last executing test programs:

38.783289182s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000002200000c0000000000fee300760000000f8a49dc75000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'netdevsim0\x00'})
r1 = io_uring_setup(0x2662, &(0x7f0000000440))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x19, 0x20000000, 0x0)

38.677668367s ago: executing program 2:
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/block/loop0', 0x105040, 0x95)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="c8bc52f6daf4f19fcb68c2674a546e39bd0da66ba08f20dedc3f31b00cb4f12d539e77", @ANYRES16=0x0, @ANYBLOB="000228bd7000fedbdf25070000000800030006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4040086}, 0x8000)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
r2 = openat$incfs(r1, &(0x7f0000000080)='.log\x00', 0x30802, 0x4)
r3 = socket(0x200000100000011, 0x3, 0x0)
r4 = socket$packet(0x11, 0x1, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r5=>0x0})
bind$packet(r3, &(0x7f0000000580)={0x11, 0xf7, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1c, 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="9108e7047196d56fb9fcc18691f8dfc93161949cd632f55ac31372be8fe6d6865a18ae6a89797e29f4dc24730ed8755a6b5d6916ef6598a37fd25bd4b88329838eb5818411907ae37ff87991005297c2ef4a1ac57e7cba6b87e5973f203e704ce633767a84c4a664c53d7f69588733e1e5ca7b6f9c6d5d851508a882fa53f79e887b2d66bf82bf885214b5879ca9beb1ca49fc639e89c7ffc78e48519c06d0543c150b4dbf77178dc8df55aeafe31e3c038f220a0f09d1d012d3b9756122923052651adcc06802c30ab83230a112fb658e5b927bfa0000000003eeba8677bdb7c0afc56eeee3578e93b86245eddbeea5d4e3511d70", @ANYRES64=r3, @ANYBLOB="12bdbec0eb57b22337185449f0ada3fdce471d700a549b662f31335b3dfb8c808a0b5b61f009551c848f8b9821086211f66a14a7cce3b58e66ea5b4451b5268afd5d13714c06fa1626b01c2b08a3e44277ea985b5ec4a45f93020000000000000003fffccd4c6b4eac7c8a88855d25490073040074c03762b4172637954fa6cd5d381612d5189e9a1485566ec6c5c4fc372398e6a7ce0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe}, 0x90)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000180), 0x27)
setsockopt$sock_int(r7, 0x1, 0xa, &(0x7f0000000100)=0x4c, 0x4)
connect$inet(r1, &(0x7f00000002c0)={0x2, 0x4e22, @empty}, 0x10)
ioctl$sock_inet_tcp_SIOCINQ(r7, 0x541b, &(0x7f0000000000))
ioctl$EXT4_IOC_MIGRATE(r6, 0x6609)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xd)
dup2(r1, r2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000300))
fdatasync(0xffffffffffffffff)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4)
sendto$inet6(r8, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)

38.517681862s ago: executing program 2:
syz_mount_image$btrfs(&(0x7f00000000c0), &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f0000000000), 0x1, 0x55a1, &(0x7f0000005b00)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMOq4O34UR/Qzawz76b51iqpbXXYhoLTz/f7Rdap+53nr0XXuvXUuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH8P6x28+6u8ueXr0qA3zBix/7cj//nH94csWvfe//vD8DXfsO+8H61ctWVL5hxc3njL5ezcd2bhh5YSXQmjpLFeWFC87c/GKH6266FvfefiMW+59f+/ZS6sy9WbioW/Hn/LMnatjq7/vF8LKshAq0oHBtUmgMnO/NtY3sDaEXcKWQLZEW5+kRLrh8ERNCAvDlkC2qp/UhFCbExj368dWz+tI3FgTwoEhhOp0G/9cnbRRkw1sThKNVUmgT7rEtIok8NHmRDawqjwJwDaLb4bsi355S36G+q7LFXn9VW63jn2x0sPrFRP1xfO9c/wO7lSOqvQDLdv0tBVUxw5R8PZY493WA95tBdv5Ok9b7hepzDeUzVtC1aF8UtvkCbPaZ8ZHykNTU69iNe2g5/nljZdN3Jp0j3kdxg7Ub5fX4ZMXDrx7QeOY3W99dMPkN6ueX7Ct3Sy2eXe06pB5zfWY5zEa6fOkB7z9Cr4lNfjSFUK488RN7/7+lbH/9zcPPzv4g28PPWfIS68Nrbv1+9P6/fm5/6fytqkbC+b/9Z8+/48v53hbnpc7tvpxXTI3j4/UxsS7dcncHAAAAHqMnrDX9K0Rh7xbu67h0f2/uWLyBYvmvXHm+X+s+nnfCYecfNrQH95189QzCub/DaUd/4+H/GtzR7smhJGdiav6h7Bn5+NJYGnszjn9Q9ivM9WSHzg+FVgTwl6diUHZqlIlescSDanAW3WZwMhUYG0MtKQCi2PgulTg6hhYngpMjIE1qcAJMRCm5I/jkLrMOEoO1MRAa7IRl8ezEP6tLraW2lavZKsCAADYTjKzw8r8uznnOmxrhji9XF7TXYZ4BnbRDNWpGtIz2Oy0qmgNFd3VUN5dDdlxz/n04RfUXNZdzQWnYZTlZ/jg4Afmrn7on35684Qjnjnk49azXl2/6vHRm3r91Xtjfnr5uPnDxhfM/5s/ff5f3UVHygqO/4cwtvNvzF2eibRn460teRkAAACAbVDxxtJTfzX3k7Ilvzhv44F/esa4a3uv2H//AWsPfeD/Nbw94MRVBxbM/0eWdv5/3CfSKydzWBd3Q0ztH0JzfiCpdkRhIDnq3TcTAAAAgJ4gezw+eyx8SuY2OUU7PZ8uzN+ylfnjgf+RXeYfPO7adc2r7zxtyojD16zZdNbury7b8MxuB7730sGnnnnSg1Mb7iuY/7eUdv5/n/zbpBNrYy9u6B9C75zAk7GXHYFODTGw/rj8QGb8a+MGuCZWlTkxIVvVNbFEaww0pwILi5V4Lltiz/xA5snKNn5VdhxTMiVyAgAAAPC5i7sD4nH5eP7/s+f3e/xvl9122cNL1oW+5y7/1RXHDh84f3Dvd6Y9d9hjf/n+qVML5v+tW3f+f+c8uOD0/va+IQypCKFX+ocB6/okCwPGQG1ZJvHTPkldvdJVXdknhBEdA0tXtSGz/n9Feo3BF2qSqmJgz/3v2tjYkbizJoQhuYGXxi8a3pGYlQpkG/+zmhD27RhtuvEVvZPGK9ON39w7hK/lBLJVTewdQkdjVemqHq/OXMcgXdXy6hB2zQlkqzqyOoTZAYCeKv4vnZT74MWzL506ob29bcYOTMSd+DVh8pT2tqaJ09onVRfp06RUn/PWMZpbOKZSL33zamaNontGNfUvJZ39oWBzbluZHfkFZw5m7scvQ5Wd4xxWmXf3sPSQDz6gsImQ81Wq2JDLd/CQ++RWsuVJLKg/5q8KfUPvWRe3zWi6ZMLMmTOGJn9LzT4s+RuPMyXbamh6W/Xpqm8lvDyKLpeV8lm3VWNuJUNmXjB9yMWzLx085YIJ57ad23bhEcOPOOqoYYcfPnxIx6Cak7/djLSxq5pTI928qMRhbceRfrUip5LP40NDQkKipyVW/cterx6729IfrLht8Yxfth/T9stv7rrrmCVV335p0+VXHPjs//ioYP4//dPn//FTJ37wZ9ZnKHb8vz4e5k8e33KYvzUGFpZ6/L++2NH87IkBDanAnBiY4zA/AAAAXw5xd2Tcmxl3Sj82f49/uHvcA2Pmrz/06XUvlK3vc+hff/yv5ZVXjPsvxz3UcMf3/6Jg/j+ntN//b6f1/7NL148qtsz/oFiiudj6/+ll/rPr/88ptv5/epn/7Pr/C7+A9f9nZQOpTfJv1v8HAAC+DD6/9f+7Xd4/fYGAggzdLu+fvkBAQYZul/Ev9QIBW73+/2MNh4z82erv/a5x2UXT3vtvQx4YPWDvhn95bJ+rJ00dOXr0iMH/UDD/v660+b+F+wEAAGDncdDE45/ZOGnf46/9n3fsstfPWr+7+xG7/XDZ0W3zN62f+Bd3vH/enxfM/xeWNv///Nf/C8XO/28oFmgptjCg9f8AAADooYqt/zf05u9c+friEx6878ppo1pbx8++6toDVh9UfXp4ZfT8hj+Zcf8nBfP/5aXN/+NpF+V5uWNvPq5L1rQL6TXt3q3L/mQAAAAAeoby0NRUWWLevIVRj//sbb6cWQr009K5nn74gBcf+vqIk+cvrrr2jbI9hm1+5saZh574jR+/vnGfy+46/4IDCub/a0qb/+f9LuPJCwfevaBxzO4f3/rohslvVj2/YMvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8MU76dGfXfvuxCXfmLPw17v/vNfY55dvmDWnaXbtja//+PrfHHX3o+MKfv8fxnaWK/b7/3jdv/j7gq/k5Y6tdr/+X+b+uNH3zu5csnBdXQgH5AamXjl1l5C5Nv9BuYHVZw7aoyNxZbrEI6+d8EZH4ux04OTBAz7sSBydCrTGRRL3SgfiVRU/7JcKxOUVX0gH4vZYng5UZQI/6JeMoyy9rd6uTbZVWXpbvVwbQv+cQHZbraxN2ihLD/DGVCA7wIvSgTjAUzKB8nSv7u2b9CoGamPR2/smvQIAYKcVvwVWhslT2tua41f4ePvVivzbKG/JsrmF1ZaV2PyrmaXJ7hnV1L+UdK/0d9Et1xqvDNUdQxha8HU1N0tZ5yi3Ty3dbLqvFBlyd6u9lRcpl7a1m66q+IhqkhE1TZzWPqmy24Ef1n2WYRXdZhlaMNnJzVLeuUlLqKWEvpQwohK3TQldjvfLQ1NTr1Sur8dgfcjT3Sui1N/r567zV+xVkJvn6bfbn3nq719cud+Tf3z23I/+bNJ3L593zlnvH31e9d/857Jn/+vAXQvm//Wlzf+rc8f1YeZiAHPilfVG9A+htcQRAQAAwJffeRe+Nv/7j1//1vqWxjemDbl+9T/OvvnSirqlV//py4/85abx1569rfG3f3nXfo9OnvDcV84/bNlJb+536BWNZ7/zwJ/MG/fwNX1v+/H8u35UMP9vKG3+H/dgZQ4FJ3s71sTr/1/VP4TOS+vXJ4Glcbjn9A9hv85USyyRXFB/VCzRnASWxh0mg2KJ1pb8qnrHwPJU4K26TGBNKrA2BjJ7Ke4KmV0519eFMLwzNTa/xPRYoj4V+HYMNKQCTTHQnAr0i4GRqcC/9ssEWlKBp2MgTMnfVg/0y2wrAACArZGZZ1Xm3w3ped7yiu4ylHWXoU93Gcq7y1DdXYZio4j3748ZKlMnr5TlZKpM11qTqqUgQ7wY/lb3qyBDeC4/Z7pgQdPx/IPs+QZl+RkeOvXr912zYPKg8t98snZp6wcPTlxx++xjV573yF89NWn/RffcuG/B/L+5tPl/n/zbpPW1cf6/5fp/SeDJ2L0b4qnjDTGw/rj8QGbHwNo42b0mW1VLpkRm0n5NLDEyBhpSgekxMDIVaB2bCSzcIz+QmWlnG78q2/iUTImcAAAAAHzu4g6CuJsmzv//fdnzxzxRseief3x9/D33z3nnvvt/ft99t98/+s5N33zhqkvfv+STgvn/yNLm/7G9vrmNXR178/t+Iaws29KbbGBwbRKI+zFq48/jB9aGsEvODo5sibY+SYmqVMPhiZrkF+pV6ap+UpOsMRDvj/v1Y6vndSRurAnhwJy9L9k2/rk6aaMmHWisSgJ90oFpFUkg7vnJBlaVJwHYZtm9gvEFlTnVJau+63JFXn9flmuCpodXsA+0i3xd/eZqR6lOP5DZp5q1dU9bQXXsEAVvjzXebT3x3Vbv3Zb7RSrzDWXzllB1KJ/UNnnCrPaZ8ZHcX7IW2EHPc+6vVEtJb4fX4ZzP3tvuVac70Jz6+GjuulzXr8OyWN2TFw68e0HjmN1vfXTD5Dernl9QcjeKiD8Ufq5qQH3u5t3RqkPmNdfjPk9afJ70xH8DDZ62EMKGy0+6YWTV9KtWjj7s6H3eOOO06pkfzPvrB1956P39/3bFxGHfGFAw/28pbf5fkbrt9O9xY17cP4SDczbuurj5T+yffA7mBJJPyV0LA8kh99frin5yAgAAwPaW3d2R3V8wJXObnBCenicX5m/Zyvxxf8XILvOX2u+fDDptnwf3uHfc9acfc8vf/25sv43jX15y3IrWYxqXHvuL/3R2zbyC+X/rp8//e6e66fi/4//sII7/d2ln3xXdO/3AnG3aFV1QHTuE4/9d2tnfbY7/d8nxf8f/u+L4fzcc/+/Szv60FXxLmu5LVwhh2JizBtfeM/ipDweu/u1Tz0z5p7mtE+771jW37b35u/WLF9Tv3rdg/j+9tPm/9f+6XrQvu/5fa7H1/6YXW/9vjvX/AACAHarIQnPpeV7B6n0FGdKr9xVk6HaBwG6XGLT+31av//fEMUePXz568W/X7DvmoCv6zp17+m5P3/Jyy8wPa+746MM9fnXwqIL5/5zS5v/x5dA3t/Wesv5fw9giVV0XA9MtDAgAAMDOqNgOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL5Ye950w/jjmqtP+d2Jl9eM/uEj6w6qvu610y9fNuH2SV+788JBs1YsWVL5hxc3njL5ezcd2bhh5YSXQpjSWa4sKV525uIVP1p10be+8/AZt9z7/t6zl1Zn6q3M3O6dlzu2+nFdCAtzHqmNiXfrOu5sCYwbfe/sio7EuroQDsgNTL1y6i4dicV1IRyUG1h95qA9OhJXpks88toJb3Qkzk4HTh484MOOxNGZQFm6u3/TL+luWbq78/qF0D8nkO3u+f3yq8q2cVImUJ5u4+9qkzZioDYWvbk2aSMG2mOJKb1DGFIRQq90Vb+oTqrqla7qf1cnVfVKV3VFdQgjQggV6ap+W5VUVZEe+XNVSVUxsOf+d21s7EgsqgphSG7gpfGLhnckZqQC2cZPqwph346XTLrxByqTxivTjd9UGcLXQghV6RKbKpISVekSGypC2DUnsGUjVoQwO/DlED99JuU+ePHsS6dOaG9vm7EDE1WZtmrC5CntbU0Tp7VPqk71qZiynPTmuZ997K9uvGxix+09o5r6l5KuyJSr7OzysMq8u4ft7L2P/eqTW8mW56Og/pi/KvQNvWdd3Daj6ZIJM2fOGJr8LTX7sORvr0w02VZDe8q2asytZMjMC6YPuXj2pYOnXDDh3LZz2y48YvgRRx017PDDhw/pGFRz8nd7jHTR5z/Sr1bkVPJ5vP8lJCR6WqI879OteWf/HC/4or+lo5WhuvMDumBakZulrHOU22PQx3/GEX+WryndjmhowcShIMuw7rMcVjCZ2JKlJsnS+bWuYHKYW1N55yaN98tDU1OvYtuhPv9u7uZ9Zxs278uZTVdqGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/zw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K3D6NkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBLAQAA//8/pyM3")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000069114e00000000008510000002000000850000000000000095000000000000009500a50520000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)

38.378442651s ago: executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r0, 0x0, 0x0)

38.27781339s ago: executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xdc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket$inet(0x2, 0x2, 0x0)
shutdown(r7, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x8}, 0x48)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000019000100000000000000000000000000000000000000000000000000fe880000000000000000000000000001000000000000000002002020"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)
close_range(r0, r1, 0x0)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000a40)={0x234, r9, 0x200, 0x70bd2a, 0x25dfdbf9, {}, [@TIPC_NLA_SOCK={0x8c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xa55c}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7db8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4000002}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x100}]}, @TIPC_NLA_MEDIA={0x8c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf610}]}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x58a0bd17}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x65e}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}]}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x73}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfff}]}, @TIPC_NLA_MON={0x4}, @TIPC_NLA_MEDIA={0x70, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x97}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x234}, 0x1, 0x0, 0x0, 0x20018084}, 0x90)
r10 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46d, 0xc086, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8}, 0x48)

37.042028367s ago: executing program 3:
unshare(0x26020480)
r0 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
fadvise64(r0, 0x1000000002, 0x2, 0x4)

36.831310032s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
fchdir(0xffffffffffffffff)
prctl$PR_SET_SECUREBITS(0x1c, 0x0)
setresuid(0xee00, 0xee01, 0xee01)
open_tree(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')

36.657436007s ago: executing program 2:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet6_int(r0, 0x29, 0x2b, 0x0, 0xfff3)

35.74652162s ago: executing program 3:
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=@getneightbl={0x14, 0x42, 0x727d4c0aeeddad0d, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000440)='./file0\x00', &(0x7f00000004c0), &(0x7f0000000680), 0x2, 0x2)
writev(0xffffffffffffffff, &(0x7f0000001ac0)=[{0x0}, {&(0x7f0000000840)="626f145367722890392739716144b6e73105cd726e4f13dd79bc0c3f7891b088d3387d3adaa6b7f3002e8551a078919596aa3b11f003914090c7a537187175f686ffd84b9918788e5c32d01a17fc9d8be670249cdd114acae4808d85782f8f213408ed8c836c032f00c2426065a749e3a67c4aec196ff0f3aa1ae67d984c09b7ffa3", 0x82}, {&(0x7f0000000280)="8c445a", 0x3}, {0x0}, {&(0x7f00000019c0)="9cefc13c52fc6298a0c6c91143a5d1dd7fa3347086afaa687f5ec7bf171f14be34d66c52fcd4e87fb978390e02b02b9cee44bda13e712d1336c755306ee3d9b7e862f1f91f3f5ed7dae55d74940a0a0ce509e3a78c196a2566cdc2946472e38970eb1cd76bf0ef940a65dd2ee9a977575f491b111f1bcc687917cf1b911d559fe11c04d0d79c20142c0dac1bb5966607d0f297efa27aff92e5d8707162e46bd7956de460caa4a1e07b64be5353c286e362e57766ffbd18d2c12c27a37e1edb67ab996ff0fa911161", 0xc8}], 0x5)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0xc02c5341, &(0x7f0000000040)={0x3e3, @time})
r2 = fsmount(r1, 0x0, 0x0)
fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xb)
syz_open_procfs$userns(0x0, 0x0)
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmsg(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001e80)=""/168, 0xa8}, 0x40002030)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x22800, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xb)

35.698413484s ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x804000, &(0x7f0000000180)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@noauto_da_alloc}, {@delalloc}, {@nobh}, {@dioread_lock}]}, 0x3, 0x4c0, &(0x7f0000000540)="$eJzs3VFrXFkdAPD/vUlq2qYmVR9qwRq0khbtTNLYNvjQVhB9Kqj1PcZkEkImmZCZtE0okuIHEERU9MknXwQ/gCD9CCIU9F2WZZey23Yf9mF3Z7kzd9psmCTtNpnpZn4/OLnn3Hsz//+ZYc7MmXu5N4CeNRoRNyOiLyIuRsRwvj7NS2w1S7bf0yf3Z7OSRL1++70kknxd67GSfHky/7fBiPj5TyJ+lSTNFdtUNzaXZsrl0lreLtaWV4vVjc1Li8szC6WF0srk5MTVqWtTV6bGD6yv13/09h9++7cfX//X9+7+f/rdC7/O8h3Kt23vx0FqPicDjeeipT8i1g4jWBf05f0Z6HYiAAC8lOw7/lci4lsR8ezP3c4GAAAAOAz1G0PxURJRBwAAAI6stHEObJIW8nMBhiJNC4XmObxfixtRrlRr352vrK/MNc+VHYmBdH6xXBrPzxUeiYEka0806i/al3e0JyPidET8fvh4o12YrZTnuv3jBwAAAPSIbJ4/lDbr2eKD4eb8HwAAADhiRrqdAAAAAHDozP8BAADg6Nt1/p/0dzYRAAAA4DD89NatrNRb97+eu7OxvlS5c2muVF0qLK/PFmYra6uFhUploXHNvuX9Hq9cqax+P1bW7xVrpWqtWN3YnF6urK/Uphv39Z4uuU80AAAAdN7pbz78XxIRWz843iiZY/k2c3U42tJX2z05rDyAzuvrdgJA1zjBF3qXOT6w38R+sEN5AAAAh2fs647/Q696xeP/wBHi+D/0Lsf/oXeZ4wOf+/j/vw8+FwAA4HAMNUqSFvJjgUORpoVCxKnGbQEGkvnFcmk8Ir4cEf8dHvhS1p7odtIAAAAAAAAAAAAAAAAAAAAAAAAA8AVTrydRBwAAAI60iPSdJL//19jw+aGdvw8cSz4cbiwj4u5fbv/x3kyttjaRrX//+fran/L1l7vxCwYAAACwU2ue3prHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBBevrk/myrdDLu4x9GxEi7+P0x2FgOxkBEnHiWRP+2/0siou8A4m89iIgz7eInWVoxkmexM34aEcc7FL9d/7P4Jw8gPvSyh9n4c7Pd+y+N0cay/fu/Py+v6/HobuNf+nz869tl/Du1z2Mfy5dnH/2juGv8BxFn+9uPP634yWuOv7/8xebmbtvqf40Ya/v5k3wmVrG2vFqsbmxeWlyeWSgtlFYmJyeuTl2bujI1XpxfLJfyv21j/O4b//xkr/6f2CX+yD79P7+tvddz8fGje0++ukf8C99u//qf2SN+Fu87+edAtn2sVd9q1rc79/f/nNur/3O79H+/1//CHn3e7uLPfvPWS+4KAHRAdWNzaaZcLq29TCWNV9hZ5TUro29GGiq9WckHiMEuD1AAAMCBefGlv9uZAAAAAAAAAAAAAAAAAAAAQO/qxOXEtsdzOTEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4E31aQAAAP//YGHTsw==")
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f00000002c0), 0x24, 0x0)

35.580980508s ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r5, &(0x7f00000003c0)=ANY=[], 0xfdef)
write(r2, &(0x7f0000001100)="94", 0x1)
tee(r1, r5, 0x81, 0x0)
write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x4)

35.557670606s ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0)

35.550176731s ago: executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x20}, 0x20}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendto$unix(r0, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000), 0x1}, 0x40012301)

35.430617576s ago: executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000080000040"])

35.325886244s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x17, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bb00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

35.26696397s ago: executing program 0:
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x3, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c0000007a006bcd9e3fe3dc6e08000007020004000000007ea60864160af36504005425198bc3488bc3a0e69ee517d34460bc24eab556a705251e6182949a3651f668c3664402682fb6e27bbfa83b5cae0300c9f4d1938037e786a6", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

35.12511115s ago: executing program 4:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1010082, &(0x7f0000001b40)={[{@gid}, {@discard}, {@umask={'umask', 0x3d, 0x4ee5}}, {@discard}, {@discard}, {@fmask={'fmask', 0x3d, 0x2}}, {}, {@allow_utime={'allow_utime', 0x3d, 0x12}}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {}]}, 0x3, 0x1507, &(0x7f0000000440)="$eJzs3Au8TtXWMPAx5pyLTdKT5JY55lg8yWWSJLkk5JIkSZIkJCRJkoTkllsSkpB7yD0kt9jJ/X6/J8mRJElISDK/n+q8zvl6z1ffe873ec+7x//3W3vPsdca45lrjb2fdfntvb9pN7By3SoVajMz/FPw109dASAFAPoAwDUAEAFA8SzFs1xan0Fj13/uRcS/1kNTr/QMxJUk/U/bpP9pm/Q/bZP+p23S/7RN+p+2Sf/TNum/EGnZlmk5r5Ul7S5//vm/+z+vluf//4bk/P8/1p/6SZP+p23S/7RN+p+2Sf/TNul/2ib9T9uk/2mb9F+ItOxKP3/+N1j+eqj+cNsrezyj/1LeFf3mE0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRZpwLlxkA+Ov4Ss9LCCGEEEIIIYQQ/zoh/ZWegRBCCCGEEEIIIf7fQwCjwUAE6SA9pEAGyAhXQSa4GjLDNZCAayELXAdZ4XrIBtkhB+SEXHAD5AYLBA4YYsgDeSEJN0I+uAnyQwEoCIXAQ2EoAjdDUbgFisGtUBxmLwS4HUpCKSgNZeAOKAt3QjkoDxXgLqgIlaAyVIG7oSrcA9XgXqgO90ENuB9qwgNQCx6E2vAQ1IGHoS48AvXgUagPj0EDaAiN/kv5L0EneBk6QxfoCt2gO7wCPaAn9ILe0Adehb7wGvSD16E/DICB8AYMgjdhMLwFQ2AoDIO3YTiMgJEwCkbDGBgL78A4GA8T4F2YCJNgMkyBqTANpsN7MANmwix4H2bDBzAH5sI8mA8L4ENYCIsgFT6CxfAxLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJu2B3+T3wCeyFT2EffAb74fP/y/yz8Pf57REQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jALJgFs2JWzIbZMAfmwFyYC3NjbiQkZGTMg3kwiUnMh/kwP+bHglgQPXosgkWwKN6CxbAYFsfiWAJLYEkshaWwDJbBslgWy2E5rHD7XACsiJWxMt6Nd+M9WA2rYXWsjjWwBtbEmlgLa2FtrI11sA7WxbpYD+thfayPDbABNsJG2BgbYxNsgs2wGTbH5tgCW2BLbImtsBW2xtbYBttgW2yL7bAdtscO2AFfwpfwZXwZu2BF1Q27Y3fsgT2wF/bG3vgq9sXX8DV8HfvjAByIb+Ab+CYOxjM4BIfiMByGZdUIHImjkNUYHItjcRyOwwk4ASfiJJyEU3AqTsPpOB1n4Eycie/jbPwAP8C5OBfn4wJcgAtxEaZiKi7Gs7gEl+IyXI4rcCWuwNW4BlfjOlyP63AjbsTNuBm34lbcjttxJ+7E3bgbP8FP8FP8FPvjftyPB/AAHsSDeAgP4WE8jEfwyNarAPAYHsPjeBxP4Ek8hSfxNJ7GM3gWz+E5PI/n8QK+kOurOrsLrO0P6hKjjEqn0qkUlaIyqowqk8qkMqvMKqESKovKorKqrCqbyqZyqBwql8qlcqvcihQpVrHKo/KopEqqfCqfyq/yq4KqoPLKqyKqiCqqiqpiqpgqrm5TJdTtqqQqpZr6MqqMKqua+XKqvKqgKqiKqpKqrKqoKqqqqqqqqWqquqquaqgaqqZ6QNVS3bAXPqQudaauGoD11ECsrx5TDVRD9SY+rhqrwdhENVXN1JNqKA7BFqqxb6meUa3USGytnlOj8HnVVo3BdupF1V51UB3VS6qTauI7qy5qInZT3dUU7KF6ql6qt5qBldSljlVWr6v+aoAaqN5Q8/FNNVi9pYaooWqYelsNVyPUSDVKjVZj1Fj1jhqnxqsJ6l01UU1Sk9UUNVVNU9PVe2qGmqlmqffVbPWBmqPmqnlqvlqgPlQL1SKVqj5Si9XHaolaqpap5WqFWqlWqdVqjVqr1qn1aoPaqDapzWqL2qq2qe1qh9qpdqndao/6RO1Vn6p96jO1X32uDqi/qIPqC3VIfakOq6/UEfW1Oqq+UcfUt+q46qJOqJPqlPpenVY/qDPqrDqnflTn1U/qgvpZXVRBgUattNZGRzqdTq9TdAadUV+lM+mrdWZ9jU7oa3UWfZ3Oqq/X2XR2nUPn1Ln0DTq3tpq006xjnUfn1Ul9o86nb9L5dQFdUBfSXhfWRfTNuqi+RRfTt+ri+jZdQt+uS+pSurQuo+/QZfWdupwuryvou3RFXUlX1lX03bqqvkdX0/fq6vo+XUPfr2vqB3Qt/aCurR/SdfTDuq5+RNfTj+r6Ovrt/PW4bqyf0E10U91MP6mb66d0C/20bqmf0a30s7q1fk630c/rtvoF3U6/qNvrDrqj/llf1EF31l10V91Nd9ev6B66p+6le+s++lXdV7+m++nXdX89QA/Ub+hB+k09WL+lh+iheph+Ww/XI/RIPUqP1mP0WP2OHqfH6wn6XT1RT9KT9RQ9VU/TvX6rNOtP5I//T/L7/fLqm/UWvVVv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+ov9en9Q/6jD6rz+of9Xl9Xl/47RiAQaOMNsZEJp1Jb1JMBpPRXGUymatNZnONSZhrTRZznclqrjfZTHaTw+Q0ucwNJrexhowzbGKTx+Q1SXOjyWduMvlNAVPQFDLeFDZFzM3/dP4/mN/yyb823zQyjUxj09g0MU1MM9PMNDfNTQvTwrQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U1H09F0Mp1MZwTT1XQ13c0rpofpaXqZ3qaPedX0NX1NP9PP9Df9zUAz0Awyg8xgM9gMMUOMAYDhZrgZaUaa0Wa0GWvGmnFmnJlgJpiJZqKZbCabqWaqmW6mmxlmhpllZpnZZraZY+aYeWaeWWAWmIVmoUk1qWaxWWyWmKVmqVlulpuVZqVZbVabtWatWW/Wm41mo1litpgtZpvZZnaYHWaX2WX2mD1mr9lr9pl9Zr/Zbw6YA+agOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmlDllTpvT5ow5Y86Zc+a8OW8umAvmorl46bIvUpGKTGSidFG6KCVKiTJGGaNMUaYoc5Q5SkSJKEuUJcoaXR9li7JHOaKcUa7ohih3ZCOKXMRRHOWJ8kbJ6MYoX3RTlD8qEBWMCkU+KhwViW6Oika3RMWiW6Pi0W1Riej2qGRUKiodlYnuiMpGd0blovJRheiuqGJUKaocVYnujqpG90TVonuj6tF9UY3o/qhm9EBUK3owqh09FNWJHo7qRo9E9aJHo/rRY1GDqGHU6F9aP4Qz2Z/wnW0Xmx662e72FdvD9rS9bG/bx75q+9rXbD/7uu1vB9iB9g07yL5pB9u37BA71A6zb9vhdoQdaUfZ0XaMHWvfsePseDvBvmsn2kl2sp1ip9ppdrp9z86wM+0s+76dbT+wc+xcO8/Otwvsh3ahXWRT7Ud2sf3YLrFL7TK73K6wK+0qu9qusWvtOrvebrAb7Sa72W6xW+02u93usDvtLrvb7rGf2L32U7vPfmb328/tAZvy2/vjl/aw/coesV/bo/Ybe8x+a4/b7+wJe9Kest/b0/YHe8aetefsj/a8/clesD/bizZcuri/dHonQ4bSUTpKoRTKSBkpE2WizJSZEpSgLJSFslJWykbZKAfloFyUi3JTbrqEiSkP5aEkJSkf5aP8lJ8KUkHy5KkIFaGiVJSKUTEqTsWpBJWgklSSSlNpuoPuoDvpTipP5ekuuosqUSWqQlWoKlWlalSNqlN1qkE1qCbVpFpUi2pTbapDdagu1aV6VI/qU/2zv/0KMzWmxtSEmlAzakbNqTm1oBbUklpSK2pFrak1taE21JbaUjtqR+2pPXWkjtSJOlFn6kxdqSt1p+7Ug3pQL+pFfagP9aW+1I/6UX/qTwNpIA2iQTSYBtMQGkrD6G0aTiNoJI2i0TSGxtJYGkfjaAJNoIk0kSbTZJpKU2k6TacZNINm0SyaTbNpDs2heTSPFtACWkgLKZVSaTEtpiW0hJbRMlpBK2gVraI1tIbW0TraQBtoE22iLbSFttE22kE7aBftoj20h/bSXtpH+2g/7acDdIAO0kE6RIfoMB2mI3SEjtJROkbH6DgdpxN0gk7RKTpNp+kMnaFzdI7O0090gX6mixQoxWVwGd1VLpO72mV217j/Pc7hcrpc7gaX21mXzWX/u5icc/ldAVfQFXLeFXZF3M2/i0u6Uq60K+PucGXdna7c7+Kqa3b82kV3n6vi7nZV3T2umrvXVXf3uRruflfTPeJquUddbfeYq+MaurruEVfPPerqu8dcA9fQNXdPuRbuadfSPeNauWd/Fy90i9wat9atc+vdXvepO+d+dEfdN+68+8l1dl1cH/eq6+tec/3c666/G/C7eJh72w13I9xIN8qNdmN+F092U1wGN81Nd++5GW7mL/HUv4kXuA/dbJfq5ri5bp6b/0t8aU6p7iO32H3slrilbplb7la4lW6VW/0fc13uNrpNbrPb4z5x29x2t8PtdLvc7l/iS/uxz33m9rvP3RH3tTvovnCH3DF32H31S3xp/465b91x95074U66U+57d9r94M64s7/s/6V9/9797C664ICRFWs2HHE6Ts8pnIEz8lWcia/mzHwNJ/hazsLXcVa+nrNxds7BOTkX38C52TKxY+aY83BeTvKNnI9v4vxcgAtyIfZcmIvwzVyUb+FifCsX59u4BN/OJbkUl+YyfAeX5Tu5HJfnCnwXV+RKXJmr8N1cle/hanwvV+f7uAbfzzX5Aa7FD3Jtfojr8MNclx/hevwo1+fHuAE35Eb8ODfmJ7gJN+Vm/CQ356e4BT/NLfkZbsXPcmt+jtvw89yWX+B2/CK35w7ckV/iTvwyd+Yu3JW7cXd+hXtwT+7FvbkPv8p9+TXux69zfx7AA/kNHsRv8mB+i4fwUB7Gb/NwHsEjeRSP5jE8lt/hcTyeJ/C7PJEn8WSewlN5Gk/n93gGz+RZ/D7P5g94Ds/leTyfF/CHvJAXcSp/xIv5Y17CS3kZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJbeRtvZ+SdvIt38x7+hPfyp7yPP+P9/Dkf4L/wQf6CD/GXfJi/4iP8NR/lb/gYf8vH+Ts+wSf5FH/Pp/kHPsNn+Rz/yOf5J77AP/NFDgwxxirWsYmjOF2cPk6JM8QZ46viTPHVceb4mjgRXxtnia+Ls8bXx9ni7HGOOGecK74hzh3bmGIXcxzHeeK8cTK+Mc4X3xTnjwvEBeNCsY8Lx0Xim+Oi8S1xsfjWuHh8W1wivj0uGZeKH7mvTHxHXDa+My4Xl48rxHfFFeNKceW4Snx3XDW+J64W3xtXj++Li8X3xzXjB+Ja8YNx7fihuE78cFw3fiSuFz8a148fixvEDeNG8eNx4/iJuEncNG4WPxk3j5+KW8RPxy3jZ+JW8bN/uL5r3C3uHr8SvxKHcK+el5yfXJD8MLkwuSiZmvwouTj5cXJJcmlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3JzMoQq6cGjV1574yOfzqf3KT6Dz+iv8pn81T6zv8Yn/LU+i7/OZ/XX+2w+u8/hc/pc/gaf21tP3nn2sc/j8/qkv9Hn8zf5/L6AL+gLee8L+yK+oW/kG/nG/gnfxDf1zfyT/kn/lH/KP+2f9s/4Vv5Z39o/59v4531b/4J/wb/o2/sOvqN/yXfyL4fgu/iuvqvv7rv7Hr6H7+V7+T6+j+/r+/p+vp/v7/v7gX6gH+QH+cF+sB/ih/hhfpgf7of7kX6kH+1H+7F+rB/nx/kJfoKf6Cf6yX6yn+qn+ul+up/hZ/hZfpafnX+2n+Pn+Hl+nl/gF/iFfqFP9al+sV/sl/glfplf5lf4FX6VX+XX+DV+nV/nN/gNfpPf5Lf4LX6b3+Z3+B1+l9/l9/g9fq/f6/f5fX6/3+8P+APngj/oD/kv/WH/lT/iv/ZH/Tf+mP/WH/ff+RP+pD/lv/en/Q/+jD/rz/kf/Xn/k7/gf/YXffBjE+8kxiXGJyYk3k1MTExKTE5MSUxNTEtMT7yXmJGYmZiVeD8xO/FBYk5ibmJeYn5iQeLDxMLEokRq4qPE4sTHiSWJpYllieWJFYmViRBu2BaHPCFvSIYbQ75wU8gfCoSCoVDwoXAoEm4ORcMtoVi4NRQPt4US4fZQMpQKpcOjoX54LDQIDUOj8HhoHJ4ITULT0Cw8GZqHp0KL8HRoGZ4JrcKzoXV4LrQJz4e24YXQLrwY2ocOoWN4KXQKL4fOQYeuoVvoHl4JPULP0Cv0Dn3Cq6FveC30C6+H/mFAGBjeCIPCm2FweCsMCUPDsPB2GB5GhJFhVBgdxoSx4Z0wLowPE8K7YWKYFCaHKWFqmBamh/fCjDAzzArvh9nhgzAnzA3zwvywIHwYFoZFITV8FBaHj8OSsDQsC8sDpKwMq8LqsCasDevC+rAhbAybwuawJWwN28L2sCPsDLvC7rAnfBL2hk/DvvBZ2B8+DwfCX8LB8EU4FL4Mh8NX4Uj4OhwN34Rj4dtwPHwXToST4VT4PpwOP4Qz4Ww4F34M58NP4UL4OVyUv1kTQgghhPhTxv/B+m5/F6n/+Kh++0p3ALh6e87Df7uVBoAN2X4d91S5micA4Jku7R7661KxYteuXX/bdomGKO9cAEhczk8Hl+Ol0AyegpbQFIr+p/PrqTqc5z+on7wNIOPf5KTA5fhy/Vv+Qf0Rs/+w/lyA/Hkv52SAy/Hl+sV+Vzv6pX72xn9QP8MXYwGa/E1eJrgcX65fBJ6AZ6Hl320phBBCCCGEEEL8qqcq3eaP7m8v3Z/nMpdz0sPl+I/uz4UQQgghhBBCCHHlPd+h49OPt2zZtM0/GJT/x6tkkFYG6f57TOPffgDw32Iaf25wpd+ZhBBCCCGEEP9qly/6r/RMhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKItOv/x78Tu9L7KIQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQlxp/ysAAP//OOA13Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000300), 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000840)='./file0/file0/file0\x00', 0x0, 0x0)

34.929429079s ago: executing program 4:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @private2}], 0x1c)

34.638099054s ago: executing program 4:
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=@getneightbl={0x14, 0x42, 0x727d4c0aeeddad0d, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000440)='./file0\x00', &(0x7f00000004c0), &(0x7f0000000680), 0x2, 0x2)
writev(0xffffffffffffffff, &(0x7f0000001ac0)=[{0x0}, {&(0x7f0000000840)="626f145367722890392739716144b6e73105cd726e4f13dd79bc0c3f7891b088d3387d3adaa6b7f3002e8551a078919596aa3b11f003914090c7a537187175f686ffd84b9918788e5c32d01a17fc9d8be670249cdd114acae4808d85782f8f213408ed8c836c032f00c2426065a749e3a67c4aec196ff0f3aa1ae67d984c09b7ffa3", 0x82}, {&(0x7f0000000280)="8c445a", 0x3}, {0x0}, {&(0x7f00000019c0)="9cefc13c52fc6298a0c6c91143a5d1dd7fa3347086afaa687f5ec7bf171f14be34d66c52fcd4e87fb978390e02b02b9cee44bda13e712d1336c755306ee3d9b7e862f1f91f3f5ed7dae55d74940a0a0ce509e3a78c196a2566cdc2946472e38970eb1cd76bf0ef940a65dd2ee9a977575f491b111f1bcc687917cf1b911d559fe11c04d0d79c20142c0dac1bb5966607d0f297efa27aff92e5d8707162e46bd7956de460caa4a1e07b64be5353c286e362e57766ffbd18d2c12c27a37e1edb67ab996ff0fa911161", 0xc8}], 0x5)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0xc02c5341, &(0x7f0000000040)={0x3e3, @time})
r2 = fsmount(r1, 0x0, 0x0)
fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0xb)
syz_open_procfs$userns(0x0, 0x0)
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmsg(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001e80)=""/168, 0xa8}, 0x40002030)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x22800, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0xb)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xb)

34.627031015s ago: executing program 3:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet6_int(r0, 0x29, 0x2b, 0x0, 0xfff3)

33.527730399s ago: executing program 1:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x20}, 0x20}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendto$unix(r0, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000), 0x1}, 0x40012301)

33.432177804s ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000080000040"])

33.252252914s ago: executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
sendmmsg$inet(r0, &(0x7f0000008e80)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000280)="a9aabab2ea2b7f828bec64c06361fefaa511741fc584121140d84e44becfb2485320ca0157939af01d0baaa106bfa18f912c3f2eb0bb7295442ac909747b2ff796d8621c22177403b424397292b48ff0a9e3b35b619aa1ef6cc8d0ec1126a3de8a7f2975a5b96c35e21d2b621592c3d016856d557e13b4cb318026000cef5a24bb7ac62640f9e390", 0x88}], 0x1}}], 0x1, 0x0)
recvmsg(r0, &(0x7f0000008ac0)={0x0, 0x0, &(0x7f0000006380)=[{&(0x7f0000009140)=""/135, 0x87}], 0x1}, 0x102)

33.199968006s ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xdc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket$inet(0x2, 0x2, 0x0)
shutdown(r7, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x8}, 0x48)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000019000100000000000000000000000000000000000000000000000000fe880000000000000000000000000001000000000000000002002020"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)
close_range(r0, r1, 0x0)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000a40)={0x234, r9, 0x200, 0x70bd2a, 0x25dfdbf9, {}, [@TIPC_NLA_SOCK={0x8c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xa55c}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7db8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1000}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4000002}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x100}]}, @TIPC_NLA_MEDIA={0x8c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf610}]}]}, @TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x58a0bd17}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x65e}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfff}]}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x73}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfff}]}, @TIPC_NLA_MON={0x4}, @TIPC_NLA_MEDIA={0x70, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x97}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x234}, 0x1, 0x0, 0x0, 0x20018084}, 0x90)
r10 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46d, 0xc086, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8}, 0x48)

30.054139291s ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@can_delroute={0x24, 0x19, 0x105, 0x0, 0x0, {}, [@CGW_SRC_IF={0x8, 0x9, r2}, @CGW_DST_IF={0x8}]}, 0x24}}, 0x0)

5.517938042s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
r2 = syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f00000000c0)={[{@check_strict}, {@map_acorn}, {@hide}, {}, {@check_relaxed}, {@nojoliet}, {@mode}, {@block={'block', 0x3d, 0x400}}]}, 0x1, 0x52c, &(0x7f0000000580)="$eJzs3W9v00gewPGfS3tUOQmdjhNCVYGh3ElFKsFxICjikc+ZpAOOHdkOah+hiqaoIoUT5aRtn+zyhN2Vdl8ET/dF7DtC+xJ2ZTspLW1ioH+Cqu8ngpnYY89vUss/uY3HAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxPIatl2xxDdBd0WN5jWisP3x7WDrQwvk9oFiTL8iVvpPZmflar7o6r8+rr6S/rcg8/m7eZlNi1nZ/fuVfzy8PD013H5MwGdie2f3xVq/33s96UBO0bWLo9e1dGDi0LTdllYmDlW9VrPvLjdj1TS+jlfjRLeVF2k3CSO16N1WlXq9qnR5NewGrYbr6+HCB3cc266pR+WOdqM4DO4+KsfesvF9E7SyNunqtM2D9EB8bBKVaLet1MZmv1ctGkDaqPI5jZyiRo7tOJWK41Rq9+v3H9j29KEF9ifkUIvJH7SYrBM8ewPHMzXI/+KLkUC6siLqyJcnDYkklPaI9QPD/P+fu3psv/vz/zDLX/24ek6y/H89f3d9VP4fEcvZvbZlR3blhaxJX/rSk9cTj+hsXy3REoiRWEIx0hY3W6IGS5TUpSY1seWpLEtTYlHSFCO+aIllVWJJRGdHlCeRaHElkVAiUbIontwWJRWpS12qokRLWVYllK4E0pKGuNleNmQz+9yroqxRMe41qowcRml43PXEGTNa8j+O70TP38Bx/DnM/wAAAAAA4Nyyst++p9f/M3ItqzWNr+1JhwUAAAAAAE5Q9pf/+bSYSWvXxOL6HwAAAACA88bK7rGzRKQkN/LahljZ7VL8EgAAAAAAgHMi+/v/9bTI5kC5IdbedClc/wMAAAAAcE78VDjHfty5aP3+h0TRjPW2s/Jva8tN27lbF/LtLny6x6Q5Z10a7CQrankxPe3peWs2b7Q3CeaHQbFRFId1VAA/fEkAl6flF7mZt7m5npfrwzV5L6Wm8XXZC/2HFXHdS1OJXkn+/3LzO8mG/3PQvmTJxma/V372qr+exfI23cvbrcEEiofmURwTy5tsvoXsnosjRzyT3Ygx6LeU92vvH/9UvvnUF/T5ThbyNguDGW9LB8c/m/ZZKY8a/SCKyjFH/k5u5W1uLd7KiyOicIqicPZH8VWfxWdEUS2KonrMKABgUjYKspB1OPF/xVnu67K7fGF2fyeLeZvFuezEOj13xBndLjqj28fMbr8degbSqByb9vvrJ1n1fbrB+5H9xr5jpR/hhTdb/5Mr2zu7dza31p73nvdeOk61Zt+z7fuOzGTDGBTkHgDAEYqfsVPYwrpXcFX9z72vFJTlmbySvqzLUna3QfaNgyP3Wtr3NYSlgqvWUpYm8ye8LI25qvtbdpfDcL/O2LYHY6ie/g8CAIAztFCQhz8n/y8VXHcfzOXjr45L+57WBgAAToeOPlil5EcrikznaaVer7jJslZR6D1WkWm0tDJBoiNv2Q1aWnWiMAm90E8rT0xDxyrudjphlKhmGKlOGJuV7MnvavDo91i33SAxXtzxtRtr5YVB4nqJapjYU53uf30TL+so2zjuaM80jecmJgxUHHYjT5eVirXe19A0dJCYpkmrgepEpu1Gq+pJ6HfbWjV07EWmk4T5Dod9maAZRu1st+VJf9gAAHwjtnd2X6z1+73Xp1iZ9BgBAMBBZGkAAAAAAAAAAAAAAAAAAAAAAL59Z3H/H5VzXhlOBf2txEPlBCqFp47vT/3kBOBU/RUAAP//q6hPjA==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = signalfd4(r2, &(0x7f0000000180), 0x8, 0x80800)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "4ee6fa", 0x8, 0x0, 0x0, @dev, @mcast2, {[@dstopts={0x89}]}}}}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18}, './file0\x00'})
mount$bind(0x0, &(0x7f0000000440)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000400)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f00000007c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r5, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1})
add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000240)={'fscrypt:', @desc1}, &(0x7f00000002c0)={0x0, "615a091a55a8c9a640115d99d981b3886420589c6685d4982a83b71b906769e737201ac6b7a7804454156569cbf3a5be811debc957b5831b89b59d703e748c7c"}, 0x48, 0xffffffffffffffff)
fspick(r5, &(0x7f0000000080)='./file0\x00', 0x0)
read$FUSE(r4, &(0x7f000000c1c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, r1, 0x1, 0xfffffffc, 0x0, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000780)=ANY=[@ANYBLOB="18020000", @ANYRES16, @ANYBLOB="10"], 0xfda6}}, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6f94f90224fc600e0005000a000200053582c137153e3704000b80fc0809000300", 0x33fe0}], 0x1}, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x15)
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af25, &(0x7f0000000080))
ioctl$TCSETSF2(r7, 0x404c4701, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x5, 0x0, "ebeed70000000000000000960000000800", 0x0, 0x2})
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r7, 0x8008f512, &(0x7f0000000000))
syz_open_procfs(r6, &(0x7f0000000300)='net/ipv6_route\x00')

5.242153549s ago: executing program 0:
syz_open_dev$vbi(0x0, 0x3, 0x2)
syz_open_procfs(0x0, 0xfffffffffffffffc)

4.60205913s ago: executing program 3:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @private2}], 0x1c)

4.593585816s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x1c}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
set_mempolicy_home_node(&(0x7f00002e3000/0x1000)=nil, 0x1000, 0x0, 0x0)

kernel console output (not intermixed with test programs):

: type=1326 audit(1717905126.176:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f887cf69 code=0x7ffc0000
[  458.166180][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[  458.202810][   T29] audit: type=1326 audit(1717905126.196:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f887cf69 code=0x7ffc0000
[  458.234655][ T1040] bridge_slave_0: left allmulticast mode
[  458.251578][   T29] audit: type=1326 audit(1717905126.196:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7f887cf69 code=0x7ffc0000
[  458.262932][ T1040] bridge_slave_0: left promiscuous mode
[  458.292778][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.354196][   T29] audit: type=1326 audit(1717905126.256:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f887cf69 code=0x7ffc0000
[  458.427296][   T29] audit: type=1326 audit(1717905126.256:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc7f887a6e7 code=0x7ffc0000
[  458.495785][   T29] audit: type=1326 audit(1717905126.256:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13084 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc7f88403b9 code=0x7ffc0000
[  459.070721][T13091] loop0: detected capacity change from 0 to 32768
[  459.114649][T13091] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (13091)
[  459.172674][T13091] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  459.196434][T13091] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  459.258556][T13091] BTRFS info (device loop0): using free-space-tree
[  459.809681][T13126] loop3: detected capacity change from 0 to 1024
[  459.820655][T12897] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  459.874714][T13126] hfsplus: unable to find HFS+ superblock
[  459.963706][T12940] Bluetooth: hci3: command tx timeout
[  460.001764][T13128] loop1: detected capacity change from 0 to 4096
[  460.120461][T13130] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  460.278005][T13128] NILFS (loop1): bad btree node (ino=3, blocknr=0): level = 0, flags = 0x0, nchildren = 0
[  460.331616][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  460.332946][T13128] NILFS error (device loop1): nilfs_bmap_lookup_at_level: broken bmap (inode number=3)
[  460.401555][T13128] Remounting filesystem read-only
[  460.434722][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  460.495240][ T1040] bond0 (unregistering): Released all slaves
[  460.681821][T13140] tun0: tun_chr_ioctl cmd 2147767519
[  460.896519][T13053] chnl_net:caif_netlink_parms(): no params data found
[  461.231866][T13160] loop0: detected capacity change from 0 to 512
[  461.268037][T13160] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  461.322138][T13160] EXT4-fs (loop0): 1 truncate cleaned up
[  461.361110][T13160] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  461.380022][ T1040] hsr_slave_0: left promiscuous mode
[  461.399305][ T1040] hsr_slave_1: left promiscuous mode
[  461.414611][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  461.435564][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  461.469939][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.504428][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  461.534143][T12897] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.607096][ T1040] veth1_macvtap: left promiscuous mode
[  461.622647][ T1040] veth0_macvtap: left promiscuous mode
[  461.629157][ T1040] veth1_vlan: left promiscuous mode
[  461.659368][ T1040] veth0_vlan: left promiscuous mode
[  462.034058][T12940] Bluetooth: hci3: command tx timeout
[  462.420726][T13168] loop3: detected capacity change from 0 to 40427
[  462.467765][T13168] F2FS-fs (loop3): invalid crc value
[  462.517201][T13168] F2FS-fs (loop3): Found nat_bits in checkpoint
[  462.670151][T13168] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  463.033374][T12950] syz-executor.3: attempt to access beyond end of device
[  463.033374][T12950] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  463.049141][T12950] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  463.068673][ T1040] team0 (unregistering): Port device team_slave_1 removed
[  463.154008][T13194] mmap: syz-executor.2 (13194) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  463.174605][ T1040] team0 (unregistering): Port device team_slave_0 removed
[  464.114702][T12940] Bluetooth: hci3: command tx timeout
[  464.387401][T13211] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  464.975533][T13210] loop3: detected capacity change from 0 to 4096
[  464.983854][T13210] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  465.356746][T13183] sch_tbf: burst 0 is lower than device team0 mtu (1514) !
[  465.397933][T13191] tun0: tun_chr_ioctl cmd 2147767519
[  465.438415][T13053] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.451175][T13053] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.474587][T13053] bridge_slave_0: entered allmulticast mode
[  465.487250][T13053] bridge_slave_0: entered promiscuous mode
[  465.516927][T13053] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.566826][T13053] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.572858][   T29] kauditd_printk_skb: 32 callbacks suppressed
[  465.572876][   T29] audit: type=1800 audit(1717905133.896:997): pid=13221 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1949 res=0 errno=0
[  465.583186][T13053] bridge_slave_1: entered allmulticast mode
[  465.615540][T13053] bridge_slave_1: entered promiscuous mode
[  465.748759][T13053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  465.810196][T13053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  465.983472][T13053] team0: Port device team_slave_0 added
[  466.064560][T13053] team0: Port device team_slave_1 added
[  466.165639][T13053] batman_adv: batadv0: Adding interface: batadv_slave_0
[  466.184926][T13053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.248677][T13053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  466.289982][T13053] batman_adv: batadv0: Adding interface: batadv_slave_1
[  466.309416][T13053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.348503][T13053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  466.525094][T12996] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  466.554032][T13053] hsr_slave_0: entered promiscuous mode
[  466.573087][T13053] hsr_slave_1: entered promiscuous mode
[  466.603510][ T1040] bridge_slave_1: left allmulticast mode
[  466.612651][ T1040] bridge_slave_1: left promiscuous mode
[  466.642714][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.682995][ T1040] bridge_slave_0: left allmulticast mode
[  466.688852][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.699254][T13228] loop1: detected capacity change from 0 to 32768
[  466.715192][T13228] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (13228)
[  466.729266][T12996] usb 1-1: Using ep0 maxpacket: 32
[  466.739007][T12996] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  466.781815][T12996] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.800549][T13228] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  466.823117][T12996] usb 1-1: config 0 descriptor??
[  466.829172][T13228] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  466.840246][T12996] gspca_main: nw80x-2.14.0 probing 055f:d001
[  466.846505][T13228] BTRFS info (device loop1): using free-space-tree
[  467.493509][T12788] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  467.515031][ T5144] usb 1-1: USB disconnect, device number 3
[  467.730271][   T29] audit: type=1326 audit(1717905136.066:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13291 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fead1e7cf69 code=0x0
[  468.109160][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  468.132944][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  468.151533][ T1040] bond0 (unregistering): Released all slaves
[  468.183414][T13299] netlink: 'syz-executor.1': attribute type 12 has an invalid length.
[  468.247946][T13301] loop0: detected capacity change from 0 to 4096
[  468.295422][T13301] NILFS (loop0): invalid segment: Checksum error in segment payload
[  468.342681][T13301] NILFS (loop0): trying rollback from an earlier position
[  468.408961][T13301] NILFS (loop0): recovery complete
[  468.437869][T13308] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  468.601610][T13310] loop1: detected capacity change from 0 to 2048
[  468.725529][T13310] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  468.871206][T13320] overlay: ./file0 is not a directory
[  469.084160][ T1040] hsr_slave_0: left promiscuous mode
[  469.091229][ T1040] hsr_slave_1: left promiscuous mode
[  469.104291][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  469.115212][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  469.154790][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  469.162313][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  469.273076][ T1040] veth1_macvtap: left promiscuous mode
[  469.278675][ T1040] veth0_macvtap: left promiscuous mode
[  469.294325][ T1040] veth1_vlan: left promiscuous mode
[  469.299743][ T1040] veth0_vlan: left promiscuous mode
[  469.324973][T13062] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  469.528779][T13062] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  469.555246][T13062] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.580804][T13062] usb 4-1: Product: syz
[  469.594060][T13062] usb 4-1: Manufacturer: syz
[  469.608511][T13062] usb 4-1: SerialNumber: syz
[  469.631243][T13062] usb 4-1: config 0 descriptor??
[  469.659146][T13062] usb 4-1: Waiting for MOTU Microbook II to boot up...
[  469.669801][T13062] usb 4-1: failed setting the sample rate for Motu MicroBook II: -22
[  469.680314][T13062] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -22
[  469.855694][T12996] usb 4-1: USB disconnect, device number 16
[  470.449606][   T29] audit: type=1326 audit(1717905138.786:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13342 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe2be47cf69 code=0x0
[  470.591036][ T1040] team0 (unregistering): Port device team_slave_1 removed
[  470.659105][ T1040] team0 (unregistering): Port device team_slave_0 removed
[  470.999268][ T5099] Bluetooth: hci1: command tx timeout
[  471.229570][T13366] loop3: detected capacity change from 0 to 2048
[  471.286148][T13366] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  471.660455][T13337] batadv0: entered promiscuous mode
[  471.689215][T13338] veth0_to_team: entered promiscuous mode
[  471.712205][T13354] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  471.817764][T13339] veth0_to_team: left promiscuous mode
[  471.829379][T13339] batadv0: left promiscuous mode
[  471.864513][T13372] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.2'.
[  472.606178][T13386] loop1: detected capacity change from 0 to 512
[  472.808123][   T29] audit: type=1800 audit(1717905140.766:1000): pid=13385 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=1943 res=0 errno=0
[  472.894888][T13392] x_tables: unsorted underflow at hook 4
[  473.030749][T13386] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  473.047676][T13386] EXT4-fs (loop1): mount failed
[  473.290987][ T1040] bridge_slave_1: left allmulticast mode
[  473.303249][ T1040] bridge_slave_1: left promiscuous mode
[  473.329759][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.420713][ T1040] bridge_slave_0: left allmulticast mode
[  473.437177][ T1040] bridge_slave_0: left promiscuous mode
[  473.451998][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.672557][   T29] audit: type=1326 audit(1717905142.006:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13407 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe2be47cf69 code=0x0
[  475.299202][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  475.424648][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  475.451393][ T1040] bond0 (unregistering): Released all slaves
[  476.418820][T13406] batadv0: entered promiscuous mode
[  476.431489][T13409] veth0_to_team: entered promiscuous mode
[  476.440236][T13415] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  476.667350][T13053] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  476.690843][T13053] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  476.717198][T13421] loop3: detected capacity change from 0 to 32768
[  476.728178][T13053] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  476.752394][T13053] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  476.811521][T13411] veth0_to_team: left promiscuous mode
[  476.823109][T13411] batadv0: left promiscuous mode
[  476.858589][T13421] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  476.950879][T13439] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'.
[  476.962354][T13439] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  476.970581][T13439] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  476.978764][T13439] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.2'.
[  477.620678][T13421] XFS (loop3): Ending clean mount
[  477.703793][T13445] x_tables: unsorted underflow at hook 4
[  477.752280][ T1040] hsr_slave_0: left promiscuous mode
[  477.828073][ T1040] hsr_slave_1: left promiscuous mode
[  477.871309][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  477.884857][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  477.978251][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.002283][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.089497][ T1040] veth1_macvtap: left promiscuous mode
[  478.114255][ T1040] veth0_macvtap: left promiscuous mode
[  478.120369][ T1040] veth1_vlan: left promiscuous mode
[  478.128095][ T1040] veth0_vlan: left promiscuous mode
[  478.525444][ T5099] Bluetooth: hci2: command tx timeout
[  478.724798][T13453] loop0: detected capacity change from 0 to 32768
[  478.899537][T13461] loop1: detected capacity change from 0 to 512
[  478.996505][T13461] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  479.018484][T13453] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (13453)
[  479.120624][T13461] EXT4-fs (loop1): 1 orphan inode deleted
[  479.126956][T13461] EXT4-fs (loop1): 1 truncate cleaned up
[  479.171308][T13461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  479.334256][T13453] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  479.344734][T13453] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  479.353927][T13453] BTRFS info (device loop0): using free-space-tree
[  479.580844][T12788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.052023][   T29] audit: type=1326 audit(1717905148.386:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13482 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fead1e7cf69 code=0x0
[  480.179230][ T1040] team0 (unregistering): Port device team_slave_1 removed
[  480.242192][ T1040] team0 (unregistering): Port device team_slave_0 removed
[  480.938715][T13481] batadv0: entered promiscuous mode
[  480.944447][T13484] veth0_to_team: entered promiscuous mode
[  480.950447][T13486] veth0_to_team: left promiscuous mode
[  480.956531][T13486] batadv0: left promiscuous mode
[  481.018567][T13490] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  481.023649][T13492] loop1: detected capacity change from 0 to 64
[  481.055724][T13492] MINIX-fs: file system does not have enough imap blocks allocated.  Refusing to mount.
[  481.066826][T13492] MINIX-fs: bad superblock or unable to read bitmaps
[  481.110273][T13053] 8021q: adding VLAN 0 to HW filter on device bond0
[  481.158274][T12950] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  481.187621][T13053] 8021q: adding VLAN 0 to HW filter on device team0
[  481.251620][T12996] bridge0: port 1(bridge_slave_0) entered blocking state
[  481.258801][T12996] bridge0: port 1(bridge_slave_0) entered forwarding state
[  481.298645][T13496] x_tables: unsorted underflow at hook 4
[  481.320380][T12897] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  481.354402][  T783] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.361572][  T783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  481.441869][T13053] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  482.360340][ T1040] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.515294][T13053] 8021q: adding VLAN 0 to HW filter on device batadv0
[  482.520187][T12940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  482.542988][T12940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  482.552678][T12940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  482.563067][T12940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  482.572216][T12940] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  482.581522][T12940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  482.721055][ T1040] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.925359][ T1040] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.039340][T12940] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  483.070001][T12940] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  483.087678][T12940] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  483.104598][ T1040] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.116496][T12940] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  483.137329][T12940] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  483.144911][T12940] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  483.197049][T13524] loop1: detected capacity change from 0 to 128
[  483.242922][T13524] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  483.266952][T13524] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  483.781779][T13539] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  483.824026][T13539] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.2'.
[  483.860372][T13539] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'.
[  483.900252][ T1040] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.010495][T13509] chnl_net:caif_netlink_parms(): no params data found
[  484.047948][T13053] veth0_vlan: entered promiscuous mode
[  484.101368][ T1040] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.250038][ T1040] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.340828][T13053] veth1_vlan: entered promiscuous mode
[  484.473655][ T1040] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.645728][T13509] bridge0: port 1(bridge_slave_0) entered blocking state
[  484.663077][T13509] bridge0: port 1(bridge_slave_0) entered disabled state
[  484.671669][T13509] bridge_slave_0: entered allmulticast mode
[  484.682961][T12940] Bluetooth: hci1: command tx timeout
[  484.707684][T13509] bridge_slave_0: entered promiscuous mode
[  484.725357][T13509] bridge0: port 2(bridge_slave_1) entered blocking state
[  484.744086][T13509] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.751269][T13509] bridge_slave_1: entered allmulticast mode
[  484.774340][T13509] bridge_slave_1: entered promiscuous mode
[  484.787311][T13522] chnl_net:caif_netlink_parms(): no params data found
[  484.978349][T13565] loop1: detected capacity change from 0 to 4096
[  485.000205][T13509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  485.017958][T13565] NILFS (loop1): invalid segment: Checksum error in segment payload
[  485.030981][T13509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  485.049704][T13565] NILFS (loop1): trying rollback from an earlier position
[  485.064417][T13053] veth0_macvtap: entered promiscuous mode
[  485.102742][T13565] NILFS (loop1): recovery complete
[  485.135769][T13571] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  485.182954][T13053] veth1_macvtap: entered promiscuous mode
[  485.233039][T12940] Bluetooth: hci4: command tx timeout
[  485.261619][T13509] team0: Port device team_slave_0 added
[  485.295431][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.308804][T13576] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  485.309279][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.328473][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.339124][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.349072][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.365613][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.375503][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.386080][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.400236][T13053] batman_adv: batadv0: Interface activated: batadv_slave_0
[  485.447577][T13509] team0: Port device team_slave_1 added
[  485.491062][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.521171][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.560341][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.601523][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.622524][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.643593][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.656983][T13053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.682607][T13053] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.694290][T13053] batman_adv: batadv0: Interface activated: batadv_slave_1
[  485.705387][ T1040] bridge_slave_1: left allmulticast mode
[  485.711054][ T1040] bridge_slave_1: left promiscuous mode
[  485.721903][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.760903][ T1040] bridge_slave_0: left allmulticast mode
[  485.767854][ T1040] bridge_slave_0: left promiscuous mode
[  485.777595][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.809894][ T1040] bridge_slave_1: left allmulticast mode
[  485.822786][ T1040] bridge_slave_1: left promiscuous mode
[  485.829892][ T1040] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.858371][ T1040] bridge_slave_0: left allmulticast mode
[  485.872782][ T1040] bridge_slave_0: left promiscuous mode
[  485.878574][ T1040] bridge0: port 1(bridge_slave_0) entered disabled state
[  486.117488][T13590] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  486.752880][T12940] Bluetooth: hci1: command tx timeout
[  487.014638][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  487.032464][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  487.045050][ T1040] bond0 (unregistering): Released all slaves
[  487.170405][   T29] audit: type=1800 audit(1717905155.466:1003): pid=13602 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1950 res=0 errno=0
[  487.418111][T12940] Bluetooth: hci4: command tx timeout
[  487.962621][ T1040] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  487.975302][ T1040] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  487.989541][ T1040] bond0 (unregistering): Released all slaves
[  488.101674][T13614] loop1: detected capacity change from 0 to 8
[  488.139509][T13614] unable to read id index table
[  488.236102][T13522] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.250189][T13522] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.259108][T13522] bridge_slave_0: entered allmulticast mode
[  488.280210][T13522] bridge_slave_0: entered promiscuous mode
[  488.301085][T13509] batman_adv: batadv0: Adding interface: batadv_slave_0
[  488.311689][T13509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  488.338730][T13509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  488.400637][T13053] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  488.422499][T13053] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  488.432218][T13053] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  488.452470][T13053] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  488.630602][T13522] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.657190][T13522] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.690218][T13522] bridge_slave_1: entered allmulticast mode
[  488.699163][T13522] bridge_slave_1: entered promiscuous mode
[  489.173396][T12940] Bluetooth: hci1: command tx timeout
[  489.210391][T13620] loop1: detected capacity change from 0 to 512
[  489.230378][T13620] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  489.316225][T13620] EXT4-fs (loop1): 1 orphan inode deleted
[  489.322005][T13620] EXT4-fs (loop1): 1 truncate cleaned up
[  489.328722][T13620] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  489.367792][T13509] batman_adv: batadv0: Adding interface: batadv_slave_1
[  489.381982][T13509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  489.420908][T13509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  489.472829][T12940] Bluetooth: hci4: command tx timeout
[  489.591236][T13522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  489.614200][T12788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.661640][T13522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  489.725298][   T29] audit: type=1800 audit(1717905158.056:1004): pid=13616 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1942 res=0 errno=0
[  490.552379][T13509] hsr_slave_0: entered promiscuous mode
[  490.592910][T13509] hsr_slave_1: entered promiscuous mode
[  490.604487][T13509] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  490.629554][T13509] Cannot create hsr debugfs directory
[  490.691862][T13522] team0: Port device team_slave_0 added
[  490.729318][T13522] team0: Port device team_slave_1 added
[  490.984480][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.992345][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.028958][T13522] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.036225][T13522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.073591][T13522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  491.151656][T13522] batman_adv: batadv0: Adding interface: batadv_slave_1
[  491.158723][T13522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  491.192039][T13522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  491.235083][T13639] dccp_close: ABORT with 28 bytes unread
[  491.241549][T12940] Bluetooth: hci1: command tx timeout
[  491.398751][T13522] hsr_slave_0: entered promiscuous mode
[  491.433777][T13522] hsr_slave_1: entered promiscuous mode
[  491.442617][T13522] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  491.450233][   T29] audit: type=1800 audit(1717905159.786:1005): pid=13648 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1945 res=0 errno=0
[  491.482114][T13522] Cannot create hsr debugfs directory
[  491.548118][ T1047] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.556173][T12940] Bluetooth: hci4: command tx timeout
[  491.565280][   T29] audit: type=1804 audit(1717905159.906:1006): pid=13652 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="bus" dev="sda1" ino=1949 res=1 errno=0
[  491.582028][ T1047] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.604788][ T1040] hsr_slave_0: left promiscuous mode
[  491.611025][ T1040] hsr_slave_1: left promiscuous mode
[  491.617709][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  491.625436][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  491.634049][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  491.644763][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  491.659596][ T1040] hsr_slave_0: left promiscuous mode
[  491.667158][ T1040] hsr_slave_1: left promiscuous mode
[  491.674595][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  491.693445][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  491.701299][ T1040] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  491.708852][ T1040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  491.792956][ T1040] veth1_macvtap: left promiscuous mode
[  491.798664][ T1040] veth0_macvtap: left promiscuous mode
[  491.813433][ T1040] veth1_vlan: left promiscuous mode
[  491.818728][ T1040] veth0_vlan: left promiscuous mode
[  491.828155][ T1040] veth1_macvtap: left promiscuous mode
[  491.842111][ T1040] veth0_macvtap: left promiscuous mode
[  491.851561][ T1040] veth1_vlan: left promiscuous mode
[  491.858678][ T1040] veth0_vlan: left promiscuous mode
[  492.603263][ T1040] team0 (unregistering): Port device team_slave_1 removed
[  492.659455][ T1040] team0 (unregistering): Port device team_slave_0 removed
[  493.759433][ T1040] team0 (unregistering): Port device team_slave_1 removed
[  493.819925][ T1040] team0 (unregistering): Port device team_slave_0 removed
[  494.658370][T13669] loop1: detected capacity change from 0 to 512
[  494.669610][T13666] loop4: detected capacity change from 0 to 2048
[  494.685235][T13669] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  494.730829][T13669] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #16: comm syz-executor.1: invalid indirect mapped block 4294967295 (level 0)
[  494.772341][T13669] EXT4-fs (loop1): Remounting filesystem read-only
[  494.780146][T13669] EXT4-fs (loop1): 1 orphan inode deleted
[  494.782373][T13666] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.785977][T13669] EXT4-fs (loop1): 1 truncate cleaned up
[  494.805616][T13669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.917471][   T29] audit: type=1804 audit(1717905163.256:1007): pid=13666 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1466220097/syzkaller.QJptqK/0/file0/bus" dev="loop4" ino=15 res=1 errno=0
[  494.970453][T13053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.110426][T13682] netlink: 'syz-executor.4': attribute type 280 has an invalid length.
[  496.248432][T12788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.373020][T13509] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  496.395569][T13509] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  496.478846][T13509] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  496.502115][T13509] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  496.610648][   T29] audit: type=1800 audit(1717905164.946:1008): pid=13708 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1946 res=0 errno=0
[  496.817298][T13509] 8021q: adding VLAN 0 to HW filter on device bond0
[  496.877858][T13509] 8021q: adding VLAN 0 to HW filter on device team0
[  496.909729][T13062] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.916919][T13062] bridge0: port 1(bridge_slave_0) entered forwarding state
[  496.989471][T13062] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.996669][T13062] bridge0: port 2(bridge_slave_1) entered forwarding state
[  497.187191][T13509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  497.208493][T13723] loop4: detected capacity change from 0 to 2048
[  497.251416][T13723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.318994][   T29] audit: type=1804 audit(1717905165.646:1009): pid=13723 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1466220097/syzkaller.QJptqK/7/file0/bus" dev="loop4" ino=15 res=1 errno=0
[  497.361726][T13522] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  497.400390][T13522] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  497.424020][T13053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.439480][T13706] loop1: detected capacity change from 0 to 32768
[  497.449748][T13522] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  497.481781][T13706] XFS: noikeep mount option is deprecated.
[  497.496932][T13522] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  497.536670][T13706] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  497.720164][T13706] XFS (loop1): Ending clean mount
[  497.733209][T13741] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  497.747484][T13741] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  497.756838][T13741] netlink: 16074 bytes leftover after parsing attributes in process `syz-executor.4'.
[  497.768679][T13706] XFS (loop1): Quotacheck needed: Please wait.
[  497.850007][T13509] 8021q: adding VLAN 0 to HW filter on device batadv0
[  497.880588][T13706] XFS (loop1): Quotacheck: Done.
[  497.987295][T13509] veth0_vlan: entered promiscuous mode
[  498.008437][T12788] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  498.041704][T13509] veth1_vlan: entered promiscuous mode
[  498.128490][T13522] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.220487][T13509] veth0_macvtap: entered promiscuous mode
[  498.239258][T13522] 8021q: adding VLAN 0 to HW filter on device team0
[  498.257449][T13062] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.264650][T13062] bridge0: port 1(bridge_slave_0) entered forwarding state
[  498.295834][T13509] veth1_macvtap: entered promiscuous mode
[  498.312384][T13062] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.319578][T13062] bridge0: port 2(bridge_slave_1) entered forwarding state
[  498.405207][T13509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.417014][T13509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.429110][T13509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.440185][T13509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.455924][T13509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.473660][T13509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.496601][T13509] batman_adv: batadv0: Interface activated: batadv_slave_0
[  498.526663][T13509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.552450][T13509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.566397][T13509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.612591][T13509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.634835][T13509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.647590][T13509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.674150][T13509] batman_adv: batadv0: Interface activated: batadv_slave_1
[  498.734069][T13509] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  498.752212][T13509] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  498.762239][T13509] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  498.776892][T13509] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  498.845165][   T29] audit: type=1800 audit(1717905167.186:1010): pid=13769 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1951 res=0 errno=0
[  498.917061][   T29] audit: type=1800 audit(1717905167.216:1011): pid=13769 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1955 res=0 errno=0
[  499.038414][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.063220][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  499.128554][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.174223][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  499.340311][T13522] 8021q: adding VLAN 0 to HW filter on device batadv0
[  499.432213][T13789] netlink: 'syz-executor.2': attribute type 280 has an invalid length.
[  499.476427][T13522] veth0_vlan: entered promiscuous mode
[  499.502239][T13522] veth1_vlan: entered promiscuous mode
[  499.637262][T13522] veth0_macvtap: entered promiscuous mode
[  499.679080][T13522] veth1_macvtap: entered promiscuous mode
[  499.746857][T13801] loop4: detected capacity change from 0 to 8
[  499.755269][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.771669][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.801318][T13801] unable to read id index table
[  499.825416][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.847781][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.858531][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.875591][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.876816][T13771] loop1: detected capacity change from 0 to 32768
[  499.888571][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.895694][T13771] XFS: noikeep mount option is deprecated.
[  499.915410][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.934514][T13522] batman_adv: batadv0: Interface activated: batadv_slave_0
[  499.956406][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  499.960590][T13771] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  499.970297][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.001722][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.041565][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.058294][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.074705][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.093171][T13522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.105856][T13522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.118262][T13522] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.156464][T13771] XFS (loop1): Ending clean mount
[  500.169278][T13771] XFS (loop1): Quotacheck needed: Please wait.
[  500.301147][T13522] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.492192][T13822] loop3: detected capacity change from 0 to 1024
[  500.548214][T13822] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  500.669019][   T29] audit: type=1326 audit(1717905169.006:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13812 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81cbe7cf69 code=0x0
[  500.734761][T13522] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.985431][T13522] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  501.031592][T13522] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.051790][T13771] XFS (loop1): Quotacheck: Done.
[  501.213804][T12788] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  501.245628][   T29] audit: type=1326 audit(1717905169.586:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13825 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81cbe7cf69 code=0x0
[  501.297789][T13827] loop4: detected capacity change from 0 to 2048
[  501.335119][ T1047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.359808][ T1047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.381437][T13827] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  501.421113][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.441021][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.746665][T13837] netlink: 'syz-executor.1': attribute type 280 has an invalid length.
[  501.795661][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  501.801998][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  501.917439][T13844] loop0: detected capacity change from 0 to 256
[  501.985835][T13844] FAT-fs (loop0): Directory bread(block 64) failed
[  501.998333][T13844] FAT-fs (loop0): Directory bread(block 65) failed
[  502.018407][T13844] FAT-fs (loop0): Directory bread(block 66) failed
[  502.033308][T13844] FAT-fs (loop0): Directory bread(block 67) failed
[  502.041539][T13844] FAT-fs (loop0): Directory bread(block 68) failed
[  502.054518][T13844] FAT-fs (loop0): Directory bread(block 69) failed
[  502.061171][T13844] FAT-fs (loop0): Directory bread(block 70) failed
[  502.079277][T13844] FAT-fs (loop0): Directory bread(block 71) failed
[  502.089213][T13844] FAT-fs (loop0): Directory bread(block 72) failed
[  502.101083][T13844] FAT-fs (loop0): Directory bread(block 73) failed
[  502.221822][T13852] loop4: detected capacity change from 0 to 64
[  502.571919][   T29] audit: type=1326 audit(1717905170.906:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13871 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81cbe7cf69 code=0x0
[  502.826612][T13888] loop4: detected capacity change from 0 to 256
[  502.842963][T13888] exfat: Deprecated parameter 'utf8'
[  502.864254][T13888] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  502.878301][T13890] loop0: detected capacity change from 0 to 64
[  503.214618][    C0] vcan0: j1939_tp_rxtimer: 0xffff88804bdab400: rx timeout, send abort
[  503.227671][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88804bdab400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  503.369554][T13904] loop4: detected capacity change from 0 to 256
[  503.658921][T13912] loop4: detected capacity change from 0 to 1024
[  503.733730][T13912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.914992][T13053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.208533][T13935] loop0: detected capacity change from 0 to 2048
[  505.254526][T13939] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'.
[  505.401729][T13948] loop0: detected capacity change from 0 to 512
[  505.438271][T13948] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 256 (level 2)
[  505.481545][T13948] EXT4-fs (loop0): 2 truncates cleaned up
[  505.505254][T13954] loop3: detected capacity change from 0 to 512
[  505.514964][T13954] EXT4-fs: Ignoring removed bh option
[  505.520550][T13954] EXT4-fs: Ignoring removed nobh option
[  505.528091][T13954] EXT4-fs (loop3): can't mount with both data=journal and delalloc
[  505.540412][T13948] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.643458][ T5151] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  505.845556][ T5151] usb 2-1: config 0 has an invalid interface number: 156 but max is 0
[  505.859373][ T5151] usb 2-1: config 0 has no interface number 0
[  505.868053][ T5151] usb 2-1: config 0 interface 156 has no altsetting 0
[  505.910640][ T5151] usb 2-1: New USB device found, idVendor=257a, idProduct=2609, bcdDevice=7e.22
[  505.911851][T13522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.926379][ T5151] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.993983][ T5151] usb 2-1: config 0 descriptor??
[  506.018556][ T5151] hub 2-1:0.156: bad descriptor, ignoring hub
[  506.037125][ T5151] hub 2-1:0.156: probe with driver hub failed with error -5
[  506.062627][ T5151] option 2-1:0.156: GSM modem (1-port) converter detected
[  506.278770][T13964] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  506.411436][T13939] loop1: detected capacity change from 0 to 256
[  506.475006][T13939] FAT-fs (loop1): Directory bread(block 1285) failed
[  506.482336][T13939] FAT-fs (loop1): Directory bread(block 1285) failed
[  506.732905][ T5151] usb 2-1: USB disconnect, device number 5
[  506.736942][ T5151] option 2-1:0.156: device disconnected
[  506.815978][T13978] loop3: detected capacity change from 0 to 256
[  507.233265][T13990] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  507.275617][T13990] loop4: detected capacity change from 0 to 256
[  507.460157][T13990] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  507.892860][T12940] Bluetooth: hci0: command tx timeout
[  508.132794][T13999] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  508.132821][T13999] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.2'.
[  508.132838][T13999] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  509.822648][   T29] audit: type=1326 audit(1717905178.156:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14011 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fead1e7cf69 code=0x0
[  510.085491][T14031] loop4: detected capacity change from 0 to 256
[  510.141158][T14031] FAT-fs (loop4): Directory bread(block 64) failed
[  510.162166][T14031] FAT-fs (loop4): Directory bread(block 65) failed
[  510.190083][T14031] FAT-fs (loop4): Directory bread(block 66) failed
[  510.220801][T14031] FAT-fs (loop4): Directory bread(block 67) failed
[  510.267475][T14031] FAT-fs (loop4): Directory bread(block 68) failed
[  510.293749][T14031] FAT-fs (loop4): Directory bread(block 69) failed
[  510.320774][T14031] FAT-fs (loop4): Directory bread(block 70) failed
[  510.340382][T14031] FAT-fs (loop4): Directory bread(block 71) failed
[  510.366683][T14031] FAT-fs (loop4): Directory bread(block 72) failed
[  510.391195][T14031] FAT-fs (loop4): Directory bread(block 73) failed
[  510.582997][T14051] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  510.719637][T14056] syzkaller1: entered promiscuous mode
[  510.737378][T14056] syzkaller1: entered allmulticast mode
[  511.287758][T14080] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  512.231862][T14090] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  512.440381][T14098] syzkaller1: entered promiscuous mode
[  512.452715][T14098] syzkaller1: entered allmulticast mode
[  512.455255][T14100] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  512.488187][T14100] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  512.558785][T14104] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  512.572532][T14104] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.2'.
[  512.584919][T14107] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  512.602818][T14104] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  512.615209][T14071] loop0: detected capacity change from 0 to 32768
[  512.661511][T14071] XFS: ikeep mount option is deprecated.
[  512.691723][T14071] XFS: ikeep mount option is deprecated.
[  512.760925][T14071] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  513.076731][T14071] XFS (loop0): Ending clean mount
[  513.088140][T14071] XFS (loop0): Quotacheck needed: Please wait.
[  513.277088][T14071] XFS (loop0): Quotacheck: Done.
[  513.478196][T14143] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  513.506233][T14143] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  513.656073][T13522] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  513.683359][T14146] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  514.126827][T14163] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  514.148327][T14163] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  514.361921][T14176] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.3'.
[  514.617083][T14182] loop1: detected capacity change from 0 to 1024
[  514.640834][T14182] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  514.661018][T14182] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (25054!=20869)
[  514.686739][T14182] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  514.708577][T14182] EXT4-fs (loop1): filesystem has both journal inode and journal device!
[  514.735603][T12996] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  514.935108][T12996] usb 4-1: config 0 has an invalid interface number: 156 but max is 0
[  514.955994][T12996] usb 4-1: config 0 has no interface number 0
[  514.966278][T14184] loop1: detected capacity change from 0 to 1024
[  514.986122][T12996] usb 4-1: config 0 interface 156 has no altsetting 0
[  515.001748][T12996] usb 4-1: New USB device found, idVendor=257a, idProduct=2609, bcdDevice=7e.22
[  515.015635][T14184] EXT4-fs: Ignoring removed orlov option
[  515.032788][T12996] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.043851][T14184] EXT4-fs (loop1): Test dummy encryption mode enabled
[  515.067501][T12996] usb 4-1: config 0 descriptor??
[  515.093027][T14184] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  515.105248][T12996] hub 4-1:0.156: bad descriptor, ignoring hub
[  515.126152][T12996] hub 4-1:0.156: probe with driver hub failed with error -5
[  515.147482][T14184] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  515.149221][T12996] option 4-1:0.156: GSM modem (1-port) converter detected
[  515.327966][T14171] loop0: detected capacity change from 0 to 32768
[  515.359913][T14171] XFS: ikeep mount option is deprecated.
[  515.379024][T14171] XFS: ikeep mount option is deprecated.
[  515.450245][T14171] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  515.475011][T14176] loop3: detected capacity change from 0 to 256
[  515.482637][T14184] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  515.511845][T14176] FAT-fs (loop3): Directory bread(block 1285) failed
[  515.615504][T14176] FAT-fs (loop3): Directory bread(block 1285) failed
[  515.668461][T12788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.680078][T14214] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  515.688513][T14214] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'.
[  515.767432][T14171] XFS (loop0): Ending clean mount
[  515.781979][T14171] XFS (loop0): Quotacheck needed: Please wait.
[  515.862032][T14171] XFS (loop0): Quotacheck: Done.
[  516.046555][T12996] usb 4-1: USB disconnect, device number 17
[  516.056903][T12996] option 4-1:0.156: device disconnected
[  516.184703][T14225] loop1: detected capacity change from 0 to 1024
[  517.948846][T14225] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  518.132646][   T29] audit: type=1326 audit(1717905186.366:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14217 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2bb467cf69 code=0x0
[  518.296757][T13522] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  518.456881][T14238] loop1: detected capacity change from 0 to 1024
[  518.657225][T14243] loop3: detected capacity change from 0 to 1024
[  518.819148][T14248] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  518.844764][T14249] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  518.877703][T13509] hfsplus: bad catalog entry type
[  518.895084][T14249] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  519.387508][   T51] hfsplus: b-tree write err: -5, ino 8
[  519.432952][T12962] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  519.530070][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.654570][T12962] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  519.682988][T12962] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.697975][T14256] loop4: detected capacity change from 0 to 32768
[  519.725978][T12962] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.773832][T12962] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  519.814436][T12962] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  519.826053][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.828473][T12962] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  519.845993][T12962] usb 2-1: Manufacturer: syz
[  519.858580][T12962] usb 2-1: config 0 descriptor??
[  520.082271][T14256] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names
[  520.159051][T14256] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  520.173690][T14266] team0: Port device team_slave_0 removed
[  520.204048][T14266] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  520.260230][T14256] bcachefs (loop4): alloc_read... done
[  520.270047][T14275] loop0: detected capacity change from 0 to 1024
[  520.276804][T14256] bcachefs (loop4): stripes_read... done
[  520.285696][T14256] bcachefs (loop4): snapshots_read... done
[  520.288477][T12962] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  520.319436][T12962] appleir 0003:05AC:8243.0006: No inputs registered, leaving
[  520.323629][T14256] bcachefs (loop4): journal_replay...
[  520.331750][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  520.333561][T14256]  done
[  520.338160][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  520.381980][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  520.394390][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  520.407457][T12962] appleir 0003:05AC:8243.0006: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  520.417603][T14256] bcachefs (loop4): resume_logged_ops... done
[  520.427061][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  520.443032][ T5099] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  520.453021][ T5099] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  520.553380][T14256] bcachefs (loop4): going read-write
[  520.563148][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  520.581637][T14256] bcachefs (loop4): done starting filesystem
[  520.598852][T14289] loop0: detected capacity change from 0 to 512
[  520.625258][T14289] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  520.672458][T14289] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  520.743177][T13053] bcachefs (loop4): shutting down
[  520.748217][T13053] bcachefs (loop4): going read-only
[  520.763375][T14289] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  520.771460][T14289] System zones: 0-2, 18-18, 34-34
[  520.801754][T13053] bcachefs (loop4): finished waiting for writes to stop
[  520.849116][T13053] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12
[  520.891305][T14289] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  520.929404][T13053] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 13
[  520.974413][T13053] bcachefs (loop4): shutdown complete, journal seq 14
[  520.982282][T13053] bcachefs (loop4): marking filesystem clean
[  521.008944][   T11] bridge_slave_1: left allmulticast mode
[  521.023258][   T11] bridge_slave_1: left promiscuous mode
[  521.047701][T14289] EXT4-fs (loop0): 1 truncate cleaned up
[  521.053738][T14297] overlayfs: failed to resolve './file0': -2
[  521.056479][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.099761][   T11] bridge_slave_0: left allmulticast mode
[  521.110547][T14289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  521.110785][T13053] bcachefs (loop4): shutdown complete
[  521.129183][   T11] bridge_slave_0: left promiscuous mode
[  521.141697][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.184153][   T29] audit: type=1326 audit(1717905189.516:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f108ca7cf69 code=0x0
[  521.548769][T13522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.805241][T12996] usb 2-1: reset high-speed USB device number 6 using dummy_hcd
[  521.818459][T14309] sctp: [Deprecated]: syz-executor.0 (pid 14309) Use of struct sctp_assoc_value in delayed_ack socket option.
[  521.818459][T14309] Use struct sctp_sack_info instead
[  522.041141][T14311] loop0: detected capacity change from 0 to 1024
[  522.124792][   T51] hfsplus: b-tree write err: -5, ino 4
[  522.360448][T14323] loop1: detected capacity change from 0 to 1024
[  522.382065][T14323] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  522.393844][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  522.395101][T14323] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (25054!=20869)
[  522.414967][T14323] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  522.426734][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  522.428994][T14323] EXT4-fs (loop1): filesystem has both journal inode and journal device!
[  522.452195][   T11] bond0 (unregistering): Released all slaves
[  522.496557][T14327] loop0: detected capacity change from 0 to 1024
[  522.518479][T12940] Bluetooth: hci1: command tx timeout
[  522.788324][T14277] chnl_net:caif_netlink_parms(): no params data found
[  522.815999][T14335] loop1: detected capacity change from 0 to 1024
[  522.836195][T14335] EXT4-fs: Ignoring removed orlov option
[  522.859760][T14335] EXT4-fs (loop1): Test dummy encryption mode enabled
[  522.909515][T14335] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  523.005025][T14335] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  523.031343][T13062] usb 2-1: USB disconnect, device number 6
[  523.143094][T14344] loop4: detected capacity change from 0 to 1024
[  523.164917][T14344] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  523.203279][T14344] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  523.211694][T14344] EXT4-fs (loop4): orphan cleanup on readonly fs
[  523.229976][T14344] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096
[  523.301885][T14344] EXT4-fs (loop4): 1 orphan inode deleted
[  523.360030][T14344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  523.443014][T14335] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  523.540924][T12788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.625915][T14277] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.654080][T14277] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.669631][T14277] bridge_slave_0: entered allmulticast mode
[  523.684573][T14277] bridge_slave_0: entered promiscuous mode
[  523.711473][T14277] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.738811][T14277] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.756349][T14277] bridge_slave_1: entered allmulticast mode
[  523.770078][T14277] bridge_slave_1: entered promiscuous mode
[  523.872681][T13053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.903170][   T11] hsr_slave_0: left promiscuous mode
[  523.924246][   T11] hsr_slave_1: left promiscuous mode
[  523.930576][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  523.945513][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  523.978513][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  524.002630][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  524.042746][ T5265] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  524.107087][   T11] veth1_macvtap: left promiscuous mode
[  524.123572][   T11] veth0_macvtap: left promiscuous mode
[  524.130826][   T11] veth1_vlan: left promiscuous mode
[  524.150463][   T11] veth0_vlan: left promiscuous mode
[  524.245659][ T5265] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  524.276592][ T5265] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.311918][ T5265] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.327565][ T5265] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  524.354925][ T5265] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  524.364390][ T5265] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  524.379533][ T5265] usb 2-1: Manufacturer: syz
[  524.394229][ T5265] usb 2-1: config 0 descriptor??
[  524.592648][T12940] Bluetooth: hci1: command tx timeout
[  524.829673][ T5265] appleir 0003:05AC:8243.0007: unknown main item tag 0x0
[  524.860739][ T5265] appleir 0003:05AC:8243.0007: No inputs registered, leaving
[  524.886187][ T5265] appleir 0003:05AC:8243.0007: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  525.194682][   T11] team0 (unregistering): Port device team_slave_1 removed
[  525.265246][   T11] team0 (unregistering): Port device team_slave_0 removed
[  525.718165][T13062] usb 2-1: USB disconnect, device number 7
[  526.078725][T14277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  526.098719][T14277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  526.277916][T14277] team0: Port device team_slave_0 added
[  526.326174][T14277] team0: Port device team_slave_1 added
[  526.420018][T14405] loop0: detected capacity change from 0 to 1024
[  526.422016][T14277] batman_adv: batadv0: Adding interface: batadv_slave_0
[  526.441742][T14277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.491155][T14277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  526.543485][T14277] batman_adv: batadv0: Adding interface: batadv_slave_1
[  526.550828][T14277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.609426][T14277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  526.672624][T12940] Bluetooth: hci1: command tx timeout
[  526.758872][T14277] hsr_slave_0: entered promiscuous mode
[  526.804437][T14277] hsr_slave_1: entered promiscuous mode
[  526.841740][T14277] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  526.851845][T14277] Cannot create hsr debugfs directory
[  527.289638][T14395] loop1: detected capacity change from 0 to 40427
[  527.332926][T14395] F2FS-fs (loop1): invalid crc value
[  527.342260][T14395] F2FS-fs (loop1): Found nat_bits in checkpoint
[  527.450676][T14395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  527.560943][T12788] syz-executor.1: attempt to access beyond end of device
[  527.560943][T12788] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  527.582274][T12788] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  527.652011][T14277] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  527.688558][T14277] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  527.707185][T14277] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  527.725424][T14277] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  527.850159][T14277] 8021q: adding VLAN 0 to HW filter on device bond0
[  527.876912][T14277] 8021q: adding VLAN 0 to HW filter on device team0
[  527.890967][ T5265] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.898169][ T5265] bridge0: port 1(bridge_slave_0) entered forwarding state
[  527.912934][ T5265] bridge0: port 2(bridge_slave_1) entered blocking state
[  527.920077][ T5265] bridge0: port 2(bridge_slave_1) entered forwarding state
[  527.979369][T14277] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  527.990807][T14277] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  528.128652][T14277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  528.172282][T14277] veth0_vlan: entered promiscuous mode
[  528.183944][T14277] veth1_vlan: entered promiscuous mode
[  528.220918][T14277] veth0_macvtap: entered promiscuous mode
[  528.230488][T14277] veth1_macvtap: entered promiscuous mode
[  528.245810][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  528.257573][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.268480][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  528.278989][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.288990][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  528.300764][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.310634][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  528.321220][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.332274][T14277] batman_adv: batadv0: Interface activated: batadv_slave_0
[  528.346286][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  528.357265][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.368420][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  528.379086][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.391852][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  528.404134][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.414477][T14277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  528.425079][T14277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  528.436939][T14277] batman_adv: batadv0: Interface activated: batadv_slave_1
[  528.450390][T14277] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  528.460875][T14277] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  528.469795][T14277] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  528.478715][T14277] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  528.559946][ T1047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.574264][ T1047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  528.595264][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  528.607098][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  528.701084][T14435] loop1: detected capacity change from 0 to 1024
[  528.753972][T12940] Bluetooth: hci1: command tx timeout
[  528.892015][ T1047] hfsplus: b-tree write err: -5, ino 4
[  529.081418][T14457] loop1: detected capacity change from 0 to 256
[  529.089109][T14455] syzkaller1: entered promiscuous mode
[  529.094941][T14455] syzkaller1: entered allmulticast mode
[  529.099023][T14459] loop4: detected capacity change from 0 to 512
[  529.112253][T14459] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  529.136566][T14459] EXT4-fs (loop4): 1 truncate cleaned up
[  529.149119][T14459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  529.287323][T13053] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.688908][T14473] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  529.702083][T14473] Cannot find map_set index 0 as target
[  530.051905][T14464] loop4: detected capacity change from 0 to 32768
[  530.076549][T14492] loop1: detected capacity change from 0 to 1024
[  530.151915][T14464] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  530.167077][T14464] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  530.188667][   T35] hfsplus: b-tree write err: -5, ino 4
[  530.208567][T14464] bcachefs (loop4): alloc_read... done
[  530.217469][T14464] bcachefs (loop4): stripes_read... done
[  530.228761][T14464] bcachefs (loop4): snapshots_read... done
[  530.250665][T14464] bcachefs (loop4): journal_replay... done
[  530.274083][T14464] bcachefs (loop4): resume_logged_ops... done
[  530.291520][T14464] bcachefs (loop4): going read-write
[  530.308384][T14464] bcachefs (loop4): done starting filesystem
[  530.372129][T13053] bcachefs (loop4): shutting down
[  530.377644][T13053] bcachefs (loop4): going read-only
[  530.385253][T13053] bcachefs (loop4): finished waiting for writes to stop
[  530.396573][T13053] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10
[  530.406114][T13053] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10
[  530.416261][T14511] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  530.441583][T13053] bcachefs (loop4): shutdown complete, journal seq 11
[  530.457062][T13053] bcachefs (loop4): marking filesystem clean
[  530.490433][T13053] bcachefs (loop4): shutdown complete
[  531.023321][   T29] audit: type=1804 audit(1717905199.356:1018): pid=14526 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="bus" dev="sda1" ino=1968 res=1 errno=0
[  531.104669][   T29] audit: type=1800 audit(1717905199.416:1019): pid=14526 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="sda1" ino=1968 res=0 errno=0
[  531.413568][T14529] overlayfs: failed to clone upperpath
[  531.497880][T14521] loop0: detected capacity change from 0 to 32768
[  531.559333][T14521] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (14521)
[  531.626210][   T29] audit: type=1804 audit(1717905199.966:1020): pid=14529 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="bus" dev="sda1" ino=1949 res=1 errno=0
[  531.669632][T14521] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  531.698339][   T29] audit: type=1800 audit(1717905200.036:1021): pid=14547 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1953 res=0 errno=0
[  531.699368][T14521] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  531.763665][T14549] netlink: zone id is out of range
[  531.770302][T14521] BTRFS info (device loop0): using free-space-tree
[  531.781450][T14549] netlink: zone id is out of range
[  531.816846][T14549] netlink: zone id is out of range
[  531.831926][T14549] netlink: zone id is out of range
[  531.851704][T14549] netlink: zone id is out of range
[  531.872157][T14549] netlink: zone id is out of range
[  531.897955][T14549] netlink: zone id is out of range
[  531.927200][   T29] audit: type=1800 audit(1717905200.266:1022): pid=14521 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  531.986452][T14549] netlink: set zone limit has 4 unknown bytes
[  532.029443][T13522] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  532.157324][T14576] Cannot find map_set index 0 as target
[  532.264490][T14579] blktrace: Concurrent blktraces are not allowed on sg0
[  532.679075][T14603] tc_dump_action: action bad kind
[  532.888554][T14616] loop0: detected capacity change from 0 to 64
[  533.079114][T14627] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.0'.
[  533.100672][T14627] team_slave_1: entered promiscuous mode
[  533.122216][T14627] team_slave_1: entered allmulticast mode
[  533.168540][   T29] audit: type=1800 audit(1717905201.506:1023): pid=14630 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1968 res=0 errno=0
[  534.988952][T14659] loop3: detected capacity change from 0 to 512
[  534.991510][T14661] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  535.007704][T14659] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  535.087410][T14665] loop0: detected capacity change from 0 to 64
[  535.094969][T14659] EXT4-fs (loop3): 1 truncate cleaned up
[  535.112374][T14659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  535.225902][T14277] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.244661][T14665] Trying to free block not in datazone
[  535.251463][T14665] Trying to free block not in datazone
[  535.260537][T14665] Trying to free block not in datazone
[  535.272243][T14665] Trying to free block not in datazone
[  535.285619][T14665] minix_free_block (loop0:6): bit already cleared
[  535.305800][T14665] Trying to free block not in datazone
[  535.363496][T14665] Trying to free block not in datazone
[  536.129422][T14693] tc_dump_action: action bad kind
[  536.291775][T14686] delete_channel: no stack
[  536.705183][T14716] loop3: detected capacity change from 0 to 64
[  536.723174][T14716] hfs: unable to change codepage
[  536.729036][T14716] hfs: unable to parse mount options
[  537.012542][ T5151] psmouse serio2: Failed to reset mouse on : -5
[  537.039856][T14730] delete_channel: no stack
[  537.175712][T14704] loop1: detected capacity change from 0 to 32768
[  537.228400][T14704] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  537.475809][T14704] XFS (loop1): Ending clean mount
[  537.501202][T14704] XFS (loop1): Quotacheck needed: Please wait.
[  537.756248][   T35] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_bnobt block 0x8 
[  538.196480][   T35] XFS (loop1): Unmount and run xfs_repair
[  538.202652][   T35] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  538.210294][   T35] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  538.219522][   T35] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  538.230236][   T35] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab  ..*.w.B.......K.
[  538.316511][   T35] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01  ....[.O.........
[  538.377031][   T35] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00  ...6............
[  538.399506][   T35] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  538.419121][   T35] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  538.439596][   T35] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  538.474027][   T35] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x8 len 8 error 74
[  538.509175][T14704] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  538.636964][T12788] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  538.651049][T12788] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[  538.726043][   T29] audit: type=1800 audit(1717905207.066:1024): pid=14771 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1946 res=0 errno=0
[  539.638462][T12940] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  539.648136][T12940] Bluetooth: hci4: Injecting HCI hardware error event
[  539.661138][ T5102] Bluetooth: hci4: hardware error 0x00
[  539.722970][T12940] Bluetooth: hci0: command 0x0406 tx timeout
[  540.555239][T14803] loop0: detected capacity change from 0 to 2048
[  540.693816][T14817] loop1: detected capacity change from 0 to 1024
[  540.717952][T14817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  540.957303][T14824] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.0'.
[  541.182559][ T5151] misc userio: Buffer overflowed, userio client isn't keeping up
[  541.185260][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.206440][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.216150][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.217105][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.218194][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.219306][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.220404][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.226082][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.227773][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.228643][T12788] EXT4-fs error (device loop1): ext4_empty_dir:3083: inode #11: comm syz-executor.1: invalid size
[  541.843974][ T5102] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  542.450306][T14844] bridge0: port 3(team0) entered blocking state
[  542.450722][T14844] bridge0: port 3(team0) entered disabled state
[  542.451248][T14844] team0: entered allmulticast mode
[  542.451270][T14844] team_slave_1: entered allmulticast mode
[  542.459834][T14844] team0: entered promiscuous mode
[  542.486389][T14844] team_slave_1: entered promiscuous mode
[  542.488604][T14844] bridge0: port 3(team0) entered blocking state
[  542.498803][T14844] bridge0: port 3(team0) entered forwarding state
[  542.522133][T12788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.700400][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  542.906163][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  543.085650][ T5151] input: PS/2 Generic Mouse as /devices/serio2/input/input16
[  543.094552][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  543.523593][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  543.914182][ T5151] psmouse serio2: Failed to enable mouse on 
[  544.424909][ T5099] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  544.436185][ T5099] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  544.449354][ T5099] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  544.604220][ T5099] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  544.747544][ T5099] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  544.762931][ T5099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  545.338294][   T51] bridge_slave_1: left allmulticast mode
[  545.382167][   T51] bridge_slave_1: left promiscuous mode
[  545.412752][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  545.423026][   T51] bridge_slave_0: left allmulticast mode
[  545.428774][   T51] bridge_slave_0: left promiscuous mode
[  545.444121][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  545.492166][T14876] loop3: detected capacity change from 0 to 1024
[  545.510768][T14876] EXT4-fs: Ignoring removed nobh option
[  545.583384][T14876] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  545.718153][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  545.727749][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  545.830350][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  545.845366][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  545.855829][ T5099] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  545.863441][ T5099] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  546.059261][T14889] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.0'.
[  546.798495][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  546.805584][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  546.815836][   T51] bond0 (unregistering): Released all slaves
[  546.922598][ T5102] Bluetooth: hci0: command tx timeout
[  547.297108][T14277] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.498136][   T51] hsr_slave_0: left promiscuous mode
[  547.517477][   T51] hsr_slave_1: left promiscuous mode
[  547.530338][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  547.552711][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  547.562011][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  547.577557][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  547.614317][   T29] audit: type=1326 audit(1717905215.956:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f108ca7cf69 code=0x7ffc0000
[  547.636528][    C1] vkms_vblank_simulate: vblank timer overrun
[  547.678967][   T51] veth1_macvtap: left promiscuous mode
[  547.687896][   T29] audit: type=1326 audit(1717905215.956:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f108ca7cf69 code=0x7ffc0000
[  547.695791][   T51] veth0_macvtap: left promiscuous mode
[  547.731006][   T29] audit: type=1326 audit(1717905215.956:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f108ca7cf69 code=0x7ffc0000
[  547.740725][   T51] veth1_vlan: left promiscuous mode
[  547.767220][   T51] veth0_vlan: left promiscuous mode
[  547.789555][   T29] audit: type=1326 audit(1717905215.956:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f108ca7cf69 code=0x7ffc0000
[  547.813686][   T29] audit: type=1326 audit(1717905215.986:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f108ca7cf69 code=0x7ffc0000
[  547.865750][   T29] audit: type=1326 audit(1717905215.986:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f108ca7cf69 code=0x7ffc0000
[  547.916392][   T29] audit: type=1326 audit(1717905215.986:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f108ca7a6e7 code=0x7ffc0000
[  547.952671][ T5102] Bluetooth: hci3: command tx timeout
[  547.952879][   T29] audit: type=1326 audit(1717905215.986:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f108ca403b9 code=0x7ffc0000
[  547.993658][T14929] loop0: detected capacity change from 0 to 8
[  548.027886][T14929] SQUASHFS error: lzo decompression failed, data probably corrupt
[  548.038881][   T29] audit: type=1326 audit(1717905215.986:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f108ca7a6e7 code=0x7ffc0000
[  548.042554][T14929] SQUASHFS error: Failed to read block 0x91: -5
[  548.080732][T14929] SQUASHFS error: Unable to read metadata cache entry [8f]
[  548.088138][T14929] SQUASHFS error: Unable to read inode 0x11f
[  548.089688][   T29] audit: type=1326 audit(1717905215.986:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14919 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f108ca403b9 code=0x7ffc0000
[  548.992554][ T5102] Bluetooth: hci0: command tx timeout
[  549.004272][   T51] team0 (unregistering): Port device team_slave_1 removed
[  549.088909][   T51] team0 (unregistering): Port device team_slave_0 removed
[  550.032572][ T5102] Bluetooth: hci3: command tx timeout
[  550.047084][T14867] chnl_net:caif_netlink_parms(): no params data found
[  550.128265][T14961] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  550.151765][T14961] x_tables: ip6_tables: esp match: only valid for protocol 50
[  550.394505][T14882] chnl_net:caif_netlink_parms(): no params data found
[  550.429121][T14867] bridge0: port 1(bridge_slave_0) entered blocking state
[  550.461365][T14867] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.496362][T14867] bridge_slave_0: entered allmulticast mode
[  550.504472][T14867] bridge_slave_0: entered promiscuous mode
[  550.523186][T14867] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.530334][T14867] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.537697][T14867] bridge_slave_1: entered allmulticast mode
[  550.565723][T14867] bridge_slave_1: entered promiscuous mode
[  550.734875][T14978] loop0: detected capacity change from 0 to 4096
[  550.797068][T14867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  550.834927][T14980] __vm_enough_memory: pid: 14980, comm: syz-executor.2, bytes: 4503599627366400 not enough memory for the allocation
[  550.900241][T14978] NILFS (loop0): invalid segment: Checksum error in segment payload
[  550.996624][T14978] NILFS (loop0): trying rollback from an earlier position
[  551.073003][ T5102] Bluetooth: hci0: command tx timeout
[  551.440860][T14867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  551.474616][T14978] NILFS (loop0): recovery complete
[  551.512680][T14983] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  551.734117][T14867] team0: Port device team_slave_0 added
[  551.789333][T14867] team0: Port device team_slave_1 added
[  551.985504][T14989] loop0: detected capacity change from 0 to 2048
[  552.029573][T14989] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  552.144368][ T5102] Bluetooth: hci3: command tx timeout
[  552.780039][T14867] batman_adv: batadv0: Adding interface: batadv_slave_0
[  552.790919][T14867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  552.817264][T14867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  552.894146][T14867] batman_adv: batadv0: Adding interface: batadv_slave_1
[  552.901128][T14867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  552.973200][T14867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  553.073404][T14882] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.086245][T14882] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.105201][T14882] bridge_slave_0: entered allmulticast mode
[  553.141303][T14882] bridge_slave_0: entered promiscuous mode
[  553.152627][ T5099] Bluetooth: hci0: command tx timeout
[  553.290420][   T51] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.338983][T14882] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.361880][T14882] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.376501][T14882] bridge_slave_1: entered allmulticast mode
[  553.395061][T14882] bridge_slave_1: entered promiscuous mode
[  553.594734][   T51] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.617562][T15009] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  553.636781][T15009] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  553.705567][T14867] hsr_slave_0: entered promiscuous mode
[  553.718177][T14867] hsr_slave_1: entered promiscuous mode
[  553.733265][T14867] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  553.752799][T14867] Cannot create hsr debugfs directory
[  553.765591][T14882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  553.785359][T15018] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  553.812608][T15018] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  553.876336][   T51] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.916850][T14882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  554.186126][T15027] IPv6: addrconf: prefix option has invalid lifetime
[  554.201523][ T5099] Bluetooth: hci3: command tx timeout
[  554.214808][T14882] team0: Port device team_slave_0 added
[  555.209564][ T5099] Bluetooth: hci2: command 0x0406 tx timeout
[  555.327581][   T51] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  555.379927][T14882] team0: Port device team_slave_1 added
[  555.438381][T14882] batman_adv: batadv0: Adding interface: batadv_slave_0
[  555.462566][T14882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  555.511854][T14882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  555.578294][T14882] batman_adv: batadv0: Adding interface: batadv_slave_1
[  555.592110][T14882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  555.649034][T15044] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.0'.
[  555.663407][T14882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  555.880466][T14882] hsr_slave_0: entered promiscuous mode
[  555.900220][T14882] hsr_slave_1: entered promiscuous mode
[  555.932845][T14882] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  555.953725][T14882] Cannot create hsr debugfs directory
[  556.185975][   T51] bridge_slave_1: left allmulticast mode
[  556.204258][   T51] bridge_slave_1: left promiscuous mode
[  556.210051][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.235294][   T51] bridge_slave_0: left allmulticast mode
[  556.240998][   T51] bridge_slave_0: left promiscuous mode
[  556.247688][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.278501][T15065] IPv6: addrconf: prefix option has invalid lifetime
[  556.821792][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  556.834535][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  556.847425][   T51] bond0 (unregistering): Released all slaves
[  556.859787][   T51] bond1 (unregistering): Released all slaves
[  557.428374][   T51] hsr_slave_0: left promiscuous mode
[  557.454656][   T51] hsr_slave_1: left promiscuous mode
[  557.470183][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  557.488848][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  557.498376][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  557.515219][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  557.583718][   T51] veth1_macvtap: left promiscuous mode
[  557.589288][   T51] veth0_macvtap: left promiscuous mode
[  557.597594][   T51] veth1_vlan: left promiscuous mode
[  557.603114][   T51] veth0_vlan: left promiscuous mode
[  558.434034][   T51] team0 (unregistering): Port device team_slave_1 removed
[  558.496554][   T51] team0 (unregistering): Port device team_slave_0 removed
[  559.166512][T15084] netem: incorrect gi model size
[  559.172184][T15084] netem: change failed
[  559.411916][T15097] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  559.626909][T15101] __vm_enough_memory: pid: 15101, comm: syz-executor.0, bytes: 4503599627366400 not enough memory for the allocation
[  560.511088][T15109] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  560.531834][T15109] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[  560.639325][ T5097] libceph: connect (1)[c::]:6789 error -101
[  560.668015][ T5097] libceph: mon0 (1)[c::]:6789 connect error
[  560.790361][T14867] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  560.818878][T14867] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  560.844307][T14867] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  560.863397][T15111] ceph: No mds server is up or the cluster is laggy
[  560.868089][T15126] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  560.897705][T14867] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  560.985942][ T5265] libceph: connect (1)[c::]:6789 error -101
[  560.991995][ T5265] libceph: mon0 (1)[c::]:6789 connect error
[  561.221154][T15133] __vm_enough_memory: pid: 15133, comm: syz-executor.3, bytes: 4503599627366400 not enough memory for the allocation
[  562.005264][T14882] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  562.030464][T14882] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  562.052004][T14882] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  562.092357][T14882] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  562.190683][T14867] 8021q: adding VLAN 0 to HW filter on device bond0
[  563.028638][T14867] 8021q: adding VLAN 0 to HW filter on device team0
[  563.068510][T12962] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.075714][T12962] bridge0: port 1(bridge_slave_0) entered forwarding state
[  563.114911][T12962] bridge0: port 2(bridge_slave_1) entered blocking state
[  563.122128][T12962] bridge0: port 2(bridge_slave_1) entered forwarding state
[  563.238439][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  563.251079][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  563.281186][T14882] 8021q: adding VLAN 0 to HW filter on device bond0
[  563.395650][T15157] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  563.457387][T14867] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  563.477561][T14867] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  563.628845][    T8] libceph: connect (1)[c::]:6789 error -101
[  563.647268][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  563.705796][T14882] 8021q: adding VLAN 0 to HW filter on device team0
[  563.729483][T12962] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.736647][T12962] bridge0: port 1(bridge_slave_0) entered forwarding state
[  563.745046][T15161] ceph: No mds server is up or the cluster is laggy
[  564.011001][    T8] libceph: connect (1)[c::]:6789 error -101
[  564.184069][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  564.234870][T12962] bridge0: port 2(bridge_slave_1) entered blocking state
[  564.242121][T12962] bridge0: port 2(bridge_slave_1) entered forwarding state
[  564.877721][T14867] 8021q: adding VLAN 0 to HW filter on device batadv0
[  564.984108][T14867] veth0_vlan: entered promiscuous mode
[  565.020736][T14867] veth1_vlan: entered promiscuous mode
[  565.096839][T14867] veth0_macvtap: entered promiscuous mode
[  565.125260][T14867] veth1_macvtap: entered promiscuous mode
[  565.129196][T15195] fuse: Bad value for 'fd'
[  565.178053][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.198267][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.222489][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.236822][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.247337][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.257960][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.296650][T14867] batman_adv: batadv0: Interface activated: batadv_slave_0
[  565.300840][T15197] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  565.330058][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  565.363091][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.383877][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  565.409189][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.422482][T14867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  565.442923][T14867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.454223][ T5097] libceph: connect (1)[c::]:6789 error -101
[  565.460228][ T5097] libceph: mon0 (1)[c::]:6789 connect error
[  565.464578][T14867] batman_adv: batadv0: Interface activated: batadv_slave_1
[  565.503585][T14882] 8021q: adding VLAN 0 to HW filter on device batadv0
[  565.522195][T14867] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  565.562620][T14867] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  565.579483][T14867] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  565.588495][T14867] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  565.658065][T15203] ceph: No mds server is up or the cluster is laggy
[  565.739939][ T5146] libceph: connect (1)[c::]:6789 error -101
[  565.771082][ T5146] libceph: mon0 (1)[c::]:6789 connect error
[  565.870619][ T1047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.892811][ T1047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  565.907804][ T1047] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.916651][ T1047] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.196365][T14882] veth0_vlan: entered promiscuous mode
[  566.231226][T14882] veth1_vlan: entered promiscuous mode
[  566.316162][T15233] fuse: Bad value for 'fd'
[  566.338098][T14882] veth0_macvtap: entered promiscuous mode
[  566.353526][T14882] veth1_macvtap: entered promiscuous mode
[  566.410372][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.428986][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.450244][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.461105][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.478995][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.510344][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.530931][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.543523][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.557149][T14882] batman_adv: batadv0: Interface activated: batadv_slave_0
[  566.579601][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  566.605903][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.626680][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  566.659575][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.691614][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  566.713289][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.734498][T14882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  566.764136][T14882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.803569][T14882] batman_adv: batadv0: Interface activated: batadv_slave_1
[  566.849383][T14882] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  566.882279][T14882] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  566.891589][T14882] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  566.902033][T14882] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  567.110488][ T1047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.119872][ T1047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.208737][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.240032][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.360219][T15229] loop1: detected capacity change from 0 to 40427
[  567.405201][T15229] F2FS-fs (loop1): invalid crc value
[  567.430657][T15229] F2FS-fs (loop1): Found nat_bits in checkpoint
[  567.566582][T15229] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  567.631529][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  567.631577][   T29] audit: type=1800 audit(1717905235.966:1082): pid=15229 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=15 res=0 errno=0
[  567.704556][T14867] syz-executor.1: attempt to access beyond end of device
[  567.704556][T14867] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  567.714143][T15269] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  567.737560][T14867] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  567.752638][T14867] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  567.838250][   T29] audit: type=1800 audit(1717905236.176:1083): pid=15273 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1973 res=0 errno=0
[  569.001093][   T29] audit: type=1800 audit(1717905237.336:1084): pid=15279 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1957 res=0 errno=0
[  569.393702][T15302] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  569.417898][T15304] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  570.052900][   T29] audit: type=1326 audit(1717905238.386:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15320 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa20ce7cf69 code=0x0
[  570.506144][T15348] loop4: detected capacity change from 0 to 2048
[  570.575218][T15348]  loop4: p1 < > p4
[  570.581751][T15348] loop4: p4 size 8388608 extends beyond EOD, truncated
[  570.644532][T15353] gretap1: entered promiscuous mode
[  570.654492][T15353] gretap1: entered allmulticast mode
[  571.092324][T15376] netlink: 'syz-executor.2': attribute type 13 has an invalid length.
[  571.919874][ T5146] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  572.182532][ T5146] usb 5-1: Using ep0 maxpacket: 16
[  572.222551][ T5146] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  572.335814][ T5146] usb 5-1: language id specifier not provided by device, defaulting to English
[  572.472894][ T5146] usb 5-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.40
[  572.493417][ T5146] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  572.600698][ T5146] usb 5-1: Product: syz
[  572.626628][ T5146] usb 5-1: Manufacturer: 㓊첥눂㺷ᅯ⫦⮴儑끷눙
[  572.677280][T15393] gretap2: entered promiscuous mode
[  572.722777][ T5146] usb 5-1: SerialNumber: syz
[  572.738009][T15393] gretap2: entered allmulticast mode
[  572.792052][ T5146] usbhid 5-1:1.0: couldn't find an input interrupt endpoint
[  573.126378][ T5147] usb 5-1: USB disconnect, device number 12
[  573.200796][   T29] audit: type=1800 audit(1717905241.546:1086): pid=15402 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1956 res=0 errno=0
[  573.449851][T15412] netlink: 'syz-executor.2': attribute type 13 has an invalid length.
[  574.248236][T15429] gretap3: entered promiscuous mode
[  574.259233][T15429] gretap3: entered allmulticast mode
[  574.476817][T15432] vlan2: entered promiscuous mode
[  574.489615][T15432] bond0: entered promiscuous mode
[  574.500714][T15432] bond_slave_0: entered promiscuous mode
[  574.514063][T15432] bond_slave_1: entered promiscuous mode
[  574.531598][T15432] bond0: left promiscuous mode
[  574.537740][T15432] bond_slave_0: left promiscuous mode
[  574.550382][T15432] bond_slave_1: left promiscuous mode
[  574.985415][T15441] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  575.007140][T15441] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  575.019711][T15441] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.1'.
[  575.349395][T15454] vlan2: entered promiscuous mode
[  575.371877][T15454] bond0: entered promiscuous mode
[  575.398081][T15454] bond_slave_0: entered promiscuous mode
[  575.442076][T15454] bond_slave_1: entered promiscuous mode
[  575.857629][T15454] bond0: left promiscuous mode
[  575.973070][T15454] bond_slave_0: left promiscuous mode
[  576.039708][T15454] bond_slave_1: left promiscuous mode
[  576.558480][T15456] loop1: detected capacity change from 0 to 32768
[  576.620117][T15456] jfs_strtoUCS: char2uni returned -22.
[  576.632567][T15456] charset = cp932, char = 0xe0
[  576.992943][T15486] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  577.026866][T15483] loop4: detected capacity change from 0 to 64
[  578.275595][T15492] fuse: Bad value for 'fd'
[  578.372603][T15494] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  578.412510][T15494] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  578.430622][T15494] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.1'.
[  578.531622][T15497] team_slave_0: entered promiscuous mode
[  578.537429][T15497] team_slave_1: entered promiscuous mode
[  578.565135][T15497] macvtap1: entered promiscuous mode
[  578.587784][T15497] team0: entered promiscuous mode
[  578.634668][T15497] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  578.846475][T15513] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  578.876807][T15513] gretap1: entered promiscuous mode
[  578.883837][T15513] gretap1: entered allmulticast mode
[  580.807724][T15529] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  581.178331][T15535] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  581.406813][T15535] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  581.439795][T15535] netlink: 112860 bytes leftover after parsing attributes in process `syz-executor.3'.
[  581.747204][T15543] vlan2: entered promiscuous mode
[  581.769597][T15543] bond0: entered promiscuous mode
[  581.781110][T15543] bond_slave_0: entered promiscuous mode
[  581.790643][T15543] bond_slave_1: entered promiscuous mode
[  581.837494][T15543] bond0: left promiscuous mode
[  581.846210][T15547] No such timeout policy "syz1"
[  581.848099][T15543] bond_slave_0: left promiscuous mode
[  581.858493][ T5151] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  581.875911][T15543] bond_slave_1: left promiscuous mode
[  581.912981][T15549] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  582.035986][ T5151] usb 2-1: device descriptor read/64, error -71
[  582.178954][T15561] TCP: MD5 Hash not found for 172.20.20.187.0->255.255.255.255.20002 [P] L3 index 0
[  582.345887][ T5151] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  582.513846][ T5151] usb 2-1: device descriptor read/64, error -71
[  582.663026][ T5151] usb usb2-port1: attempt power cycle
[  582.803490][T15579] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.4'.
[  583.253922][ T5265] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  583.468052][T15584] No such timeout policy "syz1"
[  583.484021][ T5265] usb 5-1: device descriptor read/64, error -71
[  583.497749][T15585] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.1'.
[  583.547963][T15585] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  583.763398][ T5265] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  584.133630][ T5265] usb 5-1: device descriptor read/64, error -71
[  584.255169][ T5265] usb usb5-port1: attempt power cycle
[  584.962536][ T5265] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  585.023373][ T5265] usb 5-1: device descriptor read/8, error -71
[  585.296117][T15627] loop1: detected capacity change from 0 to 164
[  585.302486][ T5265] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  585.336410][ T5265] usb 5-1: device descriptor read/8, error -71
[  585.503250][ T5265] usb usb5-port1: unable to enumerate USB device
[  585.554830][T15639] loop4: detected capacity change from 0 to 256
[  585.587562][T15639] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d)
[  585.629696][T15627] netlink: 135044 bytes leftover after parsing attributes in process `syz-executor.1'.
[  585.645327][T15627] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16)
[  587.877477][T15668] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.1'.
[  588.242925][ T5150] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  588.532482][ T5150] usb 2-1: device descriptor read/64, error -71
[  588.802504][ T5150] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  588.972495][ T5150] usb 2-1: device descriptor read/64, error -71
[  589.095025][ T5150] usb usb2-port1: attempt power cycle
[  589.532478][ T5150] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  589.583171][ T5150] usb 2-1: device descriptor read/8, error -71
[  589.862491][ T5150] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  589.903176][ T5150] usb 2-1: device descriptor read/8, error -71
[  590.034146][ T5150] usb usb2-port1: unable to enumerate USB device
[  615.904132][ T5099] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  615.919441][ T5099] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  615.927976][ T5099] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  615.938546][ T5099] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  615.946267][ T5099] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  615.980528][ T5099] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  616.025942][ T5110] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  616.044698][ T5110] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  616.062613][ T5110] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  616.077778][ T5110] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  616.087488][ T5110] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  616.094992][ T5110] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  616.504358][ T5110] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  616.517569][ T5110] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  616.538350][ T5110] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  616.555280][ T5110] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  616.570565][T15683] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  616.579741][T12940] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  616.598797][T12940] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  616.605977][T15683] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  616.620362][T12940] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  616.634528][T15683] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  616.648997][T15683] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  616.656909][T15683] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  618.042531][ T5102] Bluetooth: hci5: command tx timeout
[  618.192903][ T5102] Bluetooth: hci6: command tx timeout
[  618.672845][ T5102] Bluetooth: hci7: command tx timeout
[  618.752998][ T5102] Bluetooth: hci8: command tx timeout
[  620.112453][ T5102] Bluetooth: hci5: command tx timeout
[  620.272903][ T5102] Bluetooth: hci6: command tx timeout
[  620.763047][ T5102] Bluetooth: hci7: command tx timeout
[  620.832923][ T5102] Bluetooth: hci8: command tx timeout
[  620.956351][T15683] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  620.970735][T15683] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  620.979395][T15683] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  621.002509][T15683] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  621.011199][T15683] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  621.019779][T15683] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  622.192748][T15683] Bluetooth: hci5: command tx timeout
[  622.352886][T15683] Bluetooth: hci6: command tx timeout
[  622.837681][T15683] Bluetooth: hci7: command tx timeout
[  622.912448][T15683] Bluetooth: hci8: command tx timeout
[  623.072613][T15683] Bluetooth: hci9: command tx timeout
[  624.282605][T15683] Bluetooth: hci5: command tx timeout
[  624.432797][T15683] Bluetooth: hci6: command tx timeout
[  624.678186][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  624.684568][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  624.922688][T15683] Bluetooth: hci7: command tx timeout
[  624.992666][T15683] Bluetooth: hci8: command tx timeout
[  625.152751][T15683] Bluetooth: hci9: command tx timeout
[  627.233832][T15683] Bluetooth: hci9: command tx timeout
[  629.322201][T15683] Bluetooth: hci9: command tx timeout
[  647.241755][T15683] Bluetooth: hci1: command 0x0406 tx timeout
[  667.712799][ T5102] Bluetooth: hci0: command 0x0406 tx timeout
[  672.842390][ T5102] Bluetooth: hci3: command 0x0406 tx timeout
[  681.510729][ T5102] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  681.522209][ T5102] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  681.532094][ T5102] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  681.543454][ T5102] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  681.551251][ T5102] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  681.573523][ T5102] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  681.611759][ T5102] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  681.625731][ T5102] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  681.639829][ T5102] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  681.674883][ T5102] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  681.691440][ T5102] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  681.705664][ T5102] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  681.760571][ T5102] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  681.774533][ T5102] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  681.794547][ T5102] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  681.802814][ T5102] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  681.812925][ T5102] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  681.820415][ T5102] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  681.876788][ T5102] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  681.888809][ T5102] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  681.899855][ T5102] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  681.919628][ T5102] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  681.927518][ T5102] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  681.935085][ T5102] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  683.632872][T15683] Bluetooth: hci10: command tx timeout
[  683.792566][T15683] Bluetooth: hci11: command tx timeout
[  683.875627][T15683] Bluetooth: hci12: command tx timeout
[  683.966970][T15683] Bluetooth: hci13: command tx timeout
[  685.712671][T15683] Bluetooth: hci10: command tx timeout
[  685.872488][T15683] Bluetooth: hci11: command tx timeout
[  685.952567][T15683] Bluetooth: hci12: command tx timeout
[  686.032600][T15683] Bluetooth: hci13: command tx timeout
[  686.159455][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  686.167000][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  686.250655][ T5102] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  686.269463][ T5102] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  686.291751][ T5102] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  686.311375][ T5102] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  686.320385][ T5102] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  686.335095][ T5102] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  687.792659][ T5102] Bluetooth: hci10: command tx timeout
[  687.952445][ T5102] Bluetooth: hci11: command tx timeout
[  688.036125][ T5102] Bluetooth: hci12: command tx timeout
[  688.117096][ T5102] Bluetooth: hci13: command tx timeout
[  688.432530][ T5102] Bluetooth: hci14: command tx timeout
[  689.883131][ T5102] Bluetooth: hci10: command tx timeout
[  690.042424][ T5102] Bluetooth: hci11: command tx timeout
[  690.112739][ T5102] Bluetooth: hci12: command tx timeout
[  690.192757][ T5102] Bluetooth: hci13: command tx timeout
[  690.512432][ T5102] Bluetooth: hci14: command tx timeout
[  692.592433][ T5102] Bluetooth: hci14: command tx timeout
[  694.672604][ T5102] Bluetooth: hci14: command tx timeout
[  729.632794][   T30] INFO: task syz-executor.0:15635 blocked for more than 143 seconds.
[  729.640920][   T30]       Not tainted 6.10.0-rc2-syzkaller-00361-g061d1af7b030 #0
[  729.662896][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  729.671607][   T30] task:syz-executor.0  state:D stack:26048 pid:15635 tgid:15633 ppid:13522  flags:0x00000006
2024/06/09 03:56:38 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  729.690195][   T30] Call Trace:
[  729.697910][   T30]  <TASK>
[  729.700901][   T30]  __schedule+0x1796/0x49d0
[  729.712389][   T30]  ? __pfx___schedule+0x10/0x10
[  729.717920][   T30]  ? __pfx_lock_release+0x10/0x10
[  729.731583][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  729.737223][   T30]  ? schedule+0x90/0x320
[  729.741488][   T30]  schedule+0x14b/0x320
[  729.758655][   T30]  schedule_preempt_disabled+0x13/0x30
[  729.771435][   T30]  __mutex_lock+0x6a4/0xd70
[  729.776129][   T30]  ? __mutex_lock+0x527/0xd70
[  729.780868][   T30]  ? netlink_dump+0x5d3/0xe50
[  729.785831][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  729.790880][   T30]  ? __pfx___alloc_skb+0x10/0x10
[  729.804391][   T30]  netlink_dump+0x5d3/0xe50
[  729.808956][   T30]  ? __pfx_netlink_dump+0x10/0x10
[  729.824759][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  729.829861][   T30]  __netlink_dump_start+0x59d/0x780
[  729.835676][   T30]  rtnetlink_rcv_msg+0xda2/0x1180
[  729.840725][   T30]  ? __pfx_vxlan_vnifilter_dump+0x10/0x10
[  729.854763][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[  729.860010][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  729.872061][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  729.884167][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  729.890546][   T30]  ? __local_bh_enable_ip+0x168/0x200
[  729.896210][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  729.901429][   T30]  ? __local_bh_enable_ip+0x168/0x200
[  729.914694][   T30]  ? dev_hard_start_xmit+0x773/0x7e0
[  729.920028][   T30]  ? __dev_queue_xmit+0x2d2/0x3d30
[  729.929338][   T30]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  729.935687][   T30]  ? __dev_queue_xmit+0x2d2/0x3d30
[  729.940850][   T30]  ? __dev_queue_xmit+0x16c9/0x3d30
[  729.974446][   T30]  ? __dev_queue_xmit+0x2d2/0x3d30
[  729.979616][   T30]  ? __pfx_vxlan_vnifilter_dump+0x10/0x10
[  729.992337][   T30]  ? ref_tracker_free+0x643/0x7e0
[  729.997406][   T30]  netlink_rcv_skb+0x1e3/0x430
[  730.002269][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  730.017805][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  730.050100][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  730.055392][   T30]  netlink_unicast+0x7ea/0x980
[  730.060182][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  730.082470][   T30]  ? __virt_addr_valid+0x183/0x520
[  730.087644][   T30]  ? __check_object_size+0x49c/0x900
[  730.102380][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[  730.107551][   T30]  netlink_sendmsg+0x8db/0xcb0
[  730.122434][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.128880][   T30]  ? __import_iovec+0x536/0x820
[  730.142363][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  730.147682][   T30]  ? security_socket_sendmsg+0x87/0xb0
[  730.173356][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.178689][   T30]  __sock_sendmsg+0x221/0x270
[  730.192431][   T30]  ____sys_sendmsg+0x525/0x7d0
[  730.197247][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  730.212357][   T30]  __sys_sendmsg+0x2b0/0x3a0
[  730.216995][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  730.222168][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  730.242371][   T30]  ? do_syscall_64+0x100/0x230
[  730.247224][   T30]  ? do_syscall_64+0xb6/0x230
[  730.251919][   T30]  do_syscall_64+0xf3/0x230
[  730.272340][   T30]  ? clear_bhb_loop+0x35/0x90
[  730.277078][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.292352][   T30] RIP: 0033:0x7f108ca7cf69
[  730.296809][   T30] RSP: 002b:00007f108d8be0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.322363][   T3