last executing test programs:

3m27.020851179s ago: executing program 4 (id=140):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000002900)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x18, 0x1, 0x1, [r2, r1]}}], 0x18}}], 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3m26.592576353s ago: executing program 4 (id=143):
pipe2(&(0x7f0000000000), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000000), &(0x7f0000000380)=r1}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3m26.257820849s ago: executing program 4 (id=144):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000700)=ANY=[@ANYRES64=0x0, @ANYRESDEC=0x0, @ANYBLOB="5112a3ba9dff6392a794b9971fc8bbf06d36dbe49395b18820dd4f4390fc7f34a609548c71c6497e9e5cb7926ee69aca76e15877bb9937bb9ba4a6afec6639b4723b9adf7651a6dec64c655c5636aa75b582ddf1626dcb0d4f17190aba5acf1f153f4a93db1d", @ANYRES16=<r0=>0xffffffffffffffff], 0x7, 0x2bb, &(0x7f0000000940)="$eJzs3U9rI2UcB/DfpMkk6iE5eBLBAT14WrZ79ZIiuyD25JKDetDi7oI0QdiFgn8w7smrFw8efAWC4Avx4jsQvArerFAYmclMM2limkhTcfv5XPrrM8935jfTh3Z66NMPX54cP8ji0dMvfo1eL4nWMIZxmsQgWlH7KhYMvwkA4P/sNM/jj3xmm1wSEb3dtQUA7NBmP//b8/Kna2kLANih++++9/bB4eHdd7KsF/cmX5+Mit/si4+z4weP4uMYx8O4Hf04iyhfFDpRvi0U5b08z6ftrDCI1ybTk1GRnHzwc3X+g98jyvx+9GNQDp2/bZT5tw7v7mczjfy06OP56vrDIn8n+vHieXghf2dFPkZpvP5qo/9b0Y9fPopPYhwPyibm+S/3s+zN/Ns/P3+/aK/IJ9OTUbecN5fvXfOXBgAAAAAAAAAAAAAAAAAAAACAZ9itau+cbpT79xRD1f47e2fFJ53IaoPF/Xlm+aQ+UXN/oDzPp3l8X++vczvLsryaOM+346V2c2NBAAAAAAAAAAAAAAAAAAAAuLmefPrZ8dF4/PDxlRT1bgDtiPjrfsS/Pc+wMfJKrJ/cra55NB63qnJxTrs5Env1nCRibRvFTVzRY7mseG6p56r44cdtT9i7fE5n9bWusqhX1/FRsvoZdqMe6VWL5Ls0Yj4njQ2vlf7ToTy2WX7pykP9re89faEspvORpdUbybrG3vht9uSqkeTiXaTlU10Z71RFI35hbWy0nqM3iy9/r0js1gEAAAAAAAAAAAAAAAAAADvV+EPlZU/XRlt5d2dtAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC1mv///y2KaRXeYHIaj5/8x7cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfB3AAAA//9m9VwZ")
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000080)='\x00', 0xa40c10, &(0x7f00000001c0)=ANY=[@ANYBLOB='nodecompose,decompose,nobarrier,gid=', @ANYRESHEX=r0, @ANYBLOB="2c6e6c733d69736f383835392d3100000000f2726965722c00bcd0f0b5c4e2957974ff5d7ea3c2dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767165f5f05f4bf17c22f89b218eb8e7d6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e3783656df4cad825cfd9ef5eff7f0000b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4e670c7807683c37b742101ba1fec8e3971cb8745bbf04224c4d4e3006a7a999cfb2b695e7bd78359f6b27895ffffcba5b98d6dfeeaa634ec2453441db17ade7d654037a0646614a99ac05e40775f59625e88efd2f619af57fa29f5d1c99f280311f99b4f5c6766296c19b2fc9f9b307c478e6e450f78780b4ebbc7c15eb2b6d6976a6b6cd7d4afb666362666b3f9e0ce23f2da8b0635f0098f621b92bfdc8c150f10b3aa1ffb237f1939f1588073a8f34f7c5a1d7904d9ea6e374d02540e2e76c04b"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)

3m25.04650299s ago: executing program 4 (id=149):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0xfe, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
open(&(0x7f0000000140)='./bus\x00', 0x147142, 0x89)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001"})
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

3m23.269445908s ago: executing program 4 (id=155):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@newsa={0xf0, 0x10, 0x633, 0x0, 0x8000, {{@in6=@dev, @in6=@dev={0xfe, 0x80, '\x00', 0x17}, 0x0, 0x5, 0x0, 0x0, 0x2}, {@in6=@rand_addr=' \x01\x00', 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0xa, 0x4}}, 0xf0}, 0x1, 0x0, 0x0, 0x200000c5}, 0x800)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="020086dd0300000000003000000060ec970012302c00fe8000000000000000000000000000aaff0200000000000000000000000000013a"], 0xfdef)

3m21.017143494s ago: executing program 4 (id=162):
syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030342c747970653d7763e6ef2c756d61736b3d30303030303030303030303030303030303030303030342c6469725f756d61736b3d30303030303030303030303030303030303030303030352c696f636861727365743d69736f383835392d382c004b35b28f8cad0b105adbf86df7514b180ea1cef9ef09ba2a82127ea3050d7fd500ad048b959efdb75029d8f93d07be1c27524bb0fe77621219a4745cac5531636761ca83f2412d1f607e9002fb41024932205e2176fc5b326c9542"], 0x1, 0x2fe, &(0x7f0000001100)="$eJzs3U1vE0ccx/HfrO3EaaJ0m6Sq1EurtJHaS9S0PVS9uKp87b2nqm3sSBFWEEmQgAsm4oh4Adx5C7wILiDeAHDhxAvIbdHMzq7X9nidCDubhO9HsjWenYf/sE8zK5EVgE/Wn+3XT395Zz9Gqqkm6XcpktSU6pK+1FfN2wfH+8e9bqesoZqrYT9GaU0zVmb3oBuqauu5Gl5sf9W1UszDfCRJ8sebqoNA5dzZHxBJi/48dNubFxzXrIwOri99U1EolSn+G5hTneqOVisMBwBwCfj7f+RvEysuyyiKpC1/27/S9/9Rp1UHMFu/9sayktIKhfu/m90lxu7fz92mwXrPLeHs9ihbJZ4lmMbI7wWlR9bQHMyEV5Vvk5SPJVra269re/eBOpFO1PIKFTbcdyc9dDNTot0MrE1LTG6tob8+S0djZ5RLo5uzkPb2e91FmwjEv36+Hj+eeW5emn9MrCfq5PO/emLsbnJ7Kh7ZU1HDxv/T5BaXXS1bSn7Z32q1oqEiX7hOvvY9eFNG2QyvSIptZg8I+nkEgThPsoTre03DjxXS0e2EOjCDxtdDteL813hd19fGUK2aPxK2d2/2Sh+lzEc2RPPY/G029V7P1C7M/yMb35YKZ2bZpd64kv7ISMezEC5ZdyXjsTtHP099m0fgLZ57bJDO+bTskf7Xb1o9unvvRq3X6x7axH+BxK2VQ+NzGg+lYJn5J2oqKaP+IMfdPO4nyVlbTuYZ/I8zbdBeP/Ice/qECtuzLM+JLno3Xb9EXaFN7RcqOyDnmsimLjNp0E60JmyayzUKl8yRyXa6zxibxOKas/Muk67/3Ezez+rcdcZ+xSXz9PJFpoZa3MlXcMNTwbXQ3GXK2mB58gqu0OPPE9aMbs313Q/S94VMo9IeYxfntWHaeqV/ef4PAAAAAAAAAAAAAAAAAABw1VzE/1ioeowAAAAAAAAAAAAAAAAAAAAAAFx1Z3//79LgTU2hvxHv3v8bT33/79ALgP2Lonj/L1CNDwEAAP//FJB9Ww==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000040)='./bus\x00', 0x141042, 0x146)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f0000000080)=[{&(0x7f0000000240)="18", 0x1}], 0x1, 0x5405, 0x0, 0x0)

3m20.05560613s ago: executing program 32 (id=162):
syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030342c747970653d7763e6ef2c756d61736b3d30303030303030303030303030303030303030303030342c6469725f756d61736b3d30303030303030303030303030303030303030303030352c696f636861727365743d69736f383835392d382c004b35b28f8cad0b105adbf86df7514b180ea1cef9ef09ba2a82127ea3050d7fd500ad048b959efdb75029d8f93d07be1c27524bb0fe77621219a4745cac5531636761ca83f2412d1f607e9002fb41024932205e2176fc5b326c9542"], 0x1, 0x2fe, &(0x7f0000001100)="$eJzs3U1vE0ccx/HfrO3EaaJ0m6Sq1EurtJHaS9S0PVS9uKp87b2nqm3sSBFWEEmQgAsm4oh4Adx5C7wILiDeAHDhxAvIbdHMzq7X9nidCDubhO9HsjWenYf/sE8zK5EVgE/Wn+3XT395Zz9Gqqkm6XcpktSU6pK+1FfN2wfH+8e9bqesoZqrYT9GaU0zVmb3oBuqauu5Gl5sf9W1UszDfCRJ8sebqoNA5dzZHxBJi/48dNubFxzXrIwOri99U1EolSn+G5hTneqOVisMBwBwCfj7f+RvEysuyyiKpC1/27/S9/9Rp1UHMFu/9sayktIKhfu/m90lxu7fz92mwXrPLeHs9ihbJZ4lmMbI7wWlR9bQHMyEV5Vvk5SPJVra269re/eBOpFO1PIKFTbcdyc9dDNTot0MrE1LTG6tob8+S0djZ5RLo5uzkPb2e91FmwjEv36+Hj+eeW5emn9MrCfq5PO/emLsbnJ7Kh7ZU1HDxv/T5BaXXS1bSn7Z32q1oqEiX7hOvvY9eFNG2QyvSIptZg8I+nkEgThPsoTre03DjxXS0e2EOjCDxtdDteL813hd19fGUK2aPxK2d2/2Sh+lzEc2RPPY/G029V7P1C7M/yMb35YKZ2bZpd64kv7ISMezEC5ZdyXjsTtHP099m0fgLZ57bJDO+bTskf7Xb1o9unvvRq3X6x7axH+BxK2VQ+NzGg+lYJn5J2oqKaP+IMfdPO4nyVlbTuYZ/I8zbdBeP/Ice/qECtuzLM+JLno3Xb9EXaFN7RcqOyDnmsimLjNp0E60JmyayzUKl8yRyXa6zxibxOKas/Muk67/3Ezez+rcdcZ+xSXz9PJFpoZa3MlXcMNTwbXQ3GXK2mB58gqu0OPPE9aMbs313Q/S94VMo9IeYxfntWHaeqV/ef4PAAAAAAAAAAAAAAAAAABw1VzE/1ioeowAAAAAAAAAAAAAAAAAAAAAAFx1Z3//79LgTU2hvxHv3v8bT33/79ALgP2Lonj/L1CNDwEAAP//FJB9Ww==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000040)='./bus\x00', 0x141042, 0x146)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f0000000080)=[{&(0x7f0000000240)="18", 0x1}], 0x1, 0x5405, 0x0, 0x0)

3m10.094584542s ago: executing program 2 (id=198):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4, 0x8}}]}, 0x30}}, 0x0)

3m9.013246979s ago: executing program 2 (id=202):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00')
r1 = epoll_create1(0x0)
close(r0)
io_uring_setup(0x2c4d, &(0x7f0000000380)={0x0, 0x0, 0x400})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)={0xc0000015})

3m8.065029038s ago: executing program 2 (id=207):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x13100}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x29ff, 0x0, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004e80)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_DIRENT(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="3001000000000000", @ANYRES64=r4], 0x130)

3m7.287141861s ago: executing program 2 (id=211):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000380)='./bus\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x6cc, &(0x7f00000006c0)="$eJzs3cFvHFcdB/DvrNeuN1TBaRMaoSKsRAKkiMSJlUK4YBBCOVSoKoeercRprGySynFRWiHqAIITEof+AQXJN05I3IPCiUO59epjJSQuEYeoHBbN7Ox617uO7SSOHfh8otn3Zt+bN7/97ZuZ3XVWG+D/1uUzad5Pkctn3rxbrm+sz7c31udfqpvbScp6I2l2ixS3kuJBslC2FwNLBsoRHy9fevuzhxufd9ea9VL1n3jcdmOM6btWL5mtx5sdu+XkbnexVoeXl5NcqcthU7sda6hjmbTTdQkHrjNibS+b7+W4BQ6Z3tWp6F43R8wkR5JM168DUp8dGs8vwv2xp7McAAAAvKA+vX3QEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCLpFXd1r//P9WtVr/vX5aZTdH7/f9eW+p60jy4qMdb2HXP+/saBwAAAAAAAAA8e1Nj7vv6ozzK3RztrXeKdzpJTlUrx/NFJ/lS3s+dLGUlZ3M3i1nNalZyPsnM4OB3F1dXV873tyyN3/LC2C0v7NejBgAAAAAAAID/dRPlzS/T2vz7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAZFMtEtquV4pqsyM2k0s9mWteQfSaYOOt49KLas/6fTdUDhAAAAwJOZrsu/72GbLz/Ko9zN0d56p8jxJF+p3i9P5/3cymqWs5p2lnK1fg9dvutvbKzPtzfW52+Wy+i4P/jXnkKvRqw/Xxi/55NVj1auZbm652yuVMFcTaPaMqeTk714xsd1r4yp+H5tl5E167SWO/v9mE8Rnp37e+w/UwaX9DMyV8dWZuNYNwNF9UFNsjUT2z47H9Vlc+ue0shkf0/n0+h/8nN8TM6LzSxtm/PH5fHIQJ/f7GvO96qfiUaqTFzozb7ymHn87Eu++Zc/vXO9fevG9Wt3zhyeh/RY24e5dU7MD2TitRc6E0Nz/97O/eeqTJzor1/Oj/PTnMls3spKlvOzLGY1S+l90LhYZ7W8nXl8phaG1t7aKZKp+nnpnkV3E9NsflTVFnOq2vZollPkdq5mKW9U/y7kfL6Ti7mYSwPP8Ilt464eW3XUN7Ye9b1n+q/9zpMDwZ/+Vl1pJfltXY7kYIuJnVLylLrn/jKvxwby2p31D/u9jg0cB3MDWXqll53JsYM/yfWo+dW6Uu7jV3V5OPQjaaZ/lejd92o3E83qWjQ6z//QqaZC+9aNleuL720z/tqW9WKgXP/abqMc/1Q8W+V8eSXT9ZlkeHaUba/2zzLHhq6qU9VfXHptjZG2E1VbUfSO1J/kdpX20SN1qn4NNzrSharttbFt3VeBJwfahl5v5Xbaufoc8gfAU5rJkanWP1uftj5p/bp1vfXm9A9f+u5Lr09l8m+T32vOTXyj8Xrx53ySX2y+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7cnQ8+vLHYbi+tjK80tm/aobLTyFsqRf2DPk+0r0NYmU4ydE/1O0fPPYzW1jBGKp2Pkueen96PCI7v87uy0sxuBlzYqc+9A58Jh70ykfET4IBPTMC+O7d6871zdz748NvLNxffXXp36dbkxYuX5i5dfGP+3LXl9tJc9/agowT2w+ZF/6AjAQAAAAAAAAAAAHZr3BcDTr2805dGdvUdD/+zEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgmLp9J836KnJ87O1eub6zPt8ulV9/s2UzSaCTFz5PiQbKQ7pKZgeGK/PFBOt3OQz5evvT2Zw83Pt8cq9ntnzTqcnutnR7FWr1kNslEXT6FofGuPPV4xb97j7BM2BedTmfh6eKDZ+O/AQAA///nkQD+")
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
ptrace(0x11, 0x0)
creat(&(0x7f0000000140)='./file1\x00', 0x20)

3m5.964839014s ago: executing program 2 (id=215):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0xeeee0000, 0x2000, &(0x7f0000001000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc018aec0, &(0x7f00000000c0)={0x0, 0x2, 0x0, 0x20000000, &(0x7f0000001000/0x1000)=nil})

3m5.109707537s ago: executing program 2 (id=218):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xe)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1, 0x78}, &(0x7f0000000100)=0x8)

3m2.719837328s ago: executing program 33 (id=218):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xe)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1, 0x78}, &(0x7f0000000100)=0x8)

2m32.63914491s ago: executing program 0 (id=308):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SHUTDOWN={0x22, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x1})
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
setsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f0000000380)=0x8, 0x4)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000001c0)={0x0, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000380)})

2m31.285398385s ago: executing program 0 (id=314):
r0 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
sendmsg$netlink(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000640)={0x10, 0x1b, 0x4, 0x70bd26, 0x25dfdbff}, 0x10}, {&(0x7f0000000580)={0x10, 0x3f, 0x24, 0x70bd2b, 0x25dfdbfd}, 0x10}], 0x2, 0xfffffffffffffffd, 0x0, 0x4c840}, 0x20000000)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000280), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
sendmsg$NFT_MSG_GETOBJ_RESET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, 0x15, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4000801}, 0x8084)

2m30.150839048s ago: executing program 0 (id=318):
creat(&(0x7f0000000040)='./file0\x00', 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0xa000032a)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
readv(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/256, 0x10}], 0x2)

2m28.44621161s ago: executing program 0 (id=321):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000540)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f00000000c0)=""/43, 0x60)
getdents(r0, 0x0, 0x58)

2m25.788698252s ago: executing program 0 (id=334):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000c80)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@grpquota}, {@barrier_val}, {@grpjquota}, {}, {}, {@usrjquota}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x5000000, 0x10)

2m23.785308762s ago: executing program 0 (id=343):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000380)={@local, @random='\x00\x00\x00\x00@&', @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@generic={0x8, 0x2}]}}}}}}}, 0x0)

2m22.576859165s ago: executing program 34 (id=343):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000380)={@local, @random='\x00\x00\x00\x00@&', @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@generic={0x8, 0x2}]}}}}}}}, 0x0)

1m31.178617186s ago: executing program 1 (id=554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x4b0}}, 0x0)

1m30.841187307s ago: executing program 1 (id=557):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0xb, "08405af3"}, @local=@item_4, @local=@item_4={0x3, 0x2, 0x0, "6fe695cd"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(r1, 0xd01c4813, &(0x7f0000000000)={0x3, 0x100, 0x0, 0x2000, 0x9})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)

1m27.037489608s ago: executing program 1 (id=573):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0x80000300, 0x0, 0x0)

1m26.172742063s ago: executing program 1 (id=578):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x2000002, &(0x7f0000001000)=ANY=[@ANYBLOB="766f6c756d653d3030303030303030303036332c696f636861727365743d6d6163677265656b2c696f636861727365743d6b6f69382d72752c7569643d666f726765742c756d61736b3d30303030303030303030303030303030303030303030322c6e6f7672732c6e6f7672732c66696c657365743d30303030303030303030303030303030303030342c646d6f64653d30303030303030303030303030303030303030303131362c007732be3442cd163f564b8a695afa1b16eefc0b9d590fbf9ab8391b97ea4c0cf06c797f1a493380ce6975738b912f61be3a342f9b9ee8b8bee4aa2b525fd11b2212573ec6e7f3235ad950c58d6bf8d5318071bd000000004c67990370b984f0b3bf4b8ee680536ebf6c9386b8e46872d639e0de679325aa384473cb1be572c7320000000000000000"], 0x1, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
r1 = openat(r0, &(0x7f0000000040)='.\x00', 0x0, 0x55)
renameat2(r1, &(0x7f00000000c0)='./file2\x00', r0, &(0x7f0000000100)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000340)='./file2\x00', 0x402, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

1m25.256656321s ago: executing program 1 (id=583):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000040)=@v1={0x0, @aes256, 0x0, @desc3})

1m24.740366914s ago: executing program 1 (id=585):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7d2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

1m23.78217841s ago: executing program 35 (id=585):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7d2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

5.679736845s ago: executing program 7 (id=938):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)='O', 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000500)={0x0, 0x1, 0x3}, 0x8)

5.123418685s ago: executing program 7 (id=941):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x40, 0x0, 0x0)
mq_timedreceive(r1, &(0x7f0000000000)=""/83, 0x9b0c4f391059f39b, 0x20000900, &(0x7f0000000100)={0x77359400})
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x840)

4.358357309s ago: executing program 8 (id=944):
r0 = io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xc2})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
read$eventfd(r2, &(0x7f0000000680), 0x8)
shutdown(r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.161400499s ago: executing program 6 (id=945):
r0 = socket$inet(0x2, 0x3, 0x5)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0)=0x182, 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @multicast1}, 0x10)
write$binfmt_elf64(r0, &(0x7f00000024c0)=ANY=[], 0x45)

4.044133211s ago: executing program 7 (id=946):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)

3.922933759s ago: executing program 8 (id=947):
syz_mount_image$udf(&(0x7f0000000500), &(0x7f0000000ac0)='./file0\x00', 0x2004008, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0xfe, 0x4f5, &(0x7f00000005c0)="$eJzs3F1oJVcdAPD/mb03e5Mu7e3XdrUFgyIbW7sk2bS7GpGmXWOFoGCagj4oaT7W0HwsSSpN8aMgiqAg+KAFn/vQIrKKoPTJJx98VhH6Ij74KEEKPogoM5n7kextE3tzk83m94Pknjvzn7kzw/2fOefcmQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOLpz0wMj6Tj3goA4Ch9fvqLw6PO/wBwqjyn/w8AAKdFiiw+ESnG/7adLhbvd9SmllZfennm2mTnxfpTseSZIj7/q42MXh574skrVxuv7738YftAfGH6uYnBZ9ZWbqwvbGwszA/OrC7Nrc0vHHgN3S6/16PFARhcefGl+cXFjcHRS5d3zX65/vezd52vj18de2KuETtzbXJyui2mUn3fn34LPTw66YssfhUpXvvkL9JQRGTRfS7sU3f0Wn9U8vwrdmLm2mSxI8tLs6ub+czUSITK7pzoa+TIEeRiV4YiHs+3tU9G071qZDERKT4U2+ljEXGmkQePFT8M7r+CyhFsZAf5dl6JiGfjBOQs3KbORha/jRQr99Ti0eNLZ+AYVCKL70eKi5/eTo8V7YH8fJo3m6eeH/zc6uJaW2xK5Rn1pPcPjpK2CbexWmQxVLT4t9PHj3tjgCPVH1l8OVL8+U9fL8aVohiXvmf86lefGm4fYXpon/XksZciYvSAffJqY6wxXzY73H0CAAAAAAAAAACAO10tZfHzSPHNh2vF+2ebF8j/7r+FY94+oIdSFv+JFM//cru4Nb79uRRn2p7v0XTS7/3p7fb3155Zu7G1vnT9a5sd5w/UJl7Y2Fyfnes8O/qj1rouurDfcwygC9WUxYcjxcNTN1vfu3rKy+WtwK0v2uufan03a2nP3KLeuHvneTaNewi+MvnR9nLHr+z/cX9cvfxc9ygDQHdSyuIPkeKzL1wozqspBuKWNmgZdzZSvPOPR8q4rC8vNE7T9eJ/bXFpeWE4j/11pOj/XiM2itiBMvb+VuxIHvt0pPjxD3bH3lXGPtCKHc1jvxMpfv9a59gHW7GX89if5u2a6cFG7EBeeLCMPd+KvTS3tjzfswMMt7G8/f9GpFi+ezA1crnMl7KZfaYZ+/o3Wu39V/eu6F3a/N22/+tt014t66G8vlh860JR9xT1VaVzffWXSPGbfz9Sxu3UFX3l/HuL/6366s1I8cbbu2MbDwq5rxU7cuADCydAnv/nIsUft242c6PM/zID2/r/bfn/wbJ2aI0Z9Cb/722bVi8/9+zh7Dqcehtbr7w4u7y8sK6goKDQLBx3zQT0Wt7+fydS/Gz57WZ/t2z/n9t51+r//+tbrfb/+N4V9aj9f1/btPGyN1KtRNQ2V25UH4qobWy98vjSyuz1hesLq2PDI0+OjoyNjV6p9jU6961S18cK7jR5/n83Uqx96c3m+Pzu/n/n8b+BvSvqUf7f3zZtYFd/petdh1Mvz/+pSPGTf95s/o72XuN/jfG+oY/svDYfpt2j/H+gbVq9/Nxzh7PrAAAAAAAAAAAAcGJVUxY/ihR//WElNZ6NcZDrf295YEaPrv873zZt/ojuV+z6oAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8K6yyGItUrz11Hb6dj7hQsTF9lfgjvW/AAAA//8Qgywy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="220000005100000005"], 0x922c3)

3.710658436s ago: executing program 5 (id=948):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
cachestat(r0, &(0x7f0000000040)={0x1f00, 0x1f}, &(0x7f0000000080), 0x0)

3.545638669s ago: executing program 6 (id=949):
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.545303929s ago: executing program 3 (id=950):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3})
readv(r0, &(0x7f00000026c0)=[{&(0x7f0000000180)=""/239, 0xef}], 0x1)
syz_io_uring_setup(0x3d28, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x800}, &(0x7f0000c57000), 0x0)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000040)={{&(0x7f00009c8000/0x2000)=nil, 0x2000}})

3.456281315s ago: executing program 7 (id=951):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./bus\x00', 0x8000, &(0x7f0000000100), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000ac0)=""/4096, 0x1000)

2.557240945s ago: executing program 8 (id=952):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x100000000)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@dioread_lock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}]}, 0xff, 0x756, &(0x7f0000001e40)="$eJzs3c2LW1UbAPDnpvP1tn2dKbiwIjjQhYXSjJ3WUkGkogspVoq6c9GmM+lQJmnKJFM6Q6VWFMGVSHHtx8qd/4Aogu5cCq5dSaFIqRtBiNzMzZg2SScznUyq+f3glnPuvek5z/04OZlzuDeAoTWd/pOL2B8RHycRk9n6JCJGG6mRiJNr+929c20uXZKo19/8PWnsk+aj5TOpPVnmiYj4/oOIQ7n2cqsrq4uFUqm4lOVnauXLM9WV1cMXy4WF4kLx0uzx54/Onph97sTstsX65/uvnz/19Stf3nzvp1/feOfU00mcjL3ZttY4tst0TGfHZDQ9hPd4ebsLG7Bk0BVgS9Jbc9faXR77YzJ2NVIAwH/Z9YioAwBDJvH9DwBDpvl3gObYXj/GwR5lt1+KiImIsZZjsLZlJBuzm2iMg+6+m9wzMpJExNQ2lD8dEVff/vCbdIk+jUMCdPLujYg4NzXd3v4nbXMWNuvZHvaZvi+v/YOd813a/znRqf+XW+//RIf+z3iHe3crNr7/c7e2oZiu0v7fCx37v+uT1qZ2Zbn/N/p8o8mFi6Vi2rY9FhEHY3Q8zR95QBnHPnnxx27bWvt/6ZKW3+wLZvW4NTJ+72fmC7XCw8Tc6vaNiCdHOsWfrJ//pEv/90yPZdR+eOqLbts2jr+/6p9HPNPx/P8zoy1pmZ84Hm3zE2ca18NM86pol/9ocl+38gcdf3r+dz84/qmkdb5mdfNl/PzpX69227bV638seauRHsvWXS3UaktHIsaS19rXt0whbeab+6fxHzzw4Pav0/Wf/iY812P8i599dX7r8fdXGv/8ps7/5hMHfvm2czz1bLbxhuf/WCN1MFvTS/vXawUf5tgBAAAAAAAAAAAAAAAAAAAAAAAAQK9yEbE3klx+PZ3L5fNr7/B+PHbnSpVq7dCFyvKl+Wi8K3sqRnPNJ11OtjwP9Uj2PPxmfva+/NGI2BcRN8f/18jn5yql+UEHDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACZPV3e/5/6bXzQtQMA+mbi+qBrAADstIlBVwAA2HG+/wFg+Pj+B4ChctocPwAYTn7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GdnTp9Ol/ofd67Npfn5KyvLi5Urh+eL1cV8eXkuP1dZupxfqFQWSsX8XKW80f9XqlQuzx6P5asztWK1NlNdWT1brixfqp29WC4sFM8WR3ckKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYnOrK6mKhVCouPWKJiax+j0p9JCSGKzHghgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgX+LvAAAA///A4xmC")

2.417769919s ago: executing program 6 (id=953):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0)
mkdirat$cgroup(r0, &(0x7f0000000300)='syz1\x00', 0x1ff)
mkdirat$cgroup(r0, &(0x7f0000001e40)='syz0\x00', 0x1ff)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)

2.357334439s ago: executing program 5 (id=954):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

2.215842679s ago: executing program 3 (id=955):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, r1, 0x12}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup=r3, r2, 0x12, 0x0, 0x0, @void, @value=0x0}, 0x20)

2.001859411s ago: executing program 7 (id=956):
syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000012c0)={0x8, "a9780d4dc37a1d5c99c46fa9d1f5ffb92eafb2723b49e41c13a0172578e35bde"})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f00000006c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000700)={0x7f, 0xfffffffffffffeda, 0x0, 0xfffffffffffffffe, 0x3ff, 0x0, 0x4, 0xd6c3}, 0x0, 0x0, 0x0)

1.985783562s ago: executing program 6 (id=957):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x400)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_XRUN(r2, 0x4148, 0x0)

1.894553591s ago: executing program 8 (id=958):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x38)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="01000d"])
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})

1.633417646s ago: executing program 5 (id=959):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000002640)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)='@', 0x1}], 0x1, &(0x7f0000000000)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x20000000}}], 0x1, 0x4068001)

1.633026969s ago: executing program 3 (id=960):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000580)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000000100)={0x1d, r2}, 0x10)
bind$can_raw(r1, &(0x7f0000000280), 0x10)

1.47706706s ago: executing program 8 (id=961):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x0, 0x4})
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, 0x0)

1.128021492s ago: executing program 5 (id=962):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000080000000800", @ANYRES32, @ANYBLOB="00000000020000ec6bdc9d4bfd71782ce8aec25001e92300"/36, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x20000000000, 0x822b01)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000100))
write$char_usb(r0, &(0x7f0000000040)="e2", 0x1068)

953.252936ms ago: executing program 3 (id=963):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
lseek(r0, 0x1, 0x0)
getdents(r0, 0x0, 0x58)

733.150407ms ago: executing program 6 (id=964):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002400)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000fcffff124e000000000000003700feff0400000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

606.173805ms ago: executing program 3 (id=965):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff40f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0x4, 0x28}]}}}}}}}}, 0x0)

533.244258ms ago: executing program 5 (id=966):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
dup3(r0, r1, 0x0)

356.959666ms ago: executing program 8 (id=967):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000580)={0x14, 0x0, &(0x7f0000000040)=[@request_death={0x400c630e, 0x0, 0xffffff7f00000000}, @enter_looper], 0x1a, 0x1000000000000, 0x0})

205.393078ms ago: executing program 6 (id=968):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
lseek(r0, 0x38, 0x1)

113.471692ms ago: executing program 7 (id=969):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x101800, 0x1c0)
lseek(r1, 0x1, 0x2)
getdents64(r1, 0x0, 0x22)

113.046885ms ago: executing program 5 (id=970):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$RTC_RD_TIME(r1, 0x80247009, &(0x7f0000000140))
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x3db, @tick=0x976, 0x0, {0x0, 0x3}, 0x0, 0x0, 0xa8})

0s ago: executing program 3 (id=971):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
sendmmsg$inet6(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000340)="b4", 0x1}], 0x1}}], 0x1, 0x24000010)

kernel console output (not intermixed with test programs):

nnot create hsr debugfs directory
[  314.211643][ T6718] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[  314.226522][ T6718] System zones: 1-12
[  314.235797][ T6718] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.246: corrupted in-inode xattr: e_value size too large
[  314.258147][ T6718] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.246: couldn't read orphan inode 15 (err -117)
[  314.357857][ T6718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.911928][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.118996][ T6736] loop3: detected capacity change from 0 to 512
[  315.299102][ T6607] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  315.359808][ T6607] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  315.388104][ T6607] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  315.489539][ T6607] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  315.671947][ T6736] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.250: corrupted in-inode xattr: invalid ea_ino
[  315.786430][ T6736] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.250: couldn't read orphan inode 15 (err -117)
[  315.932924][ T6736] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.614641][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.851640][ T6607] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.092879][ T6607] 8021q: adding VLAN 0 to HW filter on device team0
[  317.216586][ T3751] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.224327][ T3751] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.289771][ T3751] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.297549][ T3751] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.423630][ T6770] loop1: detected capacity change from 0 to 128
[  318.975273][ T2985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.985647][ T2985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.459045][ T4291] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.467525][ T4291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  319.842595][ T6607] 8021q: adding VLAN 0 to HW filter on device batadv0
[  321.964562][ T6822] loop5: detected capacity change from 0 to 764
[  322.104584][ T6826] netlink: 'syz.1.268': attribute type 3 has an invalid length.
[  322.114442][ T6826] netlink: 8 bytes leftover after parsing attributes in process `syz.1.268'.
[  322.238766][ T6607] veth0_vlan: entered promiscuous mode
[  322.336185][ T6607] veth1_vlan: entered promiscuous mode
[  322.657646][ T6831] loop0: detected capacity change from 0 to 64
[  322.910655][ T6607] veth0_macvtap: entered promiscuous mode
[  323.018621][ T6607] veth1_macvtap: entered promiscuous mode
[  323.317238][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.328365][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.338633][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.349557][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.361917][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.372849][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.385749][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.399351][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.416231][ T6607] batman_adv: batadv0: Interface activated: batadv_slave_0
[  323.784547][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.798370][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.810718][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.821622][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.831712][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.842455][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.852639][ T6607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.865480][ T6607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.879672][ T6607] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.124363][ T6607] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.134236][ T6607] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.143483][ T6607] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.152622][ T6607] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.539780][ T6851] loop5: detected capacity change from 0 to 256
[  325.290210][ T6863] loop3: detected capacity change from 0 to 512
[  325.336381][ T6863] EXT4-fs: inline encryption not supported
[  325.549573][ T6863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.563357][ T6863] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.761852][ T6863] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.280: corrupted inode contents
[  325.887225][ T6863] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.280: mark_inode_dirty error
[  325.900343][ T6876] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  325.900343][ T6876] The task syz.0.282 (6876) triggered the difference, watch for misbehavior.
[  325.948565][ T6863] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.280: corrupted inode contents
[  326.049216][ T6863] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.280: mark_inode_dirty error
[  326.116742][   T29] audit: type=1800 audit(1733163078.005:5): pid=6863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.280" name="bus" dev="loop3" ino=18 res=0 errno=0
[  326.832931][ T6880] loop5: detected capacity change from 0 to 32768
[  326.840220][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.852029][ T6880] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.283 (6880)
[  326.881235][ T6880] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  326.892026][ T6880] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  326.902410][ T6880] BTRFS info (device loop5): using free-space-tree
[  327.659145][   T29] audit: type=1800 audit(1733163079.535:6): pid=6880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.283" name="file1" dev="loop5" ino=260 res=0 errno=0
[  328.629303][ T6414] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  330.426711][ T6955] loop5: detected capacity change from 0 to 128
[  330.528396][ T6955] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  331.670350][ T2985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.681053][ T2985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.769717][   T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.782300][   T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.831239][   T44] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  331.842954][ T5839] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  332.078957][ T5839] usb 1-1: Using ep0 maxpacket: 8
[  332.096987][   T44] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  332.108188][   T44] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  332.120932][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  332.132799][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  332.142988][   T44] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  332.220852][ T5839] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  332.230739][ T5839] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.239054][ T5839] usb 1-1: Product: syz
[  332.243636][ T5839] usb 1-1: Manufacturer: syz
[  332.248498][ T5839] usb 1-1: SerialNumber: syz
[  332.259569][ T5839] usb 1-1: config 0 descriptor??
[  332.282439][   T44] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  332.295592][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  332.305219][   T44] usb 2-1: Product: syz
[  332.309654][   T44] usb 2-1: Manufacturer: syz
[  332.314642][   T44] usb 2-1: SerialNumber: syz
[  332.365774][   T44] usb 2-1: config 0 descriptor??
[  332.487661][ T5839] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  332.632039][   T44] radio-si470x 2-1:0.0: DeviceID=0x6465 ChipID=0x7669
[  332.755711][ T5839] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  332.844373][   T44] radio-si470x 2-1:0.0: software version 100, hardware version 101
[  332.868327][ T5839] usb 1-1: USB disconnect, device number 4
[  333.047240][   T44] radio-si470x 2-1:0.0: submitting int urb failed (-90)
[  334.435867][ T6989] loop5: detected capacity change from 0 to 32768
[  335.014659][   T44] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -110
[  335.024755][   T44] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22
[  335.191977][   T44] usb 2-1: USB disconnect, device number 4
[  336.691525][ T7009] loop3: detected capacity change from 0 to 32768
[  337.132122][ T7020] xt_hashlimit: size too large, truncated to 1048576
[  339.093090][ T7039] loop0: detected capacity change from 0 to 1024
[  339.752363][ T7039] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  340.412986][ T7039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.867141][ T7088] loop5: detected capacity change from 0 to 256
[  341.989499][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  341.996353][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  342.156512][ T5793] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  342.272183][ T5793] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  343.009553][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.230295][ T7100] loop3: detected capacity change from 0 to 1024
[  344.158570][ T7113] warning: `syz.1.342' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  345.713441][ T7132] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  345.891672][ T5798] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  345.935312][ T5798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  345.957540][ T5798] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  345.976936][ T5798] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  345.993701][ T5798] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  346.032121][ T5798] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  348.308491][ T5799] Bluetooth: hci4: command tx timeout
[  349.247210][ T7137] chnl_net:caif_netlink_parms(): no params data found
[  349.401346][ T5798] Bluetooth: hci1: command 0x0406 tx timeout
[  350.401643][ T5798] Bluetooth: hci4: command tx timeout
[  351.348082][ T7137] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.356560][ T7137] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.364699][ T7137] bridge_slave_0: entered allmulticast mode
[  351.373939][ T7137] bridge_slave_0: entered promiscuous mode
[  351.511055][ T7137] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.518751][ T7137] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.526840][ T7137] bridge_slave_1: entered allmulticast mode
[  351.536122][ T7137] bridge_slave_1: entered promiscuous mode
[  352.038065][ T7137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.174685][ T7137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.443802][ T5798] Bluetooth: hci4: command tx timeout
[  352.548719][ T7137] team0: Port device team_slave_0 added
[  352.595017][ T7137] team0: Port device team_slave_1 added
[  352.685926][    T8] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  352.797997][ T7268] netlink: 'syz.5.370': attribute type 4 has an invalid length.
[  352.896105][ T7269] netlink: 'syz.5.370': attribute type 4 has an invalid length.
[  352.921629][ T7137] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.928814][ T7137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.954964][    C1] vkms_vblank_simulate: vblank timer overrun
[  352.962204][ T7137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  353.010743][   T44] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  353.165106][ T7137] batman_adv: batadv0: Adding interface: batadv_slave_1
[  353.172683][ T7137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  353.202860][ T7137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  353.319060][   T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  353.331540][   T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  353.341724][   T44] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  353.355183][   T44] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  353.364632][   T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.452390][    T8] usb 7-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  353.462558][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.499180][ T7137] hsr_slave_0: entered promiscuous mode
[  353.512952][    T8] usb 7-1: config 0 descriptor??
[  353.546117][ T7137] hsr_slave_1: entered promiscuous mode
[  353.553634][   T44] usb 4-1: config 0 descriptor??
[  353.587939][    T8] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  353.605870][ T7137] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  353.614323][ T7137] Cannot create hsr debugfs directory
[  353.909314][ T7274] loop5: detected capacity change from 0 to 256
[  353.925091][    T8] gp8psk: usb in 128 operation failed.
[  353.979708][ T7274] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  354.084317][   T44] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  354.139047][    T8] gp8psk: usb in 146 operation failed.
[  354.146479][    T8] gp8psk: failed to get FW version
[  354.159327][    T8] gp8psk: usb in 149 operation failed.
[  354.165196][    T8] gp8psk: failed to get FPGA version
[  354.173729][   T44] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  354.461019][    T8] gp8psk: usb in 138 operation failed.
[  354.466753][    T8] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  354.477670][    T8] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  354.544230][    T8] usb 7-1: USB disconnect, device number 2
[  354.556743][ T5798] Bluetooth: hci4: command tx timeout
[  355.819571][ T7137] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  355.923811][ T7137] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  356.010277][ T7137] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  356.140092][ T7137] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  356.700305][ T7137] 8021q: adding VLAN 0 to HW filter on device bond0
[  356.777703][ T7137] 8021q: adding VLAN 0 to HW filter on device team0
[  356.791155][    T8] usb 4-1: USB disconnect, device number 4
[  356.832564][ T5015] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.840258][ T5015] bridge0: port 1(bridge_slave_0) entered forwarding state
[  357.505211][ T7137] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  357.516087][ T7137] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  357.810273][ T5015] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.818050][ T5015] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.245409][ T7313] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  358.918516][ T7137] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.981964][ T7329] netlink: 80 bytes leftover after parsing attributes in process `syz.1.385'.
[  358.997001][ T7329] netlink: 80 bytes leftover after parsing attributes in process `syz.1.385'.
[  359.650096][ T7344] netlink: 56 bytes leftover after parsing attributes in process `syz.3.389'.
[  360.581437][ T7357] loop3: detected capacity change from 0 to 1024
[  360.594172][ T7357] EXT4-fs: Ignoring removed oldalloc option
[  360.668948][ T7357] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  360.720946][ T7357] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  360.826819][ T7357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.386390][ T7375] loop1: detected capacity change from 0 to 1024
[  361.486228][ T7137] veth0_vlan: entered promiscuous mode
[  361.607049][ T7137] veth1_vlan: entered promiscuous mode
[  361.795164][ T7378] loop5: detected capacity change from 0 to 2048
[  361.913462][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.945792][ T7378] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  362.168655][ T7382] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  362.337181][ T7137] veth0_macvtap: entered promiscuous mode
[  362.391941][ T7380] loop6: detected capacity change from 0 to 32768
[  362.445730][ T7137] veth1_macvtap: entered promiscuous mode
[  362.541070][   T29] audit: type=1804 audit(1733163114.395:7): pid=7378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.402" name="/newroot/30/file0/file1" dev="loop5" ino=15 res=1 errno=0
[  362.631280][ T7380] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  362.714171][ T7378] syz.5.402 (7378) used greatest stack depth: 4400 bytes left
[  362.722920][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  362.733760][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  362.743937][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  362.756745][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  362.766884][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  362.777957][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  362.788111][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  362.798932][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  362.812464][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  362.824302][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  362.855511][ T7137] batman_adv: batadv0: Interface activated: batadv_slave_0
[  363.064742][ T6607] ocfs2: Unmounting device (7,6) on (node local)
[  363.098182][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.110910][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.125892][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.138604][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.150757][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.162773][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.172959][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.183835][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.194065][ T7137] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  363.204922][ T7137] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.223631][ T7137] batman_adv: batadv0: Interface activated: batadv_slave_1
[  363.519649][ T7137] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.532725][ T7137] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.542817][ T7137] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.552066][ T7137] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  365.409677][ T7430] loop6: detected capacity change from 0 to 64
[  365.972385][ T7436] loop1: detected capacity change from 0 to 512
[  366.042481][ T7436] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  366.202177][ T7436] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.416: bg 0: block 64: padding at end of block bitmap is not set
[  366.218386][ T7436] Quota error (device loop1): write_blk: dquota write failed
[  366.226919][ T7436] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  366.237466][ T7436] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.416: Failed to acquire dquot type 0
[  366.291494][ T7436] EXT4-fs (loop1): 1 truncate cleaned up
[  366.299036][ T7436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.612843][ T7436] Quota error (device loop1): write_blk: dquota write failed
[  366.621080][ T7436] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  366.631457][ T7436] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.416: Failed to acquire dquot type 0
[  366.836054][ T7451] loop6: detected capacity change from 0 to 512
[  366.922681][ T7451] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  366.936369][ T7451] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  366.956531][ T7453] loop5: detected capacity change from 0 to 512
[  367.029869][ T7436] syz.1.416 (7436) used greatest stack depth: 4296 bytes left
[  367.145328][ T7451] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  367.158898][ T7451] EXT4-fs (loop6): 1 truncate cleaned up
[  367.159651][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.166311][ T7451] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.195727][ T7453] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.213706][ T7453] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.269378][ T7462] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  367.646718][ T6607] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.103770][ T6414] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.703384][ T7487] loop1: detected capacity change from 0 to 256
[  369.172657][ T7498] loop3: detected capacity change from 0 to 2048
[  369.204995][ T7495] loop5: detected capacity change from 0 to 256
[  369.215454][ T7495] exfat: Bad value for 'errors'
[  369.285216][ T7498] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  369.293424][ T7498] UDF-fs: Scanning with blocksize 512 failed
[  369.436741][ T7498] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  369.641479][ T3751] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  369.649555][ T3751] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  369.812987][ T7503] netlink: 8 bytes leftover after parsing attributes in process `syz.5.431'.
[  370.030785][ T3751] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.038858][ T3751] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.256830][ T7513] netlink: 4 bytes leftover after parsing attributes in process `syz.5.434'.
[  370.719994][ T5785] UDF-fs: warning (device loop3): udf_evict_inode: Inode 851 (mode 100000) has inode size 1099511627782 different from extent length 1099511628800. Filesystem need not be standards compliant.
[  370.731955][ T7518] loop7: detected capacity change from 0 to 512
[  370.778665][ T7518] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  370.790336][ T7506] loop6: detected capacity change from 0 to 8192
[  370.831924][ T7518] EXT4-fs (loop7): 1 truncate cleaned up
[  370.839565][ T7518] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.913516][ T7523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.437'.
[  371.983713][ T7506] FAT-fs (loop6): error, clusters badly computed (2 != 1)
[  371.987343][ T7137] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.991205][ T7506] FAT-fs (loop6): Filesystem has been set read-only
[  373.095281][ T7559] 9pnet: p9_errstr2errno: server reported unknown error �^P�
[  373.204224][ T7545] loop1: detected capacity change from 0 to 32768
[  373.244140][ T7554] block nbd7: Device being setup by another task
[  373.374703][ T5798] block nbd7: Receive control failed (result -32)
[  373.411965][ T7555] block nbd7: shutting down sockets
[  373.426726][ T7545] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  373.546267][ T7567] loop5: detected capacity change from 0 to 256
[  373.774194][ T7570] overlayfs: unescaped trailing colons in lowerdir mount option.
[  374.098050][ T7567] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  374.111892][ T7567] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  374.198244][ T5789] ocfs2: Unmounting device (7,1) on (node local)
[  374.320290][ T7577] loop3: detected capacity change from 0 to 1024
[  374.446187][ T7567] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000006)
[  374.456317][ T7567] exFAT-fs (loop5): Filesystem has been set read-only
[  374.606715][ T7567] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000006)
[  374.636774][ T7577] capability: warning: `syz.3.454' uses deprecated v2 capabilities in a way that may be insecure
[  374.831548][ T7577] hfsplus: xattr searching failed
[  374.882299][ T7577] hfsplus: b-tree write err: -5, ino 3
[  375.141242][   T44] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  375.236489][ T3751] hfsplus: b-tree write err: -5, ino 3
[  375.306256][   T44] usb 8-1: Using ep0 maxpacket: 16
[  375.322197][   T44] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  375.332781][   T44] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  375.342209][   T44] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  375.351645][   T44] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.368894][ T7597] loop6: detected capacity change from 0 to 128
[  375.477169][   T44] usb 8-1: config 0 descriptor??
[  375.523592][ T7597] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  375.592937][ T7597] ext4 filesystem being mounted at /33/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  375.911070][   T44] usb 8-1: USB disconnect, device number 2
[  376.346540][ T6607] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  376.465050][ T7611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.460'.
[  377.801676][ T7643] loop5: detected capacity change from 0 to 256
[  377.821244][ T7643] exfat: Deprecated parameter 'utf8'
[  377.842505][   T44] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  377.933828][ T7643] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  378.041744][   T44] usb 7-1: Using ep0 maxpacket: 16
[  378.054134][   T44] usb 7-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  378.067133][   T44] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.149294][   T44] usb 7-1: config 0 descriptor??
[  378.188909][   T44] gspca_main: sonixj-2.14.0 probing 0471:0327
[  379.527194][   T44] gspca_sonixj: reg_w1 err -71
[  379.556839][   T44] sonixj 7-1:0.0: probe with driver sonixj failed with error -71
[  379.576232][ T7665] loop5: detected capacity change from 0 to 2048
[  379.593393][   T44] usb 7-1: USB disconnect, device number 3
[  380.301631][ T5844] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  380.312065][ T6414] UDF-fs: warning (device loop5): udf_evict_inode: Inode 1367 (mode 100000) has inode size 7936 different from extent length 8192. Filesystem need not be standards compliant.
[  380.871784][ T5844] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  380.883352][ T5844] usb 8-1: config 0 has no interfaces?
[  380.936894][ T5844] usb 8-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=62.70
[  380.947243][ T5844] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.955755][ T5844] usb 8-1: Product: syz
[  380.960160][ T5844] usb 8-1: Manufacturer: syz
[  380.965152][ T5844] usb 8-1: SerialNumber: syz
[  380.994509][ T5844] usb 8-1: config 0 descriptor??
[  381.249038][ T5844] usb 8-1: USB disconnect, device number 3
[  381.405384][ T7694] netlink: 'syz.5.487': attribute type 29 has an invalid length.
[  381.494354][ T7697] loop1: detected capacity change from 0 to 128
[  381.577873][ T7697] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  381.632220][ T7701] loop6: detected capacity change from 0 to 128
[  381.781395][   T29] audit: type=1804 audit(1733163133.585:8): pid=7697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.489" name="/newroot/115/bus/bus" dev="loop1" ino=115 res=1 errno=0
[  381.803468][   T29] audit: type=1800 audit(1733163133.585:9): pid=7697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.489" name="bus" dev="loop1" ino=115 res=0 errno=0
[  382.000909][ T7701] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  382.220284][ T7701] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.492843][ T7697] Invalid ELF header magic: != ELF
[  382.760002][ T6607] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  382.767323][ T7714] loop3: detected capacity change from 0 to 2048
[  382.782067][ T7714] EXT4-fs: Ignoring removed nobh option
[  383.246559][ T7714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.259509][ T7714] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  383.572989][ T7714] EXT4-fs error (device loop3): __ext4_remount:6749: comm syz.3.494: Abort forced by user
[  383.581979][ T7734] loop1: detected capacity change from 0 to 256
[  383.605016][ T7734] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  383.617249][ T7734] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  383.648082][ T7714] EXT4-fs (loop3): Remounting filesystem read-only
[  383.655796][ T7714] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  383.969162][ T7734] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf32de3a7, utbl_chksum : 0xe619d30d)
[  384.049201][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.256728][ T7744] syz_tun: entered allmulticast mode
[  384.292215][ T7743] syz_tun: left allmulticast mode
[  384.971695][ T7756] Unknown status report in ack skb
[  385.182125][ T7759] netlink: 76 bytes leftover after parsing attributes in process `syz.3.508'.
[  385.759554][ T7766] loop5: detected capacity change from 0 to 512
[  385.859163][ T7766] EXT4-fs: Ignoring removed orlov option
[  385.865708][ T7766] EXT4-fs: Ignoring removed nomblk_io_submit option
[  386.181231][ T7766] EXT4-fs (loop5): Test dummy encryption mode enabled
[  386.188302][ T7766] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  386.402096][ T7766] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.510: invalid indirect mapped block 83886080 (level 1)
[  386.624561][ T7766] EXT4-fs (loop5): 1 orphan inode deleted
[  386.631142][ T7766] EXT4-fs (loop5): 1 truncate cleaned up
[  386.638672][ T7766] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  387.250885][ T5844] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  387.621662][ T5844] usb 6-1: Using ep0 maxpacket: 16
[  388.138022][ T5844] usb 6-1: New USB device found, idVendor=04dd, idProduct=8002, bcdDevice=fc.b6
[  388.148037][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.156508][ T5844] usb 6-1: Product: syz
[  388.161065][ T5844] usb 6-1: Manufacturer: syz
[  388.165902][ T5844] usb 6-1: SerialNumber: syz
[  388.287699][ T7805] loop1: detected capacity change from 0 to 1024
[  388.299356][ T5844] usb 6-1: config 0 descriptor??
[  388.330392][ T5844] safe_serial 6-1:0.0: safe_serial converter detected
[  388.449334][ T5844] usb 6-1: safe_serial converter now attached to ttyUSB0
[  388.478735][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies.
[  388.511409][ T7766] fscrypt (loop5): Error allocating 'xts(aes)' transform: -4
[  388.877361][ T5844] usb 6-1: USB disconnect, device number 2
[  388.932837][ T5844] safe_serial ttyUSB0: safe_serial converter now disconnected from ttyUSB0
[  388.942940][ T5844] safe_serial 6-1:0.0: device disconnected
[  388.974028][ T6414] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.497694][ T7827] 9pnet: p9_errstr2errno: server reported unknown error ��Fc�g�KIe��B$�*�
[  389.983796][ T7836] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  390.712023][ T5844] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  390.964829][ T5844] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  390.980283][ T5844] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22
[  391.055838][    C1] ------------[ cut here ]------------
[  391.061583][    C1] refcount_t: underflow; use-after-free.
[  391.069241][    C1] WARNING: CPU: 1 PID: 24 at lib/refcount.c:28 refcount_warn_saturate+0x2cb/0x370
[  391.078910][    C1] Modules linked in:
[  391.083159][    C1] CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  391.090431][ T5844] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  391.094025][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  391.103398][ T5844] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  391.113313][    C1] RIP: 0010:refcount_warn_saturate+0x2cb/0x370
[  391.121605][ T5844] usb 8-1: SerialNumber: syz
[  391.127681][    C1] Code: f6 91 e8 b8 7f 22 fc c6 00 00 c6 05 01 02 c5 0b 01 90 49 c7 86 80 0c 00 00 00 00 00 00 48 c7 c7 c3 5f 17 91 e8 26 64 2c fb 90 <0f> 0b 90 90 e9 c4 fe ff ff 8b 3a e8 45 8c 22 fc f6 c3 01 0f 85 83
[  391.152709][    C1] RSP: 0018:ffff8881002f7588 EFLAGS: 00010246
[  391.159100][    C1] RAX: ffffffff815de339 RBX: 0000000000000000 RCX: ffff8881002f8000
[  391.167438][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  391.175745][    C1] RBP: ffff8881002f75a0 R08: ffffffff815de32f R09: 0000000000000000
[  391.184058][    C1] R10: ffff8880bb6f71d0 R11: 0000000000000004 R12: 0000000000000000
[  391.192345][    C1] R13: ffff88813fda1c80 R14: ffff88813fda1c80 R15: 0000000000000003
[  391.200653][    C1] FS:  0000000000000000(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[  391.209883][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  391.216786][    C1] CR2: 0000000020015000 CR3: 000000013f02e000 CR4: 00000000003526f0
[  391.225156][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  391.233439][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  391.241709][    C1] Call Trace:
[  391.245183][    C1]  <TASK>
[  391.248310][    C1]  ? show_trace_log_lvl+0x268/0x3d0
[  391.253902][    C1]  ? sk_skb_reason_drop+0x154/0x480
[  391.259408][    C1]  ? show_regs+0xb4/0xe0
[  391.264032][    C1]  ? __warn+0x2c7/0x780
[  391.268493][    C1]  ? refcount_warn_saturate+0x2cb/0x370
[  391.274457][    C1]  ? report_bug+0x929/0xbd0
[  391.279300][    C1]  ? refcount_warn_saturate+0x2cb/0x370
[  391.285262][    C1]  ? handle_bug+0x6d/0x90
[  391.289860][    C1]  ? exc_invalid_op+0x1f/0x50
[  391.294886][    C1]  ? asm_exc_invalid_op+0x1f/0x30
[  391.300221][    C1]  ? __warn_printk+0x43f/0x470
[  391.305370][    C1]  ? __warn_printk+0x449/0x470
[  391.310460][    C1]  ? refcount_warn_saturate+0x2cb/0x370
[  391.316404][    C1]  ? refcount_warn_saturate+0x2ca/0x370
[  391.322322][    C1]  sk_skb_reason_drop+0x154/0x480
[  391.327641][    C1]  j1939_xtp_rx_cts+0xb7b/0x1630
[  391.333030][    C1]  j1939_tp_recv+0xf9a/0x1600
[  391.338039][    C1]  j1939_can_recv+0xe30/0xfa0
[  391.343142][    C1]  ? __pfx_j1939_can_recv+0x10/0x10
[  391.348654][    C1]  can_rcv_filter+0x697/0x1010
[  391.353818][    C1]  can_receive+0x423/0x5d0
[  391.354855][ T7843] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  391.358473][    C1]  can_rcv+0x209/0x3a0
[  391.370081][    C1]  ? ip6_rcv_finish+0x920/0x970
[  391.375305][    C1]  ? __pfx_can_rcv+0x10/0x10
[  391.380198][    C1]  __netif_receive_skb+0x42b/0xa00
[  391.385709][    C1]  ? kmsan_get_metadata+0x13e/0x1c0
[  391.391290][    C1]  process_backlog+0x4ad/0xa50
[  391.396366][    C1]  ? __pfx_process_backlog+0x10/0x10
[  391.402037][    C1]  __napi_poll+0xe7/0x980
[  391.406648][    C1]  ? kmsan_get_metadata+0x13e/0x1c0
[  391.412238][    C1]  net_rx_action+0xa5a/0x19b0
[  391.417224][    C1]  ? kmsan_get_metadata+0x13e/0x1c0
[  391.422791][    C1]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  391.428974][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  391.434463][    C1]  handle_softirqs+0x1a0/0x7c0
[  391.439565][    C1]  ? kmsan_get_metadata+0x13e/0x1c0
[  391.445127][    C1]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  391.451302][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  391.456706][    C1]  run_ksoftirqd+0x29/0x50
[  391.461492][    C1]  smpboot_thread_fn+0x555/0xa60
[  391.466768][    C1]  kthread+0x3e2/0x540
[  391.471179][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  391.476980][    C1]  ? __pfx_kthread+0x10/0x10
[  391.481927][    C1]  ret_from_fork+0x6d/0x90
[  391.486637][    C1]  ? __pfx_kthread+0x10/0x10
[  391.491575][    C1]  ret_from_fork_asm+0x1a/0x30
[  391.496676][    C1]  </TASK>
[  391.499877][    C1] ---[ end trace 0000000000000000 ]---
[  391.700891][ T7843] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  392.288324][ T5844] cdc_ether 8-1:1.0 eth9: register 'cdc_ether' at usb-dummy_hcd.7-1, CDC Ethernet Device, 42:42:42:42:42:42
[  393.243800][ T7863] loop6: detected capacity change from 0 to 64
[  394.476213][   T44] usb 8-1: USB disconnect, device number 4
[  394.484503][   T44] cdc_ether 8-1:1.0 eth9: unregister 'cdc_ether' usb-dummy_hcd.7-1, CDC Ethernet Device
[  394.542296][    C1] vcan0: j1939_tp_rxtimer: 0xffff88801d94f400: rx timeout, send abort
[  394.800716][ T7881] loop6: detected capacity change from 0 to 4096
[  394.892140][ T7881] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  395.050896][    C1] vcan0: j1939_tp_rxtimer: 0xffff88801d94f400: abort rx timeout. Force session deactivation
[  396.752550][ T7918] loop5: detected capacity change from 0 to 4096
[  396.801439][   T44] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  396.889770][ T7914] loop3: detected capacity change from 0 to 8192
[  397.020404][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  397.033138][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  397.043289][   T44] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  397.056735][   T44] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  397.066247][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.163226][   T44] usb 2-1: config 0 descriptor??
[  397.923672][   T44] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  398.148261][   T44] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  398.336223][   T29] audit: type=1326 audit(1733163150.215:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.361883][   T29] audit: type=1326 audit(1733163150.215:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.385711][   T29] audit: type=1326 audit(1733163150.225:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.408536][   T29] audit: type=1326 audit(1733163150.245:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.431522][   T29] audit: type=1326 audit(1733163150.255:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.457000][   T29] audit: type=1326 audit(1733163150.295:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.480685][   T29] audit: type=1326 audit(1733163150.295:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.503728][   T29] audit: type=1326 audit(1733163150.295:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.527128][   T29] audit: type=1326 audit(1733163150.325:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  398.553485][   T29] audit: type=1326 audit(1733163150.325:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.5.563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0d1d7ff19 code=0x7ffc0000
[  399.226218][ T5142] usb 2-1: USB disconnect, device number 5
[  399.415120][ T7952] Bluetooth: MGMT ver 1.23
[  400.154486][ T7964] loop6: detected capacity change from 0 to 2048
[  400.375925][ T7964] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  400.559760][ T7964] EXT4-fs error (device loop6): ext4_lookup:1813: inode #14: comm syz.6.569: iget: bad extra_isize 1056 (inode size 256)
[  400.655058][ T7964] EXT4-fs (loop6): Remounting filesystem read-only
[  401.111783][ T6607] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.407770][ T7994] loop1: detected capacity change from 0 to 2048
[  401.534255][ T7994] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  401.580640][ T8001] netlink: 4 bytes leftover after parsing attributes in process `syz.7.581'.
[  401.589952][ T8001] bridge_slave_1: left allmulticast mode
[  401.596059][ T8001] bridge_slave_1: left promiscuous mode
[  401.602886][ T8001] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.676542][ T8001] bridge_slave_0: left allmulticast mode
[  401.683210][ T8001] bridge_slave_0: left promiscuous mode
[  401.689930][ T8001] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.725591][ T7994] overlayfs: upper fs needs to support d_type.
[  401.738344][ T7994] overlayfs: cleanup of 'work/#9' failed (-2)
[  401.745794][ T7994] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  401.754092][ T7994] overlayfs: failed to set xattr on upper
[  401.760071][ T7994] overlayfs: ...falling back to redirect_dir=nofollow.
[  401.767328][ T7994] overlayfs: ...falling back to index=off.
[  401.773547][ T7994] overlayfs: ...falling back to uuid=null.
[  402.019910][ T5789] UDF-fs: error (device loop1): udf_read_inode: (ino 1317) failed !bh
[  402.034243][ T5789] UDF-fs: error (device loop1): udf_read_inode: (ino 1317) failed !bh
[  402.618304][ T8012] loop3: detected capacity change from 0 to 512
[  403.132982][ T8012] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  403.196691][ T8012] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.584: invalid indirect mapped block 2683928664 (level 1)
[  403.269444][ T8012] EXT4-fs (loop3): 1 truncate cleaned up
[  403.277123][ T8012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.503561][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  403.510242][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  403.751749][ T5799] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  403.773319][ T5799] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  403.815801][ T5799] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  403.938964][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  403.953897][ T5799] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  404.043406][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.094420][ T5799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  404.941792][ T8045] syz.7.594 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  405.428700][ T8057] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  406.290745][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  406.290826][   T29] audit: type=1326 audit(1733163157.945:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.3.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30bf37ff19 code=0x7ffc0000
[  406.319910][   T29] audit: type=1326 audit(1733163157.955:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.3.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f30bf37ff19 code=0x7ffc0000
[  406.346014][   T29] audit: type=1326 audit(1733163157.955:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.3.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30bf37ff19 code=0x7ffc0000
[  406.368371][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.376319][   T29] audit: type=1326 audit(1733163157.955:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.3.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f30bf37ff19 code=0x7ffc0000
[  406.398579][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.405342][   T29] audit: type=1326 audit(1733163157.965:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8047 comm="syz.3.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30bf37ff19 code=0x7ffc0000
[  406.456122][ T8059] loop6: detected capacity change from 0 to 40427
[  406.487475][ T8059] F2FS-fs (loop6): heap/no_heap options were deprecated
[  406.500199][ T8059] F2FS-fs (loop6): invalid crc value
[  406.512191][ T8059] F2FS-fs (loop6): Found nat_bits in checkpoint
[  406.571490][ T5798] Bluetooth: hci3: command tx timeout
[  406.853972][ T8071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.603'.
[  406.897189][ T8059] F2FS-fs (loop6): Start checkpoint disabled!
[  406.964122][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.979461][ T8059] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  406.992430][ T8024] chnl_net:caif_netlink_parms(): no params data found
[  407.119875][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.716863][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.800434][ T4291] kworker/u8:24: attempt to access beyond end of device
[  407.800434][ T4291] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  407.815328][ T4291] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  407.822927][ T4291] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  407.830129][ T4291] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  407.920815][ T8088] loop3: detected capacity change from 0 to 64
[  408.029505][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.107764][ T8086] loop5: detected capacity change from 0 to 2048
[  408.727481][ T5798] Bluetooth: hci3: command tx timeout
[  409.193398][   T11] bridge_slave_1: left allmulticast mode
[  409.206409][   T11] bridge_slave_1: left promiscuous mode
[  409.215814][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.262977][ T8086] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  409.275817][ T8086] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.334146][   T11] bridge_slave_0: left allmulticast mode
[  409.340201][   T11] bridge_slave_0: left promiscuous mode
[  409.347112][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.431220][ T8086] EXT4-fs (loop5): shut down requested (2)
[  409.525427][ T8086] fs-verity: sha256 using implementation "sha256-generic"
[  409.635708][ T8102] loop3: detected capacity change from 0 to 4096
[  409.981263][ T8102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.983888][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.056810][ T6414] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.057105][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.083984][   T11] bond0 (unregistering): Released all slaves
[  410.517173][ T8024] bridge0: port 1(bridge_slave_0) entered blocking state
[  410.530915][ T8024] bridge0: port 1(bridge_slave_0) entered disabled state
[  410.538745][ T8024] bridge_slave_0: entered allmulticast mode
[  410.548237][ T8024] bridge_slave_0: entered promiscuous mode
[  410.586884][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.619868][ T8024] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.636323][ T8024] bridge0: port 2(bridge_slave_1) entered disabled state
[  410.646479][ T8024] bridge_slave_1: entered allmulticast mode
[  410.655640][ T8024] bridge_slave_1: entered promiscuous mode
[  410.781766][ T5798] Bluetooth: hci3: command tx timeout
[  410.932980][ T8120] loop3: detected capacity change from 0 to 128
[  410.990400][ T8113] loop7: detected capacity change from 0 to 4096
[  411.047635][ T8113] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[  411.579745][ T8024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  411.720098][ T8024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  411.801539][ T8113] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  411.839639][ T8113] ntfs3(loop7): Failed to initialize $Extend/$ObjId.
[  412.196079][   T11] hsr_slave_0: left promiscuous mode
[  412.216159][ T8141] loop3: detected capacity change from 0 to 2048
[  412.243190][   T11] hsr_slave_1: left promiscuous mode
[  412.262744][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  412.275082][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  412.276924][ T8141] EXT4-fs: Ignoring removed nobh option
[  412.333425][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  412.341804][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  412.411267][ T8141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.424475][ T8141] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  412.491361][   T11] veth1_macvtap: left promiscuous mode
[  412.497140][   T11] veth0_macvtap: left promiscuous mode
[  412.503243][   T11] veth1_vlan: left promiscuous mode
[  412.508817][   T11] veth0_vlan: left promiscuous mode
[  412.831340][ T5798] Bluetooth: hci3: command tx timeout
[  413.241688][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.772654][   T11] team0 (unregistering): Port device team_slave_1 removed
[  413.817407][   T11] team0 (unregistering): Port device team_slave_0 removed
[  414.109781][ T8024] team0: Port device team_slave_0 added
[  414.172278][ T8166] loop5: detected capacity change from 0 to 512
[  414.187656][ T8024] team0: Port device team_slave_1 added
[  414.431277][ T8166] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  414.441138][ T8166] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  414.617754][ T8166] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  414.801732][ T8024] batman_adv: batadv0: Adding interface: batadv_slave_0
[  414.808918][ T8024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  414.838493][ T8024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  414.876322][ T8166] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  414.951486][ T8166] System zones: 0-2, 18-18, 34-34
[  415.034462][ T8024] batman_adv: batadv0: Adding interface: batadv_slave_1
[  415.043311][ T8024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  415.069696][ T8024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  415.116301][ T8166] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  415.185624][ T8166] EXT4-fs (loop5): 1 truncate cleaned up
[  415.232579][ T8166] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.316336][ T8024] hsr_slave_0: entered promiscuous mode
[  415.372198][   T29] audit: type=1800 audit(1733163167.265:29): pid=8166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.627" name="file1" dev="loop5" ino=15 res=0 errno=0
[  415.393945][ T8024] hsr_slave_1: entered promiscuous mode
[  415.502752][   T29] audit: type=1800 audit(1733163167.305:30): pid=8166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.627" name="file2" dev="loop5" ino=16 res=0 errno=0
[  415.772191][ T6414] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.790769][ T5798] Bluetooth: hci2: command 0x0406 tx timeout
[  417.023999][ T8024] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  417.092255][ T8024] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  417.148982][ T8024] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  417.252243][ T8024] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  417.955647][ T8024] 8021q: adding VLAN 0 to HW filter on device bond0
[  417.997473][ T8024] 8021q: adding VLAN 0 to HW filter on device team0
[  418.128623][ T8024] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  418.140274][ T8024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  418.180436][ T2985] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.188195][ T2985] bridge0: port 1(bridge_slave_0) entered forwarding state
[  418.206795][ T2985] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.214551][ T2985] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.877776][ T8024] 8021q: adding VLAN 0 to HW filter on device batadv0
[  420.885688][ T5841] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  421.077401][ T5841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.089194][ T5841] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  421.098652][ T5841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.191412][ T5841] usb 7-1: config 0 descriptor??
[  421.291795][ T8274] loop7: detected capacity change from 0 to 512
[  421.326773][ T8274] EXT4-fs: Ignoring removed nobh option
[  421.333435][ T8274] EXT4-fs: quotafile must be on filesystem root
[  421.443470][ T8270] loop3: detected capacity change from 0 to 2048
[  421.471133][ T5841] usbhid 7-1:0.0: can't add hid device: -71
[  421.477869][ T5841] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  421.507769][ T5841] usb 7-1: USB disconnect, device number 4
[  421.512308][ T8270] EXT4-fs: Ignoring removed mblk_io_submit option
[  421.817177][ T8270] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.981323][ T5841] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  422.122047][ T8283] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  422.214132][ T8283] EXT4-fs (loop3): Remounting filesystem read-only
[  422.367618][ T8024] veth0_vlan: entered promiscuous mode
[  422.443256][ T8024] veth1_vlan: entered promiscuous mode
[  422.547380][ T8024] veth0_macvtap: entered promiscuous mode
[  422.568354][ T8024] veth1_macvtap: entered promiscuous mode
[  422.614343][ T5841] usb 7-1: Using ep0 maxpacket: 16
[  422.641484][ T5841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.653270][ T5841] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  422.662725][ T5841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.768058][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.779057][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.789214][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.800011][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.810220][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.824493][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.836742][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.847507][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.857698][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.868599][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.888412][ T8024] batman_adv: batadv0: Interface activated: batadv_slave_0
[  422.898954][ T5841] usb 7-1: config 0 descriptor??
[  422.926593][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  422.937708][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.949326][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  422.960761][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.977016][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  422.988992][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.999366][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.010449][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.024294][ T8024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.037392][ T8024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.052216][ T8024] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.130120][ T8024] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.139572][ T8024] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.148933][ T8024] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.158250][ T8024] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.228709][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.488409][ T5841] mcp2221 0003:04D8:00DD.0006: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[  423.847072][ T5142] usb 7-1: USB disconnect, device number 5
[  424.520972][    T8] IPVS: starting estimator thread 0...
[  424.707447][ T8317] IPVS: using max 240 ests per chain, 12000 per kthread
[  427.937479][ T8369] loop5: detected capacity change from 0 to 256
[  428.170412][ T8369] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  429.217073][ T8379] loop3: detected capacity change from 0 to 32768
[  429.715433][ T8391] loop7: detected capacity change from 0 to 128
[  429.733365][ T4976] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.741934][ T4976] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.750741][ T8379] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  429.816890][   T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.825580][   T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.859550][ T8389] input: syz0 as /devices/virtual/input/input7
[  430.071277][   T29] audit: type=1800 audit(1733163181.955:31): pid=8391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.680" name="file1" dev="loop7" ino=1048654 res=0 errno=0
[  430.164137][ T8391] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8)
[  430.173702][ T8391] FAT-fs (loop7): Filesystem has been set read-only
[  430.182403][ T8391] FAT-fs (loop7): error, corrupted file size (i_pos 548, 522)
[  430.198159][   T29] audit: type=1800 audit(1733163182.005:32): pid=8391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.680" name="file1" dev="loop7" ino=1048654 res=0 errno=0
[  430.219606][   T29] audit: type=1804 audit(1733163182.035:33): pid=8391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.680" name="/newroot/61/file2/file1" dev="loop7" ino=1048654 res=1 errno=0
[  430.869377][ T5785] ocfs2: Unmounting device (7,3) on (node local)
[  431.071726][ T5799] Bluetooth: hci0: command 0x0406 tx timeout
[  431.292693][ T8400] loop6: detected capacity change from 0 to 4096
[  431.727409][ T8400] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  432.621161][    T8] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  432.903425][    T8] usb 9-1: Using ep0 maxpacket: 32
[  433.113295][ T8432] macvtap1: entered promiscuous mode
[  433.119029][ T8432] vlan1: entered promiscuous mode
[  433.126244][ T8432] macvtap1: entered allmulticast mode
[  433.132205][ T8432] vlan1: entered allmulticast mode
[  433.137550][ T8432] veth0_vlan: entered allmulticast mode
[  433.152209][    T8] usb 9-1: config 0 has an invalid interface number: 132 but max is 0
[  433.165407][    T8] usb 9-1: config 0 has no interface number 0
[  433.174083][    T8] usb 9-1: config 0 interface 132 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  433.250230][    T8] usb 9-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  433.264113][    T8] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.273530][    T8] usb 9-1: Product: syz
[  433.277960][    T8] usb 9-1: Manufacturer: syz
[  433.283057][    T8] usb 9-1: SerialNumber: syz
[  433.328610][    T8] usb 9-1: config 0 descriptor??
[  433.337161][ T8418] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  433.384520][    T8] em28xx 9-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  433.394876][    T8] em28xx 9-1:0.132: Video interface 132 found: bulk
[  433.465866][ T8432] vlan1: left allmulticast mode
[  433.473381][ T8432] veth0_vlan: left allmulticast mode
[  433.481727][ T8432] vlan1: left promiscuous mode
[  433.794475][    T8] em28xx 9-1:0.132: unknown em28xx chip ID (0)
[  434.791153][    T8] em28xx 9-1:0.132: failed to trigger write to i2c address 0xa0 (error=-5)
[  434.805958][    T8] em28xx 9-1:0.132: failed to read eeprom (err=-5)
[  434.814655][    T8] em28xx 9-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5]
[  434.881206][    T8] em28xx 9-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  434.889350][    T8] em28xx 9-1:0.132: analog set to bulk mode.
[  434.902542][ T5142] em28xx 9-1:0.132: Registering V4L2 extension
[  434.915400][    T8] usb 9-1: USB disconnect, device number 2
[  434.922813][    T8] em28xx 9-1:0.132: Disconnecting em28xx
[  435.250772][ T8465] loop6: detected capacity change from 0 to 1024
[  435.609849][ T8465] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  435.914106][ T8465] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.701: Invalid block bitmap block 0 in block_group 0
[  435.982125][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.8.703'.
[  436.011413][ T8465] Quota error (device loop6): write_blk: dquota write failed
[  436.019234][ T8465] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  436.035924][ T8465] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.701: Failed to acquire dquot type 0
[  436.091860][ T8465] EXT4-fs error (device loop6): ext4_free_blocks:6589: comm syz.6.701: Freeing blocks not in datazone - block = 0, count = 4096
[  436.146483][ T5142] em28xx 9-1:0.132: Config register raw data: 0xffffffed
[  436.154068][ T5142] em28xx 9-1:0.132: AC97 chip type couldn't be determined
[  436.161543][ T5142] em28xx 9-1:0.132: No AC97 audio processor
[  436.165882][ T8465] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.701: Invalid inode bitmap blk 0 in block_group 0
[  436.201455][ T2985] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-8
[  436.201971][ T5142] usb 9-1: Decoder not found
[  436.210973][ T2985] EXT4-fs error (device loop6): ext4_release_dquot:6961: comm kworker/u8:11: Failed to release dquot type 0
[  436.215523][ T5142] em28xx 9-1:0.132: failed to create media graph
[  436.237690][ T5142] em28xx 9-1:0.132: V4L2 device video103 deregistered
[  436.283794][ T8465] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  436.308731][ T8465] EXT4-fs (loop6): 1 orphan inode deleted
[  436.317937][ T8465] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.383148][ T5142] em28xx 9-1:0.132: Remote control support is not available for this card.
[  436.448077][ T8465] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz.6.701: path /78/file2: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  436.486799][    T8] em28xx 9-1:0.132: Closing input extension
[  436.602879][    T8] em28xx 9-1:0.132: Freeing device
[  436.744160][ T8465] EXT4-fs error (device loop6): ext4_search_dir:1505: inode #2: block 16: comm syz.6.701: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  437.207790][ T8491] trusted_key: syz.7.709 sent an empty control message without MSG_MORE.
[  437.340082][ T6607] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.398143][ T2985] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-8
[  437.408849][ T2985] EXT4-fs error (device loop6): ext4_release_dquot:6961: comm kworker/u8:11: Failed to release dquot type 0
[  438.716407][   T29] audit: type=1326 audit(1733163190.605:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.6.715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396d97ff19 code=0x7fc00000
[  438.951509][   T29] audit: type=1326 audit(1733163190.835:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.6.715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f396d97ff19 code=0x7fc00000
[  438.974230][   T29] audit: type=1326 audit(1733163190.835:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.6.715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396d97ff19 code=0x7fc00000
[  439.000146][   T29] audit: type=1326 audit(1733163190.835:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.6.715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396d97ff19 code=0x7fc00000
[  439.027038][   T29] audit: type=1326 audit(1733163190.835:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.6.715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396d97ff19 code=0x7fc00000
[  439.049713][   T29] audit: type=1326 audit(1733163190.835:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.6.715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396d97ff19 code=0x7fc00000
[  439.471441][ T8530] netlink: 24 bytes leftover after parsing attributes in process `syz.8.718'.
[  440.268673][ T8540] loop9: detected capacity change from 0 to 7
[  440.327443][ T8540] Dev loop9: unable to read RDB block 7
[  440.333883][ T8540]  loop9: AHDI p2 p3
[  440.338148][ T8540] loop9: partition table partially beyond EOD, truncated
[  441.328265][ T8558] loop7: detected capacity change from 0 to 1764
[  441.343843][ T8558] iso9660: Unknown parameter ''
[  441.525625][ T8557] loop6: detected capacity change from 0 to 2048
[  441.580072][ T8565] loop7: detected capacity change from 0 to 164
[  441.711867][ T8565] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  441.861893][ T8567] loop8: detected capacity change from 0 to 1024
[  441.883566][ T8571] syz.5.733[8571] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  441.883971][ T8571] syz.5.733[8571] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  441.926809][ T8571] syz.5.733[8571] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  442.536446][ T8580] loop3: detected capacity change from 0 to 64
[  442.746145][ T8583] loop5: detected capacity change from 0 to 128
[  442.907661][ T8587] loop9: detected capacity change from 0 to 7
[  442.948033][ T8587] Dev loop9: unable to read RDB block 7
[  442.954461][ T8587]  loop9: unable to read partition table
[  442.997950][ T8587] loop9: partition table beyond EOD, truncated
[  443.004797][ T8587] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[  443.485199][ T8583] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  443.610293][ T8583] ext4 filesystem being mounted at /114/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  444.066031][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.066031][ T4110] loop3: rw=1, sector=65, nr_sectors = 1 limit=64
[  444.079736][ T4110] Buffer I/O error on dev loop3, logical block 65, lost async page write
[  444.088693][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.088693][ T4110] loop3: rw=1, sector=66, nr_sectors = 1 limit=64
[  444.102361][ T4110] Buffer I/O error on dev loop3, logical block 66, lost async page write
[  444.116140][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.116140][ T4110] loop3: rw=1, sector=67, nr_sectors = 1 limit=64
[  444.131058][ T4110] Buffer I/O error on dev loop3, logical block 67, lost async page write
[  444.139769][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.139769][ T4110] loop3: rw=1, sector=68, nr_sectors = 1 limit=64
[  444.153579][ T4110] Buffer I/O error on dev loop3, logical block 68, lost async page write
[  444.162440][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.162440][ T4110] loop3: rw=1, sector=72, nr_sectors = 1 limit=64
[  444.176131][ T4110] Buffer I/O error on dev loop3, logical block 72, lost async page write
[  444.184982][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.184982][ T4110] loop3: rw=1, sector=73, nr_sectors = 1 limit=64
[  444.198687][ T4110] Buffer I/O error on dev loop3, logical block 73, lost async page write
[  444.207514][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.207514][ T4110] loop3: rw=1, sector=76, nr_sectors = 1 limit=64
[  444.225277][ T4110] Buffer I/O error on dev loop3, logical block 76, lost async page write
[  444.235261][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.235261][ T4110] loop3: rw=1, sector=77, nr_sectors = 1 limit=64
[  444.248970][ T4110] Buffer I/O error on dev loop3, logical block 77, lost async page write
[  444.258349][ T4110] kworker/u8:22: attempt to access beyond end of device
[  444.258349][ T4110] loop3: rw=1, sector=78, nr_sectors = 88 limit=64
[  445.233902][ T6414] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  445.614458][ T8620] loop3: detected capacity change from 0 to 2048
[  445.806775][ T8620] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  445.874043][ T8630] 9pnet: p9_errstr2errno: server reported unknown error �1 g;-�~	
[  445.918483][ T8620] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  446.111888][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.8.751'.
[  446.121354][ T8635] netlink: 'syz.8.751': attribute type 1 has an invalid length.
[  446.441663][ T8640] loop6: detected capacity change from 0 to 1
[  446.481786][ T8640] Dev loop6: unable to read RDB block 1
[  446.487926][ T8640]  loop6: unable to read partition table
[  446.541677][ T8640] loop6: partition table beyond EOD, truncated
[  446.548317][ T8640] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  446.548317][ T8640] 
) failed (rc=-5)
[  448.473626][ T8673] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  448.483801][ T8673] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  448.498469][ T8669] loop7: detected capacity change from 0 to 512
[  448.687440][ T8669] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.701262][ T8669] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  448.942742][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  448.942823][   T29] audit: type=1800 audit(1733163200.815:50): pid=8683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.764" name="file2" dev="loop7" ino=16 res=0 errno=0
[  448.970422][   T29] audit: type=1800 audit(1733163200.835:51): pid=8669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.764" name="file1" dev="loop7" ino=15 res=0 errno=0
[  449.083487][ T8680] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.372527][ T8680] bridge_slave_1 (unregistering): left allmulticast mode
[  449.380045][ T8680] bridge_slave_1 (unregistering): left promiscuous mode
[  449.387636][ T8680] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.977011][ T7137] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.444977][ T8701] loop6: detected capacity change from 0 to 256
[  451.011922][ T8701] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  451.462125][ T8701] exFAT-fs (loop6): start_clu is invalid cluster(0xffffffff)
[  452.186778][ T8728] netlink: 4 bytes leftover after parsing attributes in process `syz.6.781'.
[  452.437107][ T8726] loop3: detected capacity change from 0 to 1764
[  452.887660][ T8737] loop9: detected capacity change from 0 to 7
[  452.962189][ T8737] Dev loop9: unable to read RDB block 7
[  452.968137][ T8737]  loop9: unable to read partition table
[  452.997593][ T8737] loop9: partition table beyond EOD, truncated
[  453.005176][ T8737] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[  453.233384][    T8] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  453.682408][    T8] usb 8-1: Using ep0 maxpacket: 32
[  453.891010][    T8] usb 8-1: config 0 has an invalid interface number: 67 but max is 0
[  453.899536][    T8] usb 8-1: config 0 has no interface number 0
[  453.951331][    T8] usb 8-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  453.960893][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.969188][    T8] usb 8-1: Product: syz
[  453.973769][    T8] usb 8-1: Manufacturer: syz
[  453.978625][    T8] usb 8-1: SerialNumber: syz
[  454.040691][    T8] usb 8-1: config 0 descriptor??
[  454.084462][    T8] smsc95xx v2.0.0
[  454.486193][    T8] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  454.497371][    T8] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  454.990931][ T8761] loop5: detected capacity change from 0 to 24
[  455.124545][    T8] smsc95xx 8-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  455.137155][    T8] smsc95xx 8-1:0.67: probe with driver smsc95xx failed with error -71
[  455.197954][    T8] usb 8-1: USB disconnect, device number 5
[  455.573857][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.799'.
[  456.729107][ T8779] loop7: detected capacity change from 0 to 4096
[  456.742378][ T8779] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  456.904295][ T8779] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  457.094438][    T8] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  457.293034][    T8] usb 7-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4
[  457.303390][    T8] usb 7-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0
[  457.313135][    T8] usb 7-1: Manufacturer: syz
[  457.357374][    T8] usb 7-1: config 0 descriptor??
[  457.798324][    T8] gs_usb 7-1:0.0: Configuring for 1 interfaces
[  458.137060][ T8806] loop3: detected capacity change from 0 to 256
[  458.287159][ T8808] loop8: detected capacity change from 0 to 128
[  458.440768][ T5841] usb 7-1: USB disconnect, device number 6
[  458.456004][ T8808] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  458.573609][ T8808] ext4 filesystem being mounted at /29/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  458.795788][ T5142] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  458.957929][ T8824] loop3: detected capacity change from 0 to 512
[  459.047221][ T5142] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  459.058734][ T5142] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  459.080348][ T8024] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  459.101823][ T5142] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  459.111390][ T5142] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  459.119659][ T5142] usb 8-1: SerialNumber: syz
[  459.203971][ T8824] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.218027][ T8824] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  459.388581][ T5142] usb 8-1: 0:2 : does not exist
[  459.482043][ T8830] loop8: detected capacity change from 0 to 1024
[  459.564176][ T5142] usb 8-1: USB disconnect, device number 6
[  459.565941][ T8830] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  459.911619][ T4291] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  459.915462][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.967929][ T4291] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  459.983406][ T4291] EXT4-fs (loop8): This should not happen!! Data will be lost
[  459.983406][ T4291] 
[  459.998735][ T4291] EXT4-fs (loop8): Total free blocks count 0
[  460.007125][ T4291] EXT4-fs (loop8): Free/Dirty block details
[  460.016175][ T4291] EXT4-fs (loop8): free_blocks=68451041280
[  460.023284][ T4291] EXT4-fs (loop8): dirty_blocks=16
[  460.028633][ T4291] EXT4-fs (loop8): Block reservation details
[  460.035268][ T4291] EXT4-fs (loop8): i_reserved_data_blocks=1
[  460.051751][ T8024] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  460.526413][ T8853] loop8: detected capacity change from 0 to 256
[  460.764021][ T8853] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  460.777557][ T8853] exFAT-fs (loop8): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  461.063178][ T5841] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  461.273262][ T5841] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  461.282736][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.291309][ T5841] usb 4-1: Product: syz
[  461.295708][ T5841] usb 4-1: Manufacturer: syz
[  461.300721][ T5841] usb 4-1: SerialNumber: syz
[  461.369955][ T5841] usb 4-1: config 0 descriptor??
[  461.839650][ T5841] usb 4-1: Firmware: major: 0, minor: 115, hardware type: UNKNOWN (121)
[  462.044664][ T5841] usb 4-1: failed to fetch extended address, random address set
[  462.053052][ T5841] usb 4-1: atusb_probe: initialization failed, error = -524
[  462.061500][ T5841] atusb 4-1:0.0: probe with driver atusb failed with error -524
[  462.115420][ T5841] usb 4-1: USB disconnect, device number 5
[  462.570865][ T5841] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  462.747388][ T5841] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  462.764265][ T5841] usb 6-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0xFD, changing to 0x8D
[  462.776154][ T5841] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.790774][ T5142] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  462.885056][ T5841] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  462.895525][ T5841] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.904714][ T5841] usb 6-1: Product: syz
[  462.909141][ T5841] usb 6-1: Manufacturer: syz
[  462.914358][ T5841] usb 6-1: SerialNumber: syz
[  463.100948][ T8889] loop6: detected capacity change from 0 to 1024
[  463.116218][ T5142] usb 8-1: Using ep0 maxpacket: 8
[  463.246131][ T5142] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  463.257454][ T5142] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  463.273085][ T5142] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  463.285554][ T5142] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  463.346140][ T8889] loop6: detected capacity change from 0 to 128
[  463.368978][ T5142] usb 8-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  463.378950][ T5142] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.387501][ T5142] usb 8-1: Product: syz
[  463.392181][ T5142] usb 8-1: Manufacturer: syz
[  463.397070][ T5142] usb 8-1: SerialNumber: syz
[  463.459091][ T5142] usb 8-1: config 0 descriptor??
[  463.513017][ T5142] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input8
[  464.025670][ T5841] cdc_ncm 6-1:1.0: bind() failure
[  464.075102][ T5841] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[  464.192591][ T5841] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[  464.218385][ T5841] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[  464.235953][ T5841] usb 6-1: USB disconnect, device number 3
[  464.261428][ T5142] rc_core: IR keymap rc-imon-pad not found
[  464.268547][ T5142] Registered IR keymap rc-empty
[  464.275913][ T5142] imon 8-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  464.292811][ T5142] imon 8-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  464.493604][ T5142] rc rc0: iMON Remote (15c2:003b) as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0
[  464.518588][ T5142] input: iMON Remote (15c2:003b) as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input9
[  464.555745][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.564432][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.576567][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.585025][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.595747][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.605120][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.613459][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.621941][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.630256][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.639706][ T5142] imon 8-1:0.0: iMON device (15c2:003b, intf0) on usb<8:7> initialized
[  464.648589][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.649207][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.649829][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.658175][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.658780][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.667241][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.667850][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.676215][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.676832][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.685440][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.686045][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.694388][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.709351][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.709965][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.718457][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.719063][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.727585][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.728198][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.736538][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.737153][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.745590][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.746195][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.754573][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.755179][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.763538][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.764137][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.772598][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.773197][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.781527][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.782136][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.790393][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.790990][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.791598][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.799821][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.815076][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.815684][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.824072][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.824685][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.877249][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.878404][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  464.878658][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  464.879685][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.888063][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.888689][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.897134][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.897747][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.911402][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.913358][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.921843][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.922447][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.930928][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.931545][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.939845][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.940479][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.956961][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.957584][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.966018][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.966624][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.975058][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.975647][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.984045][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.984647][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.993231][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  464.993814][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.002188][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.017382][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.018009][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.026447][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.027054][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.035419][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.036033][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.044535][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.045155][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.053635][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.054242][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.062627][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.063228][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.071693][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.072290][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.079109][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.079722][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.086609][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.087229][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.095654][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.096245][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.104615][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.112182][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.120454][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.129054][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.129674][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.138048][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.138665][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.147107][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.147760][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.156164][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.156761][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.165061][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.165684][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.174163][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.174776][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.183121][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.183732][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.192144][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.192753][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.201093][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.201703][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.209978][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.225119][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.225731][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.234212][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.234832][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.243283][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.243897][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.252306][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.252926][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.261334][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.261942][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.270196][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.278691][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.279297][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.287690][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.288292][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.296793][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.297399][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.305832][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.306429][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.317268][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.332436][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.333053][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.341464][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.342062][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.350310][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.358949][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.359568][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.367966][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.368568][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.376983][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.377587][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.385998][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.386608][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.396764][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.397377][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.405769][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.406377][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.414813][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.429736][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.430379][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.438882][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.439493][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.447880][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.448493][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.456884][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.457466][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.465808][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.466412][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.474928][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.475522][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.483864][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.484469][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.492859][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.493475][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.501820][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.502413][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.510830][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.511450][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.519682][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.535037][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.535654][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.544031][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.544640][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.553009][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.553616][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.561999][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.562610][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.570972][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.571573][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.579863][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.580483][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.581119][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.589402][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.590025][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.598471][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.599078][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.607468][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.608092][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.616436][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.640028][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.642423][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.650852][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.651454][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.659731][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.660352][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.660991][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.669231][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.669841][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.678245][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.678857][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.687232][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.687843][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.696266][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.696877][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.705262][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.705866][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.714293][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.714887][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.723235][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.738231][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.738876][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.747313][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.747929][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.756317][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.756927][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.765294][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.765904][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.774367][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.774977][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.783316][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.783934][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.792330][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.792951][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.801248][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.801825][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.810113][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.810778][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.819067][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.835568][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.836179][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.844557][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.845167][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.853589][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.854194][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.862582][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.863172][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.872338][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.872965][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.881311][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.881924][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.890185][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.890906][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.891525][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.899759][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.900377][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.901022][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.909292][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.909896][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.918226][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.918825][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.919838][ T8910] loop5: detected capacity change from 0 to 256
[  465.927192][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  465.934317][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.885510][    C0] vkms_vblank_simulate: vblank timer overrun
[  466.898978][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.908097][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.916469][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.924797][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.933097][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.941429][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.954399][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.963007][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.971334][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.979654][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.988061][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  466.997446][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.005776][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.014262][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.022596][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.030922][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.039240][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.047983][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.059554][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.068712][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.077111][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.085414][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.093706][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.101984][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.102748][ T8912] loop7: detected capacity change from 0 to 1024
[  467.110197][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.126132][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.134545][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.142892][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.153921][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.162999][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.171361][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.179702][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.188082][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.196509][    C0] imon 8-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
[  467.204646][ T5142] usb 8-1: USB disconnect, device number 7
[  467.298982][    T8] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  467.325796][ T8914] loop3: detected capacity change from 0 to 1024
acpid: input device has been disconnected, fd 10
acpid: input device has been disconnected, fd 11
[  467.470092][ T8914] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  467.474934][    T8] usb 7-1: Using ep0 maxpacket: 32
[  467.508797][    T8] usb 7-1: device descriptor read/all, error -71
[  467.508916][ T8912] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  467.536313][ T8910] FAT-fs (loop5): Directory bread(block 64) failed
[  467.543424][ T8910] FAT-fs (loop5): Directory bread(block 65) failed
[  467.550321][ T8910] FAT-fs (loop5): Directory bread(block 66) failed
[  467.557320][ T8910] FAT-fs (loop5): Directory bread(block 67) failed
[  467.569546][ T8910] FAT-fs (loop5): Directory bread(block 68) failed
[  467.576503][ T8910] FAT-fs (loop5): Directory bread(block 69) failed
[  467.583583][ T8910] FAT-fs (loop5): Directory bread(block 70) failed
[  467.590368][ T8910] FAT-fs (loop5): Directory bread(block 71) failed
[  467.597412][ T8910] FAT-fs (loop5): Directory bread(block 72) failed
[  467.604342][ T8910] FAT-fs (loop5): Directory bread(block 73) failed
[  467.931189][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.540233][ T8937] loop6: detected capacity change from 0 to 512
[  468.557292][ T7137] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.655064][ T8937] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.862: corrupted in-inode xattr: invalid ea_ino
[  468.722475][ T8937] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.862: couldn't read orphan inode 15 (err -117)
[  468.742212][ T8937] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  468.901687][ T8937] syz.6.862 (pid 8937) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  468.903972][ T8943] loop7: detected capacity change from 0 to 16
[  468.980933][ T8943] erofs (device loop7): mounted with root inode @ nid 36.
[  469.723959][ T8955] loop5: detected capacity change from 0 to 128
[  469.786354][ T6607] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.956069][    C0] Dead loop on virtual device ipvlan1, fix it urgently!
[  470.017751][ T8955] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  470.105477][ T8955] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  470.897490][ T6414] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  471.900845][ T5841] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  472.032244][ T5799] Bluetooth: hci4: command 0x0406 tx timeout
[  472.077723][ T5841] usb 6-1: config 0 has no interfaces?
[  472.084485][ T5841] usb 6-1: New USB device found, idVendor=1668, idProduct=0323, bcdDevice=5f.ca
[  472.093925][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.106359][ T5841] usb 6-1: config 0 descriptor??
[  472.223061][ T8964] loop8: detected capacity change from 0 to 32768
[  472.345273][ T5841] usb 6-1: USB disconnect, device number 4
[  472.371182][ T8964] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  472.562165][ T8964] overlayfs: upper fs does not support tmpfile.
[  472.616319][ T8964] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  472.673290][ T8964] overlayfs: upper fs missing required features.
[  473.100095][ T9001] loop3: detected capacity change from 0 to 32768
[  473.182160][ T9001] JBD2: Ignoring recovery information on journal
[  473.205456][ T9001] jbd2_journal_bmap: journal block not found at offset 64 on loop3-27
[  473.214038][ T9001] JBD2: bad block at offset 64
[  473.252242][ T9007] loop7: detected capacity change from 0 to 1024
[  473.300740][ T9001] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  473.436799][ T8024] ocfs2: Unmounting device (7,8) on (node local)
[  473.520790][ T5785] ocfs2: Unmounting device (7,3) on (node local)
[  473.772578][   T34] hfsplus: b-tree write err: -5, ino 4
[  473.874252][ T9014] netlink: 12 bytes leftover after parsing attributes in process `syz.6.894'.
[  473.899337][ T9014] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  473.914643][ T9014] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  473.925170][ T9014] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  473.934484][ T9014] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  473.943784][ T9014] vxlan0: entered promiscuous mode
[  474.770050][ T9022] loop8: detected capacity change from 0 to 128
[  474.887128][ T9026] loop3: detected capacity change from 0 to 16
[  474.903972][ T9022] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  474.970033][ T9026] erofs (device loop3): mounted with root inode @ nid 36.
[  474.971206][ T9022] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  475.543434][ T8024] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  475.738536][ T9041] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.846777][ T9039] loop5: detected capacity change from 0 to 4096
[  475.926435][ T9039] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  475.994978][ T9041] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.252737][ T9041] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.590320][ T9041] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.827542][ T9041] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.853615][ T9041] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  476.890151][ T9041] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  476.917640][ T9041] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  479.003488][    T8] libceph: connect (1)[c::]:6789 error -101
[  479.009887][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  479.305752][    T8] libceph: connect (1)[c::]:6789 error -101
[  479.312442][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  479.433169][    T8] kernel write not supported for file bpf-prog (pid: 8 comm: kworker/0:0)
[  479.461654][ T9073] ceph: No mds server is up or the cluster is laggy
[  480.610029][ T9113] loop7: detected capacity change from 0 to 512
[  480.649607][ T9116] loop3: detected capacity change from 0 to 512
[  480.684799][ T9113] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  480.903929][ T9113] EXT4-fs (loop7): 1 truncate cleaned up
[  480.914425][ T9113] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  480.929667][ T9116] EXT4-fs (loop3): 1 truncate cleaned up
[  480.937366][ T9116] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  481.261007][ T5839] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  481.411970][ T9127] loop6: detected capacity change from 0 to 1024
[  481.428923][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.464140][ T5839] usb 6-1: Using ep0 maxpacket: 16
[  481.518573][ T5839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.530939][ T5839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  481.544197][ T5839] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  481.558386][ T5839] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  481.568501][ T5839] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.603537][ T7137] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.652997][ T5839] usb 6-1: config 0 descriptor??
[  481.762946][ T9131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.935'.
[  481.964800][ T3751] hfsplus: b-tree write err: -5, ino 4
[  482.129897][ T5839] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  482.137493][ T5839] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  482.145015][ T5839] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  482.152509][ T5839] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  482.159799][ T5839] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  482.189300][ T5839] input: HID 0955:7214 Haptics as /devices/virtual/input/input10
[  482.346382][ T9141] loop6: detected capacity change from 0 to 2048
[  482.372838][ T5839] shield 0003:0955:7214.0007: Registered Thunderstrike controller
[  482.381968][ T5839] shield 0003:0955:7214.0007: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.5-1/input0
[  482.399492][ T9121] random: crng reseeded on system resumption
[  482.491591][ T9141] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  482.606055][ T5841] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  482.628907][ T5839] usb 6-1: USB disconnect, device number 5
[  482.640346][ T9141] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  482.682991][ T5841] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  482.694690][ T5841] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  482.706338][ T5841] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  483.281465][ T9158] loop8: detected capacity change from 0 to 256
[  483.325754][ T9158] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  483.497532][ T9158] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[  483.507878][ T9158] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  483.516234][ T9158] UDF-fs: Scanning with blocksize 512 failed
[  483.581360][ T9158] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  483.765737][ T9158] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  484.441400][ T9165] loop7: detected capacity change from 0 to 32768
[  484.474382][ T9165] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.951 (9165)
[  484.511300][ T9165] BTRFS info (device loop7): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  484.522272][ T9165] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[  484.532484][ T9165] BTRFS info (device loop7): using free-space-tree
[  485.326303][ T7137] BTRFS info (device loop7): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  485.871477][ T9210] random: crng reseeded on system resumption
[  486.842663][ T9222] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  487.087739][ T9224] binder: 9223:9224 ioctl c0306201 20000580 returned -14
[  487.296413][ T9232] kmsan_internal_set_shadow_origin: not memsetting 24 bytes starting at ffff88811a800060, because the shadow is NULL
[  487.304418][ T3751] =====================================================
[  487.309442][ T9232] ------------[ cut here ]------------
[  487.316103][ T3751] BUG: KMSAN: uninit-value in batadv_nc_worker+0x2b4/0x19e0
[  487.321554][ T9232] WARNING: CPU: 1 PID: 9232 at mm/kmsan/core.c:211 kmsan_internal_set_shadow_origin+0xc6/0x100
[  487.332802][ T3751]  batadv_nc_worker+0x2b4/0x19e0
[  487.339515][ T9232] Modules linked in:
[  487.346136][ T3751]  process_scheduled_works+0xae0/0x1c40
[  487.348986][ T9232] CPU: 1 UID: 0 PID: 9232 Comm: syz.3.971 Tainted: G        W          6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  487.354792][ T3751]  worker_thread+0xea7/0x14f0
[  487.366823][ T9232] Tainted: [W]=WARN
[  487.366880][ T9232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  487.371639][ T3751]  kthread+0x3e2/0x540
[  487.375496][ T9232] RIP: 0010:kmsan_internal_set_shadow_origin+0xc6/0x100
[  487.385703][ T3751]  ret_from_fork+0x6d/0x90
[  487.389813][ T9232] Code: 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 c7 c7 00 e4 0a 91 48 c7 c6 4c e4 0a 91 4c 89 e2 4c 89 f1 e8 6b 23 ac fe 90 <0f> 0b 90 c6 05 2d 86 a9 0f 00 83 3d 29 86 a9 0f 00 74 c0 90 0f 0b
[  487.396883][ T3751]  ret_from_fork_asm+0x1a/0x30
[  487.401397][ T9232] RSP: 0018:ffff88811a7fff30 EFLAGS: 00010292
[  487.401535][ T9232] RAX: 0000000000000072 RBX: 00000000ffffffff RCX: 0000000000000000
[  487.421415][ T3751] 
[  487.426061][ T9232] RDX: 0000000000000000 RSI: 0000000000007ed6 RDI: 0000000000007ed7
[  487.426158][ T9232] RBP: ffff88811a7fff60 R08: ffffffff8186b4e6 R09: 0000000000000004
[  487.426265][ T9232] R10: ffff888237e04a4c R11: ffffffff86f793f0 R12: 0000000000000018
[  487.426369][ T9232] R13: 00000000032e02e6 R14: ffff88811a800060 R15: 0000000000000246
[  487.426480][ T9232] FS:  00007f30c01f16c0(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[  487.426614][ T9232] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  487.426715][ T9232] CR2: 0000000020000100 CR3: 0000000126726000 CR4: 00000000003526f0
[  487.426821][ T9232] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  487.426913][ T9232] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  487.427011][ T9232] Call Trace:
[  487.427058][ T9232] ---[ end trace 0000000000000000 ]---
[  487.427296][ T9232] ------------[ cut here ]------------
[  487.433530][ T3751] Local variable args created at:
[  487.441341][ T9232] kernel BUG at mm/kmsan/core.c:211!
[  487.441402][ T9232] Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI
[  487.443682][ T3751]  vmcoreinfo_append_str+0xb2/0x3c0
[  487.451652][ T9232] CPU: 1 UID: 0 PID: 9232 Comm: syz.3.971 Tainted: G        W          6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  487.451711][ T9232] Tainted: [W]=WARN
[  487.459646][ T3751]  crash_save_vmcoreinfo_init+0x675/0x12b0
[  487.467694][ T9232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  487.467718][ T9232] RIP: 0010:kmsan_internal_set_shadow_origin+0xda/0x100
[  487.475811][ T3751] 
[  487.484620][ T9232] Code: e4 0a 91 48 c7 c6 4c e4 0a 91 4c 89 e2 4c 89 f1 e8 6b 23 ac fe 90 0f 0b 90 c6 05 2d 86 a9 0f 00 83 3d 29 86 a9 0f 00 74 c0 90 <0f> 0b 90 0f 0b 90 c6 05 16 86 a9 0f 00 83 3d 12 86 a9 0f 00 0f 84
[  487.484663][ T9232] RSP: 0018:ffff88811a7fff30 EFLAGS: 00010202
[  487.484697][ T9232] RAX: 0000000000000072 RBX: 00000000ffffffff RCX: 0000000000000000
[  487.491325][ T3751] CPU: 0 UID: 0 PID: 3751 Comm: kworker/u8:16 Tainted: G        W          6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  487.499233][ T9232] RDX: 0000000000000000 RSI: 0000000000007ed6 RDI: 0000000000007ed7
[  487.507244][ T3751] Tainted: [W]=WARN
[  487.515149][ T9232] RBP: ffff88811a7fff60 R08: ffffffff8186b4e6 R09: 0000000000000004
[  487.515182][ T9232] R10: ffff888237e04a4c R11: ffffffff86f793f0 R12: 0000000000000018
[  487.518466][ T3751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  487.523907][ T9232] R13: 00000000032e02e6 R14: ffff88811a800060 R15: 0000000000000246
[  487.523938][ T9232] FS:  00007f30c01f16c0(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000
[  487.529607][ T3751] Workqueue: bat_events batadv_nc_worker
[  487.534402][ T9232] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  487.534438][ T9232] CR2: 0000000020000100 CR3: 0000000126726000 CR4: 00000000003526f0
[  487.534470][ T9232] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  487.534496][ T9232] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  487.534522][ T9232] Call Trace:
[  487.534535][ T9232] Modules linked in:
[  487.534614][ T9232] ---[ end trace 0000000000000000 ]---
[  487.534636][ T9232] RIP: 0010:kmsan_internal_set_shadow_origin+0xda/0x100
[  487.539890][ T3751] 
[  487.539900][ T3751] =====================================================
[  487.546325][ T9232] Code: e4 0a 91 48 c7 c6 4c e4 0a 91 4c 89 e2 4c 89 f1 e8 6b 23 ac fe 90 0f 0b 90 c6 05 2d 86 a9 0f 00 83 3d 29 86 a9 0f 00 74 c0 90 <0f> 0b 90 0f 0b 90 c6 05 16 86 a9 0f 00 83 3d 12 86 a9 0f 00 0f 84
[  487.546366][ T9232] RSP: 0018:ffff88811a7fff30 EFLAGS: 00010202
[  487.551610][ T3751] Kernel panic - not syncing: kmsan.panic set ...
[  487.563865][ T3751] Kernel Offset: disabled