous mode
[  341.178477][ T9416] loop3: detected capacity change from 0 to 32768
[  341.202940][ T9153] veth0_macvtap: entered promiscuous mode
[  341.229450][ T9409] loop1: detected capacity change from 32768 to 0
[  341.239099][ T9409] syz.1.857: attempt to access beyond end of device
[  341.239099][ T9409] loop1: rw=2049, sector=10560, nr_sectors = 8 limit=0
[  341.242457][ T9153] veth1_macvtap: entered promiscuous mode
[  341.254438][ T9409] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  341.292247][ T9414] BTRFS info (device loop4): rebuilding free space tree
[  341.347884][ T9414] BTRFS info (device loop4): checking UUID tree
[  341.386271][   T11] kworker/u8:0: attempt to access beyond end of device
[  341.386271][   T11] loop1: rw=4097, sector=10704, nr_sectors = 8 limit=0
[  341.399711][ T9153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.410425][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  341.423406][   T11] kworker/u8:0: attempt to access beyond end of device
[  341.423406][   T11] loop1: rw=4097, sector=10712, nr_sectors = 8 limit=0
[  341.441160][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  341.452380][   T11] kworker/u8:0: attempt to access beyond end of device
[  341.452380][   T11] loop1: rw=4097, sector=10720, nr_sectors = 8 limit=0
[  341.452760][ T9153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.473645][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  341.480961][ T9153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.493834][   T11] kworker/u8:0: attempt to access beyond end of device
[  341.493834][   T11] loop1: rw=4097, sector=10728, nr_sectors = 8 limit=0
[  341.501744][ T9153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.526358][ T9153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.534809][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0
[  341.550100][ T9153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.557379][   T11] kworker/u8:0: attempt to access beyond end of device
[  341.557379][   T11] loop1: rw=4097, sector=13448, nr_sectors = 8 limit=0
[  341.566101][ T9153] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.598077][ T9153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.609119][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 6, rd 0, flush 0, corrupt 0, gen 0
[  341.613257][ T9153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.620971][ T7990] BTRFS error (device loop1 state A): Transaction aborted (error -5)
[  341.644603][ T7990] BTRFS: error (device loop1 state A) in __btrfs_free_extent:3209: errno=-5 IO failure
[  341.662136][ T7990] BTRFS info (device loop1 state EA): forced readonly
[  341.669316][ T9153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.680017][ T7990] BTRFS error (device loop1 state EA): failed to run delayed ref for logical 5345280 num_bytes 65536 type 178 action 2 ref_mod 1: -5
[  341.696200][ T9153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.706179][ T9153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.717102][ T7990] BTRFS: error (device loop1 state EA) in btrfs_run_delayed_refs:2199: errno=-5 IO failure
[  341.727789][ T9153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.737990][ T7990] BTRFS info (device loop1 state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  341.752600][ T9435] BTRFS: error (device loop1 state EAL) in free_log_tree:3269: errno=-5 IO failure
[  341.765686][ T9153] batman_adv: batadv0: Interface activated: batadv_slave_1
[  341.853231][ T9153] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  341.880334][ T9153] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  341.889639][ T9153] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  341.889996][ T8312] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  341.899538][ T9153] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.962494][ T9325] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  342.007250][ T9325] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  342.075821][ T9325] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  342.145088][ T9325] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  342.205668][ T9458] loop1: detected capacity change from 0 to 64
[  342.333864][ T5237] Bluetooth: hci4: command tx timeout
[  342.518494][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.547726][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.772860][ T9325] 8021q: adding VLAN 0 to HW filter on device bond0
[  342.838836][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.884177][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.529432][ T9325] 8021q: adding VLAN 0 to HW filter on device team0
[  344.637301][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.644539][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  344.680391][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.687729][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  344.761955][ T9464] loop4: detected capacity change from 0 to 32768
[  344.822619][   T29] audit: type=1800 audit(1722048232.837:86): pid=9464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.862" name="bus" dev="loop4" ino=7 res=0 errno=0
[  344.840039][ T9325] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  345.191648][ T9463] loop3: detected capacity change from 0 to 40427
[  345.275356][ T9463] F2FS-fs (loop3): Found nat_bits in checkpoint
[  345.332263][ T9325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  345.417371][ T9463] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  345.459739][ T9325] veth0_vlan: entered promiscuous mode
[  345.508366][ T9325] veth1_vlan: entered promiscuous mode
[  345.601652][ T9325] veth0_macvtap: entered promiscuous mode
[  345.618754][ T9473] loop2: detected capacity change from 0 to 32768
[  345.630178][ T9325] veth1_macvtap: entered promiscuous mode
[  345.646160][ T9473] btrfs: Deprecated parameter 'usebackuproot'
[  345.684684][ T9473] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  345.709165][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.720333][ T9473] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.804 (9473)
[  345.744161][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.773920][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.797437][ T9473] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  345.810629][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.834256][ T9473] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  345.837627][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.842990][ T9473] BTRFS info (device loop2): disk space caching is enabled
[  345.863282][ T9477] loop1: detected capacity change from 0 to 32768
[  345.895273][ T9477] BTRFS: device /dev/loop1 (7:1) using temp-fsid b66d7333-b2ec-48c4-ac26-5490dea7db7e
[  345.907369][ T9477] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.869 (9477)
[  345.922587][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.925238][ T9477] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  345.944873][ T9477] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  345.963645][ T9477] BTRFS info (device loop1): using free-space-tree
[  345.973582][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.985266][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.001908][ T9325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  346.012531][   T11] BTRFS warning (device loop2): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  346.041244][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.066066][ T9473] BTRFS warning (device loop2): couldn't read tree root
[  346.077210][ T9473] BTRFS warning (device loop2): try to load backup roots slot 1
[  346.100967][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.115262][ T1183] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  346.130445][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.130753][ T9473] BTRFS warning (device loop2): couldn't read tree root
[  346.152434][ T9520] netlink: 16 bytes leftover after parsing attributes in process `syz.3.873'.
[  346.153894][ T9473] BTRFS warning (device loop2): try to load backup roots slot 2
[  346.172387][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.177710][ T1832] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  346.193446][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.208367][ T9473] BTRFS warning (device loop2): couldn't read tree root
[  346.215844][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.216782][ T9473] BTRFS warning (device loop2): try to load backup roots slot 3
[  346.233563][ T9325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  346.256474][ T9473] BTRFS info (device loop2): rebuilding free space tree
[  346.264408][ T9325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  346.290063][ T9325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  346.332058][ T9325] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  346.356158][ T9473] BTRFS info (device loop2): disabling free space tree
[  346.364004][ T9473] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  346.375718][ T9490] loop4: detected capacity change from 0 to 32768
[  346.382282][ T9325] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  346.387190][ T9473] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  346.413336][ T9490] BTRFS: device /dev/loop4 (7:4) using temp-fsid e6e22d87-420e-4549-99b3-65aaac7cda45
[  346.427305][ T9325] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  346.436640][ T9325] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.453704][ T9490] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.872 (9490)
[  346.485880][ T9490] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  346.525511][ T9490] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  346.567109][ T9490] BTRFS info (device loop4): using free-space-tree
[  346.586598][ T9477] loop1: detected capacity change from 32768 to 0
[  346.640295][ T1183] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.709814][ T1183] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.780056][ T9153] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  346.840206][ T1832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.882168][   T63] kworker/u8:4: attempt to access beyond end of device
[  346.882168][   T63] loop1: rw=4097, sector=10704, nr_sectors = 8 limit=0
[  346.897280][ T1832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.936657][   T63] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  346.961802][   T63] kworker/u8:4: attempt to access beyond end of device
[  346.961802][   T63] loop1: rw=4097, sector=10712, nr_sectors = 8 limit=0
[  346.976651][ T8312] BTRFS info (device loop4): last unmount of filesystem e6e22d87-420e-4549-99b3-65aaac7cda45
[  346.990101][   T63] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  347.025166][   T63] kworker/u8:4: attempt to access beyond end of device
[  347.025166][   T63] loop1: rw=4097, sector=10720, nr_sectors = 8 limit=0
[  347.039159][   T63] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  347.052573][   T63] kworker/u8:4: attempt to access beyond end of device
[  347.052573][   T63] loop1: rw=4097, sector=10728, nr_sectors = 8 limit=0
[  347.067121][   T63] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  347.087955][   T63] kworker/u8:4: attempt to access beyond end of device
[  347.087955][   T63] loop1: rw=4097, sector=13448, nr_sectors = 8 limit=0
[  347.102051][   T63] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0
[  347.115709][ T7990] BTRFS error (device loop1 state A): Transaction aborted (error -5)
[  347.163070][ T7990] BTRFS: error (device loop1 state A) in __btrfs_free_extent:3209: errno=-5 IO failure
[  347.191509][ T7990] BTRFS info (device loop1 state EA): forced readonly
[  347.222495][ T7990] BTRFS error (device loop1 state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5
[  347.275761][ T7990] BTRFS: error (device loop1 state EA) in btrfs_run_delayed_refs:2199: errno=-5 IO failure
[  347.312458][ T9522] BTRFS: error (device loop1 state EAL) in free_log_tree:3269: errno=-5 IO failure
[  347.322357][ T7990] BTRFS info (device loop1 state EAL): last unmount of filesystem b66d7333-b2ec-48c4-ac26-5490dea7db7e
[  348.656304][ T9552] loop0: detected capacity change from 0 to 32768
[  348.811214][ T9552] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  349.185241][ T9552] XFS (loop0): Ending clean mount
[  349.216363][ T9552] XFS (loop0): Quotacheck needed: Please wait.
[  349.225852][ T9562] loop2: detected capacity change from 0 to 32768
[  349.252733][ T9562] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.882 (9562)
[  349.281855][ T9562] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  349.334044][ T9562] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  349.351476][ T9552] XFS (loop0): Quotacheck: Done.
[  349.369439][ T9562] BTRFS info (device loop2): using free-space-tree
[  349.524465][ T9559] loop1: detected capacity change from 0 to 40427
[  349.543882][ T9559] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  349.553614][   T29] audit: type=1804 audit(1722048237.567:87): pid=9581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.878" name="/newroot/1/file0/bus" dev="loop0" ino=9292 res=1 errno=0
[  349.580387][ T9559] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  349.645027][ T9559] F2FS-fs (loop1): Found nat_bits in checkpoint
[  349.650299][ T9325] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  349.769180][ T9559] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  349.778130][ T9559] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  349.792090][ T9562] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  349.908801][   T29] audit: type=1800 audit(1722048237.927:88): pid=9559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.875" name="bus" dev="loop1" ino=10 res=0 errno=0
[  349.956116][ T9153] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  349.956853][ T9559] syz.1.875: attempt to access beyond end of device
[  349.956853][ T9559] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  350.041802][ T9559] syz.1.875: attempt to access beyond end of device
[  350.041802][ T9559] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  350.169672][ T7990] syz-executor: attempt to access beyond end of device
[  350.169672][ T7990] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  350.212790][ T9608] loop0: detected capacity change from 0 to 256
[  350.273569][ T7990] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  350.345794][ T9608] FAT-fs (loop0): Directory bread(block 64) failed
[  350.389927][ T9608] FAT-fs (loop0): Directory bread(block 65) failed
[  350.414173][ T9608] FAT-fs (loop0): Directory bread(block 66) failed
[  350.420769][ T9608] FAT-fs (loop0): Directory bread(block 67) failed
[  350.454736][ T9608] FAT-fs (loop0): Directory bread(block 68) failed
[  350.484088][ T9608] FAT-fs (loop0): Directory bread(block 69) failed
[  350.490769][ T9608] FAT-fs (loop0): Directory bread(block 70) failed
[  350.541863][ T9608] FAT-fs (loop0): Directory bread(block 71) failed
[  350.558999][ T9608] FAT-fs (loop0): Directory bread(block 72) failed
[  350.583693][ T9608] FAT-fs (loop0): Directory bread(block 73) failed
[  350.760144][ T9594] loop3: detected capacity change from 0 to 32768
[  350.806177][ T9594] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.885 (9594)
[  350.873819][ T9594] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  350.905674][ T9594] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  350.916906][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  350.933915][ T9594] BTRFS info (device loop3): using free-space-tree
[  350.943802][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  350.971512][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.001221][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.021592][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.029087][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.036773][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.044315][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.051978][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.062699][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.084083][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.091840][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.099563][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.107450][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.119078][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.126905][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.136945][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.145772][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.164034][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.171796][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.184098][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.196559][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.204218][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.217928][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.230149][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.253594][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.278641][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.294582][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.302237][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.310270][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.323596][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.348087][ T5282] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  351.403749][ T9594] loop3: detected capacity change from 32768 to 0
[  351.447661][ T9644] syz.3.885: attempt to access beyond end of device
[  351.447661][ T9644] loop3: rw=2049, sector=10560, nr_sectors = 8 limit=0
[  351.462444][ T5282] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  351.522638][ T9644] BTRFS error (device loop3): bdev /dev/loop3 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  351.637051][ T9646] loop1: detected capacity change from 0 to 1024
[  351.654373][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.895'.
[  351.663357][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.895'.
[  351.692646][ T9642] can: request_module (can-proto-0) failed.
[  351.863961][ T9646] loop1: detected capacity change from 0 to 128
[  351.888140][ T9646] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  351.898317][ T9646] FAT-fs (loop1): Filesystem has been set read-only
[  351.905032][ T9646] syz.1.891: attempt to access beyond end of device
[  351.905032][ T9646] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  351.920779][ T9646] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  351.928709][ T9646] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  351.942766][ T9646] syz.1.891: attempt to access beyond end of device
[  351.942766][ T9646] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  351.956217][   T29] audit: type=1800 audit(1722048239.977:89): pid=9646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.891" name="file2" dev="loop1" ino=1048815 res=0 errno=0
[  352.392084][ T2932] kworker/u8:9: attempt to access beyond end of device
[  352.392084][ T2932] loop3: rw=4097, sector=10704, nr_sectors = 8 limit=0
[  352.405842][ T2932] BTRFS error (device loop3): bdev /dev/loop3 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  352.421605][ T2932] kworker/u8:9: attempt to access beyond end of device
[  352.421605][ T2932] loop3: rw=4097, sector=10712, nr_sectors = 8 limit=0
[  352.535519][ T2932] BTRFS error (device loop3): bdev /dev/loop3 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  352.547804][ T9659] loop1: detected capacity change from 0 to 8
[  352.589280][ T2932] kworker/u8:9: attempt to access beyond end of device
[  352.589280][ T2932] loop3: rw=4097, sector=10720, nr_sectors = 8 limit=0
[  352.642658][ T2932] BTRFS error (device loop3): bdev /dev/loop3 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  352.690102][ T2932] kworker/u8:9: attempt to access beyond end of device
[  352.690102][ T2932] loop3: rw=4097, sector=10728, nr_sectors = 8 limit=0
[  353.329007][ T2932] BTRFS error (device loop3): bdev /dev/loop3 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0
[  353.346922][ T9661] vlan1: entered promiscuous mode
[  353.369455][ T9660] vlan1: left promiscuous mode
[  353.379771][ T2932] kworker/u8:9: attempt to access beyond end of device
[  353.379771][ T2932] loop3: rw=4097, sector=13448, nr_sectors = 8 limit=0
[  353.423616][ T2932] BTRFS error (device loop3): bdev /dev/loop3 errs: wr 6, rd 0, flush 0, corrupt 0, gen 0
[  353.445658][ T8315] BTRFS error (device loop3 state A): Transaction aborted (error -5)
[  353.479766][ T8315] BTRFS: error (device loop3 state A) in __btrfs_free_extent:3209: errno=-5 IO failure
[  353.508997][ T8315] BTRFS info (device loop3 state EA): forced readonly
[  353.517807][ T8315] BTRFS error (device loop3 state EA): failed to run delayed ref for logical 5345280 num_bytes 65536 type 178 action 2 ref_mod 1: -5
[  353.539420][ T8315] BTRFS: error (device loop3 state EA) in btrfs_run_delayed_refs:2199: errno=-5 IO failure
[  353.552595][ T8315] BTRFS info (device loop3 state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  353.564301][ T9636] BTRFS: error (device loop3 state EAL) in free_log_tree:3269: errno=-5 IO failure
[  353.887880][ T9664] loop4: detected capacity change from 0 to 512
[  354.089998][ T9664] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.899: invalid indirect mapped block 256 (level 2)
[  354.166785][ T9664] EXT4-fs (loop4): 2 truncates cleaned up
[  354.201661][ T9664] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.223663][ T6758] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  354.433697][ T6758] usb 2-1: Using ep0 maxpacket: 16
[  354.441336][ T6758] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  354.478172][ T6758] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  354.507563][ T6758] usb 2-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  354.523261][ T9673] loop2: detected capacity change from 0 to 1024
[  354.529731][ T6758] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.546022][ T6758] usb 2-1: config 0 descriptor??
[  354.562650][ T9673] hfsplus: failed to load root directory
[  354.724307][ T5237] Bluetooth: hci3: unexpected subevent 0x01 length: 78 > 18
[  354.846496][ T9675] loop2: detected capacity change from 0 to 1024
[  354.938076][ T9675] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  354.956684][   T29] audit: type=1800 audit(1722048242.977:90): pid=9664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.899" name="file1" dev="loop4" ino=15 res=0 errno=0
[  355.080574][ T8312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.145821][ T6758] usbhid 2-1:0.0: can't add hid device: -71
[  355.172422][ T6758] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  355.223669][ T5367] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  355.259895][ T6758] usb 2-1: USB disconnect, device number 7
[  355.397620][ T9670] loop3: detected capacity change from 0 to 32768
[  355.456708][ T5367] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  355.466387][ T9670] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  355.476273][ T5367] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.495537][ T5367] usb 1-1: config 0 descriptor??
[  355.509710][ T5367] cp210x 1-1:0.0: cp210x converter detected
[  355.738941][ T9679] loop0: detected capacity change from 0 to 128
[  355.802543][ T9670] XFS (loop3): Ending clean mount
[  355.807940][ T9679] FAT-fs (loop0): bogus number of FAT sectors
[  355.818792][ T9670] XFS (loop3): Quotacheck needed: Please wait.
[  355.827770][ T9679] FAT-fs (loop0): Can't find a valid FAT filesystem
[  355.908227][ T5367] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71
[  355.916434][ T9670] XFS (loop3): Quotacheck: Done.
[  355.936264][ T5367] cp210x 1-1:0.0: querying part number failed
[  355.962128][ T5367] usb 1-1: cp210x converter now attached to ttyUSB0
[  355.995842][ T5367] usb 1-1: USB disconnect, device number 6
[  356.025301][ T5367] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  356.041058][ T5367] cp210x 1-1:0.0: device disconnected
[  356.115185][   T29] audit: type=1804 audit(1722048244.137:91): pid=9670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.896" name="/newroot/68/file0/bus" dev="loop3" ino=9292 res=1 errno=0
[  356.220331][ T8315] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  356.489309][ T9681] loop4: detected capacity change from 0 to 32768
[  356.712432][ T9681] XFS: ikeep mount option is deprecated.
[  356.824449][ T9681] XFS: ikeep mount option is deprecated.
[  356.943901][ T9704] vlan1: entered promiscuous mode
[  357.065851][ T9703] vlan1: left promiscuous mode
[  357.197239][ T9681] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  357.209459][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  357.276738][ T9715] loop2: detected capacity change from 0 to 2048
[  357.459361][ T9715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.523863][   T29] audit: type=1800 audit(1722048245.537:92): pid=9715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.911" name="file1" dev="loop2" ino=15 res=0 errno=0
[  357.559506][ T9681] XFS (loop4): Ending clean mount
[  357.814158][ T9715] loop2: detected capacity change from 2048 to 2047
[  358.318043][ T9734] EXT4-fs error (device loop2): ext4_xattr_ibody_get:653: inode #15: comm syz.2.911: corrupted in-inode xattr: bad magic number in in-inode xattr
[  358.424940][ T8312] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  358.436172][ T9153] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /8/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=46, rec_len=2, size=2048 fake=0
[  358.520048][ T9153] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.748898][ T2565] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.052955][ T2565] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.675949][ T2565] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.786048][ T9769] loop0: detected capacity change from 0 to 64
[  360.848077][ T2565] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.863345][ T9769] Trying to free block not in datazone
[  360.899474][ T5281] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  360.899562][ T9769] Trying to free block not in datazone
[  360.978762][ T9769] Trying to free block not in datazone
[  361.003626][ T9769] Trying to free block not in datazone
[  361.029655][ T9769] Trying to free block not in datazone
[  361.057256][ T9769] minix_free_block (loop0:6): bit already cleared
[  361.107229][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.118246][ T9769] Trying to free block not in datazone
[  361.118281][ T9769] Trying to free block not in datazone
[  361.151782][ T5247] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  361.168412][ T5247] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  361.178502][ T5247] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  361.183586][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.197440][ T5247] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  361.203760][ T2565] bridge_slave_1: left allmulticast mode
[  361.218088][ T5247] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  361.223673][ T2565] bridge_slave_1: left promiscuous mode
[  361.231054][ T5247] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  361.232076][ T2565] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.279186][ T5281] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  361.290375][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.309194][ T2565] bridge_slave_0: left allmulticast mode
[  361.326075][ T5281] usb 4-1: config 0 descriptor??
[  361.331240][ T2565] bridge_slave_0: left promiscuous mode
[  361.359922][ T2565] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.550150][ T9766] loop1: detected capacity change from 0 to 32768
[  361.594212][ T9766] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.927 (9766)
[  361.649137][ T9766] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  361.669911][ T9766] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  361.718773][ T9766] BTRFS info (device loop1): using free-space-tree
[  361.801628][ T5281] sony 0003:054C:0268.0006: hiddev0,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.3-1/input0
[  361.853650][ T5281] sony 0003:054C:0268.0006: failed to claim input
[  361.962998][   T46] usb 4-1: USB disconnect, device number 8
[  362.091762][   T29] audit: type=1804 audit(1722048250.107:93): pid=9796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.931" name="/newroot/90/file0" dev="9p" ino=2 res=1 errno=0
[  362.177531][ T9766] loop1: detected capacity change from 32768 to 0
[  362.299585][   T11] kworker/u8:0: attempt to access beyond end of device
[  362.299585][   T11] loop1: rw=4097, sector=10704, nr_sectors = 8 limit=0
[  362.319407][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  362.350298][   T11] kworker/u8:0: attempt to access beyond end of device
[  362.350298][   T11] loop1: rw=4097, sector=10712, nr_sectors = 8 limit=0
[  362.370025][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  362.400947][   T11] kworker/u8:0: attempt to access beyond end of device
[  362.400947][   T11] loop1: rw=4097, sector=10720, nr_sectors = 8 limit=0
[  362.433567][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  362.450141][   T11] kworker/u8:0: attempt to access beyond end of device
[  362.450141][   T11] loop1: rw=4097, sector=10728, nr_sectors = 8 limit=0
[  362.483654][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  362.493973][   T11] kworker/u8:0: attempt to access beyond end of device
[  362.493973][   T11] loop1: rw=4097, sector=13448, nr_sectors = 8 limit=0
[  362.511396][   T11] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0
[  362.523406][ T7990] BTRFS error (device loop1 state A): Transaction aborted (error -5)
[  362.547735][ T7990] BTRFS: error (device loop1 state A) in __btrfs_free_extent:3209: errno=-5 IO failure
[  362.568938][ T7990] BTRFS info (device loop1 state EA): forced readonly
[  362.576173][ T7990] BTRFS error (device loop1 state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5
[  362.586124][ T9806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.936'.
[  362.602024][ T7990] BTRFS: error (device loop1 state EA) in btrfs_run_delayed_refs:2199: errno=-5 IO failure
[  362.645974][ T7990] BTRFS info (device loop1 state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  362.669448][ T9794] BTRFS: error (device loop1 state EAL) in free_log_tree:3269: errno=-5 IO failure
[  362.897168][ T2565] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  363.220692][ T2565] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  363.311568][ T5247] Bluetooth: hci3: command tx timeout
[  363.442133][ T2565] bond0 (unregistering): Released all slaves
[  363.644440][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.936'.
[  363.772962][ T9821] loop4: detected capacity change from 0 to 256
[  363.916818][ T9815] team0: entered promiscuous mode
[  363.921048][ T9821] FAT-fs (loop4): Directory bread(block 64) failed
[  363.938829][ T9815] team_slave_0: entered promiscuous mode
[  363.940815][ T9821] FAT-fs (loop4): Directory bread(block 65) failed
[  363.952166][ T9821] FAT-fs (loop4): Directory bread(block 66) failed
[  363.959531][ T9815] team_slave_1: entered promiscuous mode
[  363.969559][ T9821] FAT-fs (loop4): Directory bread(block 67) failed
[  363.991093][ T9815] team0: left promiscuous mode
[  363.993175][ T9821] FAT-fs (loop4): Directory bread(block 68) failed
[  363.996421][ T9815] team_slave_0: left promiscuous mode
[  364.006723][ T9821] FAT-fs (loop4): Directory bread(block 69) failed
[  364.009191][    T8] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  364.016039][ T9821] FAT-fs (loop4): Directory bread(block 70) failed
[  364.023980][ T9815] team_slave_1: left promiscuous mode
[  364.028957][ T9821] FAT-fs (loop4): Directory bread(block 71) failed
[  364.053694][ T9821] FAT-fs (loop4): Directory bread(block 72) failed
[  364.060266][ T9821] FAT-fs (loop4): Directory bread(block 73) failed
[  364.179529][ T9775] ip6gretap0 speed is unknown, defaulting to 1000
[  364.213661][    T8] usb 4-1: Using ep0 maxpacket: 16
[  364.241461][    T8] usb 4-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  364.244950][ T1183] kworker/u8:6: attempt to access beyond end of device
[  364.244950][ T1183] loop4: rw=1, sector=1224, nr_sectors = 12 limit=256
[  364.250982][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.298514][    T8] usb 4-1: Product: syz
[  364.302732][    T8] usb 4-1: Manufacturer: syz
[  364.323091][    T8] usb 4-1: SerialNumber: syz
[  364.330413][    T8] usb 4-1: config 0 descriptor??
[  364.338581][    T8] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  364.623428][ T2565] hsr_slave_0: left promiscuous mode
[  364.642069][ T2565] hsr_slave_1: left promiscuous mode
[  364.648539][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  364.658756][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_0
[  364.674768][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  364.683905][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_1
[  364.889592][ T9843] input: syz0 as /devices/virtual/input/input7
[  365.454181][ T5247] Bluetooth: hci3: command tx timeout
[  365.693646][ T5247] Bluetooth: hci2: command 0x0406 tx timeout
[  365.743732][ T2565] veth1_macvtap: left promiscuous mode
[  365.789686][ T2565] veth0_macvtap: left promiscuous mode
[  365.820657][ T2565] veth1_vlan: left promiscuous mode
[  365.820711][ T9851] loop1: detected capacity change from 0 to 16
[  365.907361][ T9851] erofs: (device loop1): mounted with root inode @ nid 36.
[  366.054001][ T2565] veth0_vlan: left promiscuous mode
[  366.436230][    T8] gp8psk: usb in 128 operation failed.
[  366.476955][    T8] gp8psk: usb in 137 operation failed.
[  366.489014][    T8] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  366.503645][    T8] dvb_usb_gp8psk 4-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  367.365086][ T9859] netlink: 8 bytes leftover after parsing attributes in process `syz.4.950'.
[  367.403760][ T9859] netlink: 8 bytes leftover after parsing attributes in process `syz.4.950'.
[  367.534438][ T5237] Bluetooth: hci3: command tx timeout
[  367.617450][ T9870] loop0: detected capacity change from 0 to 1024
[  367.640552][ T9870] EXT4-fs: Ignoring removed i_version option
[  367.658184][ T9870] EXT4-fs (loop0): stripe (255) is not aligned with cluster size (16), stripe is disabled
[  367.811590][ T9870] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.898765][   T29] audit: type=1800 audit(1722048255.917:94): pid=9870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.953" name="bus" dev="loop0" ino=18 res=0 errno=0
[  367.995030][ T9870] loop0: detected capacity change from 1024 to 3
[  368.052721][ T9877] syz.0.953: attempt to access beyond end of device
[  368.052721][ T9877] loop0: rw=524288, sector=12, nr_sectors = 2 limit=3
[  368.103796][ T9877] syz.0.953: attempt to access beyond end of device
[  368.103796][ T9877] loop0: rw=524288, sector=14, nr_sectors = 2 limit=3
[  368.132376][ T9877] syz.0.953: attempt to access beyond end of device
[  368.132376][ T9877] loop0: rw=524288, sector=16, nr_sectors = 2 limit=3
[  368.180652][ T9877] syz.0.953: attempt to access beyond end of device
[  368.180652][ T9877] loop0: rw=524288, sector=20, nr_sectors = 2 limit=3
[  368.200417][ T9877] syz.0.953: attempt to access beyond end of device
[  368.200417][ T9877] loop0: rw=524288, sector=22, nr_sectors = 2 limit=3
[  368.218458][ T9877] syz.0.953: attempt to access beyond end of device
[  368.218458][ T9877] loop0: rw=12288, sector=18, nr_sectors = 2 limit=3
[  368.239352][ T9877] EXT4-fs error (device loop0): ext4_get_inode_loc:4574: inode #18: block 9: comm syz.0.953: unable to read itable block
[  368.257733][ T9877] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5810: IO failure
[  368.271008][ T9877] EXT4-fs error (device loop0): ext4_dirty_inode:6014: inode #18: comm syz.0.953: mark_inode_dirty error
[  368.301451][ T9877] syz.0.953: attempt to access beyond end of device
[  368.301451][ T9877] loop0: rw=524288, sector=12, nr_sectors = 2 limit=3
[  368.319238][ T9877] syz.0.953: attempt to access beyond end of device
[  368.319238][ T9877] loop0: rw=524288, sector=14, nr_sectors = 2 limit=3
[  368.333316][ T9877] syz.0.953: attempt to access beyond end of device
[  368.333316][ T9877] loop0: rw=524288, sector=16, nr_sectors = 2 limit=3
[  368.352879][ T9877] syz.0.953: attempt to access beyond end of device
[  368.352879][ T9877] loop0: rw=524288, sector=20, nr_sectors = 2 limit=3
[  368.372096][ T9877] EXT4-fs error (device loop0): ext4_get_inode_loc:4574: inode #18: block 9: comm syz.0.953: unable to read itable block
[  368.394807][ T9877] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5810: IO failure
[  368.407214][ T9877] EXT4-fs error (device loop0): ext4_dirty_inode:6014: inode #18: comm syz.0.953: mark_inode_dirty error
[  368.489527][ T9877] EXT4-fs error (device loop0): ext4_wait_block_bitmap:584: comm syz.0.953: Cannot read block bitmap - block_group = 0, block_bitmap = 3
[  368.559877][ T9877] EXT4-fs error (device loop0): ext4_wait_block_bitmap:584: comm syz.0.953: Cannot read block bitmap - block_group = 0, block_bitmap = 3
[  368.565547][ T9879] loop4: detected capacity change from 0 to 512
[  368.595062][ T9877] EXT4-fs error (device loop0): ext4_get_inode_loc:4574: inode #18: block 9: comm syz.0.953: unable to read itable block
[  368.619770][ T9877] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5810: IO failure
[  368.623828][ T5367] usb 4-1: USB disconnect, device number 9
[  368.637633][ T2565] team0 (unregistering): Port device team_slave_1 removed
[  368.657919][ T9879] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.693730][ T9879] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  368.810674][ T8312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.842596][ T9325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.864178][ T2565] team0 (unregistering): Port device team_slave_0 removed
[  368.937190][ T9874] buffer_io_error: 6 callbacks suppressed
[  368.937210][ T9874] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[  369.613560][    C1] DEBUG: holding rtnl_mutex for 506 jiffies.
[  369.619602][    C1] task:kworker/u8:8    state:D stack:20248 pid:2565  tgid:2565  ppid:2      flags:0x00004000
[  369.629874][    C1] Workqueue: netns cleanup_net
[  369.632916][ T5247] Bluetooth: hci3: command tx timeout
[  369.634696][    C1] Call Trace:
[  369.634708][    C1]  <TASK>
[  369.634726][    C1]  __schedule+0x1800/0x4a60
[  369.634778][    C1]  ? __pfx___schedule+0x10/0x10
[  369.634809][    C1]  ? __pfx_lock_release+0x10/0x10
[  369.660766][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  369.666716][    C1]  ? kthread_data+0x52/0xd0
[  369.671240][    C1]  ? wq_worker_sleeping+0x66/0x240
[  369.676380][    C1]  ? schedule+0x90/0x320
[  369.680617][    C1]  schedule+0x14b/0x320
[  369.684825][    C1]  synchronize_rcu_expedited+0x684/0x830
[  369.690470][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  369.696693][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  369.702006][    C1]  ? __pfx___might_resched+0x10/0x10
[  369.707325][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  369.713407][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  369.719528][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  369.725910][    C1]  synchronize_rcu+0x11b/0x360
[  369.730676][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  369.736027][    C1]  lockdep_unregister_key+0x4b7/0x540
[  369.741428][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  369.747402][    C1]  ? rcu_is_watching+0x15/0xb0
[  369.752268][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  369.756886][    C1]  __qdisc_destroy+0x165/0x410
[  369.761643][    C1]  dev_shutdown+0x357/0x450
[  369.766202][    C1]  unregister_netdevice_many_notify+0x97b/0x1c40
[  369.772557][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  369.779353][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  369.785308][    C1]  ? batadv_softif_destroy_netlink+0x1e3/0x270
[  369.791572][    C1]  default_device_exit_batch+0xa0f/0xa90
[  369.797238][    C1]  ? __pfx___might_resched+0x10/0x10
[  369.802869][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  369.809057][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  369.814383][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  369.820581][    C1]  cleanup_net+0x89d/0xcc0
[  369.825072][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  369.830026][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[  369.835428][    C1]  ? process_scheduled_works+0x945/0x1830
[  369.841140][    C1]  process_scheduled_works+0xa2c/0x1830
[  369.846772][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  369.852776][    C1]  ? assign_work+0x364/0x3d0
[  369.857395][    C1]  worker_thread+0x86d/0xd40
[  369.861989][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  369.867922][    C1]  ? __kthread_parkme+0x169/0x1d0
[  369.872947][    C1]  ? __pfx_worker_thread+0x10/0x10
[  369.878096][    C1]  kthread+0x2f0/0x390
[  369.882158][    C1]  ? __pfx_worker_thread+0x10/0x10
[  369.887326][    C1]  ? __pfx_kthread+0x10/0x10
[  369.891911][    C1]  ret_from_fork+0x4b/0x80
[  369.896458][    C1]  ? __pfx_kthread+0x10/0x10
[  369.901055][    C1]  ret_from_fork_asm+0x1a/0x30
[  369.905847][    C1]  </TASK>
[  369.908877][    C1] DEBUG: waiting rtnl_mutex for 534 jiffies.
[  369.914904][    C1] task:syz-executor    state:D stack:24992 pid:9775  tgid:9775  ppid:9757   flags:0x00000000
[  369.925224][    C1] Call Trace:
[  369.928511][    C1]  <TASK>
[  369.931449][    C1]  __schedule+0x1800/0x4a60
[  369.936079][    C1]  ? __pfx___schedule+0x10/0x10
[  369.940926][    C1]  ? __pfx_lock_release+0x10/0x10
[  369.946010][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  369.951489][    C1]  ? schedule+0x90/0x320
[  369.955782][    C1]  schedule+0x14b/0x320
[  369.959961][    C1]  schedule_preempt_disabled+0x13/0x30
[  369.965453][    C1]  __mutex_lock+0x6a4/0xd70
[  369.969954][    C1]  ? __mutex_lock+0x527/0xd70
[  369.974678][    C1]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  369.979817][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  369.984953][    C1]  ? get_rtnl_holder+0x144/0x190
[  369.989887][    C1]  rtnetlink_rcv_msg+0x6eb/0xd00
[  369.994852][    C1]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  369.999959][    C1]  ? __lock_acquire+0x1384/0x2050
[  370.005047][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  370.010537][    C1]  netlink_rcv_skb+0x1e3/0x430
[  370.015349][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  370.020831][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  370.026216][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  370.031491][    C1]  netlink_unicast+0x7f6/0x990
[  370.036355][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  370.041679][    C1]  ? __virt_addr_valid+0x183/0x530
[  370.046849][    C1]  ? __check_object_size+0x49c/0x900
[  370.052140][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  370.057350][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  370.062126][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.067587][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  370.073639][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  370.078596][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  370.083929][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  370.089399][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.094703][    C1]  __sock_sendmsg+0x221/0x270
[  370.099373][    C1]  __sys_sendto+0x3a4/0x4f0
[  370.103933][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  370.108983][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  370.115024][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  370.121380][    C1]  __x64_sys_sendto+0xde/0x100
[  370.126176][    C1]  do_syscall_64+0xf3/0x230
[  370.130697][    C1]  ? clear_bhb_loop+0x35/0x90
[  370.135419][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.141410][    C1] RIP: 0033:0x7f02cb97902c
[  370.145869][    C1] RSP: 002b:00007ffe6bb73f50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  370.154377][    C1] RAX: ffffffffffffffda RBX: 00007f02cc634620 RCX: 00007f02cb97902c
[  370.162367][    C1] RDX: 0000000000000028 RSI: 00007f02cc634670 RDI: 0000000000000003
[  370.170371][    C1] RBP: 0000000000000000 R08: 00007ffe6bb73fa4 R09: 000000000000000c
[  370.178363][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  370.186384][    C1] R13: 0000000000000000 R14: 00007f02cc634670 R15: 0000000000000000
[  370.194522][    C1]  </TASK>
[  370.197551][    C1] DEBUG: waiting rtnl_mutex for 554 jiffies.
[  370.203557][    C1] task:kworker/1:1     state:D stack:22224 pid:46    tgid:46    ppid:2      flags:0x00004000
[  370.213760][    C1] Workqueue: events linkwatch_event
[  370.218959][    C1] Call Trace:
[  370.222310][    C1]  <TASK>
[  370.225268][    C1]  __schedule+0x1800/0x4a60
[  370.229814][    C1]  ? __pfx___schedule+0x10/0x10
[  370.234749][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  370.241269][    C1]  ? __pfx_lock_release+0x10/0x10
[  370.246320][    C1]  ? kick_pool+0x1bd/0x620
[  370.250735][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  370.255957][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  370.261151][    C1]  ? schedule+0x90/0x320
[  370.265523][    C1]  schedule+0x14b/0x320
[  370.269728][    C1]  schedule_preempt_disabled+0x13/0x30
[  370.275214][    C1]  __mutex_lock+0x6a4/0xd70
[  370.279711][    C1]  ? __mutex_lock+0x527/0xd70
[  370.284426][    C1]  ? linkwatch_event+0xe/0x60
[  370.289110][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  370.294186][    C1]  ? get_rtnl_holder+0x144/0x190
[  370.299137][    C1]  ? process_scheduled_works+0x945/0x1830
[  370.304875][    C1]  linkwatch_event+0xe/0x60
[  370.309369][    C1]  process_scheduled_works+0xa2c/0x1830
[  370.314950][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  370.320930][    C1]  ? assign_work+0x364/0x3d0
[  370.325580][    C1]  worker_thread+0x86d/0xd40
[  370.330196][    C1]  ? __kthread_parkme+0x169/0x1d0
[  370.335252][    C1]  ? __pfx_worker_thread+0x10/0x10
[  370.340357][    C1]  kthread+0x2f0/0x390
[  370.344596][    C1]  ? __pfx_worker_thread+0x10/0x10
[  370.349773][    C1]  ? __pfx_kthread+0x10/0x10
[  370.354443][    C1]  ret_from_fork+0x4b/0x80
[  370.358980][    C1]  ? __pfx_kthread+0x10/0x10
[  370.363624][    C1]  ret_from_fork_asm+0x1a/0x30
[  370.368394][    C1]  </TASK>
[  370.371403][    C1] 
[  370.371403][    C1] Showing all locks held in the system:
[  370.379142][    C1] 3 locks held by kworker/1:1/46:
[  370.384208][    C1]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  370.395286][    C1]  #1: ffffc90000b67d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  370.406286][    C1]  #2: ffffffff8fc82ac8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  370.415316][    C1] 2 locks held by kworker/u8:6/1183:
[  370.420605][    C1]  #0: ffff888015889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  370.432344][    C1]  #1: ffffc9000465fd00 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  370.445170][    C1] 5 locks held by kworker/u8:8/2565:
[  370.450468][    C1]  #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  370.461421][    C1]  #1: ffffc9000933fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  370.471985][    C1]  #2: ffffffff8fc75f50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  370.481435][    C1]  #3: ffffffff8fc82ac8 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  370.491567][    C1]  #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  370.502491][    C1] 2 locks held by getty/4976:
[  370.507196][    C1]  #0: ffff88802aba70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  370.517004][    C1]  #1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  370.527183][    C1] 3 locks held by kworker/u9:4/5237:
[  370.532471][    C1]  #0: ffff88807daca948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  370.543331][    C1]  #1: ffffc9000362fd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  370.555894][    C1]  #2: ffff888023910d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  370.565807][    C1] 1 lock held by syz-executor/9325:
[  370.571099][    C1]  #0: ffffffff8fc82ac8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  370.580147][    C1] 1 lock held by syz-executor/9775:
[  370.585374][    C1]  #0: ffffffff8fc82ac8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  370.594849][    C1] 3 locks held by syz.1.952/9868:
[  370.599880][    C1]  #0: ffffffff8fce8510 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  370.608088][    C1]  #1: ffffffff8fce83c8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[  370.617086][    C1]  #2: ffffffff8fc82ac8 (rtnl_mutex){+.+.}-{3:3}, at: nl802154_pre_doit+0xb5/0xac0
[  370.626457][    C1] 2 locks held by syz.3.956/9882:
[  370.631486][    C1]  #0: ffffc90009b5fb40 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  370.641616][    C1]  #1: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  370.651513][    C1] 2 locks held by syz.4.958/9887:
[  370.656554][    C1]  #0: ffffffff8fce8510 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  370.664787][    C1]  #1: ffffffff8fce83c8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[  370.673864][    C1] 
[  370.676216][    C1] =============================================
[  370.676216][    C1] 
[  371.213328][ T9890] loop3: detected capacity change from 0 to 40427
[  371.235527][ T9890] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  371.243338][ T9890] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  371.286566][ T9890] F2FS-fs (loop3): invalid crc value
[  371.325461][ T9890] F2FS-fs (loop3): Found nat_bits in checkpoint
[  371.418770][ T9890] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  371.426689][ T9890] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  371.650990][ T9899] loop1: detected capacity change from 0 to 16
[  371.680974][ T9899] erofs: (device loop1): mounted with root inode @ nid 36.
[  371.706117][ T5247] Bluetooth: hci3: command 0x0405 tx timeout
[  371.737048][ T9899] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  371.795341][ T9899] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -18 in[46, 4050] out[1851]
[  371.806913][ T9899] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  371.830070][ T9775] chnl_net:caif_netlink_parms(): no params data found
[  373.042115][ T9775] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.073015][ T9775] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.103906][ T9775] bridge_slave_0: entered allmulticast mode
[  373.111313][ T9775] bridge_slave_0: entered promiscuous mode
[  373.125163][ T9775] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.132545][ T9775] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.215862][ T9775] bridge_slave_1: entered allmulticast mode
[  373.239657][ T9775] bridge_slave_1: entered promiscuous mode
[  373.247573][ T9920] loop3: detected capacity change from 0 to 512
[  373.307016][ T9920] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  373.377990][ T9775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  373.414802][ T9775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  373.600216][ T6758] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  374.099713][ T6758] usb 5-1: Using ep0 maxpacket: 8
[  374.145554][ T6758] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  374.173626][ T6758] usb 5-1: config 0 has no interface number 0
[  374.196650][ T6758] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  374.216700][ T5247] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  374.217784][ T6758] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  374.235456][ T6758] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.237202][ T5247] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  374.253088][ T6758] usb 5-1: config 0 descriptor??
[  374.260151][ T5247] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  374.287412][ T5247] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  374.290153][ T6758] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  374.308352][ T5247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  374.320088][ T5247] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  374.368927][ T9775] team0: Port device team_slave_0 added
[  374.414689][ T9775] team0: Port device team_slave_1 added
[  374.514664][ T9775] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.521655][ T9775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.560335][ T6758] usb 5-1: USB disconnect, device number 10
[  374.578763][ T6758] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected
[  374.583598][ T9775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.616009][ T9775] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.622994][ T9775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.683664][ T9775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  374.695284][ T9925] ip6gretap0 speed is unknown, defaulting to 1000
[  374.791253][ T2565] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.938895][ T9928] loop1: detected capacity change from 0 to 40427
[  374.949229][ T2565] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.951465][ T9928] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  374.973248][ T9928] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  374.991629][ T9928] F2FS-fs (loop1): invalid crc value
[  375.019482][ T9928] F2FS-fs (loop1): Found nat_bits in checkpoint
[  375.031231][ T9930] loop3: detected capacity change from 0 to 32768
[  375.044893][ T9930] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.970 (9930)
[  375.050297][ T9775] hsr_slave_0: entered promiscuous mode
[  375.070449][ T9930] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  375.097102][ T9930] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  375.106566][ T9775] hsr_slave_1: entered promiscuous mode
[  375.121363][ T9928] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  375.123742][ T9930] BTRFS info (device loop3): using free-space-tree
[  375.128792][ T9928] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  375.216457][ T2565] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.394446][   T29] audit: type=1800 audit(1722048263.407:95): pid=9930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.970" name="file1" dev="loop3" ino=260 res=0 errno=0
[  375.511200][ T8315] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  375.547224][ T2565] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.690927][ T9963] loop4: detected capacity change from 0 to 16
[  375.714863][ T9963] erofs: (device loop4): mounted with root inode @ nid 36.
[  375.753071][ T9963] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  375.793622][ T9963] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -18 in[46, 4050] out[1851]
[  375.860796][ T9963] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  376.037759][ T9925] chnl_net:caif_netlink_parms(): no params data found
[  376.337631][ T9967] netlink: 64535 bytes leftover after parsing attributes in process `syz.3.974'.
[  377.018230][ T5237] Bluetooth: hci4: command tx timeout
[  377.146013][ T2565] bridge_slave_1: left allmulticast mode
[  377.151950][ T2565] bridge_slave_1: left promiscuous mode
[  377.167441][ T2565] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.198260][ T2565] bridge_slave_0: left allmulticast mode
[  377.208043][ T2565] bridge_slave_0: left promiscuous mode
[  377.215784][ T2565] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.282194][ T9978] loop3: detected capacity change from 0 to 2048
[  377.347884][ T9978] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  378.093817][ T5283] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  378.387570][ T9986] netlink: 4 bytes leftover after parsing attributes in process `syz.4.981'.
[  378.520971][ T5283] usb 2-1: Using ep0 maxpacket: 8
[  378.527881][ T5283] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  378.539978][ T5283] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.567567][ T5283] usb 2-1: config 0 descriptor??
[  378.811602][ T2565] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.824910][ T2565] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.838869][ T2565] bond0 (unregistering): Released all slaves
[  378.913727][ T9988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.981'.
[  378.978717][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[  378.985313][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[  378.997991][ T5283] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  379.005550][ T8315] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh
[  379.039483][ T5283] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffe0
[  379.041943][ T8315] UDF-fs: error (device loop3): udf_read_inode: (ino 1345) failed !bh
[  379.058314][ T5237] Bluetooth: hci4: command tx timeout
[  379.091271][ T5283] asix 2-1:0.0: probe with driver asix failed with error -32
[  379.133448][ T9991] team0: entered promiscuous mode
[  379.139513][ T9991] team_slave_0: entered promiscuous mode
[  379.155337][ T9991] team_slave_1: entered promiscuous mode
[  379.162478][ T9991] team0: left promiscuous mode
[  379.168871][ T9991] team_slave_0: left promiscuous mode
[  379.174616][ T9991] team_slave_1: left promiscuous mode
[  379.200114][ T9976] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  379.208033][ T9976] IPv6: NLM_F_CREATE should be set when creating new route
[  379.357828][ T9925] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.365730][ T9925] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.372995][ T9925] bridge_slave_0: entered allmulticast mode
[  379.389502][ T9925] bridge_slave_0: entered promiscuous mode
[  379.436377][ T9925] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.447563][ T9925] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.454945][ T9925] bridge_slave_1: entered allmulticast mode
[  379.462170][ T9925] bridge_slave_1: entered promiscuous mode
[  379.557869][ T9925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  379.593046][ T9925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  379.737496][ T2565] hsr_slave_0: left promiscuous mode
[  379.764513][ T2565] hsr_slave_1: left promiscuous mode
[  379.774387][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.802257][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.843905][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  379.852482][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_1
[  379.914633][ T2565] veth1_macvtap: left promiscuous mode
[  379.920226][ T2565] veth0_macvtap: left promiscuous mode
[  379.963860][ T2565] veth1_vlan: left promiscuous mode
[  379.969114][ T2565] veth0_vlan: left promiscuous mode
[  380.023697][    T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  380.180615][ T5247] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  380.197064][ T5247] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  380.206389][ T5247] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  380.236501][    T8] usb 5-1: Using ep0 maxpacket: 8
[  380.242715][ T5247] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  380.250754][ T5247] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  380.258541][ T5247] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  380.309499][    T8] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice= 2.a2
[  380.318918][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.468816][ T5281] usb 2-1: USB disconnect, device number 8
[  381.335902][ T5247] Bluetooth: hci4: command tx timeout
[  381.376426][    T8] usb 5-1: Firmware version (0.0) predates our first public release.
[  381.384772][    T8] usb 5-1: Please update to version 0.2 or newer
[  381.625248][ T2565] team0 (unregistering): Port device team_slave_1 removed
[  381.719478][ T2565] team0 (unregistering): Port device team_slave_0 removed
[  382.304930][ T9925] team0: Port device team_slave_0 added
[  382.333673][ T5247] Bluetooth: hci1: command tx timeout
[  382.370249][    T8] usb 5-1: USB disconnect, device number 11
[  382.441134][ T9925] team0: Port device team_slave_1 added
[  382.481379][T10022] Driver unsupported XDP return value 0 on prog  (id 109) dev N/A, expect packet loss!
[  382.481712][T10006] ip6gretap0 speed is unknown, defaulting to 1000
[  382.598771][ T9925] batman_adv: batadv0: Adding interface: batadv_slave_0
[  382.624916][ T9925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.652920][ T9925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.689154][T10024] loop1: detected capacity change from 0 to 1024
[  382.698270][ T9925] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.705481][ T9925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.710034][T10024] hfsplus: request for non-existent node 3 in B*Tree
[  382.737267][ T9925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  382.740285][T10024] hfsplus: request for non-existent node 3 in B*Tree
[  382.792176][ T9775] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  382.841156][ T9775] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  382.857846][ T9775] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  382.970614][ T9775] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  383.068496][ T9925] hsr_slave_0: entered promiscuous mode
[  383.089273][ T9925] hsr_slave_1: entered promiscuous mode
[  383.105764][ T9925] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  383.123648][ T9925] Cannot create hsr debugfs directory
[  383.348640][ T2565] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.368817][T10036] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  383.378695][    T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  383.386547][ T5247] Bluetooth: hci4: command tx timeout
[  383.401724][T10036] kvm: pic: single mode not supported
[  383.401975][T10036] kvm: pic: non byte read
[  383.414912][T10036] kvm: pic: level sensitive irq not supported
[  383.415042][T10036] kvm: pic: non byte read
[  383.514963][ T2565] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.566064][    T8] usb 5-1: Using ep0 maxpacket: 8
[  383.574296][    T8] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  383.593762][    T8] usb 5-1: config 2 has 1 interface, different from the descriptor's value: 3
[  383.601909][T10006] chnl_net:caif_netlink_parms(): no params data found
[  383.612773][    T8] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=f0.c9
[  383.633584][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.642672][    T8] usb 5-1: Product: syz
[  383.654996][    T8] usb 5-1: Manufacturer: syz
[  383.659628][    T8] usb 5-1: SerialNumber: syz
[  383.700817][ T2565] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.810076][ T2565] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.885133][    T8] snd-usb-6fire 5-1:2.0: unable to receive device firmware state.
[  383.892985][    T8] snd-usb-6fire 5-1:2.0: probe with driver snd-usb-6fire failed with error -71
[  383.910367][    T8] usb 5-1: USB disconnect, device number 12
[  384.002312][T10006] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.013114][T10006] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.028181][T10006] bridge_slave_0: entered allmulticast mode
[  384.036851][T10006] bridge_slave_0: entered promiscuous mode
[  384.060908][T10006] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.080121][T10006] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.087707][T10006] bridge_slave_1: entered allmulticast mode
[  384.113429][ T5367] IPVS: starting estimator thread 0...
[  384.114993][T10006] bridge_slave_1: entered promiscuous mode
[  384.236646][T10050] IPVS: using max 18 ests per chain, 43200 per kthread
[  384.279807][T10006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  384.346074][T10006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  384.423693][ T5247] Bluetooth: hci1: command tx timeout
[  384.582669][T10006] team0: Port device team_slave_0 added
[  384.608234][T10006] team0: Port device team_slave_1 added
[  384.819639][ T9775] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.843986][T10057] loop1: detected capacity change from 0 to 256
[  384.883249][ T2565] bridge_slave_1: left allmulticast mode
[  384.896198][T10057] FAT-fs (loop1): Directory bread(block 64) failed
[  384.911717][ T2565] bridge_slave_1: left promiscuous mode
[  384.917757][ T2565] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.929993][T10057] FAT-fs (loop1): Directory bread(block 65) failed
[  384.943905][T10057] FAT-fs (loop1): Directory bread(block 66) failed
[  384.960497][T10057] FAT-fs (loop1): Directory bread(block 67) failed
[  384.977128][T10057] FAT-fs (loop1): Directory bread(block 68) failed
[  384.984333][ T2565] bridge_slave_0: left allmulticast mode
[  385.003664][T10057] FAT-fs (loop1): Directory bread(block 69) failed
[  385.010285][T10057] FAT-fs (loop1): Directory bread(block 70) failed
[  385.027976][T10057] FAT-fs (loop1): Directory bread(block 71) failed
[  385.037289][ T2565] bridge_slave_0: left promiscuous mode
[  385.047099][T10057] FAT-fs (loop1): Directory bread(block 72) failed
[  385.053249][ T2565] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.062871][T10057] FAT-fs (loop1): Directory bread(block 73) failed
[  385.383638][ T5284] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  385.603627][ T5284] usb 5-1: Using ep0 maxpacket: 8
[  385.610545][ T5284] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice= 2.a2
[  385.624865][ T5284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.999987][ T2565] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  386.020896][ T2565] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  386.039320][ T2565] bond0 (unregistering): Released all slaves
[  386.059644][T10006] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.070176][T10006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.096448][T10006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.113934][T10006] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.121137][T10006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.150104][T10006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.189048][ T5284] usb 5-1: Firmware version (0.0) predates our first public release.
[  386.215471][ T5284] usb 5-1: Please update to version 0.2 or newer
[  386.236493][ T5282] ip6gretap0 speed is unknown, defaulting to 1000
[  386.292767][T10067] loop1: detected capacity change from 0 to 32768
[  386.300465][T10067] XFS: ikeep mount option is deprecated.
[  386.307467][T10067] XFS: ikeep mount option is deprecated.
[  386.331522][ T9775] 8021q: adding VLAN 0 to HW filter on device team0
[  386.338750][ T5284] usb 5-1: USB disconnect, device number 13
[  386.367769][ T9925] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  386.400167][ T9925] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  386.415017][T10067] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  386.464482][ T5282] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.471685][ T5282] bridge0: port 1(bridge_slave_0) entered forwarding state
[  386.504151][ T5247] Bluetooth: hci1: command tx timeout
[  386.540750][T10067] XFS (loop1): Ending clean mount
[  386.559518][ T9925] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  386.576153][ T9925] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  386.622446][T10006] hsr_slave_0: entered promiscuous mode
[  386.627932][ T7990] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  386.638045][T10006] hsr_slave_1: entered promiscuous mode
[  386.648231][T10006] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  386.657823][T10006] Cannot create hsr debugfs directory
[  386.698035][ T5367] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.705273][ T5367] bridge0: port 2(bridge_slave_1) entered forwarding state
[  387.074727][T10079] netlink: 64535 bytes leftover after parsing attributes in process `syz.1.1004'.
[  387.172390][ T2565] hsr_slave_0: left promiscuous mode
[  387.178803][ T2565] hsr_slave_1: left promiscuous mode
[  387.193835][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  387.201487][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_0
[  387.217628][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  387.233161][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_1
[  387.280170][ T2565] veth1_macvtap: left promiscuous mode
[  387.291698][ T2565] veth0_macvtap: left promiscuous mode
[  387.298907][ T2565] veth1_vlan: left promiscuous mode
[  387.313329][ T2565] veth0_vlan: left promiscuous mode
[  387.456197][T10087] capability: warning: `syz.4.1005' uses deprecated v2 capabilities in a way that may be insecure
[  388.573765][ T5247] Bluetooth: hci1: command tx timeout
[  388.919522][ T2565] team0 (unregistering): Port device team_slave_1 removed
[  389.045597][ T2565] team0 (unregistering): Port device team_slave_0 removed
[  389.099528][T10094] loop4: detected capacity change from 0 to 2048
[  389.154601][T10094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.658232][ T9775] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  390.677509][ T9775] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  390.689777][T10083] netlink: 'syz.1.1006': attribute type 1 has an invalid length.
[  390.698638][T10083] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  390.700535][T10084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1006'.
[  390.856704][ T8312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.999154][ T9925] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.052308][T10109] loop4: detected capacity change from 0 to 256
[  391.189214][ T9925] 8021q: adding VLAN 0 to HW filter on device team0
[  391.252149][ T5284] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.259630][ T5284] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.294157][ T5247] Bluetooth: hci0: command 0x0406 tx timeout
[  391.392277][ T5284] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.399544][ T5284] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.509681][ T9775] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.554995][T10123] loop1: detected capacity change from 0 to 128
[  391.571905][ T9925] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  391.620603][T10123] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  391.643770][T10123] ext4 filesystem being mounted at /117/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  391.862684][ T9775] veth0_vlan: entered promiscuous mode
[  391.902815][ T9775] veth1_vlan: entered promiscuous mode
[  391.942245][ T7990] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  391.994720][T10119] loop4: detected capacity change from 0 to 32768
[  392.057429][T10119] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  392.131669][ T9775] veth0_macvtap: entered promiscuous mode
[  392.142742][T10119] XFS (loop4): Ending clean mount
[  392.145760][T10006] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  392.185287][ T9775] veth1_macvtap: entered promiscuous mode
[  392.202791][T10006] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  392.219346][T10006] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  392.238142][ T9925] 8021q: adding VLAN 0 to HW filter on device batadv0
[  392.258462][T10006] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  392.385384][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.397922][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.409870][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.430657][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.442532][ T9775] batman_adv: batadv0: Interface activated: batadv_slave_0
[  392.479832][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  392.501622][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.513101][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  392.537971][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.595277][ T9775] batman_adv: batadv0: Interface activated: batadv_slave_1
[  392.671123][ T9775] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.697978][ T9775] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.711211][ T9775] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.723386][ T9775] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.753228][ T9925] veth0_vlan: entered promiscuous mode
[  392.813542][T10143] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  392.836432][T10143] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.848270][T10143] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.862159][T10143] bridge0: entered allmulticast mode
[  392.972780][ T9925] veth1_vlan: entered promiscuous mode
[  393.130485][ T1183] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  393.140859][ T9925] veth0_macvtap: entered promiscuous mode
[  393.191990][ T1183] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.291874][ T9925] veth1_macvtap: entered promiscuous mode
[  393.352594][T10006] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.376256][ T9925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.392570][ T8312] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  393.405782][ T9925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.419345][ T9925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.456676][ T9925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.469929][ T9925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.506021][ T9925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.566892][ T9925] batman_adv: batadv0: Interface activated: batadv_slave_0
[  393.616594][ T1183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  393.633422][ T9925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.651649][ T1183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.669122][ T9925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.688376][ T9925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.706467][ T9925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.717565][ T9925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  393.741621][ T9925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.886848][ T9925] batman_adv: batadv0: Interface activated: batadv_slave_1
[  393.913254][ T9925] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  393.933934][ T9925] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  393.953724][ T9925] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  393.974467][ T9925] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  394.303747][    T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  394.508521][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  394.776170][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  394.799125][    T8] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  394.824422][    T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  394.852361][T10163] loop2: detected capacity change from 0 to 64
[  394.860934][    T8] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  394.884258][    T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  394.921831][    T8] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  394.941443][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.965629][    T8] usb 2-1: Product: syz
[  394.969856][    T8] usb 2-1: Manufacturer: syz
[  394.983242][T10006] 8021q: adding VLAN 0 to HW filter on device team0
[  395.017939][    T8] usb 2-1: SerialNumber: syz
[  395.043451][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  395.050749][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  395.136395][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.143638][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.198857][T10170] loop2: detected capacity change from 0 to 8
[  395.568079][ T5237] Bluetooth: hci3: unexpected event for opcode 0x0c7a
[  396.550137][ T1832] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.581724][ T1832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.738683][ T1832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.804496][ T1832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.047667][T10006] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.195221][T10006] veth0_vlan: entered promiscuous mode
[  397.222090][T10006] veth1_vlan: entered promiscuous mode
[  397.290536][T10006] veth0_macvtap: entered promiscuous mode
[  397.322876][T10006] veth1_macvtap: entered promiscuous mode
[  397.414373][   T46] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  397.432430][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.447572][T10193] loop2: detected capacity change from 0 to 1024
[  397.454524][    T8] cdc_ncm 2-1:1.0: bind() failure
[  397.463472][    T8] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  397.472408][    T8] cdc_ncm 2-1:1.1: bind() failure
[  397.482431][    T8] usb 2-1: USB disconnect, device number 9
[  397.485944][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.495512][T10193] EXT4-fs: Ignoring removed nobh option
[  397.519618][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.543104][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.556275][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.576207][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.585379][T10193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  397.588725][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.611661][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.626364][T10006] batman_adv: batadv0: Interface activated: batadv_slave_0
[  397.649557][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.660780][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.672231][   T46] usb 1-1: Using ep0 maxpacket: 16
[  397.682889][   T46] usb 1-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  397.692260][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.704477][   T46] usb 1-1: Product: syz
[  397.708697][   T46] usb 1-1: Manufacturer: syz
[  397.713367][   T46] usb 1-1: SerialNumber: syz
[  397.720433][   T46] usb 1-1: config 0 descriptor??
[  397.721784][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.728256][   T46] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  397.746670][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.756845][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.767582][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.781324][T10006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.796089][T10006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.808732][T10006] batman_adv: batadv0: Interface activated: batadv_slave_1
[  397.836676][T10006] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.846486][T10006] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.858211][T10006] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.878386][T10006] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.175560][ T5367] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  398.227688][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.272834][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.611466][ T5367] usb 3-1: device descriptor read/64, error -71
[  399.163733][T10189] input: syz0 as /devices/virtual/input/input8
[  399.170306][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.194999][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.294227][ T5367] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  399.413476][T10217] loop3: detected capacity change from 0 to 64
[  399.435786][T10217] MINIX-fs: file system does not have enough imap blocks allocated.  Refusing to mount.
[  399.484018][T10217] MINIX-fs: bad superblock or unable to read bitmaps
[  399.510637][ T5367] usb 3-1: device descriptor read/64, error -71
[  399.618075][ T5237] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  399.627269][ T5237] Bluetooth: hci3: Injecting HCI hardware error event
[  399.638667][ T5237] Bluetooth: hci3: hardware error 0x00
[  399.663821][ T5367] usb usb3-port1: attempt power cycle
[  399.724486][   T29] audit: type=1326 audit(1722048287.737:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10224 comm="syz.1.1036" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10aed77299 code=0x0
[  399.746474][    C1] vkms_vblank_simulate: vblank timer overrun
[  399.784096][   T46] gp8psk: usb in 128 operation failed.
[  399.797974][   T46] gp8psk: usb in 137 operation failed.
[  399.809862][   T46] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  399.872619][   T46] dvb_usb_gp8psk 1-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  399.960782][T10230] loop3: detected capacity change from 0 to 16
[  399.985748][T10230] erofs: (device loop3): mounted with root inode @ nid 36.
[  400.223645][ T5367] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  401.020973][   T29] audit: type=1800 audit(1722048288.967:97): pid=10232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1038" name="file2" dev="loop3" ino=89 res=0 errno=0
[  401.094911][ T5367] usb 3-1: device descriptor read/8, error -71
[  401.097442][T10223] loop4: detected capacity change from 0 to 32768
[  401.140120][ T9775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.166720][T10223] btrfs: Deprecated parameter 'usebackuproot'
[  401.214616][ T5283] usb 1-1: USB disconnect, device number 7
[  401.235463][T10223] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  401.255496][T10239] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1043'.
[  401.268427][T10223] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1035 (10223)
[  401.332726][T10223] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  401.357645][T10223] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  401.376897][T10223] BTRFS info (device loop4): disk space caching is enabled
[  401.858972][T10264] evm: overlay not supported
[  401.962387][ T5237] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  402.244035][T10223] BTRFS info (device loop4): rebuilding free space tree
[  402.358740][T10223] BTRFS info (device loop4): disabling free space tree
[  402.372021][T10223] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  402.386115][T10223] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  402.388006][T10270] loop3: detected capacity change from 0 to 64
[  402.422892][T10270] MINIX-fs: file system does not have enough imap blocks allocated.  Refusing to mount.
[  402.463667][T10270] MINIX-fs: bad superblock or unable to read bitmaps
[  402.616491][T10276] loop3: detected capacity change from 0 to 16
[  402.641277][T10276] erofs: (device loop3): mounted with root inode @ nid 36.
[  402.652039][ T8312] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  402.763858][ T5282] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  402.859159][T10246] loop2: detected capacity change from 0 to 32768
[  403.331107][T10246] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  403.707073][ T5282] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  403.734859][ T5282] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  403.774004][T10291] loop0: detected capacity change from 0 to 1024
[  403.783784][ T5282] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  403.784163][T10291] EXT4-fs: Ignoring removed nobh option
[  403.847941][T10246] XFS (loop2): Starting recovery (logdev: internal)
[  403.874039][T10291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.900630][ T5282] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  403.921651][ T5282] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.943282][T10246] XFS (loop2): Ending recovery (logdev: internal)
[  403.960384][ T5282] usb 2-1: Product: syz
[  403.969451][ T5282] usb 2-1: Manufacturer: syz
[  403.993582][ T5282] usb 2-1: SerialNumber: syz
[  404.028983][   T29] audit: type=1800 audit(1722048292.047:98): pid=10246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1041" name="bus" dev="loop2" ino=1065 res=0 errno=0
[  404.044488][ T5286] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  404.076889][ T9775] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  404.243851][ T5286] usb 4-1: Using ep0 maxpacket: 16
[  404.253374][ T5286] usb 4-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  404.263173][ T5367] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  404.272495][ T5286] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.280654][ T5286] usb 4-1: Product: syz
[  404.284170][ T5239] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  404.286476][ T5286] usb 4-1: Manufacturer: syz
[  404.297040][ T5286] usb 4-1: SerialNumber: syz
[  404.303884][ T5286] usb 4-1: config 0 descriptor??
[  404.311820][ T5286] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  404.445735][ T5367] usb 5-1: config 0 has no interfaces?
[  404.451268][ T5367] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  404.463767][ T5239] usb 1-1: device descriptor read/64, error -71
[  404.469503][ T5367] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.493253][ T5367] usb 5-1: config 0 descriptor??
[  404.641115][T10308] input: syz0 as /devices/virtual/input/input9
[  404.773916][ T5239] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  404.955574][ T5239] usb 1-1: device descriptor read/64, error -71
[  405.040154][T10272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1048'.
[  405.080796][ T5282] cdc_ncm 2-1:1.0: bind() failure
[  405.087074][ T5239] usb usb1-port1: attempt power cycle
[  405.109522][ T5282] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  405.123213][ T5282] cdc_ncm 2-1:1.1: bind() failure
[  405.541737][ T5239] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  405.594252][ T5239] usb 1-1: device descriptor read/8, error -71
[  405.858374][T10316] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  405.885957][T10316] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.893657][ T5239] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  405.893680][T10316] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.913178][T10316] bridge0: entered allmulticast mode
[  405.929160][ T5239] usb 1-1: device descriptor read/8, error -71
[  406.054810][ T5239] usb usb1-port1: unable to enumerate USB device
[  406.333900][ T5286] gp8psk: usb in 128 operation failed.
[  406.341057][ T5286] gp8psk: usb in 137 operation failed.
[  406.346857][ T5286] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-22)
[  406.359438][ T5286] dvb_usb_gp8psk 4-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22
[  406.776279][ T9925] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.872727][ T5286] usb 4-1: USB disconnect, device number 10
[  406.876986][T10330] loop2: detected capacity change from 0 to 32768
[  406.929673][T10330] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  406.939070][T10339] loop3: detected capacity change from 0 to 64
[  406.949863][T10333] bio_check_eod: 30 callbacks suppressed
[  406.949877][T10333] syz.0.1060: attempt to access beyond end of device
[  406.949877][T10333] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  406.955577][T10339] MINIX-fs: file system does not have enough imap blocks allocated.  Refusing to mount.
[  406.959957][T10333] efs: cannot read volume header
[  406.974785][T10339] MINIX-fs: bad superblock or unable to read bitmaps
[  407.002164][   T25] usb 5-1: USB disconnect, device number 14
[  407.068852][ T5284] usb 2-1: USB disconnect, device number 10
[  407.136061][T10330] XFS (loop2): Ending clean mount
[  407.165781][T10330] XFS (loop2): Quotacheck needed: Please wait.
[  407.277137][T10330] XFS (loop2): Quotacheck: Done.
[  407.423079][ T9775] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  407.577982][T10362] loop4: detected capacity change from 0 to 64
[  407.589263][ T5284] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  407.818810][ T5284] usb 2-1: Using ep0 maxpacket: 8
[  407.826983][ T5284] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  407.836052][ T5284] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  407.848525][ T5284] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  407.888066][ T5284] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  407.917459][ T5284] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.941206][ T5284] usb 2-1: Product: syz
[  407.955659][ T5284] usb 2-1: Manufacturer: syz
[  407.970820][T10367] loop0: detected capacity change from 0 to 256
[  407.977897][ T5284] usb 2-1: SerialNumber: syz
[  408.137320][ T9925] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  408.149788][ T9925] FAT-fs (loop0): Filesystem has been set read-only
[  408.172232][ T9925] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  408.373633][ T6758] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  408.438064][ T5284] usb 2-1: 0:2 : does not exist
[  408.555582][ T6758] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  408.600044][ T6758] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.651747][   T25] usb 2-1: USB disconnect, device number 11
[  408.658715][ T6758] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  408.698543][ T6758] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  408.712759][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.733796][ T6758] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.752327][ T6758] usb 5-1: Product: syz
[  408.762873][ T6758] usb 5-1: Manufacturer: syz
[  408.781753][ T6758] usb 5-1: SerialNumber: syz
[  408.914370][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.020590][T10382] loop2: detected capacity change from 0 to 32768
[  409.028941][T10382] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1079 (10382)
[  409.051171][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.066932][T10382] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  409.082569][T10382] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  409.091930][T10382] BTRFS info (device loop2): using free-space-tree
[  409.175432][T10382] BTRFS info (device loop2): checking UUID tree
[  409.185589][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.288824][ T5247] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  409.302605][ T5247] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  409.312396][ T5247] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  409.320824][ T5247] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  409.329620][ T5247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  409.339040][ T5247] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  409.524706][ T9775] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  409.559725][   T11] bridge_slave_1: left allmulticast mode
[  409.566304][   T11] bridge_slave_1: left promiscuous mode
[  409.572360][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.628340][   T11] bridge_slave_0: left allmulticast mode
[  409.645700][   T11] bridge_slave_0: left promiscuous mode
[  409.653095][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.882977][ T6758] cdc_ncm 5-1:1.0: bind() failure
[  409.920359][ T6758] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  409.927475][ T6758] cdc_ncm 5-1:1.1: bind() failure
[  410.022205][T10417] loop2: detected capacity change from 0 to 128
[  410.031005][T10417] vfat: Unknown parameter 'syzkaller'
[  410.912281][T10419] loop2: detected capacity change from 0 to 32768
[  410.954552][T10419] ERROR: (device loop2): dbAlloc: the hint is outside the map
[  410.954552][T10419] 
[  411.011022][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  411.051438][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  411.085857][   T63] read_mapping_page failed!
[  411.098828][   T63] ERROR: (device loop2): txCommit: 
[  411.098828][   T63] 
[  411.108714][   T63] jfs_write_inode: jfs_commit_inode failed!
[  411.120178][   T11] bond0 (unregistering): Released all slaves
[  411.169422][T10371] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1074'.
[  411.428460][T10437] loop2: detected capacity change from 0 to 256
[  411.437545][T10437] vfat: Unknown parameter '01777777777777777777777iFIãû¶2ÑÕ¤Nk˜
ŠfÐŒeSí©*V@¯÷î'
[  411.453868][ T5237] Bluetooth: hci4: command tx timeout
[  411.468218][T10425] loop1: detected capacity change from 0 to 32768
[  411.502365][T10425] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  411.510852][T10425] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  411.529179][T10400] chnl_net:caif_netlink_parms(): no params data found
[  411.531978][T10437] loop2: detected capacity change from 0 to 512
[  411.552813][T10437] EXT4-fs error (device loop2): ext4_get_journal_inode:5740: comm syz.2.1091: inode #196608: comm syz.2.1091: iget: illegal inode #
[  411.554276][T10425] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 1ms
[  411.571808][T10437] EXT4-fs (loop2): Remounting filesystem read-only
[  411.587413][T10437] EXT4-fs (loop2): no journal found
[  411.592662][T10437] EXT4-fs (loop2): can't get journal size
[  411.605943][ T5282] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  411.613015][T10437] EXT4-fs (loop2): failed to initialize system zone (-22)
[  411.623565][ T5282] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  411.637295][T10437] EXT4-fs (loop2): mount failed
[  411.756504][ T5282] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 132ms
[  411.770067][ T5282] gfs2: fsid=syz:syz.0: jid=0: Done
[  411.800776][T10425] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  411.821605][T10437] loop2: detected capacity change from 0 to 4096
[  411.864033][T10437] NILFS (loop2): invalid segment: Checksum error in segment payload
[  411.884166][T10437] NILFS (loop2): trying rollback from an earlier position
[  411.958063][T10437] NILFS (loop2): recovery complete
[  412.018318][T10400] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.051537][T10451] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  412.073627][T10400] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.080903][T10400] bridge_slave_0: entered allmulticast mode
[  412.134017][T10400] bridge_slave_0: entered promiscuous mode
[  412.162523][   T11] hsr_slave_0: left promiscuous mode
[  412.244500][   T11] hsr_slave_1: left promiscuous mode
[  412.263263][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  412.293453][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  412.333430][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  412.389241][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  412.433725][ T5282] usb 5-1: USB disconnect, device number 15
[  412.715886][   T11] veth1_macvtap: left promiscuous mode
[  412.744630][   T11] veth0_macvtap: left promiscuous mode
[  412.750311][   T11] veth1_vlan: left promiscuous mode
[  412.793012][   T11] veth0_vlan: left promiscuous mode
[  413.535924][ T5237] Bluetooth: hci4: command tx timeout
[  414.114949][   T11] team0 (unregistering): Port device team_slave_1 removed
[  414.218847][   T11] team0 (unregistering): Port device team_slave_0 removed
[  414.654490][ T6758] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  415.043723][ T6758] usb 3-1: Using ep0 maxpacket: 8
[  415.303685][ T6758] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  415.405625][ T6758] usb 3-1: config 2 has 1 interface, different from the descriptor's value: 3
[  415.543216][ T6758] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=f0.c9
[  415.555475][ T6758] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.563657][ T6758] usb 3-1: Product: syz
[  415.568056][ T6758] usb 3-1: Manufacturer: syz
[  415.576612][ T6758] usb 3-1: SerialNumber: syz
[  415.613753][ T5237] Bluetooth: hci4: command tx timeout
[  415.813311][T10400] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.820309][ T6758] snd-usb-6fire 3-1:2.0: unable to receive device firmware state.
[  415.823427][T10400] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.833559][ T6758] snd-usb-6fire 3-1:2.0: probe with driver snd-usb-6fire failed with error -71
[  415.835529][T10400] bridge_slave_1: entered allmulticast mode
[  415.852934][T10400] bridge_slave_1: entered promiscuous mode
[  415.853690][ T6758] usb 3-1: USB disconnect, device number 8
[  415.954714][T10400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  415.986979][T10400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  416.011351][T10485] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0)
[  416.043670][    T8] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  416.164106][T10400] team0: Port device team_slave_0 added
[  416.208799][T10400] team0: Port device team_slave_1 added
[  416.287219][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  416.300601][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.319274][T10400] batman_adv: batadv0: Adding interface: batadv_slave_0
[  416.332220][    T8] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  416.342631][T10400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  416.377057][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.402259][    T8] usb 2-1: config 0 descriptor??
[  416.416335][T10400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  416.440197][T10400] batman_adv: batadv0: Adding interface: batadv_slave_1
[  416.462326][T10400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  416.516704][T10400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  417.035640][    T8] usb 2-1: language id specifier not provided by device, defaulting to English
[  417.695818][ T5237] Bluetooth: hci4: command tx timeout
[  417.779270][T10400] hsr_slave_0: entered promiscuous mode
[  417.804097][T10400] hsr_slave_1: entered promiscuous mode
[  417.818648][T10400] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  417.843265][T10400] Cannot create hsr debugfs directory
[  417.918538][    T8] uclogic 0003:256C:006D.0007: failed retrieving Huion firmware version: -71
[  417.935813][    T8] uclogic 0003:256C:006D.0007: failed probing parameters: -71
[  417.959104][    T8] uclogic 0003:256C:006D.0007: probe with driver uclogic failed with error -71
[  418.075499][    T8] usb 2-1: USB disconnect, device number 12
[  419.103965][ T5282] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  420.027139][ T5282] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.058115][ T5282] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  420.083708][ T5282] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  420.092800][ T5282] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.139383][ T5282] usb 4-1: config 0 descriptor??
[  420.244041][T10532] No control pipe specified
[  420.932832][T10400] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  420.950350][T10400] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  420.994106][T10400] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  421.011839][T10400] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  421.298202][T10400] 8021q: adding VLAN 0 to HW filter on device bond0
[  421.691237][T10400] 8021q: adding VLAN 0 to HW filter on device team0
[  421.709171][T10550] loop2: detected capacity change from 0 to 2048
[  421.722868][ T5282] bridge0: port 1(bridge_slave_0) entered blocking state
[  421.730100][ T5282] bridge0: port 1(bridge_slave_0) entered forwarding state
[  421.755165][ T5282] bridge0: port 2(bridge_slave_1) entered blocking state
[  421.762303][ T5282] bridge0: port 2(bridge_slave_1) entered forwarding state
[  421.820016][T10550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.851197][T10550] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.870048][T10550] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.023422][T10535] loop4: detected capacity change from 0 to 32768
[  422.182268][T10400] 8021q: adding VLAN 0 to HW filter on device batadv0
[  422.394964][ T5282] usb 4-1: USB disconnect, device number 11
[  422.437454][T10400] veth0_vlan: entered promiscuous mode
[  423.163159][T10400] veth1_vlan: entered promiscuous mode
[  423.351895][T10400] veth0_macvtap: entered promiscuous mode
[  423.363248][T10400] veth1_macvtap: entered promiscuous mode
[  423.530223][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.541062][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.543260][T10570] loop3: detected capacity change from 0 to 2048
[  423.551234][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.308471][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.319169][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.328300][T10570] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  424.342216][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.350786][T10570] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  424.353939][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.369283][T10570] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  424.372998][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.394040][T10400] batman_adv: batadv0: Interface activated: batadv_slave_0
[  424.537230][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.552770][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.563049][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.586083][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.596114][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.608904][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.621813][T10400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.635631][T10400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.665539][T10400] batman_adv: batadv0: Interface activated: batadv_slave_1
[  424.687729][T10400] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  424.706887][T10400] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  424.723099][T10400] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  424.741692][T10400] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.825108][    C1] Oops: general protection fault, probably for non-canonical address 0xe3fffb2400126fe2: 0000 [#1] PREEMPT SMP KASAN PTI
[  424.825137][    C1] KASAN: maybe wild-memory-access in range [0x1ffff92000937f10-0x1ffff92000937f17]
[  424.825164][    C1] CPU: 1 UID: 0 PID: 10581 Comm: syz.3.1130 Not tainted 6.10.0-next-20240726-syzkaller #0
[  424.825188][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  424.825200][    C1] RIP: 0010:__cpu_map_flush+0x42/0xd0
[  424.825234][    C1] Code: e8 13 8c d6 ff 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8d 10 3e 00 49 8b 1e 4c 39 f3 74 77 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 6f 10 3e 00 4c 8b 23 48 8d 7b c0
[  424.825252][    C1] RSP: 0018:ffffc90000a18b10 EFLAGS: 00010206
[  424.825272][    C1] RAX: 03ffff2400126fe2 RBX: 1ffff92000937f10 RCX: ffff888027b6da00
[  424.825288][    C1] RDX: 0000000080000100 RSI: 0000000000000000 RDI: ffffc900049bf800
[  424.825302][    C1] RBP: dffffc0000000000 R08: ffffffff8992342a R09: 1ffffffff202fc75
[  424.825318][    C1] R10: dffffc0000000000 R11: fffffbfff202fc76 R12: ffffc900049bf800
[  424.825334][    C1] R13: ffffc900049bf7c0 R14: ffffc900049bf800 R15: dffffc0000000000
[  424.825350][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  424.825368][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  424.825382][    C1] CR2: 000000110c3923db CR3: 000000007ed8e000 CR4: 00000000003526f0
[  424.825409][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  424.825421][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  424.825435][    C1] Call Trace:
[  424.825443][    C1]  <IRQ>
[  424.825452][    C1]  ? __die_body+0x88/0xe0
[  424.825483][    C1]  ? die_addr+0x108/0x140
[  424.825513][    C1]  ? exc_general_protection+0x3dd/0x5d0
[  424.825549][    C1]  ? asm_exc_general_protection+0x26/0x30
[  424.825572][    C1]  ? xdp_do_check_flushed+0x10a/0x240
[  424.825602][    C1]  ? __cpu_map_flush+0x42/0xd0
[  424.825630][    C1]  xdp_do_check_flushed+0x136/0x240
[  424.825660][    C1]  __napi_poll+0xe4/0x490
[  424.825687][    C1]  net_rx_action+0x89b/0x1240
[  424.825719][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  424.825746][    C1]  ? sched_clock+0x4a/0x70
[  424.825779][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  424.825812][    C1]  handle_softirqs+0x2c4/0x970
[  424.825848][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  424.825875][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  424.825903][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  424.825933][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  424.825958][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  424.825988][    C1]  irq_exit_rcu+0x9/0x30
[  424.826011][    C1]  common_interrupt+0xaa/0xd0
[  424.826033][    C1]  </IRQ>
[  424.826041][    C1]  <TASK>
[  424.826049][    C1]  asm_common_interrupt+0x26/0x40
[  424.826070][    C1] RIP: 0010:account_kernel_stack+0x289/0x3f0
[  424.826096][    C1] Code: 4d e8 5b 54 3f 00 48 8b 5c 24 08 4d 85 f6 75 10 e8 4c 54 3f 00 49 83 fc 38 75 15 e9 09 01 00 00 e8 3c 54 3f 00 fb 49 83 fc 38 <0f> 84 f9 00 00 00 e8 2c 54 3f 00 49 83 c4 08 e9 2d fe ff ff e8 1e
[  424.826113][    C1] RSP: 0018:ffffc900049bf9c0 EFLAGS: 00000297
[  424.826131][    C1] RAX: ffffffff815476e4 RBX: ffff888022ce10a0 RCX: ffff888027b6da00
[  424.826147][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  424.826160][    C1] RBP: ffffc900049bfa88 R08: ffffffff815476b6 R09: 1ffffffff202fc75
[  424.826175][    C1] R10: dffffc0000000000 R11: fffffbfff202fc76 R12: 0000000000000010
[  424.826190][    C1] R13: ffffc900049bfa00 R14: 0000000000000200 R15: ffffc900049bfa20
[  424.826208][    C1]  ? account_kernel_stack+0x256/0x3f0
[  424.826231][    C1]  ? account_kernel_stack+0x284/0x3f0
[  424.826261][    C1]  ? __pfx_account_kernel_stack+0x10/0x10
[  424.826286][    C1]  ? __pfx___folio_put+0x10/0x10
[  424.826311][    C1]  exit_task_stack_account+0x2a/0x340
[  424.826336][    C1]  do_exit+0x1d02/0x27f0
[  424.826360][    C1]  ? __pfx_do_exit+0x10/0x10
[  424.826378][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  424.826404][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  424.826434][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  424.826460][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  424.826488][    C1]  do_group_exit+0x207/0x2c0
[  424.826507][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.826532][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  424.826560][    C1]  get_signal+0x16a1/0x1740
[  424.826591][    C1]  ? __pfx_get_signal+0x10/0x10
[  424.826618][    C1]  arch_do_signal_or_restart+0x96/0x830
[  424.826647][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  424.826671][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  424.826706][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[  424.826734][    C1]  syscall_exit_to_user_mode+0xc9/0x370
[  424.826761][    C1]  do_syscall_64+0x100/0x230
[  424.826790][    C1]  ? clear_bhb_loop+0x35/0x90
[  424.826814][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.826841][    C1] RIP: 0033:0x7fc1bfb77299
[  424.826857][    C1] Code: Unable to access opcode bytes at 0x7fc1bfb7726f.
[  424.826867][    C1] RSP: 002b:00007fc1c09e70f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  424.826888][    C1] RAX: fffffffffffffe00 RBX: 00007fc1bfd05f88 RCX: 00007fc1bfb77299
[  424.826903][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc1bfd05f88
[  424.826917][    C1] RBP: 00007fc1bfd05f80 R08: 00007fc1c09e76c0 R09: 00007fc1c09e76c0
[  424.826932][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc1bfd05f8c
[  424.826945][    C1] R13: 000000000000000b R14: 00007fffe7377490 R15: 00007fffe7377578
[  424.826968][    C1]  </TASK>
[  424.826975][    C1] Modules linked in:
[  424.827000][    C1] ---[ end trace 0000000000000000 ]---
[  425.043654][T10590] use of bytesused == 0 is deprecated and will be removed in the future,
[  425.047775][    C1] RIP: 0010:__cpu_map_flush+0x42/0xd0
[  425.052667][T10590] use the actual size instead.
[  425.057293][    C1] Code: e8 13 8c d6 ff 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 8d 10 3e 00 49 8b 1e 4c 39 f3 74 77 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 6f 10 3e 00 4c 8b 23 48 8d 7b c0
[  425.057316][    C1] RSP: 0018:ffffc90000a18b10 EFLAGS: 00010206
[  425.057335][    C1] RAX: 03ffff2400126fe2 RBX: 1ffff92000937f10 RCX: ffff888027b6da00
[  425.057352][    C1] RDX: 0000000080000100 RSI: 0000000000000000 RDI: ffffc900049bf800
[  425.057368][    C1] RBP: dffffc0000000000 R08: ffffffff8992342a R09: 1ffffffff202fc75
[  425.057383][    C1] R10: dffffc0000000000 R11: fffffbfff202fc76 R12: ffffc900049bf800
[  425.057398][    C1] R13: ffffc900049bf7c0 R14: ffffc900049bf800 R15: dffffc0000000000
[  425.057411][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  425.057426][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  425.057438][    C1] CR2: 000000110c3923db CR3: 000000007ed8e000 CR4: 00000000003526f0
[  425.057455][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  425.057468][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  425.057485][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  425.057722][    C1] Kernel Offset: disabled