last executing test programs:

7.928526216s ago: executing program 2 (id=1048):
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1f"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

7.789320333s ago: executing program 2 (id=1051):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200f1ff8500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00'}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x7, 0xd2, [@loopback]}, @timestamp={0x7, 0xc, 0x5, 0x0, 0x0, [0x0, 0x0]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="180000001600156f000000000000005000", @ANYRES32=0x0], 0x18}}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x400, &(0x7f0000000000)={[{@errors_continue}, {@nojournal_checksum}, {@abort}]}, 0x1, 0x617, &(0x7f0000000100)="$eJzs3c1vFOUfAPDvbLfvv58txKh4kCbGQKK0tIIhxkS4E4IvN71UWghSKKE1WiSxJHgxGi8eTDx5EP8KlcSr/4AHL54MCTGGgxgia2Y7U6YvW/q2O6X7+SRD55nZnec70C/Ps88+MxNA2xpK/6hE7IuIy0nEQGFfNbKdQwuvu/vXtTPpkkSt9tafSVz7JJkvHivJfu7J3vzvQCTp2/eO/bCi3pm5qxfGp6Ymr2TlkdmLl0dm5q4eOn9x/NzkuclLY6+MHTt65Oix0cNbP7/MyRvvfzjw2al3vvvmfjL6/W+nkjgeDzoW9qXntfy93VuqOa17KGoL7hW3p3+vx7Z47J3i74H89yTXG0m1tHDYoLPZ72NnRDwdA9FR+NcciE/fKDU4oKlqSeRtFNB2kk3lf8/2BwK0WN4PyD/br/Y5eKVKk3slQCvcObEwALCQ+50Rked/NRs766mPDfTdTZaM8yQRsbWRuQVpHb/8fOpGukSDcTigOeavd2fj9svb/6Sem4PRUy/13a0syf9KYUm3v7nJ+oeWleU/tM789Yh4Jmv/u2JD+T9UyP/3Nlm//AcAAAAAAIDtc+tERLy02vy/yuL8n65V5v/0R8Txbaj/0d//VW5nK8k2VAcU3DkR8dqq838X5/gOdmSl/9fnA3QmZ89PTR6OiCci4mB0dqfl0WXHLc4QPvTF3q8LxVrxdcX5f+mS1p/PBcyOdLu67ELcifHZ8e04d2h3d65HPFuf/7s/27J0/k/a/iertP9pfl9eZx17X7h5utG+R+c/0Cy1byMOrNr+P+xuJ2vfn2Ok3h8YyXsFuYc9gOc+/vLHRvXLfyhP2v73rZ3/3Unxfj0zGzt+V0S8PFetNdq/2f5/V/J2R3781Efjs7NXRiO6kpMrt49tLGbYrfJ8yPMlzf+Dz689/rfY/y/kYW9EzC8/eIMRuqce9P9eKC7JZu0/lCfN/4m12//Bpe3/xlfGbg7+1Kj+0+tq/4/U2/SD2Rbjf1C08n4c603QUsIFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdcJSL+F0lleHG9UhkejuiPiCejrzI1PTP74tnpDy5NpPvqz/+v5E/6HVgoJ/nz/wcL5bGl5d60rj0R8VVHb33/8JnpqYmyTx4AAAAAAAAAAAAAAAAAAAB2iP76Nf+17uXX/6f+6Cg7OqDpqtlP+Q7tJ8v/z9/d8Dtr3dsfDdBK1bIDAEqz/vzvbGocQOs1zv9792t1LQ0HaCH9f2hfm8x/XxfALqD9h3a1zjG9nmbHAZRB+w8AAAAAALvKnv23fk0iYv7V3vqS6sr2mewPu1ul7ACA0pjDC+2rOl12BEBZfMYHksW1f1a92L/x7P+kOQEBAAAAAAAAAAAAACsc2Of6f2hXa1//b24/7GZrXP9fT/7qul8OPG4aP/pD2w+73Rqf8T3wC9rEo1p71/8DAAAAAAAAAAAAwA7Qc/XC+NTU5JWZucdv5fWdEcbGVubHd0QYW13pjYjFLQ+aU1dnRJR/pmWs5LfgKDGMkv9fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFv0XAAD//wAZJ4w=")

7.305000932s ago: executing program 2 (id=1057):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000002a00)="0b1c6840a936a0e377c392a7a3b38e1d", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f00000021c0)=[{0x0, 0x0, 0x0}], 0x1, 0x8800)
recvmmsg(r2, &(0x7f0000003a40)=[{{0x0, 0x0, &(0x7f0000002080)=[{&(0x7f0000000a80)=""/111, 0x70}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000c00)=[{0x0, 0x0, 0x0}], 0x1, 0x0)

7.069230332s ago: executing program 2 (id=1060):
io_setup(0x8, &(0x7f0000000000)=<r0=>0x0)
r1 = eventfd2(0x0, 0x80800)
io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000140)="d1f7624a6b0e53c3", 0x8}])

6.776493179s ago: executing program 2 (id=1061):
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, 0xd, 0x6, 0x201}, 0x34}}, 0x800)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', <r8=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
sendmmsg$unix(r9, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000500)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r7, 0x401, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r5}, 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000a40)={0xb8, 0x0, 0x0, [{{}, {0x0, 0x0, 0xe, 0x0, '9p\a\n\x11\xe5\xdc\xe7(\xb7\x14\x95b\x06'}}]}, 0xb8)
r13 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r13, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r13, &(0x7f0000001080)="61c58ba424fdd3b9fdd3f03acc190876b30ce8a26e2f78511cf633fc87454dc83cc5af45458454252d036ada5bc7362ba356c3db9c12cbbd6b5f386c95805571ecb63504e0896914fe8a159ceb11b2f8176b6fc5869e996bcfd762d30f7cf621e35a4e85d7c514ec55363dbf8b20c7e5e97520111b3b69cb1094115bd660d3ff7854f95a4ccfa65e0a28c76980b184484fd23c60ecdbb8aca14f7126b873200e29231e9fe8d2c2ccea3ecbe397aa19b1e97b893dcdc49947dd1b7a3680b3fde9ad044ba044cfd829e22e1de0dcafa9025b2e806f7b7c49a4fe7684b48714711ae14ddd808e78aaf555d0bef2a8c6b05fac9e5df95909ddc3a0b7cdbc821d0124137ecc85194ab0c8bf18b01baf33667fe75212e79fd28349287452ed838d6d042b51c572d891d2e943d07a6ee8ddcca8d75ccc84f8b5e0b0fe21d84bb026b0deddbd0b9ae9c73f73bd5c77984515d705aa969f78645cac29f8c7f3084d7c2ad1ff1defbf1b102aeee0c22315a91d8ff2d6ffcc50377d8280132a9bd571187eec4546b3fbfff39463b765b00410d11f65d40b1ccc594da35888ca9a854f27d9a38b38bc65c34ef40ac854077a18fc7ad1f6b5820a62ba1a22440255289fdfc749ffaec3cd63febd93475aaffdae4dbeb4c81af5892e8571c2f8a5892fd2983326fb749119864eb1d406a424811092d5d91a08d8dd2062c4fc7750016e0237dee14cd670438e650e7e996c17970145a0449a994071bc4211c025c868dc06d7c937b0266c07b1c2798aca2c3315d678374659f1c48180d290d308c27608b4452739bc0cd3898a45b325d3c474cef486f064f046af2646c785565f4680ff88d09138cb363ac3763716a9fde901bf2255f2dddee8c05def936146e513bfab5af7e6ccb7854511d58ba2af847d04f79da843224208224f0ecbb0ffc3f0d2468466420b1c090ffc55c361a1e29d668596021ff10ffafe42045dbac4e22a2717f60f1e5e2b453a59cf77a66f5881c2e04967c5b1bf1fc0de08cdc9ce2758b6855e824c3609c1754259d5e47cebc00f09e156e083f837d47ef53efb522477cbddf430a1fffd38a7c0b0e22faf3b423499191be9c85cd6133d0728acec9a13a3974aff2f4e48e63a8540956cf4ef43a8448cafd924653195e884fa6677014ee1ba2a48931993377252f92bc7e6a3c6b51ecf64a5d3d71a062c93680954dda080f6ebf6ab04e3bdccc870f78f446f0f612f33ef50788add1dda95f9813e1e4fd6854d8f591e2ea35a99efc27da5176081a888279fbd29840a3dc7b53ca1d05dc9b41d4d8721e04da20c164d3f6e5c3b88175c5b6ceda2bb82735801ed5a69d6a6b302c0d31f0efeba19532e4b9a860540d1358602f55ef89572d752f7ba9af45733f9c8530af8721bc0d19d308134d85cc7577ee72141258ece8ffc2e6c4685455f30bafa6bbbb59d98cdea48c4a62cf1e3da6f0197b57f43097aca0573b2906bd379e065e8771fa3773bc5bcf447491151e408b3f7683d70690ab257649978737bdcc0d5d498f74b1c3735cf6d1c25cff14d0021ae216c1493b4be283e36a535b756ae45f1aa475e9491a2e6a2c0f537823c8b3a469e232f880b81b8b50cd7ec6706fc26009ef7e5ce9d0e844b6a5165adfe84d6b310f225db6b809585688d6936edaf615cc9fc0e94837adb0f65452bbe3b0eb178688f74e9d39ba49eb4dd3a11e8ee933723dc7ef8ab6eabea446b95c808f59eb207cf5caaadb57431ad46b09bc81b52b97ba30a6afd79017b389eebf4dc3dea96131ac2298c829df471061fe12d998a032b5121e392f09e110aad0bdc6150ac0966baf7a1f687ae2beece43e7f3f9cd2cdcf0d91380213a5df57471b43a3e92240737feac440594e44dfdcf70d3313fbcb9de80c93eef2f4224a98254d2bd44ce0c6d76405a3287f3e4e702c421eeff1ee7c82cc475e46e63816a3f4ed33f76a1c8bd8565bd3e8e80b6648c81816bd9822cd8a86f1e7776a7f9b51c7917e0218b3234df6ac9038585994b0c90f5919d6aea83451f063266384c1dab389a92833877cf29a2fd8dceb9b0e63b16b4e61395363458e4e163df13ae160c6d0038661d1541b713f22dacc93a1bf0e2586213cc5661684c6c2a5a8b912fee38c268d87c3e85e1d120391bd2d801530942645fcae4b627d876cbf0f92ffa1e7b3c99862cbeadc57ae57f4b07e7b0600e9d356fbb0821d34bcf422235302fa0796ef5ee2b257262b06578dbd4514da86a7c8e488a9722f8d0497586c8bcaac526eebb5381e148ac0fc66d5c76c86a08b30fcc290084a906432aa3f72e20d6cbdd332386b49e2ad2a78f7b5820f4", 0x679, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r14, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000082731b4c85000000030000009500000000000000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

6.45060208s ago: executing program 2 (id=1068):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

5.11390772s ago: executing program 0 (id=1082):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x2, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000c80)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r1, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000480)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0xe9, &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0x33, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)={0x1b, 0x0, 0x0, 0x5, 0x0, r0, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x3}, 0x48)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)={0x1b, 0x0, 0x0, 0x5e17, 0x0, r0, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x7, 0x1b, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x700000}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3f}, @jmp={0x5, 0x1, 0x2, 0xa, 0x0, 0x2, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @exit, @jmp={0x5, 0x1, 0x0, 0x4, 0x9, 0x10}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffff9}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x3}]}, &(0x7f0000000300)='syzkaller\x00', 0x101, 0x0, 0x0, 0x41000, 0x25, '\x00', r5, 0x1e, r7, 0x8, &(0x7f0000000400)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x3, 0xf, 0x5, 0x8}, 0x10, r8, r1, 0x1, &(0x7f0000000880)=[r0, r0, r0, r9, r10, r0], &(0x7f00000008c0)=[{0x0, 0x3, 0xa, 0x6}], 0x10, 0x400}, 0x90)
syz_usb_connect(0x0, 0x41, &(0x7f00000003c0)=ANY=[@ANYBLOB="120101022f7d8640940f01009c17010203010902"], &(0x7f0000001180)={0x0, 0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="040f"]})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
fsopen(&(0x7f0000000000)='configfs\x00', 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)

2.75411235s ago: executing program 4 (id=1102):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x7, 0x20000000000}, 0x0)
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x4800, &(0x7f0000005240), 0x1, 0x51aa, &(0x7f0000005280)="$eJzs3V+IVNcdB/Az+0cXpe5UCtqCRR987mJ9aOnDDoXSP7Iw1lq0oLsKlYogi1SwuFBFC0pBtmwRWimI0AcpylAqQjcQIZAQElh8kIgBE4mQ5ElJAgbyEnbuPbMz53p3xo1mjX4+snvn3N89554Z7sN8xz13AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIQQRqd+s+f0vaufl9W3XrpTv7durHbm2Lnhxtrj4yFUmvsreX38p7/49YEd42NDscPE9mxbrZYNmXV9P2us6Ng536/zZ18IYTAZoD/f/qy/rW8lPUE4UhxwUScHrm24uXfb2Exj7sHho5unik+deUPLPYHlkl9X9xeupVrzd19yRKvddulVOi7RrH96wX0tTwIAeCIj9eam9XY0f4vbap9I60m7lrSnk3Z8hzDd3liKbNwVZfPcmNaXaZ61LCqsLJ1nUs9f/1a7nvZP2knUeIJ5dh6aR5qhsnlOJvXlmicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8+Tsj2Y/evX3e94pq2+9dKd+b91Y7cyxc8ONtcfHQ6g291eycmX33H8uf+vYz394+f4XI1sOPvx/f94vbgfaDg6344MfD4ewv61yPw778ZoQ6p2FZjP8o1g42Hzwy1gAAADgRfLd5u++VjuLg4Md7UozTVaa/6IsLJ4cuLbh5t5tYzONuQeHj26eWvp49ZLxao8dr9WuLvxU2oJxjL/peAv1eOiRwjiLS0dM8/zOqR9Urjz6zpWy/oX8X108/8dXTv4HAADgq5D/03EW1y3/rz775n9PvTX2WVn/Qv7f2HHKQv6PM475vy8sLf8DAADA8+xZ5/9aYZzFdcv/f7879OfTnxxZVda/kP9Hesv/A+3TjjvfjhM+NBzCSLepAwAAACXi/7svfLQQ83r2yUGa1y9cP7Dvn/+78q+y8Qr5v9Zb/h986s8MAAAAWKrZk43ZW3+58++yeiH/13vL/yuf+cwBAACAXl3d9cH5C997tLOsXsj/E73l/7igIF/5kHV6Pf4VwsxwCEPzDyazwhtherRVAAAAAJ6SmNNvVXd9v/rh6GzZcYX8P7n4/f/jnQ7i+v+O+/8V1v+3FbK7/v3EjQEAAAB4GRXX88fb42ffXFD2/fu9rv8/v73v7v6/jTXKzl/I/yd6y//97dun+f1/AAAAsATftO//210YZ3Hd7v+/6b3Xbhz9429Hy/oX8v90b/k/ble3P70b8fU5NRzC+vkH+d0EL8fTHUoKjcG2QvbCJz12xB55obGyrdA0mfTYMhzCpvkHJ5LCt2NhOik8XJMXLiaFuVjIr4dW4WpSuBGvtPNr8ummheuxkC+waMQVFKtbSyKSHp+W9ZgvPLbHu62TAwAAvFRieM6z7GBnM6RRtlHpdsCqbgf0dTugv9sBA8kB6YFl+8NEZyHuf+VX9Znbv/vDn0KJQv6/2Fv+jy/FimxTtv4/xPX/+fcattb/T8RCNSk0YqGe3jGgHs+Rhd2/xnNU63mPh+tbBQAAAHihxc8F+pd5HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAle/ceI9dVHw787Hr26X3l8SMJz4WImPyQ1+s1oQ1EYkNBPEM3JKCklGadeBMWbxIntis7oNZ5NIKkQCoilQJSHRAClwosoAq4qeIGYdTUUqLQoCRASoIRpSRKIqrQyn+kmr33zN45d69nHHsdb/r5/LFzZr7neefO7Jx775wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+b6jd975v//A9+zdVxd/wpUemHjvlvMlPbPv08O4TP3ZJCFPzj3dk4Y6L7/v6rsFt71i368DB8YnZp/d05+XyeFhZ/9OZ37kp1npgMIQ7O0KopYHVA1mgK78/EOt7+UAIJ4SFQKPETH9WIm04/KAvhJ1hIdCo6nt9IQwUAhc+cM/dn6onbu8L4bUhhJ60jZ/1ZG30pYEzurNAfxq4upYFfvdcphH4bmcWgCMWXwyNnX73VHOGkcXLVex/XUetYy+sdHgrYmKkOt+T5y5xpwq60wemjuhpK1XHkii9PPZ6tS2DV1tpO9/maSt+kMo/oTy3EOoJnRtmLl+/dW5LfKQzjI2tqKppiZ7nh5/5+GWHk142+2HswMhR2Q+fuOrmi1bdMnlg113v3TN979aJI+3mQ4VNWkwvtZ6Q73PL5nmMJr2fLIOXX+lT0qgPXSGEj3znzWtvrH3m36ripfn/yKHn/3F3jredTbljrQeHsrl5fGQgJp4ayubmAAAAsGwsh6OmT/3RNXvufXL/v1fVV5r/j7Z3/j+e8s8n89lo94YwOZ+4cTiEU+cfzwK7YnOXDofw6vnUVHPg3CSwN4TT5hNnNqpKSvTGEqNJ4FdDeWAyCeyLgakk8JUYuC0J3BQDu5PAZTGwNwm8NQbCbPM4/v9QPo62A30xMJ1txN3xKoTfDsXWkm31k0ZVAAAAR0k+O+xqvlu41uFIM8Tp5e6+VhniFdiVGXqSGtIZbGNaVVlDrVUNna1qaIx7x6GHX6q5o1XNpcswOpozfPfJv/nnG9504MFQoTT/Hz/0/L9nkY50lM7/h3D+/N+YuzOPzDXi01NNGQAAAIAj8LbvfGH6tN9cen9VvDT/n2zv+v94TGRFIXPYHw9DbBwOYbw5kFX75nIgO+u9Mg8AAADActA4H984Fz6b32aXaKfz6XL+qcPMH0/8Ty6a/7xHRz//+Af+fKqqv6X5/1R71//3N99mndgXe/HZ4RB6C4Efxl7WA/NGY+Dnb2kO5OPfFzfArbGq/MKERlW3xhLTMTCeBHZWlbi/UeLU5kD+ZDUav7Exjtm8RCEAAAAAx1w8HBDPy8fr/z/5F3c9dMsXv/WWqnKl+f/04V3/Pz8PLl3eP7cyhDW1EFakXwzY358tDBgDAx154p/6s7pWpFVd3x/COfWBpVU9lq//X0vXGHygL6sqBk59zdeeOaOe+HJfCGuKgR9/6I6z6oktSaDR+Af6QnhVfbRp4//QmzXelTb+170hvLIQaFR1aW8I9ca606ru6cl/xyCt6ps9IZxUCDSqemNPCNsDAMtU/Fe6ofjg5u3XbVw/Nzdz7RIm4jH8vnD57NzM2GVXz23oqejThqTPTcsYXV8eU2ebY/9pvkTRgxdsHG4n3fie4HixL/lx/NKFg/n9+Fmoa36cE11Nd9elQ37d6eUm0iG9EEPuL1ay8CSW6o/5u8PK0Lt188y1Y9vWb9ly7drsb7vZJ7K/8TRTtq3Wptuqf7G+tbF7tLuq9vPdVquKlazZcuWmNZu3X7d69sr1V8xcMXPVurXjZ5/9xomzzp5YUx/VePa3xVBXLVZ1MtTn7igPYal3i5fWCpUci3cNCQmJ5ZZ49IMTtZe85vX/WfX2U5r/bzr0/D++68R3/nx9hqrz/yPxNH/2+MJp/ukY2Nnu+f+RqrP5jQsDRpPAjhjY4TQ/AAAALw7xcGQ8mhkPPz79kY8+Wdu27pqqcqX5/472vv9/lNb/byxd/+6qZf7PjCXGq9b/T5f5b6z/v6Nq/f90mf/G+v87X4D1/7c2Askm+a31/wEAgBeDY7f+f8vl/dMfCChlaLm8f/oDAaUMLZfxb/cHAg57/f+Hb7rzgv83e/G7QoXS/P+29ub/Fu4HAACA40f/6O/2/eL6+8+tipfm/zvbm/8f+/X/QtX1/6NVgamqhQGt/wcAAMAyVbX+38Vv/87LPjj6hvbX/9vd3vw/XnbR2ZQ71npwKFvTLqRr2j011PjKAAAAACwPnWFsrKvNvE0ro1aejW/t4Xwp0EOli/7j8SvXnLP390+vqq80/9/b3vy/6XsZT1x180Wrbpk8cHDXXe/dM33v1omF8/8AAADA0mn3uAQAAAAAAAAAAAAAAPDC+3X/F/70lL8b+X5VvPT9/3D+/ONV3/+Pv/sXv19wclPuWGvr9f/y+xe+5xvb55cs3D8UwunFwMYbNp4Q8t/mX1UM3P3hM0+pJ25IS9z16Ft/WU9ckgbeufrEZ+uJc5LAdFwk8bQ0EH9V8dnBJBCXV/xRGojbY3ca6M4DnxzMxtGRbqtfD2TbqiPdVo8MhDBcCDS21Z0DWRsd6QBvTwKNAV6TBuIA35cHOtNefWNl1qsYGIhF/3Zl1isAAI5b8VNgV7h8dm5mPH6Ej7cvrTXfRk1Lll1fXW0rP82XJnvwgo3D7aRXpJ9FF35rvCv01IewtvRxtZilY36UR6eWFpvu5Ioht1rtrVZRLnW4m667ekR92YjGLrt6bkNXy4Gva51lotYyy9rSZKeYpXN+k7ZRSxt9aWNEbW6bNroc73eGsbEVSa43xeBIaNJqj2j3+/rFdf6q9oJino6T//Kdt3925o6q+krz/5H25v89xXE9m/8YwI74y3o3DodwapsjAgAAANr1k398aOLqL9z89+ntNx/ff/Mr7znv6apypfn/aHvz/3hgLD8VnB3t2Bt//78x/x/JArtic5cOh/Dq+dRULJH9oP67Y4nxLLArHjA5M5aYnmquqjcGdieBXw3lgb1JYF8M5EcpvhbyQzl/NRTCWfOp85tLbIolRpLAH8bAaBIYi4HxJDAYA5NJ4InBPDCVBP41BsJs87b69qCjKwAAwPOQz7O6mu+GdJ63u9YqQ0erDP2tMnS2ytDTKkPVKOL9b8UMXcXz8XmG+FBXWmtfUkspQ/wx/MPuVylDuL85Z1qw1HS8/qBxvUFHc4b/Pvkzn39V756DoUJp/j/e3vy/v/k2a31fnP8v/P5fFvhh7N5n46XjozHw87c0B/IDA/viZPfWRlVTeYl80n5rLDEZA6NJYFMMTCaB6fPzwM5TmgP5TLvR+I2NxmfzEoUAAAAAHHPxAEE8TBPn/+8/6fXfP+9dMw9UlSvN/yfbm//H9lYWG7sp1npgMIQ7OxZ60wisHsgC8TjGQPx6/MsHQjihcICjUWKmPyvRnTQcftCXfUO9O63qe33ZGgPx/oUP3HP3p+qJ2/tCeG3h6EujjZ/1ZG30pYEzurNAfxq4upYF4pGfRuC7nVkAjljjqGDcofJLXRpGFi9Xsf+9WH4TNB1e6RjoIvkW+87VUulJH8iPqTYc3tNWqo4lUXp57PVqW46vthGvtuIHqfwTynMLoZ7QuWHm8vVb57bER4rfZC1Zoue5+C3VdtJHYT/c8fx721pP2oHx5O1jfPFyi++HHbG6J666+aJVt0we2HXXe/dM37t1ou1uVIhfFH77c58beaiweZdaT8j3uWX3fjLl/WQ5/hsY9bTVX+Yvmb7qgkd+9GRVvDT/n2pv/l9Lbuf9T9yYm4dDeF1h4+6Pm/8PhrP3wUIge5c8qRzITrn/YqjynRMAAACOtsbhjsbxgtn8NrsgPJ0nl/NPHWb+eLxictH87fZ7/b7f/PHYaa+4tCpemv9PH3r+35t00/l/5/9ZIs7/L+p4PxTdmz6w44gORZeqY0k4/7+o4/3V5vz/opz/d/5/Mc7/t+D8/6KO96et9Clpkw9dIYTXffCr4fHPPNv++n+b2pv/W/9v8UX7Guv/TVet/7epav2/Hdb/AwAAllTFQnPpPK+0el8pQ7p6XylDywUCWy4xaP2/w17/b//bXvGz7R/49UWhQmn+v6O9+X/cHVYWW18u6/+Nnl9R1W0xsMnCgAAAAByPqg4QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MK6/09W/941n1/15ar4G770yNRjp5w3+Yltnx7efeLHLglhdv7xjizccfF9X981uO0d63YdODg+Mfv0np68XFd++7Km3LHWg0Mh7Cw8MhATTw3V7ywELnzPN7bX6on9QyGcXgxsvGHjCfXEV4ZCWFUM3P3hM0+pJ25IS9z16Ft/WU9ckgbeufrEZ+uJc/JAR9rdLw5m3e1Iu/upwRCGC4FGdz862FxVo4135IHOtI2vDmRtxMBALPq5gayNGJiLJWZ7Q1hTC2FFWtW/9GRVrUirqj87w4VAo6o/6wnhnBBCLa3q0e6sqlo68vu6s6pi4NTXfO2ZM+qJnd0hrCkGfvyhO86qJ65JAo3G398dwqvqu0za+Le6ssa70sZv7wrhlSGE7rTEf9WyEt1picdqIZxUCDQa/0gthO2BF4X45rOh+ODm7ddtXD83N3PtEia687b6wuWzczNjl109t6En6VOVjkL6uesPHT+Unz7z8cvqtw9esHG4nXQtL9c13+WJrqa7645W79t1uL2P/eovVrLwfJTqj/m7w8rQu3XzzLVj29Zv2XLt2uxvu9knsr8r8mi2rdYerW21okX56Pluq1XFStZsuXLTms3br1s9e+X6K2aumLlq3drxs89+48RZZ0+sqY9qPPt7NIZ6RzneucRDfWmtUMmxeAOQkJBYbonOpne38eP9X3bpg/5CR7tCz/wbdGlaUczSMT/KozHoc8vxpXpLL01JSiNaW5o4lLJMtM6yrjSZWMjSl2WZ/1xXmhwWa+qc36QLm2RsrPKf+kjz3eLmfXKRzduuh/NN124aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6XHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W4fRswEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//0cRM9w=")
syz_io_uring_setup(0x27f3, &(0x7f0000000340), &(0x7f0000000140), 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000140)=ANY=[])

2.281486015s ago: executing program 3 (id=1105):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_BRIDGE={0x4}]}]}, 0x3c}}, 0x0)

2.275343953s ago: executing program 0 (id=1106):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r0, 0x541b, 0x0)

2.274889033s ago: executing program 3 (id=1107):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_io_uring_setup(0x245d, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_setup(0x3190, &(0x7f0000000580), 0x0, 0x0)
syz_io_uring_setup(0x334c, &(0x7f0000000300), 0xfffffffffffffffc, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x0)
syz_open_dev$vim2m(&(0x7f0000000440), 0x0, 0x2)
syz_io_uring_setup(0x137f, &(0x7f0000000200), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x8})
io_uring_enter(r0, 0xa3d, 0x0, 0x0, 0x0, 0x0)

2.194187324s ago: executing program 0 (id=1108):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200f1ff8500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00'}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x7, 0xd2, [@loopback]}, @timestamp={0x7, 0xc, 0x5, 0x0, 0x0, [0x0, 0x0]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="180000001600156f000000000000005000", @ANYRES32=0x0], 0x18}}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x400, &(0x7f0000000000)={[{@errors_continue}, {@nojournal_checksum}, {@abort}]}, 0x1, 0x617, &(0x7f0000000100)="$eJzs3c1vFOUfAPDvbLfvv58txKh4kCbGQKK0tIIhxkS4E4IvN71UWghSKKE1WiSxJHgxGi8eTDx5EP8KlcSr/4AHL54MCTGGgxgia2Y7U6YvW/q2O6X7+SRD55nZnec70C/Ps88+MxNA2xpK/6hE7IuIy0nEQGFfNbKdQwuvu/vXtTPpkkSt9tafSVz7JJkvHivJfu7J3vzvQCTp2/eO/bCi3pm5qxfGp6Ymr2TlkdmLl0dm5q4eOn9x/NzkuclLY6+MHTt65Oix0cNbP7/MyRvvfzjw2al3vvvmfjL6/W+nkjgeDzoW9qXntfy93VuqOa17KGoL7hW3p3+vx7Z47J3i74H89yTXG0m1tHDYoLPZ72NnRDwdA9FR+NcciE/fKDU4oKlqSeRtFNB2kk3lf8/2BwK0WN4PyD/br/Y5eKVKk3slQCvcObEwALCQ+50Rked/NRs766mPDfTdTZaM8yQRsbWRuQVpHb/8fOpGukSDcTigOeavd2fj9svb/6Sem4PRUy/13a0syf9KYUm3v7nJ+oeWleU/tM789Yh4Jmv/u2JD+T9UyP/3Nlm//AcAAAAAAIDtc+tERLy02vy/yuL8n65V5v/0R8Txbaj/0d//VW5nK8k2VAcU3DkR8dqq838X5/gOdmSl/9fnA3QmZ89PTR6OiCci4mB0dqfl0WXHLc4QPvTF3q8LxVrxdcX5f+mS1p/PBcyOdLu67ELcifHZ8e04d2h3d65HPFuf/7s/27J0/k/a/iertP9pfl9eZx17X7h5utG+R+c/0Cy1byMOrNr+P+xuJ2vfn2Ok3h8YyXsFuYc9gOc+/vLHRvXLfyhP2v73rZ3/3Unxfj0zGzt+V0S8PFetNdq/2f5/V/J2R3781Efjs7NXRiO6kpMrt49tLGbYrfJ8yPMlzf+Dz689/rfY/y/kYW9EzC8/eIMRuqce9P9eKC7JZu0/lCfN/4m12//Bpe3/xlfGbg7+1Kj+0+tq/4/U2/SD2Rbjf1C08n4c603QUsIFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdcJSL+F0lleHG9UhkejuiPiCejrzI1PTP74tnpDy5NpPvqz/+v5E/6HVgoJ/nz/wcL5bGl5d60rj0R8VVHb33/8JnpqYmyTx4AAAAAAAAAAAAAAAAAAAB2iP76Nf+17uXX/6f+6Cg7OqDpqtlP+Q7tJ8v/z9/d8Dtr3dsfDdBK1bIDAEqz/vzvbGocQOs1zv9792t1LQ0HaCH9f2hfm8x/XxfALqD9h3a1zjG9nmbHAZRB+w8AAAAAALvKnv23fk0iYv7V3vqS6sr2mewPu1ul7ACA0pjDC+2rOl12BEBZfMYHksW1f1a92L/x7P+kOQEBAAAAAAAAAAAAACsc2Of6f2hXa1//b24/7GZrXP9fT/7qul8OPG4aP/pD2w+73Rqf8T3wC9rEo1p71/8DAAAAAAAAAAAAwA7Qc/XC+NTU5JWZucdv5fWdEcbGVubHd0QYW13pjYjFLQ+aU1dnRJR/pmWs5LfgKDGMkv9fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFv0XAAD//wAZJ4w=")

2.010655153s ago: executing program 3 (id=1110):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xae0e}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)

1.889337043s ago: executing program 0 (id=1111):
r0 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000400)={0x53, 0x0, 0xfe, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000240)="e62f90a08fff", 0x0, 0x0, 0x0, 0x0, 0x0})

1.882899039s ago: executing program 3 (id=1112):
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_dev$dmmidi(0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$netlink(0x10, 0x3, 0x9)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0xee01, 0x0, r2)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setfsgid(r4)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x6}]})
connect$unix(r5, &(0x7f0000000300)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r7 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x3000003, 0x11, r7, 0x0)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, 0x1c)
write$P9_RGETLOCK(r8, &(0x7f0000000040)=ANY=[], 0xe6da)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)

1.804556523s ago: executing program 0 (id=1113):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='-9'], 0x27)

1.742625602s ago: executing program 0 (id=1114):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)
r0 = gettid()
r1 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xb, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000740)={'wlan0\x00'})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='rcu_stall_warning\x00', r4}, 0x10)
r5 = add_key$keyring(&(0x7f0000001240), &(0x7f0000001280)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000040)='asymmetric\x00', &(0x7f00000101c0)=@chain)
r6 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
preadv(r6, &(0x7f0000000200), 0x0, 0x2000000, 0x0)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)

1.54940251s ago: executing program 4 (id=1116):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3593], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x5b)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
shutdown(r2, 0x0)

1.244943215s ago: executing program 1 (id=1118):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r0, 0x541b, 0x0)

1.072496677s ago: executing program 1 (id=1119):
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
ppoll(&(0x7f0000001a80)=[{r0, 0x1}, {r1}], 0x2, 0x0, 0x0, 0x0)

925.836427ms ago: executing program 1 (id=1120):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0xb, &(0x7f0000000280)=@framed={{0x18, 0x2}, [@printk={@llx}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
shutdown(r0, 0x1)

768.319419ms ago: executing program 1 (id=1121):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000f00)=ANY=[@ANYBLOB="8500000008000000350000000000000085000000050000009500000000000000fed023000000c71adb30be7d75fa1f32f08a23ce3220b0cc9505d72768b8242dd90d17e4c52505756ca2b009546a0900000000000000d3df2bd87184446d165ae3939bbca322a415a98c8801000000000000800859362ed862b3c47f82000000adfd2f16af3a00000000000000000000009a317aa34f0c50f99eedac26048ab915e1be5aa845be00de14683ee4e859d65564a9c79d20e5a011e966388cd0bb39f45d6c508b8a0f7f2d48be0e2a8137c6741775428abf2ddfd2a473f5b271701e22f8cb42198906e1107fa780c435083cac323838727afbfb995f99b82df3b363a9cf6ba87fdfbf5a3dd0dde49b4193520e5e946687634c04000000000000bfbcd911eba0dee5e5ce6434f86fe82ee02f0e8e3173a97d85e232e584ace13387693614f3a74dc418e58f3e98933b2c93fae25ec2dd190231e2531e1ffeff33676a4383a918cba3ad8318ea29f164563a42cdb596f255a251add2d2ae2fac0a0e7421e4bf07fc884be5721bdffe58c6a4b57014ce976ce8b9cddfa50175c53253d7659f0e88913d4fa7f309eb40337fada4363c0698510730725e23bdad60ceaeecfeeccc397565f204b82d000000007a1b4abeadf350c21027d314237a9d448b82827ff3f29cc9b46c8fcfbb30d1fc38311f0918707c252b596cdbf4e77836adc1f59f9d1280333d135fdcdcee8eb817388666e02ff1b148b6bc3c283e71c0ad9c683c6bb6fea2d2d54af3ad488f0cc2e54a70c19ceac518adbe917652c34019d7478c716ab23d4a863b4dcd08d89f6cec674e9fd379d71e06357d207984e885ace8a0dbaffef403aff01d5f2f0e644b61cd8bd72a59f2d7cf67815aeb8761412d68c40dbed08b7eeda96b3856a519a71b83c19b2e8f88d92b66abec165663819a87e7cd8c082cb011051789c283eecfe08f0799f6c7023353b6d3af7177d6b5420b1784b53238b39c0db1da864e593d45fd297e4d34e749bc737e0bcf36fd955a40124c00d40c3f21d26e6e276152412b4ef3f52dc416bb2d7463a93ee6c0b20c5749a44677a3c3a7aa9a47c7cd7bb52fbb2c8d63166f4ad1038f33258736b2224a66726f1fd4dce0eb6043a55fbdd341baba95cc5838a860068e0f3e73d992403455b03b25bd5414628d7325a6b25986666b3368210686dab3a6be8b8d4bd9347c83cb693aebab072fe479705b0c6c9bb9728d131f8320b966898de1a16407692b57b6f7333eac0d2ed0a7a4457d9c70089fcf9aa553929a65777f3bbf6d0bdc6a11371a138c6d4b0fefc655716e4486f5c7a88e80b2fb0efb579333bef98ded75abfb982b1fb92f003a6aefb8bf25eacb848d8ed1c1162d000000000000000000000000e87dffd60f123527781805434d210bb72ac2c097c45b27dde4980bc85b43614d266a9d403c320f80646c7df8bdd1cf3800"/1071], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/148, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff79}, 0x16)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x83, 0x0, &(0x7f0000000e40)="04d31fcd275bfc58188e699fa7c9aa904991771e83b702f3717cf38ed0e92e83ae490758991fa1174a75fa8c45db732026d3de611ffbd09b683e2f08812d695dd9b87f08711c02bb5d2cbac05022bee8aee5339fb6eba21e534e43b9960f470bf9c075368c6a7ee0b6ef641feb6967490ae07547819adcf47330679551ae2bd7009b31", 0x0, 0x947, 0x0, 0x1b, 0x4b, &(0x7f0000000000), &(0x7f0000000e00)="2fda8e7aa8d9cecae13bcbb35230d1cf1f1b23e33fcbd1aa1bea454b04650cecef80daa9a0a349a8e46d661af6e7ee8cdb5e97e738fe54"}, 0x50)

685.785659ms ago: executing program 1 (id=1122):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200f1ff8500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00'}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x7, 0xd2, [@loopback]}, @timestamp={0x7, 0xc, 0x5, 0x0, 0x0, [0x0, 0x0]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="180000001600156f000000000000005000", @ANYRES32=0x0], 0x18}}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x400, &(0x7f0000000000)={[{@errors_continue}, {@nojournal_checksum}, {@abort}]}, 0x1, 0x617, &(0x7f0000000100)="$eJzs3c1vFOUfAPDvbLfvv58txKh4kCbGQKK0tIIhxkS4E4IvN71UWghSKKE1WiSxJHgxGi8eTDx5EP8KlcSr/4AHL54MCTGGgxgia2Y7U6YvW/q2O6X7+SRD55nZnec70C/Ps88+MxNA2xpK/6hE7IuIy0nEQGFfNbKdQwuvu/vXtTPpkkSt9tafSVz7JJkvHivJfu7J3vzvQCTp2/eO/bCi3pm5qxfGp6Ymr2TlkdmLl0dm5q4eOn9x/NzkuclLY6+MHTt65Oix0cNbP7/MyRvvfzjw2al3vvvmfjL6/W+nkjgeDzoW9qXntfy93VuqOa17KGoL7hW3p3+vx7Z47J3i74H89yTXG0m1tHDYoLPZ72NnRDwdA9FR+NcciE/fKDU4oKlqSeRtFNB2kk3lf8/2BwK0WN4PyD/br/Y5eKVKk3slQCvcObEwALCQ+50Rked/NRs766mPDfTdTZaM8yQRsbWRuQVpHb/8fOpGukSDcTigOeavd2fj9svb/6Sem4PRUy/13a0syf9KYUm3v7nJ+oeWleU/tM789Yh4Jmv/u2JD+T9UyP/3Nlm//AcAAAAAAIDtc+tERLy02vy/yuL8n65V5v/0R8Txbaj/0d//VW5nK8k2VAcU3DkR8dqq838X5/gOdmSl/9fnA3QmZ89PTR6OiCci4mB0dqfl0WXHLc4QPvTF3q8LxVrxdcX5f+mS1p/PBcyOdLu67ELcifHZ8e04d2h3d65HPFuf/7s/27J0/k/a/iertP9pfl9eZx17X7h5utG+R+c/0Cy1byMOrNr+P+xuJ2vfn2Ok3h8YyXsFuYc9gOc+/vLHRvXLfyhP2v73rZ3/3Unxfj0zGzt+V0S8PFetNdq/2f5/V/J2R3781Efjs7NXRiO6kpMrt49tLGbYrfJ8yPMlzf+Dz689/rfY/y/kYW9EzC8/eIMRuqce9P9eKC7JZu0/lCfN/4m12//Bpe3/xlfGbg7+1Kj+0+tq/4/U2/SD2Rbjf1C08n4c603QUsIFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdcJSL+F0lleHG9UhkejuiPiCejrzI1PTP74tnpDy5NpPvqz/+v5E/6HVgoJ/nz/wcL5bGl5d60rj0R8VVHb33/8JnpqYmyTx4AAAAAAAAAAAAAAAAAAAB2iP76Nf+17uXX/6f+6Cg7OqDpqtlP+Q7tJ8v/z9/d8Dtr3dsfDdBK1bIDAEqz/vzvbGocQOs1zv9792t1LQ0HaCH9f2hfm8x/XxfALqD9h3a1zjG9nmbHAZRB+w8AAAAAALvKnv23fk0iYv7V3vqS6sr2mewPu1ul7ACA0pjDC+2rOl12BEBZfMYHksW1f1a92L/x7P+kOQEBAAAAAAAAAAAAACsc2Of6f2hXa1//b24/7GZrXP9fT/7qul8OPG4aP/pD2w+73Rqf8T3wC9rEo1p71/8DAAAAAAAAAAAAwA7Qc/XC+NTU5JWZucdv5fWdEcbGVubHd0QYW13pjYjFLQ+aU1dnRJR/pmWs5LfgKDGMkv9fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFv0XAAD//wAZJ4w=")

630.334974ms ago: executing program 4 (id=1123):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080), 0x6)
write$bt_hci(r0, &(0x7f00000000c0)={0x3, @write_sc_support={{0xc7a, 0x1}}}, 0x6)

434.185269ms ago: executing program 3 (id=1124):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000480)=0x2, 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @loopback}, 0x10)

400.76246ms ago: executing program 4 (id=1125):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x90)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='-9'], 0x27)

337.657869ms ago: executing program 1 (id=1126):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x7, 0x20000000000}, 0x0)
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x4800, &(0x7f0000005240), 0x1, 0x51aa, &(0x7f0000005280)="$eJzs3V+IVNcdB/Az+0cXpe5UCtqCRR987mJ9aOnDDoXSP7Iw1lq0oLsKlYogi1SwuFBFC0pBtmwRWimI0AcpylAqQjcQIZAQElh8kIgBE4mQ5ElJAgbyEnbuPbMz53p3xo1mjX4+snvn3N89554Z7sN8xz13AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIQQRqd+s+f0vaufl9W3XrpTv7durHbm2Lnhxtrj4yFUmvsreX38p7/49YEd42NDscPE9mxbrZYNmXV9P2us6Ng536/zZ18IYTAZoD/f/qy/rW8lPUE4UhxwUScHrm24uXfb2Exj7sHho5unik+deUPLPYHlkl9X9xeupVrzd19yRKvddulVOi7RrH96wX0tTwIAeCIj9eam9XY0f4vbap9I60m7lrSnk3Z8hzDd3liKbNwVZfPcmNaXaZ61LCqsLJ1nUs9f/1a7nvZP2knUeIJ5dh6aR5qhsnlOJvXlmicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8+Tsj2Y/evX3e94pq2+9dKd+b91Y7cyxc8ONtcfHQ6g291eycmX33H8uf+vYz394+f4XI1sOPvx/f94vbgfaDg6344MfD4ewv61yPw778ZoQ6p2FZjP8o1g42Hzwy1gAAADgRfLd5u++VjuLg4Md7UozTVaa/6IsLJ4cuLbh5t5tYzONuQeHj26eWvp49ZLxao8dr9WuLvxU2oJxjL/peAv1eOiRwjiLS0dM8/zOqR9Urjz6zpWy/oX8X108/8dXTv4HAADgq5D/03EW1y3/rz775n9PvTX2WVn/Qv7f2HHKQv6PM475vy8sLf8DAADA8+xZ5/9aYZzFdcv/f7879OfTnxxZVda/kP9Hesv/A+3TjjvfjhM+NBzCSLepAwAAACXi/7svfLQQ83r2yUGa1y9cP7Dvn/+78q+y8Qr5v9Zb/h986s8MAAAAWKrZk43ZW3+58++yeiH/13vL/yuf+cwBAACAXl3d9cH5C997tLOsXsj/E73l/7igIF/5kHV6Pf4VwsxwCEPzDyazwhtherRVAAAAAJ6SmNNvVXd9v/rh6GzZcYX8P7n4/f/jnQ7i+v+O+/8V1v+3FbK7/v3EjQEAAAB4GRXX88fb42ffXFD2/fu9rv8/v73v7v6/jTXKzl/I/yd6y//97dun+f1/AAAAsATftO//210YZ3Hd7v+/6b3Xbhz9429Hy/oX8v90b/k/ble3P70b8fU5NRzC+vkH+d0EL8fTHUoKjcG2QvbCJz12xB55obGyrdA0mfTYMhzCpvkHJ5LCt2NhOik8XJMXLiaFuVjIr4dW4WpSuBGvtPNr8ummheuxkC+waMQVFKtbSyKSHp+W9ZgvPLbHu62TAwAAvFRieM6z7GBnM6RRtlHpdsCqbgf0dTugv9sBA8kB6YFl+8NEZyHuf+VX9Znbv/vDn0KJQv6/2Fv+jy/FimxTtv4/xPX/+fcattb/T8RCNSk0YqGe3jGgHs+Rhd2/xnNU63mPh+tbBQAAAHihxc8F+pd5HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAle/ceI9dVHw787Hr26X3l8SMJz4WImPyQ1+s1oQ1EYkNBPEM3JKCklGadeBMWbxIntis7oNZ5NIKkQCoilQJSHRAClwosoAq4qeIGYdTUUqLQoCRASoIRpSRKIqrQyn+kmr33zN45d69nHHsdb/r5/LFzZr7neefO7Jx775wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+b6jd975v//A9+zdVxd/wpUemHjvlvMlPbPv08O4TP3ZJCFPzj3dk4Y6L7/v6rsFt71i368DB8YnZp/d05+XyeFhZ/9OZ37kp1npgMIQ7O0KopYHVA1mgK78/EOt7+UAIJ4SFQKPETH9WIm04/KAvhJ1hIdCo6nt9IQwUAhc+cM/dn6onbu8L4bUhhJ60jZ/1ZG30pYEzurNAfxq4upYFfvdcphH4bmcWgCMWXwyNnX73VHOGkcXLVex/XUetYy+sdHgrYmKkOt+T5y5xpwq60wemjuhpK1XHkii9PPZ6tS2DV1tpO9/maSt+kMo/oTy3EOoJnRtmLl+/dW5LfKQzjI2tqKppiZ7nh5/5+GWHk142+2HswMhR2Q+fuOrmi1bdMnlg113v3TN979aJI+3mQ4VNWkwvtZ6Q73PL5nmMJr2fLIOXX+lT0qgPXSGEj3znzWtvrH3m36ripfn/yKHn/3F3jredTbljrQeHsrl5fGQgJp4ayubmAAAAsGwsh6OmT/3RNXvufXL/v1fVV5r/j7Z3/j+e8s8n89lo94YwOZ+4cTiEU+cfzwK7YnOXDofw6vnUVHPg3CSwN4TT5hNnNqpKSvTGEqNJ4FdDeWAyCeyLgakk8JUYuC0J3BQDu5PAZTGwNwm8NQbCbPM4/v9QPo62A30xMJ1txN3xKoTfDsXWkm31k0ZVAAAAR0k+O+xqvlu41uFIM8Tp5e6+VhniFdiVGXqSGtIZbGNaVVlDrVUNna1qaIx7x6GHX6q5o1XNpcswOpozfPfJv/nnG9504MFQoTT/Hz/0/L9nkY50lM7/h3D+/N+YuzOPzDXi01NNGQAAAIAj8LbvfGH6tN9cen9VvDT/n2zv+v94TGRFIXPYHw9DbBwOYbw5kFX75nIgO+u9Mg8AAADActA4H984Fz6b32aXaKfz6XL+qcPMH0/8Ty6a/7xHRz//+Af+fKqqv6X5/1R71//3N99mndgXe/HZ4RB6C4Efxl7WA/NGY+Dnb2kO5OPfFzfArbGq/MKERlW3xhLTMTCeBHZWlbi/UeLU5kD+ZDUav7Exjtm8RCEAAAAAx1w8HBDPy8fr/z/5F3c9dMsXv/WWqnKl+f/04V3/Pz8PLl3eP7cyhDW1EFakXwzY358tDBgDAx154p/6s7pWpFVd3x/COfWBpVU9lq//X0vXGHygL6sqBk59zdeeOaOe+HJfCGuKgR9/6I6z6oktSaDR+Af6QnhVfbRp4//QmzXelTb+170hvLIQaFR1aW8I9ca606ru6cl/xyCt6ps9IZxUCDSqemNPCNsDAMtU/Fe6ofjg5u3XbVw/Nzdz7RIm4jH8vnD57NzM2GVXz23oqejThqTPTcsYXV8eU2ebY/9pvkTRgxdsHG4n3fie4HixL/lx/NKFg/n9+Fmoa36cE11Nd9elQ37d6eUm0iG9EEPuL1ay8CSW6o/5u8PK0Lt188y1Y9vWb9ly7drsb7vZJ7K/8TRTtq3Wptuqf7G+tbF7tLuq9vPdVquKlazZcuWmNZu3X7d69sr1V8xcMXPVurXjZ5/9xomzzp5YUx/VePa3xVBXLVZ1MtTn7igPYal3i5fWCpUci3cNCQmJ5ZZ49IMTtZe85vX/WfX2U5r/bzr0/D++68R3/nx9hqrz/yPxNH/2+MJp/ukY2Nnu+f+RqrP5jQsDRpPAjhjY4TQ/AAAALw7xcGQ8mhkPPz79kY8+Wdu27pqqcqX5/472vv9/lNb/byxd/+6qZf7PjCXGq9b/T5f5b6z/v6Nq/f90mf/G+v87X4D1/7c2Askm+a31/wEAgBeDY7f+f8vl/dMfCChlaLm8f/oDAaUMLZfxb/cHAg57/f+Hb7rzgv83e/G7QoXS/P+29ub/Fu4HAACA40f/6O/2/eL6+8+tipfm/zvbm/8f+/X/QtX1/6NVgamqhQGt/wcAAMAyVbX+38Vv/87LPjj6hvbX/9vd3vw/XnbR2ZQ71npwKFvTLqRr2j011PjKAAAAACwPnWFsrKvNvE0ro1aejW/t4Xwp0EOli/7j8SvXnLP390+vqq80/9/b3vy/6XsZT1x180Wrbpk8cHDXXe/dM33v1omF8/8AAADA0mn3uAQAAAAAAAAAAAAAAPDC+3X/F/70lL8b+X5VvPT9/3D+/ONV3/+Pv/sXv19wclPuWGvr9f/y+xe+5xvb55cs3D8UwunFwMYbNp4Q8t/mX1UM3P3hM0+pJ25IS9z16Ft/WU9ckgbeufrEZ+uJc5LAdFwk8bQ0EH9V8dnBJBCXV/xRGojbY3ca6M4DnxzMxtGRbqtfD2TbqiPdVo8MhDBcCDS21Z0DWRsd6QBvTwKNAV6TBuIA35cHOtNefWNl1qsYGIhF/3Zl1isAAI5b8VNgV7h8dm5mPH6Ej7cvrTXfRk1Lll1fXW0rP82XJnvwgo3D7aRXpJ9FF35rvCv01IewtvRxtZilY36UR6eWFpvu5Ioht1rtrVZRLnW4m667ekR92YjGLrt6bkNXy4Gva51lotYyy9rSZKeYpXN+k7ZRSxt9aWNEbW6bNroc73eGsbEVSa43xeBIaNJqj2j3+/rFdf6q9oJino6T//Kdt3925o6q+krz/5H25v89xXE9m/8YwI74y3o3DodwapsjAgAAANr1k398aOLqL9z89+ntNx/ff/Mr7znv6apypfn/aHvz/3hgLD8VnB3t2Bt//78x/x/JArtic5cOh/Dq+dRULJH9oP67Y4nxLLArHjA5M5aYnmquqjcGdieBXw3lgb1JYF8M5EcpvhbyQzl/NRTCWfOp85tLbIolRpLAH8bAaBIYi4HxJDAYA5NJ4InBPDCVBP41BsJs87b69qCjKwAAwPOQz7O6mu+GdJ63u9YqQ0erDP2tMnS2ytDTKkPVKOL9b8UMXcXz8XmG+FBXWmtfUkspQ/wx/MPuVylDuL85Z1qw1HS8/qBxvUFHc4b/Pvkzn39V756DoUJp/j/e3vy/v/k2a31fnP8v/P5fFvhh7N5n46XjozHw87c0B/IDA/viZPfWRlVTeYl80n5rLDEZA6NJYFMMTCaB6fPzwM5TmgP5TLvR+I2NxmfzEoUAAAAAHHPxAEE8TBPn/+8/6fXfP+9dMw9UlSvN/yfbm//H9lYWG7sp1npgMIQ7OxZ60wisHsgC8TjGQPx6/MsHQjihcICjUWKmPyvRnTQcftCXfUO9O63qe33ZGgPx/oUP3HP3p+qJ2/tCeG3h6EujjZ/1ZG30pYEzurNAfxq4upYF4pGfRuC7nVkAjljjqGDcofJLXRpGFi9Xsf+9WH4TNB1e6RjoIvkW+87VUulJH8iPqTYc3tNWqo4lUXp57PVqW46vthGvtuIHqfwTynMLoZ7QuWHm8vVb57bER4rfZC1Zoue5+C3VdtJHYT/c8fx721pP2oHx5O1jfPFyi++HHbG6J666+aJVt0we2HXXe/dM37t1ou1uVIhfFH77c58beaiweZdaT8j3uWX3fjLl/WQ5/hsY9bTVX+Yvmb7qgkd+9GRVvDT/n2pv/l9Lbuf9T9yYm4dDeF1h4+6Pm/8PhrP3wUIge5c8qRzITrn/YqjynRMAAACOtsbhjsbxgtn8NrsgPJ0nl/NPHWb+eLxictH87fZ7/b7f/PHYaa+4tCpemv9PH3r+35t00/l/5/9ZIs7/L+p4PxTdmz6w44gORZeqY0k4/7+o4/3V5vz/opz/d/5/Mc7/t+D8/6KO96et9Clpkw9dIYTXffCr4fHPPNv++n+b2pv/W/9v8UX7Guv/TVet/7epav2/Hdb/AwAAllTFQnPpPK+0el8pQ7p6XylDywUCWy4xaP2/w17/b//bXvGz7R/49UWhQmn+v6O9+X/cHVYWW18u6/+Nnl9R1W0xsMnCgAAAAByPqg4QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MK6/09W/941n1/15ar4G770yNRjp5w3+Yltnx7efeLHLglhdv7xjizccfF9X981uO0d63YdODg+Mfv0np68XFd++7Km3LHWg0Mh7Cw8MhATTw3V7ywELnzPN7bX6on9QyGcXgxsvGHjCfXEV4ZCWFUM3P3hM0+pJ25IS9z16Ft/WU9ckgbeufrEZ+uJc/JAR9rdLw5m3e1Iu/upwRCGC4FGdz862FxVo4135IHOtI2vDmRtxMBALPq5gayNGJiLJWZ7Q1hTC2FFWtW/9GRVrUirqj87w4VAo6o/6wnhnBBCLa3q0e6sqlo68vu6s6pi4NTXfO2ZM+qJnd0hrCkGfvyhO86qJ65JAo3G398dwqvqu0za+Le6ssa70sZv7wrhlSGE7rTEf9WyEt1picdqIZxUCDQa/0gthO2BF4X45rOh+ODm7ddtXD83N3PtEia687b6wuWzczNjl109t6En6VOVjkL6uesPHT+Unz7z8cvqtw9esHG4nXQtL9c13+WJrqa7645W79t1uL2P/eovVrLwfJTqj/m7w8rQu3XzzLVj29Zv2XLt2uxvu9knsr8r8mi2rdYerW21okX56Pluq1XFStZsuXLTms3br1s9e+X6K2aumLlq3drxs89+48RZZ0+sqY9qPPt7NIZ6RzneucRDfWmtUMmxeAOQkJBYbonOpne38eP9X3bpg/5CR7tCz/wbdGlaUczSMT/KozHoc8vxpXpLL01JSiNaW5o4lLJMtM6yrjSZWMjSl2WZ/1xXmhwWa+qc36QLm2RsrPKf+kjz3eLmfXKRzduuh/NN124aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6XHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W4fRswEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//0cRM9w=")
syz_io_uring_setup(0x27f3, &(0x7f0000000340), &(0x7f0000000140), 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000140)=ANY=[])

237.159758ms ago: executing program 3 (id=1127):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r0, 0x0, 0x0})
io_uring_enter(r0, 0x54, 0x0, 0x0, 0x0, 0x0)

217.742304ms ago: executing program 4 (id=1128):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000440)=0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x19, &(0x7f0000000000)={r1}, 0x8)

0s ago: executing program 4 (id=1129):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r0, 0x541b, 0x0)

kernel console output (not intermixed with test programs):

r_slave_1: left promiscuous mode
[  172.651281][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.667834][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.683675][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.709876][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.820233][ T1090] veth1_macvtap: left promiscuous mode
[  172.847605][ T1090] veth0_macvtap: left promiscuous mode
[  172.894751][ T1090] veth1_vlan: left promiscuous mode
[  172.939877][ T1090] veth0_vlan: left promiscuous mode
[  173.031494][ T5097] Bluetooth: hci2: command tx timeout
[  173.100020][ T6733] loop3: detected capacity change from 0 to 32768
[  173.113824][ T6756] loop2: detected capacity change from 0 to 256
[  173.165893][ T6756] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  173.201015][ T6733] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.324672][ T6733] XFS (loop3): Ending clean mount
[  173.407589][ T6733] XFS (loop3): Quotacheck needed: Please wait.
[  173.720948][ T6733] XFS (loop3): Quotacheck: Done.
[  174.587836][ T1090] team0 (unregistering): Port device team_slave_1 removed
[  174.705953][ T1090] team0 (unregistering): Port device team_slave_0 removed
[  175.109946][ T5097] Bluetooth: hci2: command tx timeout
[  175.797280][ T5094] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.884540][ T6726] chnl_net:caif_netlink_parms(): no params data found
[  176.090820][ T6726] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.109854][ T6726] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.117197][ T6726] bridge_slave_0: entered allmulticast mode
[  176.133809][ T6726] bridge_slave_0: entered promiscuous mode
[  176.153111][ T6726] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.165169][ T6726] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.172987][ T6726] bridge_slave_1: entered allmulticast mode
[  176.185261][ T6726] bridge_slave_1: entered promiscuous mode
[  176.267183][ T1090] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.302991][ T6726] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.317805][ T6726] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  176.346320][ T1090] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.393094][ T6726] team0: Port device team_slave_0 added
[  176.422890][ T6726] team0: Port device team_slave_1 added
[  176.452338][ T1090] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.483630][ T6726] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.491745][ T6726] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.522692][ T6726] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.548875][ T1090] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.565808][ T6726] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.572921][ T6726] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.599316][ T6726] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.644782][ T6793] netlink: 'syz.0.571': attribute type 1 has an invalid length.
[  176.803334][ T6726] hsr_slave_0: entered promiscuous mode
[  176.842354][ T6726] hsr_slave_1: entered promiscuous mode
[  176.915159][ T6798] netlink: 'syz.0.576': attribute type 1 has an invalid length.
[  176.959855][ T6798] netlink: 'syz.0.576': attribute type 2 has an invalid length.
[  177.129629][ T5110] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  177.143563][ T5110] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  177.143775][ T6810] loop0: detected capacity change from 0 to 64
[  177.166541][ T5101] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  177.168163][ T5107] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  177.186521][ T5107] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  177.190346][ T5101] Bluetooth: hci2: command tx timeout
[  177.196946][ T5107] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  177.210468][ T5107] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  177.244488][ T6810] hfs: request for non-existent node 131072 in B*Tree
[  177.245609][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  177.257205][ T6810] hfs: request for non-existent node 131072 in B*Tree
[  177.290109][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  177.305945][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  177.319931][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  177.328060][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  177.387693][ T6814] loop1: detected capacity change from 0 to 512
[  177.449612][ T6814] EXT4-fs error (device loop1): ext4_orphan_get:1420: comm syz.1.580: bad orphan inode 4
[  177.488564][ T6814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.547665][ T1090] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.570512][ T6814] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.580: bg 0: block 3: invalid block bitmap
[  177.644531][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.713417][ T1090] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.852012][ T1090] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.876068][ T6827] loop1: detected capacity change from 0 to 1024
[  177.887367][ T6827] EXT4-fs: Ignoring removed orlov option
[  177.927913][ T6827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.960580][ T6827] tipc: Can't bind to reserved service type 0
[  177.975840][ T6837] loop0: detected capacity change from 0 to 256
[  177.995532][ T6837] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  178.026839][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.027080][ T1090] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.350145][ T6846] netlink: 'syz.1.592': attribute type 1 has an invalid length.
[  178.357874][ T6846] netlink: 'syz.1.592': attribute type 2 has an invalid length.
[  178.425565][ T6852] netlink: 'syz.0.594': attribute type 1 has an invalid length.
[  178.608409][ T1090] bridge_slave_1: left allmulticast mode
[  178.647126][ T1090] bridge_slave_1: left promiscuous mode
[  178.677737][ T1090] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.732244][ T1090] bridge_slave_0: left allmulticast mode
[  178.748410][ T1090] bridge_slave_0: left promiscuous mode
[  178.772342][ T1090] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.784647][ T1090] bridge_slave_1: left allmulticast mode
[  178.790475][ T1090] bridge_slave_1: left promiscuous mode
[  178.796185][ T1090] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.806361][ T1090] bridge_slave_0: left allmulticast mode
[  178.812272][ T1090] bridge_slave_0: left promiscuous mode
[  178.818442][ T1090] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.911652][ T6864] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  179.271673][ T5110] Bluetooth: hci2: command tx timeout
[  179.281179][ T5110] Bluetooth: hci1: command tx timeout
[  179.496843][ T5110] Bluetooth: hci4: command tx timeout
[  179.857761][ T6873] blktrace: Concurrent blktraces are not allowed on loop3
[  180.306334][ T6877] loop1: detected capacity change from 0 to 32768
[  180.485294][ T1090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.499524][ T1090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.525362][ T1090] bond0 (unregistering): Released all slaves
[  180.648531][ T1090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.661356][ T1090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.672238][ T1090] bond0 (unregistering): Released all slaves
[  180.694598][ T6863] netlink: 'syz.0.598': attribute type 13 has an invalid length.
[  180.704124][ T6863] netlink: 152 bytes leftover after parsing attributes in process `syz.0.598'.
[  180.718218][ T6863] erspan0: refused to change device tx_queue_len
[  180.725224][ T6863] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  180.864376][ T6883] Cannot find add_set index 0 as target
[  180.909620][ T6805] chnl_net:caif_netlink_parms(): no params data found
[  181.349931][ T5110] Bluetooth: hci1: command tx timeout
[  181.468742][ T6726] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  181.489858][   T59] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  181.511011][ T5110] Bluetooth: hci4: command tx timeout
[  181.520229][ T6809] chnl_net:caif_netlink_parms(): no params data found
[  181.535376][ T6726] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  181.608747][ T6726] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  181.672645][   T59] usb 2-1: Using ep0 maxpacket: 8
[  181.679853][   T59] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  181.698634][   T59] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 26056, setting to 1024
[  181.712357][ T6805] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.715051][   T59] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  181.729520][   T59] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  181.729579][ T6805] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.739378][   T59] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  181.765958][   T59] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  181.779501][   T59] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58
[  181.790371][   T59] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.801625][ T6805] bridge_slave_0: entered allmulticast mode
[  181.818189][   T59] usb 2-1: config 0 descriptor??
[  181.821571][ T6805] bridge_slave_0: entered promiscuous mode
[  181.831647][ T6887] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  181.871643][ T5110] Bluetooth: hci5: urb ffff88801f10f100 submission failed (90)
[  181.885561][ T6726] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  181.931451][ T6805] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.938621][ T6805] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.945990][ T6805] bridge_slave_1: entered allmulticast mode
[  181.957533][ T6805] bridge_slave_1: entered promiscuous mode
[  182.118557][ T5106] usb 2-1: USB disconnect, device number 7
[  182.187473][ T6805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.216464][ T6805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.278704][ T6805] team0: Port device team_slave_0 added
[  182.297349][ T1090] hsr_slave_0: left promiscuous mode
[  182.304204][ T1090] hsr_slave_1: left promiscuous mode
[  182.318171][ T1090] hsr_slave_0: left promiscuous mode
[  182.325001][ T1090] hsr_slave_1: left promiscuous mode
[  182.331593][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.339093][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.348294][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.356289][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  182.394911][ T1090] veth1_macvtap: left promiscuous mode
[  182.400816][ T1090] veth0_macvtap: left promiscuous mode
[  182.406446][ T1090] veth1_vlan: left promiscuous mode
[  182.412084][ T1090] veth0_vlan: left promiscuous mode
[  182.418563][ T1090] veth1_macvtap: left promiscuous mode
[  182.424248][ T1090] veth0_macvtap: left promiscuous mode
[  182.430240][ T1090] veth1_vlan: left promiscuous mode
[  182.437256][ T1090] veth0_vlan: left promiscuous mode
[  182.439911][   T59] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  182.639988][   T59] usb 1-1: Using ep0 maxpacket: 8
[  182.655205][   T59] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  182.669961][   T59] usb 1-1: config 179 has no interface number 0
[  182.676294][   T59] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  182.695876][   T59] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  182.707411][   T59] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  182.726591][   T59] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  182.736951][   T59] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  182.757419][   T59] usb 1-1: config 179 interface 65 has no altsetting 0
[  182.778575][   T59] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  182.806399][   T59] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.817970][ T6901] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  182.853452][   T59] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input12
[  182.968107][ T6903] Process accounting resumed
[  183.291759][   T25] usb 1-1: USB disconnect, device number 6
[  183.291832][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  183.332734][   T25] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  183.430107][ T5110] Bluetooth: hci1: command tx timeout
[  183.504595][ T6911] loop1: detected capacity change from 0 to 512
[  183.516129][ T6911] EXT4-fs (loop1): orphan cleanup on readonly fs
[  183.536160][ T6911] __quota_error: 56 callbacks suppressed
[  183.536184][ T6911] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  183.555350][ T6911] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  183.564849][ T6911] EXT4-fs error (device loop1): ext4_acquire_dquot:6858: comm syz.1.614: Failed to acquire dquot type 1
[  183.578285][ T1090] team0 (unregistering): Port device team_slave_1 removed
[  183.591795][ T5110] Bluetooth: hci4: command tx timeout
[  183.611177][ T6911] EXT4-fs (loop1): 1 truncate cleaned up
[  183.625314][ T6911] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  183.648398][ T1090] team0 (unregistering): Port device team_slave_0 removed
[  183.668956][ T6911] 9pnet_fd: Insufficient options for proto=fd
[  183.763922][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.108473][ T6921] Cannot find add_set index 0 as target
[  185.162702][ T1090] team0 (unregistering): Port device team_slave_1 removed
[  185.226042][ T1090] team0 (unregistering): Port device team_slave_0 removed
[  185.421976][ T5100] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  185.522881][ T5110] Bluetooth: hci1: command tx timeout
[  185.640152][ T5100] usb 1-1: Using ep0 maxpacket: 8
[  185.651340][ T5100] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  185.659659][ T5100] usb 1-1: config 179 has no interface number 0
[  185.667014][ T5100] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  185.679927][ T5110] Bluetooth: hci4: command tx timeout
[  185.684503][ T5100] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  185.709760][ T5100] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  185.733074][ T5100] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  185.750323][ T5100] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  185.779850][ T5100] usb 1-1: config 179 interface 65 has no altsetting 0
[  185.786804][ T5100] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  185.815359][ T5100] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.832381][ T6939] loop1: detected capacity change from 0 to 4096
[  185.860250][ T6937] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  185.869866][ T6939] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  185.897863][ T5100] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input13
[  186.035711][ T6809] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.045554][ T6809] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.057456][ T6809] bridge_slave_0: entered allmulticast mode
[  186.076339][ T6809] bridge_slave_0: entered promiscuous mode
[  186.089370][ T6809] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.104427][ T6809] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.114497][ T6809] bridge_slave_1: entered allmulticast mode
[  186.127110][ T6809] bridge_slave_1: entered promiscuous mode
[  186.153873][ T6805] team0: Port device team_slave_1 added
[  186.329493][ T5100] usb 1-1: USB disconnect, device number 7
[  186.335483][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  186.361397][ T5100] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  186.400438][ T6809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.416726][ T6805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.424520][ T6805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.451775][ T6805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.473506][ T6809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.483928][ T6805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.491185][ T6805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.522034][ T6805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.670652][ T6944] xt_policy: neither incoming nor outgoing policy selected
[  186.867535][ T6809] team0: Port device team_slave_0 added
[  186.918174][ T6805] hsr_slave_0: entered promiscuous mode
[  186.928974][ T6805] hsr_slave_1: entered promiscuous mode
[  186.939669][ T6805] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.963681][ T6805] Cannot create hsr debugfs directory
[  187.003806][ T6809] team0: Port device team_slave_1 added
[  187.690736][ T6809] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.719818][ T6809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.799172][ T6809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.822643][ T6809] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.830514][ T6809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.857017][ T6809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.000835][   T29] audit: type=1800 audit(1719520682.823:302): pid=6956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.633" name="bus" dev="sda1" ino=1991 res=0 errno=0
[  188.033269][   T29] audit: type=1800 audit(1719520682.843:303): pid=6956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.633" name="bus" dev="sda1" ino=1991 res=0 errno=0
[  188.202506][ T6809] hsr_slave_0: entered promiscuous mode
[  188.226189][ T6809] hsr_slave_1: entered promiscuous mode
[  188.243567][ T6809] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.259794][ T6809] Cannot create hsr debugfs directory
[  188.328216][ T6959] loop1: detected capacity change from 0 to 4096
[  188.349399][ T6959] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  188.477527][ T6966] loop0: detected capacity change from 0 to 512
[  188.505997][ T6966] EXT4-fs error (device loop0): ext4_orphan_get:1420: comm syz.0.637: bad orphan inode 4
[  188.531164][ T6966] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.552257][ T6726] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.561821][ T6966] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.637: bg 0: block 3: invalid block bitmap
[  188.605962][ T5439] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.795266][ T6726] 8021q: adding VLAN 0 to HW filter on device team0
[  188.849028][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.856375][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.881379][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.888708][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.557044][ T6809] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  189.591828][ T6809] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  189.635590][ T6809] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  189.668155][ T6809] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  189.683932][ T6997] loop0: detected capacity change from 0 to 128
[  189.749100][ T6997] netlink: 4 bytes leftover after parsing attributes in process `syz.0.645'.
[  189.822312][ T6726] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.829597][ T6805] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  189.878297][ T6805] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  189.908657][ T6805] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  189.954096][ T6805] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  189.973715][ T7001] loop0: detected capacity change from 0 to 128
[  190.012255][ T7001] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  190.122139][ T7001] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  190.358030][ T6809] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.538437][ T6809] 8021q: adding VLAN 0 to HW filter on device team0
[  190.695686][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.702939][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.709088][ T7014] kAFS: unable to lookup cell 'syz0.r™iXýÕßðÒ<̧®© +âÔR!K+K™áû
4ÚÍö[Ÿ“EšýÖîê¯dî<¾æ6ócº7Ë(n�ÅÙÓÅ@À×8A¯5W®/7|{ÒÚü?�îÇhÇT•³8#&3�ræ?3ÚUü<·ÚG`-իǾóQ8õ%¹$­lH•YïL5еžYÏ^÷!!–\p"È3�¹Ä!£ò·
[  190.709088][ T7014] ÛñÙÔh1„#-¹ï*·º„EºÍ=î)ú½¥"À6<Ú—H#.‚ýLÝÊ(˜Ü[Ý1„hã¯uC�8y
Þê½Ða½HÚ'(ùè‘lÚ“—+#-€nоYMËÆî²Àÿð«%'
[  190.793644][ T7015] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  191.614668][ T6726] veth0_vlan: entered promiscuous mode
[  191.651791][ T5106] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.659038][ T5106] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.765895][ T6805] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.782878][ T6726] veth1_vlan: entered promiscuous mode
[  191.902039][ T6805] 8021q: adding VLAN 0 to HW filter on device team0
[  191.934346][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.941585][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.981163][ T5151] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.988421][ T5151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.020190][ T5150] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  192.041446][ T6726] veth0_macvtap: entered promiscuous mode
[  192.081767][ T6726] veth1_macvtap: entered promiscuous mode
[  192.147761][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.163911][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.174400][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.185231][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.196663][ T6726] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.221214][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.234103][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.245368][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  192.255144][ T6726] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.265762][ T5150] usb 1-1: New USB device found, idVendor=17cc, idProduct=041d, bcdDevice=fe.95
[  192.269934][ T6726] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.275403][ T5150] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.291302][ T5150] usb 1-1: config 0 descriptor??
[  192.299354][ T6726] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.314898][ T5150] usb 1-1: selecting invalid altsetting 1
[  192.317031][ T6809] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.327307][ T5150] snd-usb-caiaq 1-1:0.0: can't set alt interface.
[  192.334422][ T5150] usb 1-1: unable to init card! (ret=-5)
[  192.351428][ T6726] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.355526][ T5150] snd-usb-caiaq 1-1:0.0: probe with driver snd-usb-caiaq failed with error -5
[  192.370747][ T6726] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.388511][ T6726] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.409744][ T6726] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.551016][ T5150] usb 1-1: USB disconnect, device number 8
[  192.706348][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.717483][ T6809] veth0_vlan: entered promiscuous mode
[  192.723820][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.765948][ T6805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.800592][ T7037] loop1: detected capacity change from 0 to 512
[  192.826825][ T7037] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  192.839636][ T7037] EXT4-fs (loop1): 1 truncate cleaned up
[  192.847099][ T7037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.866931][ T6809] veth1_vlan: entered promiscuous mode
[  192.874220][ T7037] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.886787][ T2798] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.905418][ T2798] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.099498][ T7044] loop1: detected capacity change from 0 to 256
[  193.123594][ T6809] veth0_macvtap: entered promiscuous mode
[  193.156390][ T6805] veth0_vlan: entered promiscuous mode
[  193.165235][ T7044] FAT-fs (loop1): error, clusters badly computed (2 != 1)
[  193.178701][ T7042] netlink: 3 bytes leftover after parsing attributes in process `syz.4.545'.
[  193.248172][ T6809] veth1_macvtap: entered promiscuous mode
[  193.302286][ T6805] veth1_vlan: entered promiscuous mode
[  193.392493][ T6809] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.419554][ T6809] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.444355][ T6809] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.455080][ T6809] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.465157][ T6809] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.481261][ T7048] loop0: detected capacity change from 0 to 256
[  193.487803][ T6809] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.501062][ T6809] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.571570][ T6809] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.583692][ T6809] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.595375][ T6809] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.609456][ T6809] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.619631][ T6809] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.630422][ T6809] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.642950][ T6809] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.673271][ T6809] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.692386][ T6809] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.714632][ T6809] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.728406][ T6809] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.817128][ T6805] veth0_macvtap: entered promiscuous mode
[  193.862070][ T6805] veth1_macvtap: entered promiscuous mode
[  193.918661][ T7044] FAT-fs (loop1): error, fat_get_cluster: detected the cluster chain loop (i_pos 198)
[  194.025378][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.059770][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.080149][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.096219][ T7050] loop4: detected capacity change from 0 to 4096
[  194.102642][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.112153][ T7050] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  194.112590][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.134865][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.144817][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.155442][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.177471][ T6805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.198077][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.220004][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.231272][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.249570][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.259501][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.270354][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.280274][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.296858][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.313091][ T6805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.348836][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.358209][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.368927][ T6805] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.380693][ T6805] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.389625][ T6805] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.399784][ T6805] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.551638][ T7060] loop0: detected capacity change from 0 to 256
[  194.565450][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  194.574367][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  194.613537][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.626449][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.627556][ T7060] FAT-fs (loop0): Directory bread(block 64) failed
[  194.662923][ T7060] FAT-fs (loop0): Directory bread(block 65) failed
[  194.684691][ T7060] FAT-fs (loop0): Directory bread(block 66) failed
[  194.705029][ T7060] FAT-fs (loop0): Directory bread(block 67) failed
[  194.717394][ T7060] FAT-fs (loop0): Directory bread(block 68) failed
[  194.724273][ T7060] FAT-fs (loop0): Directory bread(block 69) failed
[  194.758111][ T7060] FAT-fs (loop0): Directory bread(block 70) failed
[  194.785507][ T7060] FAT-fs (loop0): Directory bread(block 71) failed
[  194.804808][ T7060] FAT-fs (loop0): Directory bread(block 72) failed
[  194.817310][ T7060] FAT-fs (loop0): Directory bread(block 73) failed
[  194.841845][ T2798] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.870357][ T2798] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.910551][ T7062] loop1: detected capacity change from 0 to 4096
[  195.002691][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.040936][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.076630][ T7067] loop4: detected capacity change from 0 to 128
[  195.666432][ T7086] loop4: detected capacity change from 0 to 128
[  195.673579][ T7081] netlink: 3 bytes leftover after parsing attributes in process `syz.1.666'.
[  195.734325][ T7086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.667'.
[  195.788595][ T7088] netlink: 'syz.0.669': attribute type 11 has an invalid length.
[  195.986232][ T7092] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  196.217349][ T7101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.676'.
[  196.425738][ T7104] loop4: detected capacity change from 0 to 4096
[  196.473386][ T7073] loop3: detected capacity change from 0 to 40427
[  196.512077][ T7073] F2FS-fs (loop3): invalid crc value
[  196.523370][ T7109] loop2: detected capacity change from 0 to 128
[  196.542197][ T7073] F2FS-fs (loop3): Found nat_bits in checkpoint
[  196.577624][ T7109] VFS: could not find a valid V7 on loop2.
[  196.651401][ T5108] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  196.743090][ T7073] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  196.866275][ T5108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.888473][ T5108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.938633][ T5108] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice=10.00
[  196.962175][ T5108] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.975730][ T5108] usb 1-1: config 0 descriptor??
[  197.001405][ T7109] loop2: detected capacity change from 0 to 4096
[  197.120206][ T7124] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  197.183690][ T7126] input: syz0 as /devices/virtual/input/input14
[  197.217606][ T7107] netlink: 224 bytes leftover after parsing attributes in process `syz.0.679'.
[  197.230472][ T7120] syz.3.665: attempt to access beyond end of device
[  197.230472][ T7120] loop3: rw=2049, sector=77824, nr_sectors = 544 limit=40427
[  197.464467][ T6809] syz-executor: attempt to access beyond end of device
[  197.464467][ T6809] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  197.508502][ T6809] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  197.553151][ T5108] hid-multitouch 0003:1FD2:6007.0005: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  197.893311][ T5108] usb 1-1: USB disconnect, device number 9
[  197.928464][ T7134] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  198.043034][ T7138] loop2: detected capacity change from 0 to 16
[  198.068849][ T7138] erofs: (device loop2): mounted with root inode @ nid 36.
[  198.146254][ T7140] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  198.253054][ T7144] EXT4-fs warning (device sda1): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled.
[  198.302428][ T7146] loop1: detected capacity change from 0 to 256
[  198.441210][ T7146] FAT-fs (loop1): Directory bread(block 64) failed
[  198.501765][ T7146] FAT-fs (loop1): Directory bread(block 65) failed
[  198.508469][ T7146] FAT-fs (loop1): Directory bread(block 66) failed
[  198.539827][ T7146] FAT-fs (loop1): Directory bread(block 67) failed
[  198.579017][ T7146] FAT-fs (loop1): Directory bread(block 68) failed
[  198.593220][ T7146] FAT-fs (loop1): Directory bread(block 69) failed
[  198.607365][ T7154] loop3: detected capacity change from 0 to 1764
[  198.619935][ T7146] FAT-fs (loop1): Directory bread(block 70) failed
[  198.660053][ T7146] FAT-fs (loop1): Directory bread(block 71) failed
[  198.666750][ T7146] FAT-fs (loop1): Directory bread(block 72) failed
[  198.686845][ T7146] FAT-fs (loop1): Directory bread(block 73) failed
[  198.766223][ T7161] loop0: detected capacity change from 0 to 2048
[  198.837920][ T7167] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  198.845683][ T7161] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  198.858445][ T7161] UDF-fs: Scanning with blocksize 512 failed
[  198.895534][ T7161] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.944470][ T7171] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  199.083057][ T7177] loop1: detected capacity change from 0 to 512
[  199.258021][ T7177] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.336465][ T7177] ext4 filesystem being mounted at /root/syzkaller.34Pws0/122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.399114][ T7194] loop2: detected capacity change from 0 to 1764
[  199.475598][ T7177] EXT4-fs error (device loop1): ext4_xattr_block_find:1871: inode #15: comm syz.1.702: corrupted xattr block 32: bad e_name length
[  199.508517][ T7177] EXT4-fs (loop1): Remounting filesystem read-only
[  199.644029][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.675542][ T7199] sp0: Synchronizing with TNC
[  199.891698][ T7212] loop1: detected capacity change from 0 to 256
[  199.936661][ T7214] libceph: resolve '00.' (ret=-3): failed
[  199.993305][ T7212] FAT-fs (loop1): Directory bread(block 64) failed
[  200.009889][ T7212] FAT-fs (loop1): Directory bread(block 65) failed
[  200.039921][ T7212] FAT-fs (loop1): Directory bread(block 66) failed
[  200.059473][ T7212] FAT-fs (loop1): Directory bread(block 67) failed
[  200.082615][ T7212] FAT-fs (loop1): Directory bread(block 68) failed
[  200.101249][ T7212] FAT-fs (loop1): Directory bread(block 69) failed
[  200.107930][ T7212] FAT-fs (loop1): Directory bread(block 70) failed
[  200.115165][ T7212] FAT-fs (loop1): Directory bread(block 71) failed
[  200.140537][ T7212] FAT-fs (loop1): Directory bread(block 72) failed
[  200.159577][ T7212] FAT-fs (loop1): Directory bread(block 73) failed
[  200.332314][ T7230] program syz.0.722 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  200.406504][ T7234] loop3: detected capacity change from 0 to 512
[  200.477172][ T7234] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.516359][ T7234] ext4 filesystem being mounted at /root/syzkaller.tt7Wbx/8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.703272][    C1] sd 0:0:1:0: [sda] tag#2698 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  200.713883][    C1] sd 0:0:1:0: [sda] tag#2698 CDB: Write(6) 0a 00 00 00 00 00
[  200.768284][ T7234] EXT4-fs error (device loop3): ext4_xattr_block_find:1871: inode #15: comm syz.3.724: corrupted xattr block 32: bad e_name length
[  204.282492][ T7234] EXT4-fs (loop3): Remounting filesystem read-only
[  204.481490][ T6809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.656769][ T7259] loop1: detected capacity change from 0 to 256
[  204.781332][ T7259] FAT-fs (loop1): error, clusters badly computed (2 != 1)
[  204.869664][ T7261] loop2: detected capacity change from 0 to 4096
[  205.259435][ T7276] dummy0: entered promiscuous mode
[  205.283020][ T7276] batadv_slave_0: entered promiscuous mode
[  205.410045][ T5100] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  205.574570][ T7283] loop0: detected capacity change from 0 to 512
[  205.621850][ T5100] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  205.641174][ T5100] usb 4-1: New USB device found, idVendor=17cc, idProduct=041d, bcdDevice=fe.95
[  205.658130][ T7283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.661840][ T5100] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.707780][ T5100] usb 4-1: config 0 descriptor??
[  205.717428][ T7283] ext4 filesystem being mounted at /root/syzkaller.lR6skt/141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.734093][ T5100] usb 4-1: selecting invalid altsetting 1
[  205.741159][ T5100] snd-usb-caiaq 4-1:0.0: can't set alt interface.
[  205.754312][ T5100] usb 4-1: unable to init card! (ret=-5)
[  205.767224][ T5100] snd-usb-caiaq 4-1:0.0: probe with driver snd-usb-caiaq failed with error -5
[  205.831272][ T7283] EXT4-fs error (device loop0): ext4_xattr_block_find:1871: inode #15: comm syz.0.744: corrupted xattr block 32: bad e_name length
[  205.863241][ T7283] EXT4-fs (loop0): Remounting filesystem read-only
[  205.941583][ T5439] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.958903][ T7259] FAT-fs (loop1): error, fat_get_cluster: detected the cluster chain loop (i_pos 198)
[  206.053076][ T5100] usb 4-1: USB disconnect, device number 4
[  206.265429][ T7296] loop2: detected capacity change from 0 to 8
[  206.846958][ T7300] No such timeout policy "syz1"
[  206.879834][ T5107] Bluetooth: hci0: command 0x0406 tx timeout
[  206.920636][ T7300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.747'.
[  207.052654][ T7305] sp0: Synchronizing with TNC
[  207.214086][ T7314] netlink: 24 bytes leftover after parsing attributes in process `syz.4.755'.
[  207.368160][ T7318] loop3: detected capacity change from 0 to 512
[  207.437581][ T7318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.505445][ T7318] ext4 filesystem being mounted at /root/syzkaller.tt7Wbx/12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.523168][ T7326] loop1: detected capacity change from 0 to 1764
[  207.563439][ T7318] EXT4-fs error (device loop3): ext4_xattr_block_find:1871: inode #15: comm syz.3.757: corrupted xattr block 32: bad e_name length
[  207.577892][ T7318] EXT4-fs (loop3): Remounting filesystem read-only
[  207.671398][ T6809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.752158][ T7336] sp0: Synchronizing with TNC
[  207.929426][ T7350] loop3: detected capacity change from 0 to 512
[  207.950902][ T7350] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  207.979947][ T7350] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  208.013945][ T7350] EXT4-fs (loop3): 1 truncate cleaned up
[  208.022956][ T7350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.085367][ T6809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.143200][ T7358] program syz.1.774 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  208.201395][ T5152] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  208.279942][ T7364] loop3: detected capacity change from 0 to 1764
[  208.359992][    C1] sd 0:0:1:0: [sda] tag#2710 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  208.370439][    C1] sd 0:0:1:0: [sda] tag#2710 CDB: Write(6) 0a 00 00 00 00 00
[  208.419801][ T5152] usb 3-1: Using ep0 maxpacket: 16
[  208.427083][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  208.442065][ T5152] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  208.454695][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.466403][ T7366] hub 6-0:1.0: USB hub found
[  208.471569][ T7366] hub 6-0:1.0: 1 port detected
[  208.480231][ T5152] usb 3-1: config 0 descriptor??
[  208.591651][ T7372] loop4: detected capacity change from 0 to 2048
[  208.693237][ T7349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.767'.
[  208.762503][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  208.787109][ T5100] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  208.823352][ T7377] loop0: detected capacity change from 0 to 8
[  208.975638][ T7377] SQUASHFS error: Unable to read inode 0xe3
[  208.984700][    T9] usb 2-1: Using ep0 maxpacket: 16
[  208.997703][ T5100] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.014481][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.030877][ T7349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.041489][ T5100] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.051583][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.062918][ T7349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.074336][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  209.095477][ T5100] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  209.107874][ T5100] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0
[  209.116638][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  209.125875][ T5100] usb 4-1: Product: syz
[  209.132425][ T5100] usb 4-1: config 0 descriptor??
[  209.137666][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.139320][ T5152] hid-generic 0003:0158:0100.0006: unknown main item tag 0x1
[  209.153042][    T9] usb 2-1: config 0 descriptor??
[  209.179500][ T5152] hid-generic 0003:0158:0100.0006: unexpected long global item
[  209.199114][ T5152] hid-generic 0003:0158:0100.0006: probe with driver hid-generic failed with error -22
[  209.354400][   T29] audit: type=1800 audit(1719520704.163:304): pid=7390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.789" name="bus" dev="sda1" ino=2005 res=0 errno=0
[  209.382931][ T5152] usb 3-1: USB disconnect, device number 2
[  209.610726][ T7368] loop1: detected capacity change from 0 to 8
[  209.633252][ T5100] konepure 0003:1E7D:2DB4.0007: unknown global tag 0xc
[  209.650775][ T5100] konepure 0003:1E7D:2DB4.0007: item 0 2 1 12 parsing failed
[  209.657397][ T7368] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  209.659146][ T5100] konepure 0003:1E7D:2DB4.0007: parse failed
[  210.476612][ T5100] konepure 0003:1E7D:2DB4.0007: probe with driver konepure failed with error -22
[  210.487046][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  210.495737][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  210.510929][ T5100] usb 4-1: USB disconnect, device number 5
[  210.522427][    T9] usb 2-1: USB disconnect, device number 8
[  210.627160][ T7404] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  210.634391][ T7404] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  210.701640][ T7406] vhci_hcd: connection closed
[  210.718404][ T7404] vhci_hcd vhci_hcd.0: Device attached
[  210.736503][ T2851] vhci_hcd: stop threads
[  210.746943][ T2851] vhci_hcd: release socket
[  210.912224][ T2851] vhci_hcd: disconnect device
[  211.624849][   T29] audit: type=1326 audit(1719520706.443:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  211.649581][   T29] audit: type=1326 audit(1719520706.443:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  211.674698][   T29] audit: type=1326 audit(1719520706.493:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  211.739781][   T29] audit: type=1326 audit(1719520706.493:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  211.798699][   T29] audit: type=1326 audit(1719520706.493:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  211.849431][   T29] audit: type=1326 audit(1719520706.513:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  211.957184][   T29] audit: type=1326 audit(1719520706.543:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdedbf75b29 code=0x7ffc0000
[  212.033647][ T7434] openvswitch: netlink: Missing key (keys=200040, expected=2000)
[  212.067769][   T29] audit: type=1326 audit(1719520706.543:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdedbf6cba7 code=0x7ffc0000
[  212.112748][   T29] audit: type=1326 audit(1719520706.543:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.4.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdedbf11559 code=0x7ffc0000
[  212.242329][ T7439] loop0: detected capacity change from 0 to 8
[  212.798955][ T7441] loop4: detected capacity change from 0 to 512
[  212.893610][ T7441] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz.4.807: bad orphan inode 15
[  212.947612][ T7441] EXT4-fs (loop4): Remounting filesystem read-only
[  212.989983][ T7441] ext4_test_bit(bit=14, block=5) = 0
[  213.002330][ T7441] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.135842][ T6726] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.161104][ T7451] loop3: detected capacity change from 0 to 256
[  213.168719][ T7451] udf: Unknown parameter '01777777777777777777777'
[  214.361147][   T29] kauditd_printk_skb: 916 callbacks suppressed
[  214.361167][   T29] audit: type=1326 audit(1719520709.173:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dbc36cba7 code=0x7ffc0000
[  214.509771][   T29] audit: type=1326 audit(1719520709.173:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dbc311559 code=0x7ffc0000
[  214.569828][   T29] audit: type=1326 audit(1719520709.173:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dbc36cba7 code=0x7ffc0000
[  214.629977][   T29] audit: type=1326 audit(1719520709.173:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dbc311559 code=0x7ffc0000
[  214.739028][   T29] audit: type=1326 audit(1719520709.173:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dbc36cba7 code=0x7ffc0000
[  214.799062][   T29] audit: type=1326 audit(1719520709.173:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dbc311559 code=0x7ffc0000
[  214.837848][   T29] audit: type=1326 audit(1719520709.163:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7445 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dbc36cba7 code=0x7ffc0000
[  214.958906][ T7455] loop2: detected capacity change from 0 to 40427
[  214.980623][   T29] audit: type=1326 audit(1719520709.183:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7445 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dbc311559 code=0x7ffc0000
[  215.015641][ T7455] F2FS-fs (loop2): invalid crc value
[  215.047096][ T7455] F2FS-fs (loop2): Found nat_bits in checkpoint
[  215.072053][   T29] audit: type=1326 audit(1719520709.183:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7445 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0dbc36cba7 code=0x7ffc0000
[  215.123136][   T29] audit: type=1326 audit(1719520709.183:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7445 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dbc311559 code=0x7ffc0000
[  215.212549][ T7455] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  215.571381][ T7491] loop1: detected capacity change from 0 to 512
[  215.618393][ T7491] EXT4-fs (loop1): 1 truncate cleaned up
[  215.655987][ T7491] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.806908][ T7494] loop0: detected capacity change from 0 to 512
[  215.966411][ T7494] EXT4-fs error (device loop0): ext4_orphan_get:1420: comm syz.0.823: bad orphan inode 15
[  215.989131][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.990129][ T7494] EXT4-fs (loop0): Remounting filesystem read-only
[  216.004866][ T7494] ext4_test_bit(bit=14, block=5) = 0
[  216.012124][ T7494] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.182095][ T5439] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.204503][ T7498] loop4: detected capacity change from 0 to 512
[  216.261433][ T7498] EXT4-fs: Ignoring removed mblk_io_submit option
[  216.279823][ T7498] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  216.382714][ T7498] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  216.432063][ T7498] EXT4-fs (loop4): 1 truncate cleaned up
[  216.442403][ T7498] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.656909][ T6726] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.907436][ T7513] loop1: detected capacity change from 0 to 128
[  216.947329][ T7513] VFS: could not find a valid V7 on loop1.
[  217.119998][ T5107] Bluetooth: hci3: command 0x0406 tx timeout
[  217.269181][ T7513] loop1: detected capacity change from 0 to 4096
[  217.311475][ T7517] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  217.347994][ T7516] loop4: detected capacity change from 0 to 256
[  217.383736][ T7516] udf: Unknown parameter '01777777777777777777777'
[  221.529987][ T7546] loop0: detected capacity change from 0 to 1024
[  221.580722][ T7546] hfsplus: failed to load root directory
[  221.774821][ T7546] loop0: detected capacity change from 0 to 64
[  222.046632][ T7557] loop2: detected capacity change from 0 to 512
[  222.097279][ T7557] EXT4-fs (loop2): 1 truncate cleaned up
[  222.111194][ T7557] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.317774][ T6805] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.758609][ T7572] syz.0.845 (7572) used greatest stack depth: 17520 bytes left
[  224.441781][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.854'.
[  224.470322][ T7586] netlink: 'syz.2.854': attribute type 14 has an invalid length.
[  224.539307][ T7586] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  224.549019][ T7586] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  224.558027][ T7586] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  224.566892][ T7586] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  224.580459][ T7586] vxlan0: entered promiscuous mode
[  225.174372][ T7588] netlink: 'syz.1.855': attribute type 21 has an invalid length.
[  225.213282][ T7588] netlink: 128 bytes leftover after parsing attributes in process `syz.1.855'.
[  225.328217][ T7588] netlink: 'syz.1.855': attribute type 4 has an invalid length.
[  225.385737][ T7597] loop2: detected capacity change from 0 to 1024
[  225.429753][ T7588] netlink: 'syz.1.855': attribute type 5 has an invalid length.
[  225.489018][ T7597] hfsplus: failed to load root directory
[  225.508603][ T7588] netlink: 3 bytes leftover after parsing attributes in process `syz.1.855'.
[  225.594070][ T7597] loop2: detected capacity change from 0 to 64
[  225.793975][ T5107] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  225.805159][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  225.821001][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  225.830685][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  225.841713][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  225.860897][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  226.105853][ T1090] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.337127][ T1090] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.482218][ T1090] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.572686][ T7614] loop2: detected capacity change from 0 to 16
[  226.605110][ T7614] erofs: (device loop2): mounted with root inode @ nid 36.
[  226.635245][ T1090] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.769964][   T29] kauditd_printk_skb: 112 callbacks suppressed
[  226.769985][   T29] audit: type=1800 audit(1719520721.583:1352): pid=7621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.866" name="bus" dev="sda1" ino=1993 res=0 errno=0
[  226.898793][ T7618] loop0: detected capacity change from 0 to 4096
[  226.937840][ T7618] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  226.979239][ T7618] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  227.297182][ T7625] netlink: 'syz.1.868': attribute type 21 has an invalid length.
[  227.353492][ T7625] netlink: 128 bytes leftover after parsing attributes in process `syz.1.868'.
[  227.430838][ T7625] netlink: 'syz.1.868': attribute type 4 has an invalid length.
[  227.489875][ T7625] netlink: 'syz.1.868': attribute type 5 has an invalid length.
[  227.497582][ T7625] netlink: 3 bytes leftover after parsing attributes in process `syz.1.868'.
[  227.729950][   T59] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  227.793278][ T1090] bridge_slave_1: left allmulticast mode
[  227.814460][ T1090] bridge_slave_1: left promiscuous mode
[  227.847330][ T1090] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.889555][ T1090] bridge_slave_0: left allmulticast mode
[  227.909630][ T1090] bridge_slave_0: left promiscuous mode
[  227.910283][ T5110] Bluetooth: hci4: command tx timeout
[  227.923371][ T1090] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.950111][   T59] usb 1-1: Using ep0 maxpacket: 8
[  227.956760][   T59] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  228.048047][   T59] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  228.089764][   T59] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  228.144790][   T59] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  228.172667][   T59] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.346459][   T59] usb 1-1: Product: syz
[  228.369740][   T59] usb 1-1: Manufacturer: syz
[  228.384898][   T59] usb 1-1: SerialNumber: syz
[  228.651852][ T5110] Bluetooth: hci3: Dropping invalid advertising data
[  228.665200][   T59] usb 1-1: 0:2 : does not exist
[  228.665401][ T5110] Bluetooth: hci3: unknown advertising packet type: 0x6b
[  228.665467][ T5110] Bluetooth: hci3: unknown advertising packet type: 0x07
[  228.665486][ T5110] Bluetooth: hci3: unknown advertising packet type: 0x05
[  228.665502][ T5110] Bluetooth: hci3: Malformed LE Event: 0x02
[  228.883447][   T59] usb 1-1: USB disconnect, device number 10
[  229.030496][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  229.044452][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  229.056063][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  229.066289][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  229.074205][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  229.096997][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  229.348916][ T7660] loop0: detected capacity change from 0 to 512
[  229.423560][ T7660] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz.0.879: corrupted in-inode xattr: invalid ea_ino
[  229.485369][ T7660] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.879: couldn't read orphan inode 15 (err -117)
[  229.543140][ T7660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.808588][ T1090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.838150][ T1090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.874267][ T1090] bond0 (unregistering): Released all slaves
[  229.917349][ T7599] chnl_net:caif_netlink_parms(): no params data found
[  229.990282][ T5107] Bluetooth: hci4: command tx timeout
[  230.237571][ T5439] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.305925][ T7674] netlink: 4 bytes leftover after parsing attributes in process `syz.1.884'.
[  230.324368][ T7674] netlink: 'syz.1.884': attribute type 14 has an invalid length.
[  230.357495][ T7674] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  230.368126][ T7674] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  230.378235][ T7674] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  230.387067][ T7674] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  230.405636][ T7674] vxlan0: entered promiscuous mode
[  230.488160][ T7658] loop2: detected capacity change from 0 to 40427
[  230.492539][   T29] audit: type=1326 audit(1719520725.303:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.514703][ T7658] F2FS-fs (loop2): invalid crc value
[  230.560145][   T29] audit: type=1326 audit(1719520725.333:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.585352][   T29] audit: type=1326 audit(1719520725.333:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.618007][   T29] audit: type=1326 audit(1719520725.333:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.646047][ T7684] loop0: detected capacity change from 0 to 1024
[  230.652255][ T7658] F2FS-fs (loop2): Found nat_bits in checkpoint
[  230.655505][   T29] audit: type=1326 audit(1719520725.333:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.675238][ T7684] hfsplus: failed to load root directory
[  230.683359][   T29] audit: type=1326 audit(1719520725.353:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.709554][   T29] audit: type=1326 audit(1719520725.353:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7576575b29 code=0x7ffc0000
[  230.732430][   T29] audit: type=1326 audit(1719520725.353:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f757656cba7 code=0x7ffc0000
[  230.755564][   T29] audit: type=1326 audit(1719520725.353:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7576511559 code=0x7ffc0000
[  230.830844][ T7658] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  230.834224][ T7684] loop0: detected capacity change from 0 to 64
[  230.989612][ T7599] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.997060][ T7599] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.007210][ T7599] bridge_slave_0: entered allmulticast mode
[  231.024781][ T7599] bridge_slave_0: entered promiscuous mode
[  231.046498][ T7689] syz.2.878: attempt to access beyond end of device
[  231.046498][ T7689] loop2: rw=2049, sector=77824, nr_sectors = 544 limit=40427
[  231.099552][ T1090] hsr_slave_0: left promiscuous mode
[  231.106472][ T1090] hsr_slave_1: left promiscuous mode
[  231.113135][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  231.121747][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  231.164891][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  231.174831][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  231.190082][ T5107] Bluetooth: hci2: command tx timeout
[  231.260446][ T1090] veth1_macvtap: left promiscuous mode
[  231.473958][ T1090] veth0_macvtap: left promiscuous mode
[  231.488214][ T1090] veth1_vlan: left promiscuous mode
[  231.494589][ T1090] veth0_vlan: left promiscuous mode
[  231.692383][ T7699] loop0: detected capacity change from 0 to 128
[  231.713253][ T7699] befs: (loop0): No write support. Marking filesystem read-only
[  231.738538][ T7699] befs: (loop0): invalid magic header
[  232.079985][ T5107] Bluetooth: hci4: command tx timeout
[  232.555691][ T6805] syz-executor: attempt to access beyond end of device
[  232.555691][ T6805] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  232.621658][ T7705] loop1: detected capacity change from 0 to 8
[  232.710228][ T6805] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  233.179571][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  233.179594][   T29] audit: type=1800 audit(1719520727.943:1420): pid=7708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.894" name="bus" dev="sda1" ino=1995 res=0 errno=0
[  233.281508][ T5107] Bluetooth: hci2: command tx timeout
[  233.344578][   T29] audit: type=1326 audit(1719520728.163:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbad375b29 code=0x7ffc0000
[  233.419009][   T29] audit: type=1326 audit(1719520728.163:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbad375b29 code=0x7ffc0000
[  233.505081][   T29] audit: type=1326 audit(1719520728.213:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbad375b29 code=0x7ffc0000
[  233.536323][   T29] audit: type=1326 audit(1719520728.213:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbad375b29 code=0x7ffc0000
[  233.607289][ T7712] loop1: detected capacity change from 0 to 512
[  233.613697][   T29] audit: type=1326 audit(1719520728.213:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbad375b29 code=0x7ffc0000
[  233.621350][ T7712] EXT4-fs: Ignoring removed mblk_io_submit option
[  233.655354][   T29] audit: type=1326 audit(1719520728.213:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbad375b29 code=0x7ffc0000
[  233.699164][   T29] audit: type=1326 audit(1719520728.213:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcbad36cba7 code=0x7ffc0000
[  233.760008][   T29] audit: type=1326 audit(1719520728.213:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcbad311559 code=0x7ffc0000
[  233.789869][ T7712] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  233.810265][   T29] audit: type=1326 audit(1719520728.213:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcbad36cba7 code=0x7ffc0000
[  233.896592][ T7712] EXT4-fs (loop1): 1 truncate cleaned up
[  233.932139][ T7712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.100037][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.151995][ T5107] Bluetooth: hci4: command tx timeout
[  234.263190][ T7721] loop0: detected capacity change from 0 to 4096
[  234.291843][ T7721] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  234.318009][ T7725] loop1: detected capacity change from 0 to 2048
[  234.339434][ T7721] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  234.399371][ T7731] loop2: detected capacity change from 0 to 256
[  234.412878][ T7725] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.447705][ T7731] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  234.496394][ T1090] team0 (unregistering): Port device team_slave_1 removed
[  234.574025][ T2813] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  234.615304][ T2813] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  234.631926][ T2813] EXT4-fs (loop1): This should not happen!! Data will be lost
[  234.631926][ T2813] 
[  234.642775][ T1090] team0 (unregistering): Port device team_slave_0 removed
[  234.671587][ T2813] EXT4-fs (loop1): Total free blocks count 0
[  234.677641][ T2813] EXT4-fs (loop1): Free/Dirty block details
[  234.685000][ T2813] EXT4-fs (loop1): free_blocks=2415919104
[  234.719762][ T2813] EXT4-fs (loop1): dirty_blocks=16
[  234.724943][ T2813] EXT4-fs (loop1): Block reservation details
[  234.750141][ T2813] EXT4-fs (loop1): i_reserved_data_blocks=1
[  234.784366][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.019882][ T5152] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  235.066680][ T7747] loop1: detected capacity change from 0 to 512
[  235.078999][ T7747] EXT4-fs: Ignoring removed mblk_io_submit option
[  235.086573][ T7747] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  235.116274][ T7747] EXT4-fs (loop1): 1 truncate cleaned up
[  235.132503][ T7747] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.223896][ T5152] usb 1-1: Using ep0 maxpacket: 8
[  235.239602][ T5152] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  235.248963][ T5152] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  235.267001][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.276916][ T5152] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  235.305200][ T5152] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  235.317363][ T5152] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.329604][ T5152] usb 1-1: Product: syz
[  235.333858][ T5152] usb 1-1: Manufacturer: syz
[  235.338513][ T5152] usb 1-1: SerialNumber: syz
[  235.350852][ T5107] Bluetooth: hci2: command tx timeout
[  235.461472][ T7599] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.468760][ T7599] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.478794][ T7599] bridge_slave_1: entered allmulticast mode
[  235.492192][ T7599] bridge_slave_1: entered promiscuous mode
[  235.557486][ T5107] Bluetooth: hci3: Dropping invalid advertising data
[  235.564974][ T5107] Bluetooth: hci3: unknown advertising packet type: 0x6b
[  235.565012][ T5107] Bluetooth: hci3: unknown advertising packet type: 0x07
[  235.573801][ T5107] Bluetooth: hci3: unknown advertising packet type: 0x05
[  235.581025][ T5107] Bluetooth: hci3: Malformed LE Event: 0x02
[  235.598953][ T5152] usb 1-1: 0:2 : does not exist
[  235.625050][ T5152] usb 1-1: USB disconnect, device number 11
[  235.663562][ T7599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.707377][ T7599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.818704][ T7599] team0: Port device team_slave_0 added
[  235.846755][ T7599] team0: Port device team_slave_1 added
[  235.897732][ T7599] batman_adv: batadv0: Adding interface: batadv_slave_0
[  235.916057][ T7599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.946340][ T7599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  235.982061][ T7599] batman_adv: batadv0: Adding interface: batadv_slave_1
[  235.989066][ T7599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.049958][ T7599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.213825][ T7762] loop2: detected capacity change from 0 to 4096
[  236.222254][ T7762] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[  236.241229][ T7762] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  236.306415][ T7599] hsr_slave_0: entered promiscuous mode
[  236.316215][ T7765] loop0: detected capacity change from 0 to 2048
[  236.327927][ T7599] hsr_slave_1: entered promiscuous mode
[  236.340524][ T7599] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  236.348382][ T7599] Cannot create hsr debugfs directory
[  236.372938][ T7765] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.535128][ T2813] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  236.565963][ T2813] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  236.622034][ T2813] EXT4-fs (loop0): This should not happen!! Data will be lost
[  236.622034][ T2813] 
[  236.642983][ T2813] EXT4-fs (loop0): Total free blocks count 0
[  236.649606][ T7772] loop2: detected capacity change from 0 to 4096
[  236.657350][ T2813] EXT4-fs (loop0): Free/Dirty block details
[  236.670109][ T2813] EXT4-fs (loop0): free_blocks=2415919104
[  236.684558][ T2813] EXT4-fs (loop0): dirty_blocks=16
[  236.698982][ T2813] EXT4-fs (loop0): Block reservation details
[  236.705956][ T2813] EXT4-fs (loop0): i_reserved_data_blocks=1
[  236.735477][ T5439] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.772622][ T1090] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.815507][ T7772] Process accounting resumed
[  236.918115][ T7653] chnl_net:caif_netlink_parms(): no params data found
[  237.019978][ T1090] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.102790][ T7784] loop1: detected capacity change from 0 to 164
[  237.430716][ T5107] Bluetooth: hci2: command tx timeout
[  237.694054][ T1090] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.848759][ T7791] Cannot find map_set index 0 as target
[  237.932647][ T1090] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.012363][ T7800] xt_CT: You must specify a L4 protocol and not use inversions on it
[  238.393939][ T7816] loop0: detected capacity change from 0 to 16
[  238.412921][ T7816] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  238.492765][   T59] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  238.613550][ T7653] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.646194][ T7653] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.656329][ T7821] Zero length message leads to an empty skb
[  238.673012][ T7653] bridge_slave_0: entered allmulticast mode
[  238.690053][ T7653] bridge_slave_0: entered promiscuous mode
[  238.713818][ T7653] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.739296][ T7653] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.749200][ T7653] bridge_slave_1: entered allmulticast mode
[  238.786218][ T7653] bridge_slave_1: entered promiscuous mode
[  239.112145][ T7653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  239.154527][ T7653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.375216][ T7653] team0: Port device team_slave_0 added
[  240.405756][ T7653] team0: Port device team_slave_1 added
[  240.471041][ T1090] bridge_slave_1: left allmulticast mode
[  240.479849][ T1090] bridge_slave_1: left promiscuous mode
[  240.485832][ T1090] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.515087][ T1090] bridge_slave_0: left allmulticast mode
[  240.527582][ T1090] bridge_slave_0: left promiscuous mode
[  240.538710][ T1090] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.345020][   T29] kauditd_printk_skb: 39 callbacks suppressed
[  241.345038][   T29] audit: type=1326 audit(1719520736.163:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.1.933" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbad375b29 code=0x0
[  241.382831][ T1090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  241.397864][ T1090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  241.421662][ T1090] bond0 (unregistering): Released all slaves
[  241.492995][ T7653] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.521980][ T7653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.556895][ T7653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.632440][ T7653] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.641626][ T7653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.672337][ T7653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.856626][ T7599] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  241.881915][ T7653] hsr_slave_0: entered promiscuous mode
[  241.916580][ T7653] hsr_slave_1: entered promiscuous mode
[  241.945588][ T7653] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  241.959427][ T7653] Cannot create hsr debugfs directory
[  241.987825][ T7853] loop2: detected capacity change from 0 to 256
[  242.029205][ T7599] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  242.049098][ T7853] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  242.083794][ T7599] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  242.267465][ T7599] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  242.498893][ T7865] 9pnet: p9_errstr2errno: server reported unknown error œæçæÿÎsŧ‘̼§6µ‡
[  242.596299][ T1090] dummy0: left promiscuous mode
[  242.624836][ T1090] batadv_slave_0: left promiscuous mode
[  242.676726][ T1090] hsr_slave_0: left promiscuous mode
[  242.714734][ T1090] hsr_slave_1: left promiscuous mode
[  242.834130][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.845342][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.925660][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.938357][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.984861][ T1090] veth1_macvtap: left promiscuous mode
[  243.005652][ T1090] veth0_macvtap: left promiscuous mode
[  243.022619][ T1090] veth1_vlan: left promiscuous mode
[  243.030557][ T1090] veth0_vlan: left promiscuous mode
[  243.127589][ T7878] loop1: detected capacity change from 0 to 1024
[  243.242001][   T65] hfsplus: b-tree write err: -5, ino 4
[  244.198259][ T7882] loop1: detected capacity change from 0 to 32768
[  244.208619][ T7882] XFS: attr2 mount option is deprecated.
[  244.279555][ T7882] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  244.364162][ T7882] XFS (loop1): Ending clean mount
[  244.408270][ T1090] team0 (unregistering): Port device team_slave_1 removed
[  244.418727][ T7882] XFS (loop1): Quotacheck needed: Please wait.
[  244.458167][ T1090] team0 (unregistering): Port device team_slave_0 removed
[  244.516470][ T7882] XFS (loop1): Quotacheck: Done.
[  244.589103][ T7884] loop0: detected capacity change from 0 to 40427
[  244.600427][ T7882] capability: warning: `syz.1.947' uses 32-bit capabilities (legacy support in use)
[  244.628704][ T7884] F2FS-fs (loop0): invalid crc value
[  244.654540][ T7884] F2FS-fs (loop0): Found nat_bits in checkpoint
[  244.688830][ T5239] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  244.792421][ T7884] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  246.413754][   T29] audit: type=1804 audit(1719520741.223:1470): pid=7900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.948" name="/root/syzkaller.lR6skt/182/file2/file0" dev="loop0" ino=10 res=1 errno=0
[  246.440744][   T29] audit: type=1804 audit(1719520741.233:1471): pid=7900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.948" name="/root/syzkaller.lR6skt/182/file2/file0" dev="loop0" ino=10 res=1 errno=0
[  247.822860][ T7884] sched: RT throttling activated
[  248.229719][    C1] DEBUG: holding rtnl_mutex for 564 jiffies.
[  248.236297][    C1] task:kworker/u8:5    state:D stack:19480 pid:1090  tgid:1090  ppid:2      flags:0x00004000
[  248.246595][    C1] Workqueue: netns cleanup_net
[  248.251523][    C1] Call Trace:
[  248.254868][    C1]  <TASK>
[  248.257870][    C1]  __schedule+0x17e8/0x4a20
[  248.262566][    C1]  ? __pfx___schedule+0x10/0x10
[  248.267507][    C1]  ? __pfx_lock_release+0x10/0x10
[  248.272664][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  248.278646][    C1]  ? kthread_data+0x52/0xd0
[  248.283259][    C1]  ? wq_worker_sleeping+0x66/0x240
[  248.288555][    C1]  ? schedule+0x90/0x320
[  248.293031][    C1]  schedule+0x14b/0x320
[  248.297291][    C1]  synchronize_rcu_expedited+0x684/0x830
[  248.303068][    C1]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  248.309327][    C1]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  248.314737][    C1]  ? __pfx___might_resched+0x10/0x10
[  248.320168][    C1]  ? mark_lock+0x9a/0x360
[  248.324551][    C1]  lockdep_lock+0x123/0x2b0
[  248.329124][    C1]  ? irqentry_exit+0x5e/0x90
[  248.333938][    C1]  ? __pfx_synchronize_rcu+0x10/0x10
[  248.339337][    C1]  lockdep_unregister_key+0x556/0x610
[  248.344854][    C1]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  248.350954][    C1]  ? rcu_is_watching+0x15/0xb0
[  248.355808][    C1]  ? qdisc_reset+0x3bf/0x5b0
[  248.360592][    C1]  ? __qdisc_destroy+0x165/0x410
[  248.365614][    C1]  ? dev_shutdown+0x9b/0x440
[  248.370307][    C1]  ? unregister_netdevice_many_notify+0x977/0x16b0
[  248.376927][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  248.383807][    C1]  ? unregister_netdevice_queue+0x26b/0x370
[  248.389820][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  248.396167][    C1]  ? batadv_softif_destroy_netlink+0x1e0/0x270
[  248.402458][    C1]  ? default_device_exit_batch+0xa0f/0xa90
[  248.408366][    C1]  ? __pfx___might_resched+0x10/0x10
[  248.413777][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  248.420059][    C1]  ? cfg802154_pernet_exit+0xc3/0xe0
[  248.425439][    C1]  ? __pfx_default_device_exit_batch+0x10/0x10
[  248.431705][    C1]  ? cleanup_net+0x89d/0xcc0
[  248.436367][    C1]  ? __pfx_cleanup_net+0x10/0x10
[  248.441411][    C1]  ? process_scheduled_works+0x945/0x1830
[  248.447210][    C1]  ? process_scheduled_works+0xa2c/0x1830
[  248.453095][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  248.459177][    C1]  ? assign_work+0x364/0x3d0
[  248.463879][    C1]  ? worker_thread+0x86d/0xd40
[  248.468713][    C1]  ? __kthread_parkme+0x169/0x1d0
[  248.473871][    C1]  ? __pfx_worker_thread+0x10/0x10
[  248.479057][    C1]  ? kthread+0x2f0/0x390
[  248.483427][    C1]  ? __pfx_worker_thread+0x10/0x10
[  248.488615][    C1]  ? __pfx_kthread+0x10/0x10
[  248.493329][    C1]  ? ret_from_fork+0x4b/0x80
[  248.497979][    C1]  ? __pfx_kthread+0x10/0x10
[  248.502687][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  248.507719][    C1]  </TASK>
[  248.510816][    C1] DEBUG: waiting rtnl_mutex for 596 jiffies.
[  248.516874][    C1] task:syz-executor    state:D stack:20656 pid:7599  tgid:7599  ppid:7593   flags:0x00004002
[  248.527148][    C1] Call Trace:
[  248.530531][    C1]  <TASK>
[  248.533541][    C1]  __schedule+0x17e8/0x4a20
[  248.538146][    C1]  ? __pfx___schedule+0x10/0x10
[  248.543120][    C1]  ? __pfx_lock_release+0x10/0x10
[  248.548217][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  248.553788][    C1]  ? schedule+0x90/0x320
[  248.558092][    C1]  schedule+0x14b/0x320
[  248.562357][    C1]  schedule_preempt_disabled+0x13/0x30
[  248.567889][    C1]  __mutex_lock+0x6a4/0xd70
[  248.572531][    C1]  ? __mutex_lock+0x527/0xd70
[  248.577293][    C1]  ? rtnetlink_rcv_msg+0x839/0x1170
[  248.582592][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  248.587721][    C1]  ? rtnl_lock+0xe7/0x130
[  248.592141][    C1]  rtnetlink_rcv_msg+0x839/0x1170
[  248.597249][    C1]  ? rtnetlink_rcv_msg+0x208/0x1170
[  248.602600][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  248.608155][    C1]  ? is_bpf_text_address+0x285/0x2a0
[  248.613577][    C1]  ? __pfx_validate_chain+0x10/0x10
[  248.618850][    C1]  ? __pfx_validate_chain+0x10/0x10
[  248.624131][    C1]  ? arch_stack_walk+0x16d/0x1b0
[  248.629129][    C1]  ? mark_lock+0x9a/0x360
[  248.633588][    C1]  ? __pfx_validate_chain+0x10/0x10
[  248.638866][    C1]  ? __lock_acquire+0x1359/0x2000
[  248.643996][    C1]  ? mark_lock+0x9a/0x360
[  248.648402][    C1]  ? __lock_acquire+0x1359/0x2000
[  248.653594][    C1]  netlink_rcv_skb+0x1e3/0x430
[  248.658434][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  248.663994][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  248.669356][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  248.674630][    C1]  netlink_unicast+0x7f0/0x990
[  248.679457][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  248.684844][    C1]  ? __virt_addr_valid+0x183/0x530
[  248.690062][    C1]  ? __check_object_size+0x49c/0x900
[  248.695432][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  248.700661][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  248.705524][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.710889][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.717024][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  248.722098][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  248.727475][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  248.733060][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.738432][    C1]  __sock_sendmsg+0x221/0x270
[  248.743199][    C1]  __sys_sendto+0x3a4/0x4f0
[  248.747775][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  248.752962][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.759020][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  248.765455][    C1]  __x64_sys_sendto+0xde/0x100
[  248.770435][    C1]  do_syscall_64+0xf3/0x230
[  248.775019][    C1]  ? clear_bhb_loop+0x35/0x90
[  248.779821][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.785772][    C1] RIP: 0033:0x7f8d0fd778bc
[  248.790265][    C1] RSP: 002b:00007fff1b6f69a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  248.798725][    C1] RAX: ffffffffffffffda RBX: 00007f8d10a34620 RCX: 00007f8d0fd778bc
[  248.806790][    C1] RDX: 0000000000000028 RSI: 00007f8d10a34670 RDI: 0000000000000003
[  248.814803][    C1] RBP: 0000000000000000 R08: 00007fff1b6f69f4 R09: 000000000000000c
[  248.822841][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  248.830876][    C1] R13: 0000000000000000 R14: 00007f8d10a34670 R15: 0000000000000000
[  248.838884][    C1]  </TASK>
[  248.841958][    C1] DEBUG: waiting rtnl_mutex for 629 jiffies.
[  248.847951][    C1] task:kworker/1:0     state:D stack:21584 pid:25    tgid:25    ppid:2      flags:0x00004000
[  248.858153][    C1] Workqueue: events linkwatch_event
[  248.863426][    C1] Call Trace:
[  248.866724][    C1]  <TASK>
[  248.869718][    C1]  __schedule+0x17e8/0x4a20
[  248.874307][    C1]  ? __pfx___schedule+0x10/0x10
[  248.879213][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  248.885254][    C1]  ? __pfx_lock_release+0x10/0x10
[  248.890329][    C1]  ? kick_pool+0x1bd/0x620
[  248.894786][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  248.900030][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  248.905273][    C1]  ? schedule+0x90/0x320
[  248.909548][    C1]  schedule+0x14b/0x320
[  248.913788][    C1]  schedule_preempt_disabled+0x13/0x30
[  248.919279][    C1]  __mutex_lock+0x6a4/0xd70
[  248.923821][    C1]  ? __mutex_lock+0x527/0xd70
[  248.928515][    C1]  ? linkwatch_event+0xe/0x60
[  248.933251][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  248.938318][    C1]  ? process_scheduled_works+0x945/0x1830
[  248.944112][    C1]  ? rtnl_lock+0xe7/0x130
[  248.948494][    C1]  ? process_scheduled_works+0x945/0x1830
[  248.954247][    C1]  linkwatch_event+0xe/0x60
[  248.958754][    C1]  process_scheduled_works+0xa2c/0x1830
[  248.964396][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  248.970456][    C1]  ? assign_work+0x364/0x3d0
[  248.975080][    C1]  worker_thread+0x86d/0xd40
[  248.979737][    C1]  ? __kthread_parkme+0x169/0x1d0
[  248.984794][    C1]  ? __pfx_worker_thread+0x10/0x10
[  248.989935][    C1]  kthread+0x2f0/0x390
[  248.994011][    C1]  ? __pfx_worker_thread+0x10/0x10
[  248.999134][    C1]  ? __pfx_kthread+0x10/0x10
[  249.003779][    C1]  ret_from_fork+0x4b/0x80
[  249.008226][    C1]  ? __pfx_kthread+0x10/0x10
[  249.012872][    C1]  ret_from_fork_asm+0x1a/0x30
[  249.017676][    C1]  </TASK>
[  249.020741][    C1] DEBUG: waiting rtnl_mutex for 643 jiffies.
[  249.026734][    C1] task:syz-executor    state:D stack:21024 pid:7653  tgid:7653  ppid:7641   flags:0x00004000
[  249.037008][    C1] Call Trace:
[  249.040327][    C1]  <TASK>
[  249.043277][    C1]  __schedule+0x17e8/0x4a20
[  249.047803][    C1]  ? __pfx___schedule+0x10/0x10
[  249.052715][    C1]  ? __pfx_lock_release+0x10/0x10
[  249.057767][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  249.063297][    C1]  ? schedule+0x90/0x320
[  249.067577][    C1]  schedule+0x14b/0x320
[  249.071802][    C1]  schedule_preempt_disabled+0x13/0x30
[  249.077288][    C1]  __mutex_lock+0x6a4/0xd70
[  249.081861][    C1]  ? __mutex_lock+0x527/0xd70
[  249.086582][    C1]  ? rtnetlink_rcv_msg+0x839/0x1170
[  249.091824][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  249.096887][    C1]  ? rtnl_lock+0xe7/0x130
[  249.101276][    C1]  rtnetlink_rcv_msg+0x839/0x1170
[  249.106343][    C1]  ? rtnetlink_rcv_msg+0x208/0x1170
[  249.111610][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  249.117100][    C1]  ? is_bpf_text_address+0x285/0x2a0
[  249.122452][    C1]  ? __pfx_validate_chain+0x10/0x10
[  249.127667][    C1]  ? __pfx_validate_chain+0x10/0x10
[  249.132919][    C1]  ? arch_stack_walk+0x16d/0x1b0
[  249.137885][    C1]  ? mark_lock+0x9a/0x360
[  249.142269][    C1]  ? __pfx_validate_chain+0x10/0x10
[  249.147501][    C1]  ? __lock_acquire+0x1359/0x2000
[  249.152572][    C1]  ? mark_lock+0x9a/0x360
[  249.156911][    C1]  ? __lock_acquire+0x1359/0x2000
[  249.162001][    C1]  netlink_rcv_skb+0x1e3/0x430
[  249.166783][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  249.172318][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  249.177661][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[  249.182900][    C1]  netlink_unicast+0x7f0/0x990
[  249.187678][    C1]  ? __pfx_netlink_unicast+0x10/0x10
[  249.193008][    C1]  ? __virt_addr_valid+0x183/0x530
[  249.198183][    C1]  ? __check_object_size+0x49c/0x900
[  249.203515][    C1]  ? bpf_lsm_netlink_send+0x9/0x10
[  249.208665][    C1]  netlink_sendmsg+0x8e4/0xcb0
[  249.213496][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.218868][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  249.224885][    C1]  ? aa_sock_msg_perm+0x91/0x160
[  249.229880][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  249.235203][    C1]  ? security_socket_sendmsg+0x87/0xb0
[  249.240734][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.246049][    C1]  __sock_sendmsg+0x221/0x270
[  249.250807][    C1]  __sys_sendto+0x3a4/0x4f0
[  249.255392][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  249.260546][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  249.266546][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  249.272955][    C1]  __x64_sys_sendto+0xde/0x100
[  249.277759][    C1]  do_syscall_64+0xf3/0x230
[  249.282297][    C1]  ? clear_bhb_loop+0x35/0x90
[  249.286984][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.292917][    C1] RIP: 0033:0x7fc058d778bc
[  249.297349][    C1] RSP: 002b:00007ffe36c96a20 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  249.305808][    C1] RAX: ffffffffffffffda RBX: 00007fc059a34620 RCX: 00007fc058d778bc
[  249.313853][    C1] RDX: 0000000000000050 RSI: 00007fc059a34670 RDI: 0000000000000003
[  249.321904][    C1] RBP: 0000000000000000 R08: 00007ffe36c96a74 R09: 000000000000000c
[  249.329935][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  249.337923][    C1] R13: 0000000000000000 R14: 00007fc059a34670 R15: 0000000000000000
[  249.345931][    C1]  </TASK>
[  249.348946][    C1] DEBUG: waiting rtnl_mutex for 664 jiffies.
[  249.354945][    C1] task:kworker/u8:0    state:D stack:21872 pid:11    tgid:11    ppid:2      flags:0x00004000
[  249.365186][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  249.371269][    C1] Call Trace:
[  249.374575][    C1]  <TASK>
[  249.377537][    C1]  __schedule+0x17e8/0x4a20
[  249.382120][    C1]  ? __pfx___schedule+0x10/0x10
[  249.386982][    C1]  ? __pfx_lock_release+0x10/0x10
[  249.392096][    C1]  ? __mutex_trylock_common+0x92/0x2e0
[  249.397585][    C1]  ? kthread_data+0x52/0xd0
[  249.402152][    C1]  ? schedule+0x90/0x320
[  249.406429][    C1]  ? wq_worker_sleeping+0x66/0x240
[  249.411601][    C1]  ? schedule+0x90/0x320
[  249.415871][    C1]  schedule+0x14b/0x320
[  249.420108][    C1]  schedule_preempt_disabled+0x13/0x30
[  249.425600][    C1]  __mutex_lock+0x6a4/0xd70
[  249.430170][    C1]  ? mark_lock+0x9a/0x360
[  249.434540][    C1]  ? __mutex_lock+0x527/0xd70
[  249.439245][    C1]  ? addrconf_dad_work+0xd0/0x16f0
[  249.444388][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  249.449425][    C1]  ? rtnl_lock+0xe7/0x130
[  249.453792][    C1]  addrconf_dad_work+0xd0/0x16f0
[  249.458744][    C1]  ? __pfx_addrconf_dad_work+0x10/0x10
[  249.464257][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  249.470664][    C1]  ? process_scheduled_works+0x945/0x1830
[  249.476418][    C1]  process_scheduled_works+0xa2c/0x1830
[  249.482072][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  249.488106][    C1]  ? assign_work+0x364/0x3d0
[  249.492758][    C1]  worker_thread+0x86d/0xd40
[  249.497366][    C1]  ? __kthread_parkme+0x169/0x1d0
[  249.502456][    C1]  ? __pfx_worker_thread+0x10/0x10
[  249.507573][    C1]  kthread+0x2f0/0x390
[  249.511691][    C1]  ? __pfx_worker_thread+0x10/0x10
[  249.516848][    C1]  ? __pfx_kthread+0x10/0x10
[  249.521517][    C1]  ret_from_fork+0x4b/0x80
[  249.525941][    C1]  ? __pfx_kthread+0x10/0x10
[  249.530586][    C1]  ret_from_fork_asm+0x1a/0x30
[  249.535415][    C1]  </TASK>
[  249.538442][    C1] 
[  249.538442][    C1] Showing all locks held in the system:
[  249.546208][    C1] 3 locks held by kworker/u8:0/11:
[  249.552282][    C1]  #0: ffff88802a08b148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  249.563924][    C1]  #1: ffffc90000107d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  249.576791][    C1]  #2: ffffffff8f5fb948 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  249.586274][    C1] 3 locks held by kworker/1:0/25:
[  249.591339][    C1]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  249.602412][    C1]  #1: ffffc900001f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  249.613486][    C1]  #2: ffffffff8f5fb948 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  249.622540][    C1] 4 locks held by kworker/u8:5/1090:
[  249.627840][    C1]  #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  249.638763][    C1]  #1: ffffc900045a7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  249.649332][    C1]  #2: ffffffff8f5eee50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  249.658768][    C1]  #3: ffffffff8f5fb948 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  249.668962][    C1] 2 locks held by getty/4848:
[  249.673688][    C1]  #0: ffff88802ebe80a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  249.683517][    C1]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  249.693664][    C1] 3 locks held by syz-executor/5083:
[  249.698956][    C1]  #0: ffff88807f964c40 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0
[  249.709273][    C1]  #1: ffff88802f11c518 (sb_pagefaults){.+.+}-{0:0}, at: ext4_page_mkwrite+0x1f0/0xdf0
[  249.719010][    C1]  #2: ffff88802ebe0950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x203f/0x22a0
[  249.728860][    C1] 2 locks held by kworker/1:6/5152:
[  249.734123][    C1] 5 locks held by syz-executor/5239:
[  249.739428][    C1]  #0: ffff88802f11c420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[  249.748639][    C1]  #1: ffff8880629749c0 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: do_rmdir+0x263/0x580
[  249.758791][    C1]  #2: ffff88802f11c610 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2f4/0xf50
[  249.768273][    C1]  #3: ffff88802ebe0950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x203f/0x22a0
[  249.778033][    C1]  #4: ffff888065640c80 (&ei->i_data_sem){++++}-{3:3}, at: ext4_truncate+0x991/0x11a0
[  249.787665][    C1] 4 locks held by syz-executor/6805:
[  249.792988][    C1]  #0: ffff88807f938ac8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x24e/0x310
[  249.802316][    C1]  #1: ffff8880654aa1e0 (&type->i_mutex_dir_key#3){++++}-{3:3}, at: iterate_dir+0x215/0x810
[  249.812572][    C1]  #2: ffff88802f11c420 (sb_writers#4){.+.+}-{0:0}, at: iterate_dir+0x620/0x810
[  249.821748][    C1]  #3: ffff88802ebe0950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x203f/0x22a0
[  249.831501][    C1] 1 lock held by syz-executor/7599:
[  249.836692][    C1]  #0: ffffffff8f5fb948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x839/0x1170
[  249.846313][    C1] 1 lock held by syz-executor/7653:
[  249.851543][    C1]  #0: ffffffff8f5fb948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x839/0x1170
[  249.861133][    C1] 1 lock held by syz.0.948/7883:
[  249.866077][    C1]  #0: ffffffff8e33abb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  249.877027][    C1] 
[  249.879346][    C1] =============================================
[  249.879346][    C1] 
[  250.024299][ T5439] syz-executor: attempt to access beyond end of device
[  250.024299][ T5439] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  250.038495][ T5439] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  250.214601][ T7910] 9pnet: p9_errstr2errno: server reported unknown error œæçæÿÎsŧ‘̼§6µ‡
[  250.298230][ T7904] dvmrp0: entered allmulticast mode
[  252.073645][ T7941] loop0: detected capacity change from 0 to 256
[  252.155148][ T7941] FAT-fs (loop0): Directory bread(block 64) failed
[  252.164722][ T7941] FAT-fs (loop0): Directory bread(block 65) failed
[  252.175592][ T7941] FAT-fs (loop0): Directory bread(block 66) failed
[  252.186420][ T7941] FAT-fs (loop0): Directory bread(block 67) failed
[  252.200536][ T7941] FAT-fs (loop0): Directory bread(block 68) failed
[  252.207224][ T7941] FAT-fs (loop0): Directory bread(block 69) failed
[  252.213663][ T7599] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.219845][ T7941] FAT-fs (loop0): Directory bread(block 70) failed
[  252.227019][ T7941] FAT-fs (loop0): Directory bread(block 71) failed
[  252.242602][ T7941] FAT-fs (loop0): Directory bread(block 72) failed
[  252.251077][ T7941] FAT-fs (loop0): Directory bread(block 73) failed
[  252.468835][ T1105] kworker/u8:6: attempt to access beyond end of device
[  252.468835][ T1105] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256
[  252.520130][ T1105] Buffer I/O error on dev loop0, logical block 306, lost async page write
[  252.553023][ T7948] syz.0.963: attempt to access beyond end of device
[  252.553023][ T7948] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256
[  252.576914][ T7948] Buffer I/O error on dev loop0, logical block 306, lost async page write
[  252.595470][ T7653] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  252.635059][ T7599] 8021q: adding VLAN 0 to HW filter on device team0
[  252.671234][ T7653] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  252.744176][ T7653] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  252.772768][ T7653] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  252.811529][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.818726][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.847234][ T2813] kworker/u8:9: attempt to access beyond end of device
[  252.847234][ T2813] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256
[  252.867090][ T2813] Buffer I/O error on dev loop0, logical block 306, lost async page write
[  252.942461][ T5100] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.949617][ T5100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.142731][ T7937] loop1: detected capacity change from 0 to 40427
[  253.178053][ T7937] F2FS-fs (loop1): invalid crc value
[  253.216402][ T7937] F2FS-fs (loop1): Found nat_bits in checkpoint
[  253.377338][ T7937] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  253.686556][ T7968] loop2: detected capacity change from 0 to 8
[  254.814047][ T7972] netlink: 292 bytes leftover after parsing attributes in process `syz.2.970'.
[  255.696595][   T29] audit: type=1804 audit(1719520750.513:1472): pid=7970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.962" name="/root/syzkaller.34Pws0/209/file2/file0" dev="loop1" ino=10 res=1 errno=0
[  257.282327][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  257.289003][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  257.479181][   T29] audit: type=1804 audit(1719520750.543:1473): pid=7970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.962" name="/root/syzkaller.34Pws0/209/file2/file0" dev="loop1" ino=10 res=1 errno=0
[  258.537052][ T5239] syz-executor: attempt to access beyond end of device
[  258.537052][ T5239] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  258.570920][ T5239] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  258.731645][ T7599] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.770944][ T7653] 8021q: adding VLAN 0 to HW filter on device bond0
[  258.911959][ T7653] 8021q: adding VLAN 0 to HW filter on device team0
[  258.979475][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.986732][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.996758][ T7997] loop0: detected capacity change from 0 to 2048
[  259.008548][ T7997] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  259.028969][ T7997] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  259.029548][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.045095][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.248274][ T7999] loop0: detected capacity change from 0 to 2048
[  259.279061][ T7599] veth0_vlan: entered promiscuous mode
[  259.293633][ T8001] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  259.381661][ T7599] veth1_vlan: entered promiscuous mode
[  259.632165][ T7599] veth0_macvtap: entered promiscuous mode
[  259.677204][ T7599] veth1_macvtap: entered promiscuous mode
[  259.840456][ T7599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.863489][ T7599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.892817][ T7599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.919776][ T7599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.935351][ T7599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  259.948349][ T7599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  259.969518][ T7599] batman_adv: batadv0: Interface activated: batadv_slave_0
[  260.019865][ T7599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.053710][ T7599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.075553][ T7599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.100995][ T7599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.120979][ T7599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.143057][ T7599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.178715][ T7599] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.196882][ T7653] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.226830][ T7599] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.244527][ T7599] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.260519][ T7599] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.285099][ T7599] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.339067][ T8005] loop1: detected capacity change from 0 to 40427
[  260.357598][ T8005] F2FS-fs (loop1): invalid crc value
[  260.376096][ T8005] F2FS-fs (loop1): Found nat_bits in checkpoint
[  260.483299][ T8026] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  260.489902][ T8026] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  260.525281][ T8028] vhci_hcd: connection closed
[  260.527460][ T8026] vhci_hcd vhci_hcd.0: Device attached
[  260.548297][ T1090] vhci_hcd: stop threads
[  260.554245][ T1090] vhci_hcd: release socket
[  260.572001][ T8005] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  260.575854][ T1090] vhci_hcd: disconnect device
[  260.591355][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.619839][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.752380][ T2813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  260.786069][ T2813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.008688][ T8039] syz.1.983[8039] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  261.009437][ T8039] syz.1.983[8039] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  261.038557][ T8039] overlayfs: failed to resolve './file0': -2
[  261.667007][ T8037] fuse: Unknown parameter 'grou00000000000000000000'
[  261.750824][ T5239] syz-executor: attempt to access beyond end of device
[  261.750824][ T5239] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  261.751699][ T8043] loop3: detected capacity change from 0 to 2048
[  261.766326][ T5239] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  261.827486][ T8043] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  261.858004][ T8043] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  261.886709][ T8043] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002]
[  261.906580][ T8043] System zones: 0-19
[  261.911690][ T7653] veth0_vlan: entered promiscuous mode
[  261.925648][ T8043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.989297][ T7653] veth1_vlan: entered promiscuous mode
[  262.117113][ T8043] 9pnet_fd: Insufficient options for proto=fd
[  262.197210][ T7653] veth0_macvtap: entered promiscuous mode
[  262.223040][ T7653] veth1_macvtap: entered promiscuous mode
[  262.297626][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.323335][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.344419][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.363615][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.375878][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.386699][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.413584][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.434092][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.448009][ T7653] batman_adv: batadv0: Interface activated: batadv_slave_0
[  262.457795][ T8056] Cannot find map_set index 0 as target
[  262.466934][ T7599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.537239][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.567599][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.580461][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.788814][ T8064] xt_CT: You must specify a L4 protocol and not use inversions on it
[  262.791101][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.908772][ T8066] loop0: detected capacity change from 0 to 64
[  262.996453][ T8069] loop1: detected capacity change from 0 to 128
[  263.007851][ T8069] befs: (loop1): No write support. Marking filesystem read-only
[  263.112501][ T8069] befs: (loop1): invalid magic header
[  263.322954][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.648188][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.659748][ T7653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.674330][ T7653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.700209][ T7653] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.766523][ T7653] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.783409][ T7653] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.795247][ T7653] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.808433][ T7653] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.125742][ T8080] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1003'.
[  264.210669][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.232793][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.352343][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.392958][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.719889][ T5152] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  264.924210][ T5152] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  264.942620][ T8105] Cannot find map_set index 0 as target
[  264.944234][ T5152] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  264.970648][ T5152] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  264.982427][ T5152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.991653][ T5152] usb 3-1: Product: syz
[  264.996425][ T5152] usb 3-1: Manufacturer: syz
[  265.003490][ T5152] usb 3-1: SerialNumber: syz
[  265.011089][ T5152] usb 3-1: config 0 descriptor??
[  265.017564][ T8089] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  265.033912][ T8089] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  265.125616][ T8110] xt_CT: You must specify a L4 protocol and not use inversions on it
[  265.305995][ T8089] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  265.325674][ T8089] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  265.561273][ T5152] Error reading MAC address
[  265.592568][ T5152] usb 3-1: USB disconnect, device number 3
[  265.770368][ T8134] loop0: detected capacity change from 0 to 128
[  265.778580][ T8134] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  265.813736][ T8131] loop1: detected capacity change from 0 to 2048
[  265.852968][   T29] audit: type=1804 audit(1719520760.663:1474): pid=8134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1023" name="/root/syzkaller.lR6skt/204/file0/bus" dev="loop0" ino=1048671 res=1 errno=0
[  265.885431][ T8137] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  266.199793][   T25] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  266.390742][   T25] usb 4-1: Using ep0 maxpacket: 16
[  266.403107][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.403484][ T8154] loop0: detected capacity change from 0 to 64
[  266.433525][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  266.480968][   T25] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  266.506546][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.525136][   T25] usb 4-1: config 0 descriptor??
[  267.008179][ T8169] raw-gadget.0 gadget.3: fail, usb_ep_set_wedge returned -11
[  267.819608][ T8199] loop2: detected capacity change from 0 to 1024
[  267.879843][ T8199] EXT4-fs (loop2): filesystem is read-only
[  267.889881][ T8199] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  267.899625][ T8199] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  267.940617][ T8199] EXT4-fs error (device loop2): ext4_get_journal_inode:5750: inode #32: comm syz.2.1051: iget: special inode unallocated
[  267.981393][ T8199] EXT4-fs (loop2): no journal found
[  268.120047][   T29] audit: type=1326 audit(1719520762.933:1475): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=8192 comm="syz.1.1049" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbad375b29 code=0x0
[  268.381233][ T8218] loop0: detected capacity change from 0 to 2048
[  268.405777][ T8218] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  268.420031][ T8218] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  268.454927][ T8218] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002]
[  268.474484][ T8218] System zones: 0-19
[  268.509186][ T8218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.650310][ T8218] 9pnet_fd: Insufficient options for proto=fd
[  268.713670][   T25] usbhid 4-1:0.0: can't add hid device: -71
[  268.728678][   T25] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  268.748567][   T25] usb 4-1: USB disconnect, device number 6
[  268.780537][ T8227] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1061'.
[  269.084052][ T8238] loop1: detected capacity change from 0 to 1024
[  269.094874][ T8238] EXT4-fs (loop1): filesystem is read-only
[  269.117430][ T8238] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  269.138497][ T8238] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  269.154294][ T8238] EXT4-fs error (device loop1): ext4_get_journal_inode:5750: inode #32: comm syz.1.1067: iget: special inode unallocated
[  269.167476][ T8238] EXT4-fs (loop1): no journal found
[  269.198242][ T5439] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.081621][ T8266] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1079'.
[  270.128127][ T8249] loop4: detected capacity change from 0 to 32768
[  270.155311][ T8249] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  270.182364][ T8255] loop0: detected capacity change from 0 to 32768
[  270.378217][ T8249] XFS (loop4): Ending clean mount
[  270.397408][ T8249] XFS (loop4): Quotacheck needed: Please wait.
[  270.466547][ T8249] XFS (loop4): Quotacheck: Done.
[  270.628080][ T7653] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  270.684092][ T8292] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1082'.
[  270.685596][ T8294] loop1: detected capacity change from 0 to 16
[  270.709499][ T8294] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  270.907324][ T8302] loop3: detected capacity change from 0 to 128
[  270.945023][ T8302] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  271.026842][   T29] audit: type=1804 audit(1719520765.843:1476): pid=8302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1092" name="/root/syzkaller.70Sn93/21/file0/bus" dev="loop3" ino=1048672 res=1 errno=0
[  271.066235][    T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  271.272093][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  271.281625][    T9] usb 1-1: config 0 has no interfaces?
[  271.290418][    T9] usb 1-1: New USB device found, idVendor=0f94, idProduct=0001, bcdDevice=17.9c
[  271.309844][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.343227][    T9] usb 1-1: Product: syz
[  271.347468][    T9] usb 1-1: Manufacturer: syz
[  271.384933][    T9] usb 1-1: SerialNumber: syz
[  271.454374][    T9] usb 1-1: config 0 descriptor??
[  271.498697][ T8316] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1097'.
[  272.274987][ T8316] overlayfs: missing 'lowerdir'
[  272.522648][   T25] usb 1-1: USB disconnect, device number 12
[  272.585507][ T8306] loop1: detected capacity change from 0 to 32768
[  272.653725][ T8328] loop3: detected capacity change from 0 to 16
[  272.682053][ T8328] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  273.104386][ T8335] loop1: detected capacity change from 0 to 4096
[  273.119467][ T8335] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  273.162430][ T8335] ntfs3: loop1: mft corrupted
[  273.167421][ T8335] ntfs3: loop1: Failed to load $Extend (-22).
[  273.190862][ T8335] ntfs3: loop1: Failed to initialize $Extend.
[  273.305804][ T8330] loop4: detected capacity change from 0 to 32768
[  273.314725][ T8343] loop0: detected capacity change from 0 to 1024
[  273.329801][ T8343] EXT4-fs (loop0): filesystem is read-only
[  273.336046][ T8330] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1102 (8330)
[  273.336227][ T8343] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  273.359464][ T8343] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  273.389425][ T8343] EXT4-fs error (device loop0): ext4_get_journal_inode:5750: inode #32: comm syz.0.1108: iget: special inode unallocated
[  273.413968][ T8343] EXT4-fs (loop0): no journal found
[  273.435384][ T8330] BTRFS info (device loop4): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  273.454662][ T8330] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  273.465990][ T8330] BTRFS info (device loop4): using free-space-tree
[  273.556292][ T8351] kvm: user requested TSC rate below hardware speed
[  273.878912][ T7653] BTRFS info (device loop4): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  273.968083][ T8378] IPv4: Oversized IP packet from 172.20.20.24
[  273.978412][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  273.986490][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  274.268864][   T29] audit: type=1326 audit(1719520769.083:1477): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=8360 comm="syz.3.1112" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8d0fd75b29 code=0x0
[  274.830734][ T8394] loop1: detected capacity change from 0 to 1024
[  274.847526][ T8394] EXT4-fs (loop1): filesystem is read-only
[  274.864500][ T8394] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  274.890828][ T8394] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  274.928774][ T8394] EXT4-fs error (device loop1): ext4_get_journal_inode:5750: inode #32: comm syz.1.1122: iget: special inode unallocated
[  274.947911][ T8394] EXT4-fs (loop1): no journal found
[  275.088760][ T8398] pimreg2: entered allmulticast mode
[  275.434837][   T25] ------------[ cut here ]------------
[  275.441333][   T25] WARNING: CPU: 1 PID: 25 at io_uring/io_uring.c:703 io_cqring_event_overflow+0x442/0x660
[  275.441374][   T25] Modules linked in:
[  275.441403][   T25] CPU: 1 UID: 0 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-rc5-next-20240627-syzkaller #0
[  275.441429][   T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  275.441443][   T25] Workqueue: events io_fallback_req_func
[  275.441473][   T25] RIP: 0010:io_cqring_event_overflow+0x442/0x660
[  275.441497][   T25] Code: 0f 95 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ed 1f ee fc 90 0f 0b 90 e9 c5 fc ff ff e8 df 1f ee fc 90 <0f> 0b 90 e9 6e fc ff ff e8 d1 1f ee fc c6 05 59 1d f4 0a 01 90 48
[  275.441521][   T25] RSP: 0018:ffffc900001f7a08 EFLAGS: 00010293
[  275.441539][   T25] RAX: ffffffff84a55e81 RBX: 0000000000000000 RCX: ffff8880176f9e00
[  275.441557][   T25] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  275.441570][   T25] RBP: 0000000000000000 R08: ffffffff84a55ae4 R09: 0000000000000000
[  275.441584][   T25] R10: dffffc0000000000 R11: ffffffff84a98540 R12: ffff888066bd2000
[  275.441600][   T25] R13: 0000000000000000 R14: ffff888066bd2000 R15: 0000000000000000
[  275.441615][   T25] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  275.441633][   T25] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  275.441649][   T25] CR2: 000000002002a000 CR3: 0000000023402000 CR4: 00000000003506f0
[  275.441667][   T25] DR0: 0000000000002800 DR1: 0000000000000000 DR2: 0000000000000000
[  275.441682][   T25] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  275.441696][   T25] Call Trace:
[  275.441705][   T25]  <TASK>
[  275.441715][   T25]  ? __warn+0x168/0x4e0
[  275.441736][   T25]  ? io_cqring_event_overflow+0x442/0x660
[  275.441763][   T25]  ? report_bug+0x2b3/0x500
[  275.441794][   T25]  ? io_cqring_event_overflow+0x442/0x660
[  275.441823][   T25]  ? handle_bug+0x3e/0x70
[  275.441847][   T25]  ? exc_invalid_op+0x1a/0x50
[  275.441871][   T25]  ? asm_exc_invalid_op+0x1a/0x20
[  275.441901][   T25]  ? __pfx_io_msg_tw_complete+0x10/0x10
[  275.441936][   T25]  ? io_cqring_event_overflow+0xa4/0x660
[  275.441955][   T25]  ? io_cqring_event_overflow+0x441/0x660
[  275.441980][   T25]  ? io_cqring_event_overflow+0x442/0x660
[  275.442005][   T25]  ? io_cqring_event_overflow+0x441/0x660
[  275.442025][   T25]  ? io_get_cqe_overflow+0x57f/0x590
[  275.442060][   T25]  io_add_aux_cqe+0x27c/0x320
[  275.442088][   T25]  ? io_fallback_req_func+0x71/0x1c0
[  275.442118][   T25]  ? __pfx_io_add_aux_cqe+0x10/0x10
[  275.442151][   T25]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  275.442184][   T25]  io_msg_tw_complete+0x9d/0x4d0
[  275.442216][   T25]  ? percpu_ref_get_many+0x1f/0x1d0
[  275.442248][   T25]  io_fallback_req_func+0xce/0x1c0
[  275.442284][   T25]  ? process_scheduled_works+0x945/0x1830
[  275.442311][   T25]  process_scheduled_works+0xa2c/0x1830
[  275.442372][   T25]  ? __pfx_process_scheduled_works+0x10/0x10
[  275.442411][   T25]  ? assign_work+0x364/0x3d0
[  275.442444][   T25]  worker_thread+0x86d/0xd40
[  275.442489][   T25]  ? __kthread_parkme+0x169/0x1d0
[  275.442524][   T25]  ? __pfx_worker_thread+0x10/0x10
[  275.442552][   T25]  kthread+0x2f0/0x390
[  275.442583][   T25]  ? __pfx_worker_thread+0x10/0x10
[  275.442610][   T25]  ? __pfx_kthread+0x10/0x10
[  275.442642][   T25]  ret_from_fork+0x4b/0x80
[  275.442671][   T25]  ? __pfx_kthread+0x10/0x10
[  275.442702][   T25]  ret_from_fork_asm+0x1a/0x30
[  275.442752][   T25]  </TASK>
[  275.442763][   T25] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  275.778691][   T25] CPU: 1 UID: 0 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-rc5-next-20240627-syzkaller #0
[  275.788819][   T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  275.798926][   T25] Workqueue: events io_fallback_req_func
[  275.804634][   T25] Call Trace:
[  275.807959][   T25]  <TASK>
[  275.810929][   T25]  dump_stack_lvl+0x241/0x360
[  275.815656][   T25]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.820906][   T25]  ? __pfx__printk+0x10/0x10
[  275.825567][   T25]  ? vscnprintf+0x5d/0x90
[  275.829946][   T25]  panic+0x349/0x870
[  275.833904][   T25]  ? __warn+0x177/0x4e0
[  275.838099][   T25]  ? __pfx_panic+0x10/0x10
[  275.842582][   T25]  ? ret_from_fork_asm+0x1a/0x30
[  275.847572][   T25]  __warn+0x34b/0x4e0
[  275.851595][   T25]  ? io_cqring_event_overflow+0x442/0x660
[  275.857358][   T25]  report_bug+0x2b3/0x500
[  275.861735][   T25]  ? io_cqring_event_overflow+0x442/0x660
[  275.867504][   T25]  handle_bug+0x3e/0x70
[  275.871700][   T25]  exc_invalid_op+0x1a/0x50
[  275.876250][   T25]  asm_exc_invalid_op+0x1a/0x20
[  275.881155][   T25] RIP: 0010:io_cqring_event_overflow+0x442/0x660
[  275.887525][   T25] Code: 0f 95 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ed 1f ee fc 90 0f 0b 90 e9 c5 fc ff ff e8 df 1f ee fc 90 <0f> 0b 90 e9 6e fc ff ff e8 d1 1f ee fc c6 05 59 1d f4 0a 01 90 48
[  275.907181][   T25] RSP: 0018:ffffc900001f7a08 EFLAGS: 00010293
[  275.913300][   T25] RAX: ffffffff84a55e81 RBX: 0000000000000000 RCX: ffff8880176f9e00
[  275.921321][   T25] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  275.929335][   T25] RBP: 0000000000000000 R08: ffffffff84a55ae4 R09: 0000000000000000
[  275.937349][   T25] R10: dffffc0000000000 R11: ffffffff84a98540 R12: ffff888066bd2000
[  275.945368][   T25] R13: 0000000000000000 R14: ffff888066bd2000 R15: 0000000000000000
[  275.953397][   T25]  ? __pfx_io_msg_tw_complete+0x10/0x10
[  275.959021][   T25]  ? io_cqring_event_overflow+0xa4/0x660
[  275.964706][   T25]  ? io_cqring_event_overflow+0x441/0x660
[  275.970481][   T25]  ? io_cqring_event_overflow+0x441/0x660
[  275.976246][   T25]  ? io_get_cqe_overflow+0x57f/0x590
[  275.981604][   T25]  io_add_aux_cqe+0x27c/0x320
[  275.986338][   T25]  ? io_fallback_req_func+0x71/0x1c0
[  275.991685][   T25]  ? __pfx_io_add_aux_cqe+0x10/0x10
[  275.996948][   T25]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  276.002988][   T25]  io_msg_tw_complete+0x9d/0x4d0
[  276.007977][   T25]  ? percpu_ref_get_many+0x1f/0x1d0
[  276.013231][   T25]  io_fallback_req_func+0xce/0x1c0
[  276.018407][   T25]  ? process_scheduled_works+0x945/0x1830
[  276.024178][   T25]  process_scheduled_works+0xa2c/0x1830
[  276.029807][   T25]  ? __pfx_process_scheduled_works+0x10/0x10
[  276.035855][   T25]  ? assign_work+0x364/0x3d0
[  276.040514][   T25]  worker_thread+0x86d/0xd40
[  276.045177][   T25]  ? __kthread_parkme+0x169/0x1d0
[  276.050269][   T25]  ? __pfx_worker_thread+0x10/0x10
[  276.055612][   T25]  kthread+0x2f0/0x390
[  276.059735][   T25]  ? __pfx_worker_thread+0x10/0x10
[  276.064904][   T25]  ? __pfx_kthread+0x10/0x10
[  276.069545][   T25]  ret_from_fork+0x4b/0x80
[  276.074010][   T25]  ? __pfx_kthread+0x10/0x10
[  276.078663][   T25]  ret_from_fork_asm+0x1a/0x30
[  276.083508][   T25]  </TASK>
[  276.086817][   T25] Kernel Offset: disabled
[  276.091287][   T25] Rebooting in 86400 seconds..