last executing test programs:

3m10.258744421s ago: executing program 3 (id=224):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x801}, 0xe)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, 0x0)

3m9.849012237s ago: executing program 3 (id=226):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000840)={[{@uni_xlateno}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@uni_xlateno}, {@fat=@tz_utc}, {@numtail}, {@fat=@dmask={'dmask', 0x3d, 0x6d}}, {@shortname_mixed}, {@rodir}, {@rodir}]}, 0x41, 0x282, &(0x7f00000004c0)="$eJzs3bFqW1cYB/BPtlzJhiINBdNS6C1dOgnbxbtMcaFU0NKioZ1qYpsEyzHEYEgG25vJOySvkIxZAxlC1rxACAQnkCXO5CGgoFxZkRxJsZxIMuT3W/xxz/nrnnN8uBcPPvr/+82N1a3t9aOjw8jnM5EtRzmOM1GMiZiM1H50lel+GQC46I7r9XhVT417LADAaHj/A8CXp9/7P7PfuvbX6EcGAAzLJ/39PzGUIQEAQ/bPv//9sVSpLP+dJPmIzYOd6k41/Zm2L63HlajFWsxFId5E1FvS+rffK8tzScPzYuQ39ybS/N5OdbIzPx+FKHbPzyepqDZyJ/mpmGnmn8zEWixEIb7pnl/omv8qfv6p7f6lKMTjS7EVtViNRjbN5yJidz5Jfv2z0liApkY+964fAAAAAAAAAAAAAAAAAAAAAAAMQylpKXaen5Oe31Mq9WpP8+3nA033Ox+ovnfqfJ5sfJcd79wBAAAAAAAAAAAAAAAAAADgoti+fmNjpVZbu9avuProzoPDXBr4aOf+RaZ538FSB337TJ+eRT4iFiOib+rrH5/d6taUi9yZ1udkJudejalTI0yaH3j/h/Mv78iKh4eXv/1le3axranSvjci25662Zhqx+f02EjZs23IwYuXhYieffIDb8j24u5JUX79QZ9ca5NMj/sXN3u7vHJv9+mLs6b6PDTqk5/7MQQAAAAAAAAAAAAAAAAAAHT8f3vvPoujHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjMH77/8ftMhFx5V8z877454jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8DQAA//8mbYtA")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)

3m9.560329398s ago: executing program 4 (id=227):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000700000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000003540)=ANY=[@ANYBLOB="b700000050000008bca30000000000002403000040feffff7b1af0ff0000000079a4f0ff000000001f030000000000002e030200000000002604fdffffff000e61141800000000001d430000000000007a0a00fe0000001f61141400000000004603f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f2440000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c9494963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c88629a6c921c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fbf05b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71ca3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3m9.379894718s ago: executing program 3 (id=230):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)=@ipv4_delrule={0x24, 0x21, 0xd31, 0x70bd27, 0x25dfdbfc, {0x2, 0x10, 0x10, 0x10, 0x3, 0x0, 0x0, 0x1}, [@FRA_SRC={0x8, 0x2, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4000800)

3m8.355642551s ago: executing program 3 (id=233):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x557, &(0x7f0000000280)="$eJzs3c9qG8cfAPDvynb+Ob9fHAih7aEYcmhKGjm2+yeFHtJjaUMDfYBU2BsTLEfBkkPsBpocmksvJRRKaaD0AXrvMfQF+hSBNhBKMO2hF5eVV7FiS5ZsK7FSfT6w9szuyrOj2e94RiOhAAbWePajEPFqRHyTRBxrOjYc+cHx9fNWn9yaybYk1tY++zOJJN/XOD/Jf4/mmVci4tevIs4UtpZbXV6ZL5XL6WKen6gtXJ+oLq+cvbpQmkvn0mtT09Pn35meev+9d3tW1zcv/f39pw8+Ov/1qdXvfn50/F4SF+Jofqy5HntwuzkzHuP5czISFzadONmDwvpJst8XwK4M5XE+ElkfcCyG8qgH/vu+jIg1YEAl4h8GVGMc0Jjb92ge/NJ4/OH6BGhr/ZP110biUH1udGQ1eWZmlM13x3pQflbGL3/cv5dt0bvXIQA6un0nIs4ND7fv/3bvXBfnbC5D/wcvzoNs/PNWq/FP4en4J1qMf0ZbxO5udI7/wqMeFNNWNv77oOX49+mi1dhQnvtffcw3kly5Wk6zvu3/EXE6Rg5m+e3Wc86vPlxrd6x5/JdtWfmNsWB+HY+GDz77mNlSrbSXOjd7fCfitQ7j36RF+2fPx6UuyziZ3n+93bHN9T+8p9rs3NpPEW+0bP+NFa1k+/XJifr9MNG4K7b66+7J39qV37n9n6+s/Y9sX/+xpHm9tpp3CDvw46F/0nbHxpN80XQH93/z3PVAvu9mqVZbnIw4kHwSW/ZPbTy2kW+cn9X/9Knt+79W9392n37eZf3vnrjb9tR+aP/ZHbX/zhMPP/7ih3bld9f/vV1Pnc73dNP/dXuBe3nuAAAAAAAAoN8UIuJoJIXi03ShUCyuv7/jRBwplCvV2pkrlaVrs1H/rOxYjBQaK92jTe+HmMzfD9vIT23KT0fE8Yj4duhwPV+cqZRn97vyAAAAAAAAAAAAAAAAAAAA0CdGNz7/PxRNn//P/D60zxcHPH++8hsGV8f478U3PQF9yf9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy5dvJhta6tPbs1k+dkby0vzlRtnZ9PqfHFhaaY4U1m8XpyrVObKaXGmstDp75UrleuTU7F0c6KWVmsT1eWVywuVpWu1y1cXSnPp5XTkhdQKAAAAAAAAAAAAAAAAAAAAXi7V5ZX5UrmcLkpI7Cox3B+XIdHjxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw4d8AAAD//0gqNi0=")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000002200)=""/4101, 0x1005)

3m8.082869598s ago: executing program 4 (id=234):
creat(&(0x7f0000000440)='./bus\x00', 0x38)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)

3m7.212066762s ago: executing program 4 (id=236):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9ae", 0xc9}, {0x0}], 0x2}}], 0x1, 0xc0)
r2 = gettid()
tkill(r2, 0x1)

3m6.439607842s ago: executing program 3 (id=240):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@discard}, {@abort}, {@dioread_lock}, {@usrquota}, {@nombcache}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}, {@resuid}, {@init_itable_val}, {@jqfmt_vfsv1}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

3m4.338761927s ago: executing program 4 (id=247):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
lseek(0xffffffffffffffff, 0x80, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x801}, 0xe)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000013c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_adjtime(0x0, &(0x7f0000000700)={0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x68b3cbb4, 0x8, 0x0, 0x240e, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x33e70a74, 0x0, 0x0, 0x8, 0x0, 0x83, 0x1, 0x5})
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/171, 0xab}], 0x1, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)

3m3.358153231s ago: executing program 3 (id=250):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, 0x0, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)

3m1.91917448s ago: executing program 32 (id=250):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, 0x0, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)

3m1.894803997s ago: executing program 4 (id=256):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
pipe(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp(0x2, 0x2, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
pipe(&(0x7f00000001c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r1], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

3m1.307866373s ago: executing program 4 (id=259):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9ae", 0xc9}, {0x0}], 0x2}}], 0x1, 0xc0)
gettid()
tkill(0x0, 0x1)

2m46.089056907s ago: executing program 33 (id=259):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9ee6ae29f0b07bc6fe7981126ca804c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d459b1651686a53ca52dce9570444c153f9c2903ae4c868074e89477bf6ed2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9ae", 0xc9}, {0x0}], 0x2}}], 0x1, 0xc0)
gettid()
tkill(0x0, 0x1)

32.615630977s ago: executing program 2 (id=601):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x8205, &(0x7f0000000480), 0x1, 0x625, &(0x7f0000000c80)="$eJzs3c9rHG0dAPDvzCYxed9oWpVii2LAQwvS/KjFqqe2F3soWLAHEQ8NTVJDN21oUrC1YAoeFBREvIr04j/gXYpXbyKoN89CFYl4UOnKzM6k281ussnb3Ukznw/s9plnZvd5vvvs03me3Tw7AdTWbHaXRpyNiDtJxEzHvulo75wtjtv557O72S2JVuub/0giKfLK418X/36Y3SURkxHxh+sRn2zsLXfzydP7S81W2w8i5rfWN+Y3nzy9uLa+dG/l3sqDxUtfuXxl4auLlxffSZxlXDdufuOzP/3hd7+8+sfmxSSuxu3x7y9HVxz7+NRhypyN2XhdhNiZPxYRV7JEj9flfVOGkFRcD46mUbwfxyPiTMxEI99qm4m1n1RaOWCoWo2IFlBTif4PNVWOA8q5/YDz4BPj1bX2BGhv/GPtz0ZiMp8bfbCTdMyM2vPdU++g/KyM/z0798vsFn0+hxh7B+X0s/08Ij7TK/4kr9up/FOcLP400o7HZemFiJgoXotB5v9j+Sv5ttmu7VG//w4Tf2c7ZPFfLf7N8q8fsfyq4wegnl5eK07k29nWm/NfNjIsxz/RY/wz3ePcdRRVn//6j//K8/1k/hl52jUOy8Y7t3o/5Z5Bzl9/fOPn/crvHP9lt6z8ciw4Cq+eR5zriv9H+UAv2W3/pEf7Z4fcGbCMr//p7zf67as6/taLiPM95z9vRrRZan5rfaPM6/p+cn51rbmy0L7vWcZvf/+dX/crv+r4s/aPPvO//do/y9sYsIzf3Hqx3m/f9IHxp3+bSG7nqYki53tLW1uPFiMmkpvFIR35l/avS3lM+RxZ/Be+0Lv/94q/KCpv6O23Xo3+Nr51f6ffcQO3/96pU+Z1a/9wD5TFv9zn/X9Q+/9swDL+/e3Hn+vKmioT+8U/tfepku1DRwgAAAAAAAD1kebfwSbp3G46Tefm2mt4Px0fpM2Hm1tfXH34+MFyxIX87yHH0/Kb7pn2dpJtLxZ/D1tuX+ra/lJEnI6IXzSm8u25uw+by1UHDwAAAAAAAAAAAAAAAAAAAMfEh8X6//I61f9qtNf/D2TrzJBrBwzdMC8wBxxv+j/UV97/06prAVTB+R/qS/+H+tL/ob70f6gv/R/qS/+H+tL/ob70fwAAAAA4kU5//uVfkojY/tpUfstMFPvGK60ZMGyH7+OzQ6kHMHqNkT4MOE52v/q3/B9qZ6Dx/3+KHwccfnWACiS9MvPBQWv/zv+y5yMBAAAAAAAAAAAAgCE4f9b6f6irNH5XdRWAiuxdyH92Z8CFfn4DAN5zfvof6usjzfF9QAAnwkGr+Cd3U13Dfuv/AQAAAAAAAAAAAGBkpvNbks4VlwCdjjSdm4v4eEScivFkda25shARn4iIPzfGP5ZtL1ZdaQAAAAAAAAAAAAAAAAAAADhhNp88vb/UbK486kz8d0/OyU6UV0GtrBrX+u+KZPT1mYqIyhtlaImxjpwkYjtr+VGVPrl/WXEcXp9HaV6Niv9jAgAAAAAAAAAAAAAAAACAGupYe9zbuV+NuEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHpvrv9/9ERywPNUHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8H76fwAAAP//1f46fw==")

30.743961021s ago: executing program 2 (id=610):
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x525, &(0x7f0000000100)="$eJzs3c9vG1kdAPCv3fxw03SThT0sCNiyLBRU1U7c3Wi1B1guSGi1WqRlTwh1o8SNothxFDulCZFIJW5ckajECf4EDkgckHrizg1uXIoEUoGKqkFCyGjscZo4dhM1cdzGn4808ps3k/l+n6V5L37+8QIYWlciYicixiLi04iYSusz6Rbvt7bkvCePthd2H20vZKLR+PifI+mZ2wvt89supdfMRXyU7I93iVvb3FqZL5dL6+l+oV5ZK9Q2t64vV+aXSkul1WJxbnZu5t0b7xRPra1vVH7z8DvLH3zy+9998cEfd77x4yTnb7UOjSVtO7VA+7Sel9GY3FeXPHMf9CPYAFxI2zM26ER4LtmI+ExEvJmW9+QGlxMA0F+NxlQ0pvbv95Y5xjkAwIsvec0/GZlsPn39PxnZbD7fnMPLvRYT2XK1Vr92q7qxuhjNOazpGM3eWi6XZtK5wukYzST7s83y0/1ix/6NiHg1In4+frG5n1+olhcH9U8PAAy5Sx3j/+Px1vh/DN4hAICXmZEcAIbP4fF/dCB5AABnx+t/ABg++8b/bt/VBQDOoVzHd/8BgPPvyPn/1+MnPzybVACAM+L9fwAYKt/78MNka+ymv3+9eHtzY6V6+/piqbaSr2ws5Beq62v5pWp1qfmbPZWjrleuVtdm346NO4V6qVYv1Da3blaqG6v1m83f9b5Z8sUCABi8V9+4/+dMROy8d7G5RXstBx8IgHPPbQ7D68KgEwAGZmTQCQADYz4eyBxxvOdHhO71/puLJ8gH6L+rn+sx/9/tf4O7e6X/Nc4uRaBPzP/D8DrZ/L/ZA3iZmf+H4dVoZKznDwBD5hiv4H1EEM65537/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYZHPLZPPpWuCTkc3m8xGXI2I6RjO3lsulmYh4JSL+ND46nuzPDjppAOCEsn/PpOt/XZ16a7Lz6FjmP+PNx4j40S8//sWd+Xp9fTap/9deff1eWl/sGmC8/20AAPYZ6axoj9Ptcby9vu+TR9sL7e0sE3z47dbioknc3XRrp95KPhejETHx78yBxmROaWHinbsR8Xpn+7N7x6fTlU874yexL/ctfjRbOHkgfvZA/GzzWOsxeS4+ewq5wLC5n/Q/73e7/7JxpfmY3n+Zg51pLn52uHN9Du3+b7fR2f+17vePLueafU23/u/KcWO8/Yfv9jx290Lj8yMRu4f63/aK0LlmqVv8t7pd8KfffLzRUfWXL3zpzV7xG7+KuBrPit8qFeqVtUJtc+v6cmV+qbRUWi0W52bnZt698U6x0JyjLrRnqg/7x3vXXund/oiJHvFzR7T/q70u2uHX//30B19+Rvyvf6Vb/Gy89oz4yZj4tWPGn5/4bc/lu5P4iz3aP3Ig/tiBv0vqrh0z/oO/bi0e81QA4AzUNrdW5svl0rrCSQu5fl350gvSQIUehb99cuCeGng+p1IYWJcEnJGnN/2gMwEAAAAAAAAAAAAAAHqpfT/9yb8+fhlu0G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/Pp/AAAA///RQMtW")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

26.979179251s ago: executing program 2 (id=617):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x1001001, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f646973636172642c64697361626c655f6578745f6964656e746966792c6e6f5f686561702c616c6c6f635f6d6f64653d72657573652c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6d6f64653d61646170746976652c6e6f696e6c696e655f64656e7472792c6e6f696e6c696e655f64656e7472792c00a9e7dbe6e4bad474e8cfd8a373296a85708bc598b2953806027778d6ae7ad6bdb455257976e43fe4cdd0a7860fdb5f804e8f0273b01d1b4fdf1094745ee4dd357a3197baac71d4e82e2f3b56a21e07ef05ae11495b038da684973bfefc7d1a8e3f33b47ad77e3086"], 0x1, 0x551b, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+2mNowwDAP7Mzs72j4oxSg4RUfCgF5tua2tv4kEJHvwIQki3NXbrnzYHW4o0F28S8NaL6FFEUOKt36HnFnqptx5yqOBZmdmZZNpEs7J0ZpP8fvDO++zsMO/zzkDIM+8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVDbf247TfDMzijvlvruPbizn/b0n+tzt9fvzecvjpMmk94dX6h+SufYSAQAA4MA4stcBaVXfR8SDbGMx7zszRf2fVcfkNf8Pz43iqp5/su6v+qr2z9vvvz18aWugmdE4+UkvrAwHJ3em0p1opvvY83se0S2ufPHsJS1uSOfDtRc3s+J6Jt/eufN+rwj3vNsAQFtOVH0ZVL8P5X2/zcQAODS6tcL7Zln/pzPt5gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQhM21eKaKk4iY727HuXuPbizv1t9evz9ftbO3bq3Hze1z5qfIIuLCynBwstHZTLer165fWhoOB1d2Db6LiH/5avLg1YjY+VUyVmKTBu+Wo1z6eIyDI55WGoImgk55s6cln/0RtPQDCQCAAysrW17yPcg2FvN9yWzE3z8+Xv+/UYtjzPr/4Sdn79bHqtf//cZmOP0WVi9/sXD12vW3Vi4vXRxcHHz29qn+O/3T586cObdQPCtZ8MQEAACAyfTKVq//O7M71/+P1+IYs/7/8vv+1/WxUvX/rrYX/drOBAAA4HB74bW//kx22Z/0evHV0urqlf5ou/X51Gj7H6c8+hTT/V+OlK1e/6ezbWcFAAAANGFzLXls/f98LY4x1/+f/enlX+rnTCPiWLn+f2L58+H55qYz1Zr4c+K25wgAAEC7jpWtvv6fFe//d7ZeeehExJuvj+Ly3wCOVf+nH3zzc32s+vv/p5ub4lTqzI2uR9HPRXTn2s4IAACAg+xo2fJi/49sY/HTX49/1PP+PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDT/gkAAP//RwQ5wQ==")
socket$netlink(0x10, 0x3, 0x4)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x3b, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), r0)
ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, 0x0)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r1, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b00001400078008000600"], 0xac}}, 0x0)

21.979486828s ago: executing program 7 (id=626):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = socket$unix(0x1, 0x2, 0x0)
writev(r4, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f0000000080)=0x7, 0x4)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000040)=0x4971, 0x4)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0)

21.247503414s ago: executing program 2 (id=630):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0/file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x3125899, 0x0)

20.759535942s ago: executing program 2 (id=633):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000050, &(0x7f00000002c0)={[{@errors_remount}, {@i_version}, {@init_itable}, {@sysvgroups}, {@bh}, {@resgid}, {@noquota}, {@delalloc}, {@quota}, {@nodelalloc}, {@mblk_io_submit}]}, 0x10, 0x4e9, &(0x7f0000000840)="$eJzs3c9rXFsdAPDvvcm8tmmeyVMXzwe+9/A9SR/ameTFtsFFrSB2VbDWfY3JJIRMMiEzaZtQJMW9goi6deVGENeC9E8QoaB7qaKItnbhQh2ZmTttGmcyKZnODcnnA7f3nHsm9/s9DTn312FuAKfW+xFxLSJGIuKjiJjItqfZcr3ZfrP9uadP7i80lyQajVt/TyLJtnX2lWTr8xGxGxFnI+Kb1yO+k/x/3Nr2zup8pVLezOql+tpGqba9c3FlbX65vFxen52duTx3Ze7S3PRA+lmIiKtf+/OPf/Dzr1/9zRfv/vH2Xy98t5nWeNa+tx99denPwR8ttP4vOkYjYvPwuzjWRrJ1oUf790eGmAwAAH01z/E/GRGfa57/N0/aW2enAAAAwEnS+Mp4/DuJaAAAAAAnVtqaA5ukxYhIx7KbAsX2HN5Px1haqdbqX1iqbq0vtufKTkYhXVqplKezucKTUUia9ZlW+UX943312Yh4KyJ+NHGuVS8uVCuLOd/7AAAAgNPi/N7r/4h4NpGmxWKcyTsvAAAAYMAm804AAAAAeO1c/wMAAMDJ5/ofAAAATrRv3LjRXBqd918v3tneWq3eubhYrq0W17YWigvVzY3icrW63PrOvrV++6tUqxtfivWte6V6uVYv1bZ3bq9Vt9brt1deegU2AAAAMERvvffwD0lE7H75XGtpeiPvpIChSPq0t14S8jir/GkICQFDM5J3AkBuRvNOAMhNIe8EgNz1uw/Qc/LObwefCwAA8HpMfab383/3BuBkS/NOAAAYOs//4fQqvDwD8FJ+mQB5+USf9qM//280XikhAABg4MZbS5IWs2eB45GmxWLEm63XAhSSpZVKeTq7Pvj9ROFMsz7T+smk75xhAAAAAAAAAAAAAAAAAAAAAAAAAKCt0UiiAQAAAJxoEelfkta3+UdMTXw4vv/+wBvJvyZa64i4+6tnP7k3X69vzjS3/+P59vpPb7W3f5zHHQwAAABgv851euc6HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6emT+wudZZhx//bViJjsGv+9s63V2ShExNg/kxjd83NJRIwMIP7ug4h4u1v8pJlWTEY7i27xz+UYP42I8wOID6fZw+b4c63b318a77fW3f/+RrPlqHqPf2l0xr+RHuPPm4eM8c6jX5Z6xn8Q8c5o9/GnEz/pEf+DQ8b/9rd2dnq1NX4WMdX1+JO8FKtUX9so1bZ3Lq6szS+Xl8vrs7Mzl+euzF2amy4trVTK2b9dY/zws7/+70H9H+sRf7JP/z88ZP//8+jek0+1i4Vu8S980P34+3aP+Gl27Pt8Vm62T3XKu+3yXu/+4nfvHtT/xR79f/7773Kgbca8cMj+f3Tze48P+VEAYAhq2zur85VKefNIhUHt5xULaeQQ9Mg5RxyDNI5h4czxSEOhXTho1EiGN0ABAAAD8+KkP+9MAAAAAAAAAAAAAAAAAAAA4PQaxteJ7Y+5m09XAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9L8AAAD///d917w=")

19.276993951s ago: executing program 2 (id=640):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
close(r0)

18.887141157s ago: executing program 0 (id=641):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x2, 0x4}, {0xd, 0x2}, {0x2, 0x5}]}, @datasec={0x3, 0x0, 0x0, 0xf, 0x2, [], "25ff"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x2, [], "b8b3"}]}}, &(0x7f0000000540)=""/145, 0x5a, 0x91, 0x1, 0x0, 0x0, @void, @value}, 0x28)

16.023884021s ago: executing program 34 (id=640):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
close(r0)

16.016984896s ago: executing program 0 (id=644):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
write(r0, &(0x7f0000001680)="95d404", 0x3)

16.008833605s ago: executing program 7 (id=647):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)={[{@utf8no}, {@numtail}, {@fat=@errors_remount}, {@utf8}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@numtail}, {@numtail}, {@uni_xlate}, {@numtail}, {@utf8}, {@rodir}]}, 0x2a, 0x33c, &(0x7f0000000a40)="$eJzs3T1sW1UUAODjvjROI5V4QKpgMmxIqGqCGGBKVBWpIgMUWfwtWDTlJzaVYmEpDHG9gBhBLEgwsXWAsTNiQIiNgZUioQJioVukVjxkvxf7+SfUgJzy831DdXTuOb73vV7FL1F889J6bF88Hpdu3rwRS0ulWFg/ux77pajEsUgicyUAgP+S/TSNX9PMnavfXz6IFue8LgBgfvrv/6+cHCbKd3M1AMBRmPH7/6emZi/PbVkAwBztx9j7/4Mjw2M/5l8Y/E4AAPDv9czzLzy5sRlxoVpdimi+0661a/H4cHzjUrwWjdiKM7EStyOyB4XsaaH37xPnN8+dqfb8WIlar6Ndi2h22rXsSWEj6feXYzVWopL3p4P+pNe/2u+vRsSVTn/+aJbateOxnM//3XJsxVqsxL0T/RHnN8+tVfMXqDUP+jsR3Vg6uIje+k/HSnzzclyORlyMXu9w/Xur1erZdHOkv3213K8DAAAAAAAAAAAAAAAAAAAAAIB5OF0dqAzOv0mbnfbbF8YLKiPn49Sy4fx8oG52PlBaPjid591k/Hyg0fN52rWFOHZXrxwAAAAAAAAAAAAAAAAAAAD+OVq7i1FvNLZ2WrtvbReDTiHzxleffnEixmteT4aZWMhebqQmz0WhK4lBezpoT5ORmjxIIobFV68NVlysKQ+uYqK9F5Qnhkr5muqNxskHfvhoWtdvw0wSE7dlNCjl8xeGmvdkqT/oOjxYu0PN9TRND2vf+3CyK0oRCxP/cX8nWMyDL2+8et8jrVOP9oc+zw99eOjhlWevf/DJz9v1RuS3ptFY3GndTv/ypElh/5Ty+1yashOmB91hprvT2q0n3/7y3P3vfT1WnEzfP2kx8+bhc302nlnMgt4yZ7nS41M2//TgxVuD3fvnb+apj9fr1/a+/2nWrsIXCQd1AAAAAAAAAAAAAAAAAADAkSh8Vnwm2WevH3t6vqsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKM1/Pv/haA7kZkluNWJyaHy1k7r0MlPHOmlAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP/Z7AAAA///zeHd6")
setxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001240)='cgroup.controllers\x00', 0x275a, 0x0)

15.345780065s ago: executing program 0 (id=649):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.swap.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000200)=0x7, 0x4)

14.37962421s ago: executing program 7 (id=652):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x1, 0x1, 0x1, 0x8, 0x1, 0x9}, 0x20)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05"], 0x0)

12.931195346s ago: executing program 5 (id=655):
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201410127c0de206a0803003ff0010203010902240001000010000904020202f3bff5000905"], 0x0)

12.244282297s ago: executing program 0 (id=656):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)

11.948880928s ago: executing program 0 (id=658):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

11.730645183s ago: executing program 7 (id=660):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
write(r0, &(0x7f0000001680)="95d404", 0x3)

11.327982954s ago: executing program 7 (id=661):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

10.632010482s ago: executing program 5 (id=662):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r3, r0}, 0xc)

10.023415954s ago: executing program 5 (id=664):
socket(0x2, 0x3, 0xff)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r1 = add_key$keyring(0x0, &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$update(0x2, r1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
setgroups(0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
setregid(0x0, 0xee01)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
write$tcp_congestion(r5, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, 0x0, 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x478, 0xffffffff, 0x0, 0x0, 0xd0, 0xfeffffff, 0xffffffff, 0x3a8, 0x3a8, 0x3a8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@empty, @mcast1, [0xff, 0xff, 0xff, 0xff000000], [0xffffff00, 0xff, 0xff, 0xffffff00], 'macvtap0\x00', 'veth1_to_hsr\x00', {}, {}, 0x3c, 0x6, 0x4, 0x74}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x5}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [0x0, 0xff000000], [], 'wg2\x00', 'batadv_slave_1\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [0x0, 0xff], 'ip6tnl0\x00', 'dvmrp0\x00', {}, {}, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x180, 0x1a8, 0x0, {}, [@common=@dst={{0x48}, {0x1, 0x0, 0x0, [0x5, 0x1, 0xfff, 0x5, 0x6, 0x9, 0x81, 0x2, 0x10e0, 0xfffc, 0x10, 0x3, 0x1, 0x0, 0x4, 0x6]}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local, @private1, [0x0, 0xffffff00, 0xff000000], [0xffffff00, 0x0, 0xffffff00], [], 0x843, 0x1420}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d8)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)

8.459307304s ago: executing program 5 (id=666):
futex_waitv(&(0x7f0000002940)=[{0x0, &(0x7f0000001000), 0x82}, {0x0, &(0x7f0000001040), 0x82}, {0x0, &(0x7f0000001080), 0x82}, {0x0, &(0x7f00000010c0), 0x82}, {0x0, &(0x7f0000001100), 0x82}, {0x0, &(0x7f0000001140), 0x82}, {0x0, &(0x7f0000001180)}, {0x0, &(0x7f00000011c0)}, {0x0, &(0x7f0000001200)}, {0x0, &(0x7f0000001240)}, {0x0, &(0x7f0000001280)}, {0x0, &(0x7f00000012c0)}, {0x0, &(0x7f0000001300)}, {0x0, &(0x7f0000001340)}, {0x0, &(0x7f0000001380)}, {0x0, &(0x7f00000013c0)}, {0x0, &(0x7f0000001400)}, {0x0, &(0x7f0000001440)}, {0x0, &(0x7f0000001480)}, {0x0, &(0x7f00000014c0)}, {0x0, &(0x7f0000001500)}, {0x0, &(0x7f0000001540)}, {0x0, &(0x7f0000001580)}, {0x0, &(0x7f00000015c0)}, {0x0, &(0x7f0000001600)}, {0x0, &(0x7f0000001640)}, {0x0, &(0x7f0000001680)}, {0x0, &(0x7f00000016c0)}, {0x0, &(0x7f0000001700)}, {0x0, &(0x7f0000001740)}, {0x0, &(0x7f0000001780)}, {0x0, &(0x7f00000017c0)}, {0x0, &(0x7f0000001800)}, {0x0, &(0x7f0000001840)}, {0x0, &(0x7f0000001880)}, {0x0, &(0x7f00000018c0)}, {0x0, &(0x7f0000001900)}, {0x0, &(0x7f0000001940)}, {0x0, &(0x7f0000001980)}, {0x0, &(0x7f00000019c0)}, {0x0, &(0x7f0000001a00)}, {0x0, &(0x7f0000001a40)}, {0x0, &(0x7f0000001a80)}, {0x0, &(0x7f0000001ac0)}, {0x0, &(0x7f0000001b00)}, {0x0, &(0x7f0000001b40)}, {0x0, &(0x7f0000001b80)}, {0x0, &(0x7f0000001bc0)}, {0x0, &(0x7f0000001c00)}, {0x0, &(0x7f0000001c40)}, {0x0, &(0x7f0000001c80)}, {0x0, &(0x7f0000001cc0)}, {0x0, &(0x7f0000001d00)}, {0x0, &(0x7f0000001d40)}, {0x0, &(0x7f0000001d80)}, {0x0, &(0x7f0000001dc0)}, {0x0, &(0x7f0000001e00)}, {0x0, &(0x7f0000001e40)}, {0x0, &(0x7f0000001e80)}, {0x0, &(0x7f0000001ec0)}, {0x0, &(0x7f0000001f00)}, {0x0, &(0x7f0000001f40)}, {0x0, &(0x7f0000001f80)}, {0x0, &(0x7f0000002000)}, {0x0, &(0x7f0000002040)}, {0x0, &(0x7f0000002080)}, {0x0, &(0x7f00000020c0)}, {0x0, &(0x7f0000002100)}, {0x0, &(0x7f0000002140)}, {0x0, &(0x7f0000002180)}, {0x0, &(0x7f00000021c0)}, {0x0, &(0x7f0000002200)}, {0x0, &(0x7f0000002240)}, {0x0, &(0x7f0000002280)}, {0x0, &(0x7f00000022c0)}, {0x0, &(0x7f0000002300)}, {0x0, &(0x7f0000002340)}, {0x0, &(0x7f0000002380)}, {0x0, &(0x7f00000023c0)}, {0x0, &(0x7f0000002400)}, {0x0, &(0x7f0000002440)}, {0x0, &(0x7f0000002480)}, {0x0, &(0x7f00000024c0)}, {0x0, &(0x7f0000002500)}, {0x0, &(0x7f0000002540)}, {0x0, &(0x7f0000002580)}, {0x0, &(0x7f00000025c0)}, {0x0, &(0x7f0000002600)}, {0x0, &(0x7f0000002640)}, {0x0, &(0x7f0000002680)}, {0x0, &(0x7f00000026c0)}, {0x0, &(0x7f0000002700)}, {0x0, &(0x7f0000002740)}, {0x0, &(0x7f0000002780)}, {0x0, &(0x7f00000027c0)}, {0x0, &(0x7f0000002800)}, {0x0, &(0x7f0000002840)}, {0x0, &(0x7f0000002880)}, {0x0, &(0x7f0000003380)}, {0x0, &(0x7f0000002900)}], 0x64, 0x0, &(0x7f0000003300), 0x1)

7.706813585s ago: executing program 1 (id=667):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000080)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES32], 0x2, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x33, &(0x7f0000000000)=0x7, 0x4)
setsockopt$inet6_int(r3, 0x29, 0x31, &(0x7f0000000240)=0xf2b, 0x4)
getsockopt$inet6_buf(r3, 0x29, 0x6, &(0x7f0000000340)=""/19, &(0x7f0000000080)=0x13)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b6e0987f70e06d038e7ff7fc6e5539b3248298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40042, 0x1fe)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x5)
mount$bind(0x0, &(0x7f0000000140)='.\x00', 0x0, 0x825, 0x0)

7.65076689s ago: executing program 5 (id=669):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001300)='kmem_cache_free\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001340)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0500"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4040086)

7.058741217s ago: executing program 5 (id=671):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008000}, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r0)

3.093254897s ago: executing program 1 (id=675):
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x20, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000007000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020737200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r3}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r5, &(0x7f0000000d40), 0x0}, 0x20)

3.092629086s ago: executing program 6 (id=676):
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@map, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

2.915620096s ago: executing program 6 (id=677):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000005c0)=r2, 0x12)
r5 = openat$cgroup_ro(r3, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1, 0x12)

2.65273477s ago: executing program 6 (id=678):
creat(&(0x7f0000000440)='./bus\x00', 0x38)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)

2.603078424s ago: executing program 1 (id=679):
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000200)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x20040834)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x14, &(0x7f0000000040)={0x0, 0x0})
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000580)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)

2.008633102s ago: executing program 6 (id=680):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='sched_kthread_work_queue_work\x00', r0}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))

1.902700421s ago: executing program 1 (id=681):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x101040)
readv(r0, &(0x7f0000000600)=[{&(0x7f0000000680)=""/192, 0xc0}], 0x61)
ioctl$EVIOCGABS20(r0, 0x40044591, 0x0)

1.3757492s ago: executing program 6 (id=682):
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f0000001900)=ANY=[], 0xfd, 0x222, &(0x7f00000016c0)="$eJzs2k2LW2UUB/Bz25HWKdNEfKMF8UE3urk0Wblw0UFaEAOKNoIK0lvnRkMyyZAbBiLSzs6tH8G1uHQnSL/AbPwEXbibzSy7EK+0KZ0X4mIQJ9j5/TY5cPKH5+FcLmdx9979YXPQq/JeMY1zWRYr12MnHmbRjHNxPuZ24u277zx47ZPPPv9gvdO58XFKN9dvtdoppcuv//bFdz+/cX966dNfLv96IXabX+7tt//YfWX3yt5ft77pV6lfpdF4mop0ZzyeFneGZdroV4M8pY+GZVGVqT+qysmRfm843tqapWK0sba6NSmrKhWjWRqUszQdp+lkloqvi/4o5Xme1laDf6P708O6jv36udtR1/XzP8al+7H2IBqRvZCyF69nL9/OXt3JruzXdWPZR+U/Yf5nm/mfbeZ/th1a6i5GbH6/3d3uzn/n/fVe9GMYZVyLRvwZjx6TJ+b1zfc7N66lx5qRNu89yd/b7p4/mm9FI5qL8615Ph3NX4jVw/l2NOKlxfn2wvzFeOvNQ/k8GvH7VzGOYWzEo+xB/m4rpfc+7BzLX338PwCAZ02enlq4v+X5P/Xn+RPsh8f2q5W4urLcuxNRzb4dFMNhOVEoFIqnxbLfTJyGg6Ev+yQAAAAAAAAAAACcxGl8TrjsOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w9/BwAA///8j/If")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_elf64(r0, 0x0, 0xfd14)

663.112545ms ago: executing program 1 (id=683):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000002c0)='sched_kthread_work_queue_work\x00', r1}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))

352.26589ms ago: executing program 0 (id=684):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)

350.280383ms ago: executing program 6 (id=685):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000440)=ANY=[], 0xfdef)

263.358679ms ago: executing program 7 (id=686):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xc, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000700000018150000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000c296be685000000150000001801000022786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 1 (id=687):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

kernel console output (not intermixed with test programs):

b 6-1: config 0 interface 97 has no altsetting 0
[  161.872564][ T5979] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  162.126269][ T5979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.169691][ T5979] usb 6-1: config 0 descriptor??
[  162.393829][ T5979] usb 6-1: string descriptor 0 read error: -71
[  162.826569][ T5979] asix 6-1:0.97 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  162.848607][ T5979] asix 6-1:0.97: probe with driver asix failed with error -71
[  162.920378][ T5979] usb 6-1: USB disconnect, device number 2
[  163.313619][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  164.295434][    T9] usb 1-1: Using ep0 maxpacket: 16
[  164.348891][    T9] usb 1-1: config 0 has an invalid interface number: 164 but max is 0
[  164.399098][    T9] usb 1-1: config 0 has no interface number 0
[  164.450717][    T9] usb 1-1: New USB device found, idVendor=04dd, idProduct=8006, bcdDevice=9c.56
[  164.493313][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.528372][    T9] usb 1-1: Product: syz
[  164.540991][    T9] usb 1-1: Manufacturer: syz
[  164.558189][    T9] usb 1-1: SerialNumber: syz
[  164.860102][    T9] usb 1-1: config 0 descriptor??
[  165.008552][ T6269] veth1_macvtap: left promiscuous mode
[  165.014172][ T6269] macsec0: entered promiscuous mode
[  165.022222][ T6269] macsec0: entered allmulticast mode
[  165.715789][    T9] usb 1-1: unsupported MDLM descriptors
[  165.904679][ T6273] netlink: 'syz.4.100': attribute type 4 has an invalid length.
[  165.931815][    T9] usb 1-1: USB disconnect, device number 4
[  167.316628][ T6280] loop1: detected capacity change from 0 to 512
[  167.401152][ T6280] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.500401][ T6280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.521207][ T6284] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  167.553839][ T6280] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.650158][ T6280] netlink: 80 bytes leftover after parsing attributes in process `syz.1.104'.
[  169.187416][ T5889] Process accounting resumed
[  169.203750][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.312214][ T6305] netlink: 'syz.5.110': attribute type 25 has an invalid length.
[  169.573809][   T55] Bluetooth: hci6: command 0x1003 tx timeout
[  169.580154][ T5849] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  171.733552][ T6328] netlink: 'syz.0.119': attribute type 4 has an invalid length.
[  173.189540][ T6340] loop1: detected capacity change from 0 to 512
[  173.270827][ T6340] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  173.364511][ T6346] netlink: 'syz.0.126': attribute type 25 has an invalid length.
[  173.455575][ T6340] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.546113][ T6340] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.638340][    T9] Process accounting resumed
[  173.650444][ T6337] loop5: detected capacity change from 0 to 1024
[  173.655273][ T6340] netlink: 80 bytes leftover after parsing attributes in process `syz.1.124'.
[  173.915004][ T6337] EXT4-fs: Ignoring removed bh option
[  173.937682][ T6337] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  174.110487][ T6337] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.203131][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.310702][ T6337] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  174.526365][ T6337] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  175.679030][ T6372] loop2: detected capacity change from 0 to 256
[  175.737905][ T5889] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  176.118925][ T5889] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.278506][ T6379] veth1_macvtap: left promiscuous mode
[  176.285641][ T6379] macsec0: entered promiscuous mode
[  176.292123][ T6379] macsec0: entered allmulticast mode
[  176.933304][ T5889] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.963703][ T5889] usb 5-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  176.969216][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.972833][ T5889] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.054243][ T5889] usb 5-1: config 0 descriptor??
[  177.494654][ T6382] netlink: 'syz.0.138': attribute type 4 has an invalid length.
[  178.133596][ T5889] usbhid 5-1:0.0: can't add hid device: -71
[  178.139731][ T5889] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  178.199499][ T5889] usb 5-1: USB disconnect, device number 2
[  178.427375][   T59] Process accounting resumed
[  178.614772][ T6386] loop1: detected capacity change from 0 to 8192
[  178.668160][ T6396] loop0: detected capacity change from 0 to 512
[  178.720281][ T6396] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  178.822118][ T6396] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.865575][ T6396] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.952670][ T6401] netlink: 'syz.2.141': attribute type 25 has an invalid length.
[  179.071532][ T6396] netlink: 80 bytes leftover after parsing attributes in process `syz.0.143'.
[  179.121762][ T6412] loop4: detected capacity change from 0 to 256
[  179.265333][ T6412] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  179.362136][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.746413][ T6417] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  179.896160][ T6417] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.905306][ T6417] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.089748][ T6428] netlink: 'syz.0.155': attribute type 4 has an invalid length.
[  181.366834][ T6423] loop1: detected capacity change from 0 to 1024
[  181.406126][ T6423] EXT4-fs: Ignoring removed bh option
[  181.456647][ T6423] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  181.530851][ T6437] loop0: detected capacity change from 0 to 512
[  181.557762][ T6423] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.612674][ T6437] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  181.755177][ T5889] Process accounting resumed
[  181.804147][ T6437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  181.819289][ T6446] loop5: detected capacity change from 0 to 512
[  181.845216][ T6446] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  181.899522][ T6437] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.216527][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.233759][ T6446] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.296769][ T6446] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.357186][ T6446] netlink: 80 bytes leftover after parsing attributes in process `syz.5.161'.
[  182.728062][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.796588][ T6452] loop3: detected capacity change from 0 to 8192
[  183.047480][ T6459] netlink: 'syz.5.165': attribute type 24 has an invalid length.
[  183.096407][   T30] audit: type=1800 audit(1746804003.984:6): pid=6437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.158" name="file2" dev="loop0" ino=16 res=0 errno=0
[  183.434288][ T6468] loop4: detected capacity change from 0 to 256
[  183.832263][ T6474] netlink: 'syz.2.170': attribute type 4 has an invalid length.
[  183.880482][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  185.228521][ T6482] loop2: detected capacity change from 0 to 1024
[  185.344803][ T6482] EXT4-fs: Ignoring removed bh option
[  185.351263][ T6482] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  185.484456][ T6482] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.752126][ T6505] loop4: detected capacity change from 0 to 512
[  185.785088][ T6505] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  185.864410][ T6505] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.893571][ T6505] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.951730][ T6509] loop1: detected capacity change from 0 to 512
[  185.957007][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.972914][ T6509] EXT4-fs: Ignoring removed oldalloc option
[  185.985941][ T6509] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  186.032417][ T6505] netlink: 80 bytes leftover after parsing attributes in process `syz.4.178'.
[  186.057732][ T6509] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[  186.450564][ T6517] netlink: 'syz.2.181': attribute type 24 has an invalid length.
[  186.455593][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.589024][ T6514] loop3: detected capacity change from 0 to 8192
[  186.850030][ T6528] netlink: 'syz.5.186': attribute type 4 has an invalid length.
[  187.507340][ T5889] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  187.934684][ T6533] loop5: detected capacity change from 0 to 512
[  187.976088][ T5889] usb 5-1: Using ep0 maxpacket: 32
[  187.987868][ T6533] EXT4-fs: journaled quota format not specified
[  188.009423][ T5889] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  188.056799][ T5889] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  188.095894][ T5889] usb 5-1: config 0 has no interface number 0
[  188.102800][ T5889] usb 5-1: config 0 interface 2 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[  188.152559][ T5889] usb 5-1: config 0 interface 2 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  188.226364][ T5889] usb 5-1: config 0 interface 2 has no altsetting 0
[  188.277699][ T5889] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  188.307614][ T6537] loop1: detected capacity change from 0 to 512
[  188.333700][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.373875][ T5889] usb 5-1: Product: syz
[  188.381633][ T6537] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  188.393971][ T5889] usb 5-1: Manufacturer: syz
[  188.398621][ T5889] usb 5-1: SerialNumber: syz
[  188.486312][ T6537] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.190: bg 0: block 255: padding at end of block bitmap is not set
[  188.522937][ T5889] usb 5-1: config 0 descriptor??
[  188.581887][ T6537] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  188.702611][ T6537] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #11: comm syz.1.190: invalid indirect mapped block 1 (level 1)
[  188.788492][ T6537] EXT4-fs (loop1): 1 truncate cleaned up
[  188.856552][ T6537] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.281444][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.293957][ T6553] netlink: 80 bytes leftover after parsing attributes in process `syz.3.196'.
[  189.676360][ T6559] capability: warning: `syz.5.198' uses 32-bit capabilities (legacy support in use)
[  189.780775][ T6558] netlink: 'syz.2.199': attribute type 24 has an invalid length.
[  189.853758][ T5889] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  190.670428][ T6565] netlink: 'syz.3.200': attribute type 4 has an invalid length.
[  190.687814][ T5889] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -2
[  190.718016][ T6552] loop0: detected capacity change from 0 to 1024
[  190.858163][ T5889] usb 5-1: USB disconnect, device number 3
[  190.874971][ T6552] EXT4-fs: Ignoring removed bh option
[  190.934017][ T6552] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  190.990270][ T6574] netlink: 24 bytes leftover after parsing attributes in process `syz.5.203'.
[  191.010580][ T5953] udevd[5953]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  191.087641][ T6552] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.261560][ T6589] loop2: detected capacity change from 0 to 256
[  191.302979][ T6589] FAT-fs (loop2): Directory bread(block 64) failed
[  191.309764][ T6589] FAT-fs (loop2): Directory bread(block 65) failed
[  191.316458][ T6589] FAT-fs (loop2): Directory bread(block 66) failed
[  191.323011][ T6589] FAT-fs (loop2): Directory bread(block 67) failed
[  191.331421][ T6589] FAT-fs (loop2): Directory bread(block 68) failed
[  191.340820][ T6589] FAT-fs (loop2): Directory bread(block 69) failed
[  191.347515][ T6589] FAT-fs (loop2): Directory bread(block 70) failed
[  191.354160][ T6589] FAT-fs (loop2): Directory bread(block 71) failed
[  191.360833][ T6589] FAT-fs (loop2): Directory bread(block 72) failed
[  191.367502][ T6589] FAT-fs (loop2): Directory bread(block 73) failed
[  191.687815][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.005939][ T6597] loop0: detected capacity change from 0 to 16
[  192.058736][ T6597] erofs: DAX unsupported by block device. Turning off DAX.
[  192.137130][ T6603] loop5: detected capacity change from 0 to 512
[  192.226137][ T6597] erofs (device loop0): mounted with root inode @ nid 36.
[  192.309334][ T6603] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  192.985762][ T6603] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.183077][ T6603] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.202518][ T6603] netlink: 80 bytes leftover after parsing attributes in process `syz.5.212'.
[  193.377597][ T6615] capability: warning: `syz.1.215' uses deprecated v2 capabilities in a way that may be insecure
[  193.975103][ T6613] loop2: detected capacity change from 0 to 512
[  194.093971][ T6613] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.123337][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.188001][ T6613] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.229312][ T6622] netlink: 'syz.0.216': attribute type 4 has an invalid length.
[  194.873535][ T6629] netlink: 'syz.5.217': attribute type 24 has an invalid length.
[  194.900400][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.163466][ T6635] netlink: 24 bytes leftover after parsing attributes in process `syz.4.222'.
[  195.289863][ T6643] loop2: detected capacity change from 0 to 128
[  195.601867][ T6649] loop3: detected capacity change from 0 to 256
[  195.628900][ T6636] loop1: detected capacity change from 0 to 1024
[  195.689775][ T6636] EXT4-fs: Ignoring removed bh option
[  195.758428][ T6636] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  195.816183][ T6636] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.305117][ T6660] loop5: detected capacity change from 0 to 512
[  196.652317][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.807378][ T6660] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  197.189342][ T6660] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.202413][ T6660] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.765062][ T6660] netlink: 80 bytes leftover after parsing attributes in process `syz.5.229'.
[  197.885052][ T6672] loop3: detected capacity change from 0 to 1024
[  197.911088][ T6658] loop2: detected capacity change from 0 to 8192
[  198.026234][ T6672] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.379411][ T6681] netlink: 'syz.0.235': attribute type 4 has an invalid length.
[  198.702609][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.776182][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  198.818332][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  198.890381][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.077822][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.142242][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.213122][ T6693] netlink: 24 bytes leftover after parsing attributes in process `syz.2.239'.
[  199.214581][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.303265][ T6697] loop0: detected capacity change from 0 to 512
[  199.344650][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.370051][ T6697] EXT4-fs: Ignoring removed mblk_io_submit option
[  199.375499][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.378333][ T6698] netlink: 'syz.5.237': attribute type 24 has an invalid length.
[  199.430122][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  199.447509][ T6697] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  199.483122][ T5830] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #11: comm syz-executor: directory missing '..'
[  200.299917][ T6697] loop0: detected capacity change from 0 to 128
[  200.343925][ T6697] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  200.542590][ T6707] loop5: detected capacity change from 0 to 1024
[  200.609463][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.637322][ T6707] EXT4-fs: Ignoring removed bh option
[  200.701227][ T6707] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  200.821540][ T6707] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.110290][ T3500] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.552802][ T6726] loop1: detected capacity change from 0 to 512
[  202.657235][ T6726] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  202.790278][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.865654][ T6726] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.935649][ T3500] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.941006][ T6726] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.060743][ T6726] netlink: 80 bytes leftover after parsing attributes in process `syz.1.249'.
[  203.202971][ T3500] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.253129][ T6730] loop5: detected capacity change from 0 to 8192
[  203.327670][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.443076][ T3500] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.560008][ T6737] netlink: 'syz.4.256': attribute type 24 has an invalid length.
[  203.978903][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  203.985437][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  204.408076][ T6755] netlink: 28 bytes leftover after parsing attributes in process `syz.1.260'.
[  204.501244][ T3500] bridge_slave_1: left allmulticast mode
[  204.542039][ T3500] bridge_slave_1: left promiscuous mode
[  204.584383][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.670207][ T3500] bridge_slave_0: left allmulticast mode
[  204.705656][ T3500] bridge_slave_0: left promiscuous mode
[  204.733290][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.074500][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  205.104810][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  205.124400][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  205.151916][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  205.194257][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  206.358513][ T6767] loop2: detected capacity change from 0 to 1024
[  206.471054][ T6767] EXT4-fs: Ignoring removed bh option
[  206.535809][ T6779] loop0: detected capacity change from 0 to 512
[  206.542971][ T6767] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  206.585519][ T6779] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  206.696716][ T6767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.747361][ T6779] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.811109][ T6779] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.933308][ T6779] netlink: 80 bytes leftover after parsing attributes in process `syz.0.266'.
[  206.956892][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.253754][   T55] Bluetooth: hci2: command tx timeout
[  207.579632][ T6802] netlink: 'syz.2.270': attribute type 25 has an invalid length.
[  208.945601][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  208.961167][ T6794] loop5: detected capacity change from 0 to 40427
[  208.969278][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  208.983390][ T3500] bond0 (unregistering): Released all slaves
[  208.987262][ T6794] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  209.021937][ T6794] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  209.234311][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.333898][   T55] Bluetooth: hci2: command tx timeout
[  209.583097][ T6822] netlink: 'syz.0.276': attribute type 13 has an invalid length.
[  209.584772][ T6794] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  209.621938][ T6794] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  209.670043][    T9] Process accounting resumed
[  209.841495][ T6794] syz.5.269: attempt to access beyond end of device
[  209.841495][ T6794] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  210.439848][ T6833] loop0: detected capacity change from 0 to 40427
[  210.615751][ T5831] syz-executor: attempt to access beyond end of device
[  210.615751][ T5831] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  210.825223][ T5831] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) 
[  210.825276][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  210.825298][ T5831] Call Trace:
[  210.825310][ T5831]  <TASK>
[  210.825323][ T5831]  dump_stack_lvl+0x16c/0x1f0
[  210.825385][ T5831]  f2fs_handle_critical_error+0x621/0x9f0
[  210.825435][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.825481][ T5831]  ? __asan_memset+0x23/0x50
[  210.825528][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.825585][ T5831]  f2fs_write_end_io+0x73d/0xac0
[  210.825643][ T5831]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  210.825702][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.825759][ T5831]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  210.825811][ T5831]  bio_endio+0x6d2/0x810
[  210.825853][ T5831]  submit_bio_noacct+0x56d/0x1ec0
[  210.825914][ T5831]  __submit_merged_bio+0x33c/0x770
[  210.825980][ T5831]  __submit_merged_write_cond+0x319/0x3f0
[  210.826047][ T5831]  f2fs_sync_node_pages+0x1558/0x18b0
[  210.826113][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.826161][ T5831]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  210.826207][ T5831]  ? irqentry_exit+0x3b/0x90
[  210.826260][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.826305][ T5831]  ? lockdep_hardirqs_on+0x7c/0x110
[  210.826356][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.826448][ T5831]  ? down_write+0x14d/0x200
[  210.826512][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.826560][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.826605][ T5831]  ? up_write+0x1b2/0x520
[  210.826648][ T5831]  block_operations+0x941/0xfd0
[  210.826697][ T5831]  ? __pfx_block_operations+0x10/0x10
[  210.826821][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.826866][ T5831]  ? down_write+0x14d/0x200
[  210.826929][ T5831]  ? __pfx_down_write+0x10/0x10
[  210.826993][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.827038][ T5831]  ? rcu_is_watching+0x12/0xc0
[  210.827089][ T5831]  f2fs_write_checkpoint+0x2b8/0x45b0
[  210.827131][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.827176][ T5831]  ? kfree+0x2b6/0x4d0
[  210.827224][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.827269][ T5831]  ? rcu_is_watching+0x12/0xc0
[  210.827312][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.827356][ T5831]  ? kthread_stop+0x273/0x650
[  210.827423][ T5831]  kill_f2fs_super+0x3c2/0x470
[  210.827462][ T5831]  ? __pfx_kill_f2fs_super+0x10/0x10
[  210.827498][ T5831]  ? lockdep_hardirqs_on+0x7c/0x110
[  210.827571][ T5831]  deactivate_locked_super+0xc1/0x1a0
[  210.827620][ T5831]  deactivate_super+0xde/0x100
[  210.827669][ T5831]  cleanup_mnt+0x225/0x450
[  210.827722][ T5831]  task_work_run+0x150/0x240
[  210.827764][ T5831]  ? __pfx_task_work_run+0x10/0x10
[  210.827801][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  210.827850][ T5831]  ? __pfx___x64_sys_umount+0x10/0x10
[  210.827916][ T5831]  syscall_exit_to_user_mode+0x27b/0x2a0
[  210.827984][ T5831]  do_syscall_64+0xda/0x260
[  210.828045][ T5831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.828083][ T5831] RIP: 0033:0x7ff54598fc97
[  210.828112][ T5831] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  210.828148][ T5831] RSP: 002b:00007ffd445be528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  210.828183][ T5831] RAX: 0000000000000000 RBX: 00007ff545a1089d RCX: 00007ff54598fc97
[  210.828207][ T5831] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd445be5e0
[  210.828230][ T5831] RBP: 00007ffd445be5e0 R08: 0000000000000000 R09: 0000000000000000
[  210.828253][ T5831] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd445bf670
[  210.828276][ T5831] R13: 00007ff545a1089d R14: 00000000000333df R15: 00007ffd445bf6b0
[  210.828327][ T5831]  </TASK>
[  210.828341][ T5831] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  211.050025][ T6833] F2FS-fs (loop0): Unrecognized mount option "whint_mode=off" or missing value
[  211.247815][ T6837] loop2: detected capacity change from 0 to 512
[  211.356798][ T6837] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.420820][   T55] Bluetooth: hci2: command tx timeout
[  213.215573][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.500666][   T55] Bluetooth: hci2: command tx timeout
[  214.469274][ T3500] hsr_slave_0: left promiscuous mode
[  214.514143][ T3500] hsr_slave_1: left promiscuous mode
[  214.541475][ T3500] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.587600][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.621486][ T3500] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.643605][ T6854] loop2: detected capacity change from 0 to 8192
[  214.658495][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.691969][ T6860] loop1: detected capacity change from 0 to 512
[  214.740260][ T6860] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  214.822883][ T3500] veth1_macvtap: left promiscuous mode
[  214.839632][ T3500] veth0_macvtap: left promiscuous mode
[  214.846249][ T3500] veth1_vlan: left promiscuous mode
[  214.852057][ T3500] veth0_vlan: left promiscuous mode
[  214.918377][ T6860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.994711][ T6860] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.150141][ T6860] netlink: 80 bytes leftover after parsing attributes in process `syz.1.287'.
[  215.359406][ T6871] loop5: detected capacity change from 0 to 2048
[  215.503625][ T6871] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.992878][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.117933][ T6855] loop0: detected capacity change from 0 to 40427
[  216.172906][ T6855] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  216.222586][ T6855] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  216.301159][ T6855] F2FS-fs (loop0): invalid crc value
[  216.457910][ T6855] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  216.872313][ T6890] loop2: detected capacity change from 0 to 512
[  216.916763][ T6855] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30
[  216.928424][ T6855] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  216.959404][ T6890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.019297][ T6890] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  217.082804][   T30] audit: type=1326 audit(1746804037.974:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6889 comm="syz.2.290" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f40d538e969 code=0x0
[  217.142303][ T6894] xt_TPROXY: Can be used only with -p tcp or -p udp
[  217.247511][ T3500] team0 (unregistering): Port device team_slave_1 removed
[  217.321271][ T3500] team0 (unregistering): Port device team_slave_0 removed
[  217.504332][ T6896] netlink: 'syz.0.291': attribute type 13 has an invalid length.
[  217.606599][  T970] Process accounting resumed
[  217.649180][ T6899] overlayfs: failed to resolve './file2': -2
[  217.785695][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.841748][ T6901] loop5: detected capacity change from 0 to 512
[  217.909782][ T6901] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.939878][ T6901] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.115310][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.424638][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.735947][ T6932] loop0: detected capacity change from 0 to 512
[  220.821661][ T6932] EXT4-fs: Ignoring removed oldalloc option
[  220.960235][ T6932] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.078561][ T6932] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  221.917902][ T6948] overlayfs: failed to resolve './file2': -2
[  222.191078][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  222.209070][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  222.224156][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  222.233219][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  222.242185][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  222.345198][ T6955] loop5: detected capacity change from 0 to 512
[  222.347521][ T6761] chnl_net:caif_netlink_parms(): no params data found
[  222.451837][ T6955] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.764033][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.087521][ T6966] loop5: detected capacity change from 0 to 512
[  223.109303][ T6966] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  223.257672][ T6966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.274331][ T3500] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.303381][ T6966] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.329346][ T6966] netlink: 80 bytes leftover after parsing attributes in process `syz.5.309'.
[  224.077694][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.089339][ T3500] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.296316][   T55] Bluetooth: hci1: command tx timeout
[  224.356229][ T6761] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.393646][ T6761] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.401001][ T6761] bridge_slave_0: entered allmulticast mode
[  224.432275][ T6761] bridge_slave_0: entered promiscuous mode
[  224.484607][ T6979] netlink: 'syz.5.310': attribute type 13 has an invalid length.
[  224.532646][ T3500] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.607453][ T6761] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.624322][ T5979] Process accounting resumed
[  224.635087][ T6761] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.642513][ T6761] bridge_slave_1: entered allmulticast mode
[  224.656538][ T6761] bridge_slave_1: entered promiscuous mode
[  224.787526][ T6761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  226.099722][ T6761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  226.295257][ T6995] overlayfs: failed to resolve './file2': -2
[  226.413481][   T55] Bluetooth: hci1: command tx timeout
[  227.897242][ T3500] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.673945][   T55] Bluetooth: hci1: command tx timeout
[  228.757997][   T59] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  229.041364][ T6761] team0: Port device team_slave_0 added
[  229.047438][   T59] usb 2-1: Using ep0 maxpacket: 32
[  229.069094][   T59] usb 2-1: unable to get BOS descriptor or descriptor too short
[  229.106859][ T6761] team0: Port device team_slave_1 added
[  229.186020][   T59] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  229.242753][   T59] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.338550][   T59] usb 2-1: Product: syz
[  229.342793][   T59] usb 2-1: Manufacturer: syz
[  229.381282][   T59] usb 2-1: SerialNumber: syz
[  229.687699][ T6761] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.706428][   T59] usb 2-1: 2:1: invalid format type 0x1001 is detected, processed as PCM
[  229.723744][   T59] usb 2-1: 2:1 : invalid channels 0
[  229.728323][ T6761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  229.817323][   T59] usb 2-1: USB disconnect, device number 3
[  230.065331][ T6761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.084382][ T6761] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.090136][ T7027] loop2: detected capacity change from 0 to 1024
[  230.091363][ T6761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.134737][ T6761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.151510][ T7027] EXT4-fs: Ignoring removed bh option
[  230.160072][ T5953] udevd[5953]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  230.209863][ T7027] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  230.278917][ T7027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.527678][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.578333][ T7043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.325'.
[  230.793605][ T5834] Bluetooth: hci1: command tx timeout
[  231.658037][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  231.664513][ T5842] Bluetooth: hci0: command 0x0406 tx timeout
[  231.670554][ T5842] Bluetooth: hci4: command 0x0406 tx timeout
[  231.956977][ T6761] hsr_slave_0: entered promiscuous mode
[  232.388038][ T6761] hsr_slave_1: entered promiscuous mode
[  232.395633][ T6761] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  232.405517][ T6761] Cannot create hsr debugfs directory
[  233.579346][ T7066] loop0: detected capacity change from 0 to 512
[  233.741739][ T7066] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  235.751383][ T7066] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  235.753165][ T7066] EXT4-fs: failed to create workqueue
[  235.768231][ T7066] EXT4-fs (loop0): mount failed
[  236.315958][ T7076] loop1: detected capacity change from 0 to 16
[  236.373077][ T7076] erofs (device loop1): mounted with root inode @ nid 36.
[  236.557169][ T6951] chnl_net:caif_netlink_parms(): no params data found
[  237.458971][ T7081] loop5: detected capacity change from 0 to 1024
[  237.495409][ T7081] EXT4-fs: Ignoring removed bh option
[  237.520873][ T7081] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  237.590663][ T3500] bridge_slave_1: left allmulticast mode
[  237.621501][ T3500] bridge_slave_1: left promiscuous mode
[  237.627564][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.657556][ T3500] bridge_slave_0: left allmulticast mode
[  237.672775][ T3500] bridge_slave_0: left promiscuous mode
[  237.702392][ T7081] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.713002][ T7098] Zero length message leads to an empty skb
[  237.717059][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.993553][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.135055][ T7112] netlink: 8 bytes leftover after parsing attributes in process `syz.2.342'.
[  239.157778][ T7112] netlink: 4 bytes leftover after parsing attributes in process `syz.2.342'.
[  240.539010][ T7129] netlink: 'syz.1.345': attribute type 13 has an invalid length.
[  240.547035][ T7129] netlink: 28 bytes leftover after parsing attributes in process `syz.1.345'.
[  240.648382][    T9] Process accounting resumed
[  240.680899][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.706840][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.723166][ T3500] bond0 (unregistering): Released all slaves
[  240.841142][ T7112] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  240.847631][ T3500] tipc: Left network mode
[  241.039903][ T6951] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.074261][ T6951] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.104967][ T6951] bridge_slave_0: entered allmulticast mode
[  241.130442][ T6951] bridge_slave_0: entered promiscuous mode
[  241.531521][ T7146] loop1: detected capacity change from 0 to 16
[  241.590496][ T7146] erofs (device loop1): mounted with root inode @ nid 36.
[  241.610138][ T7146] syz.1.347: attempt to access beyond end of device
[  241.610138][ T7146] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  241.937685][ T6951] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.028423][ T5920] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  242.091043][ T6951] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.251289][ T6951] bridge_slave_1: entered allmulticast mode
[  242.323352][ T6951] bridge_slave_1: entered promiscuous mode
[  243.218146][ T5920] usb 3-1: unable to get BOS descriptor or descriptor too short
[  243.518092][ T5920] usb 3-1: not running at top speed; connect to a high speed hub
[  243.537761][ T5920] usb 3-1: config 4 has an invalid interface number: 147 but max is 0
[  243.559673][ T5920] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  243.722228][ T5920] usb 3-1: config 4 has no interface number 0
[  243.742003][ T5920] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  243.753569][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.764514][ T5920] usb 3-1: Product: syz
[  243.779113][ T5920] usb 3-1: Manufacturer: syz
[  243.785727][ T5920] usb 3-1: SerialNumber: syz
[  244.137634][ T5920] usb 3-1: Found UVC 0.02 device syz (04f2:b746)
[  244.138926][ T6951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.153569][  T970] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  244.161888][ T5920] usb 3-1: No valid video chain found.
[  244.195015][ T5920] usb 3-1: USB disconnect, device number 3
[  244.222151][ T6951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.315918][  T970] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c9.98
[  244.344418][  T970] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.392527][  T970] usb 2-1: config 0 descriptor??
[  244.400165][ T7157] loop0: detected capacity change from 0 to 1024
[  244.421162][  T970] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  244.441963][ T7157] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  244.474951][  T970] ftdi_sio ttyUSB0: unknown device type: 0xc998
[  244.485750][ T7157] EXT4-fs error (device loop0): ext4_get_journal_inode:5798: inode #32: comm syz.0.353: iget: special inode unallocated
[  244.541046][ T6951] team0: Port device team_slave_0 added
[  244.553211][ T7157] EXT4-fs (loop0): Remounting filesystem read-only
[  244.573515][ T3500] hsr_slave_0: left promiscuous mode
[  244.581113][ T7157] EXT4-fs (loop0): no journal found
[  244.589274][ T3500] hsr_slave_1: left promiscuous mode
[  244.601236][ T7157] EXT4-fs (loop0): can't get journal size
[  244.603355][ T3500] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.618058][ T7155] loop5: detected capacity change from 0 to 1024
[  244.627159][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.634514][ T7157] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e12d, mo2=0002]
[  244.636965][ T7155] EXT4-fs: Ignoring removed bh option
[  244.658710][ T7157] EXT4-fs (loop0): failed to initialize system zone (-117)
[  244.686557][ T7157] EXT4-fs (loop0): mount failed
[  244.698410][ T3500] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.707107][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.715626][ T7155] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  244.802891][ T7155] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.833391][ T3500] veth1_macvtap: left promiscuous mode
[  244.859984][ T3500] veth0_macvtap: left promiscuous mode
[  244.880483][ T3500] veth1_vlan: left promiscuous mode
[  244.893754][ T3500] veth0_vlan: left promiscuous mode
[  245.044304][ T7160] loop1: detected capacity change from 0 to 512
[  245.160870][ T7160] EXT4-fs: Ignoring removed bh option
[  245.283466][ T7160] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  245.376284][ T7160] EXT4-fs (loop1): 1 truncate cleaned up
[  245.380322][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.396596][ T7160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.588019][ T7170] netlink: 'syz.2.354': attribute type 4 has an invalid length.
[  245.592972][ T7169] netlink: 8 bytes leftover after parsing attributes in process `syz.0.356'.
[  245.620662][ T7169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.356'.
[  245.646551][   T59] usb 2-1: USB disconnect, device number 4
[  245.676318][   T59] ftdi_sio 2-1:0.0: device disconnected
[  246.790704][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.039383][ T7178] netlink: 'syz.1.357': attribute type 13 has an invalid length.
[  247.055632][ T7178] netlink: 28 bytes leftover after parsing attributes in process `syz.1.357'.
[  247.110329][   T59] Process accounting resumed
[  247.159296][ T3500] team0 (unregistering): Port device team_slave_1 removed
[  247.205196][ T3500] team0 (unregistering): Port device team_slave_0 removed
[  247.588029][ T6951] team0: Port device team_slave_1 added
[  247.684746][ T7169] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  247.763103][ T6951] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.818901][ T6951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.827308][ T7185] loop2: detected capacity change from 0 to 512
[  247.859846][ T6951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.875658][ T6951] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.882621][ T6951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  247.910973][ T6951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  247.943356][ T7185] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[  248.150743][ T7188] loop1: detected capacity change from 0 to 1024
[  248.174781][ T7188] EXT4-fs: Ignoring removed i_version option
[  248.236203][ T7188] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  248.294880][ T7188] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0001]
[  248.326282][  T970] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  248.469765][ T7195] netlink: 12 bytes leftover after parsing attributes in process `syz.2.363'.
[  248.563297][  T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.842643][ T7188] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 2: comm syz.1.360: lblock 2 mapped to illegal pblock 2 (length 1)
[  249.363855][ T7188] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  249.412672][ T7188] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 48: comm syz.1.360: lblock 0 mapped to illegal pblock 48 (length 1)
[  249.457222][ T7201] loop2: detected capacity change from 0 to 128
[  249.473482][ T6761] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  249.494186][  T970] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  249.509342][  T970] usb 1-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  249.518484][  T970] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.532978][  T970] usb 1-1: config 0 descriptor??
[  249.543480][ T7188] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  249.552444][ T7188] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.360: Failed to acquire dquot type 0
[  249.578811][ T6761] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  249.648369][ T7188] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  249.666789][ T7201] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  249.737186][ T6951] hsr_slave_0: entered promiscuous mode
[  249.751678][ T7188] EXT4-fs error (device loop1): ext4_evict_inode:259: inode #11: comm syz.1.360: mark_inode_dirty error
[  249.789209][ T6951] hsr_slave_1: entered promiscuous mode
[  249.826161][ T7188] EXT4-fs warning (device loop1): ext4_evict_inode:261: couldn't mark inode dirty (err -117)
[  249.840185][ T7201] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.872605][ T7188] EXT4-fs (loop1): 1 orphan inode deleted
[  249.896491][ T7188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.913907][ T5945] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  249.932971][ T6761] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  249.973741][ T5945] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  249.998857][ T5945] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0
[  250.045331][ T7188] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.079529][  T970] ortek 0003:1223:3F07.0002: unknown main item tag 0x6
[  250.106329][  T970] ortek 0003:1223:3F07.0002: unknown global tag 0xc
[  250.109333][ T6761] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  250.140553][ T7188] EXT4-fs error (device loop1): __ext4_get_inode_loc:4449: comm syz.1.360: Invalid inode table block 1 in block_group 0
[  250.146741][  T970] ortek 0003:1223:3F07.0002: item 0 1 1 12 parsing failed
[  250.182170][ T7188] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  250.195420][  T970] ortek 0003:1223:3F07.0002: probe with driver ortek failed with error -22
[  250.217030][ T7205] loop5: detected capacity change from 0 to 1024
[  250.225223][ T7188] EXT4-fs error (device loop1): ext4_quota_off:7219: inode #3: comm syz.1.360: mark_inode_dirty error
[  250.249803][ T7205] EXT4-fs: Ignoring removed bh option
[  250.321033][ T7205] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  250.381985][   T59] usb 1-1: USB disconnect, device number 5
[  250.397393][ T7205] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.412470][ T5828] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  250.747765][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.861848][ T7236] netlink: 'syz.0.370': attribute type 13 has an invalid length.
[  251.900296][ T7236] netlink: 28 bytes leftover after parsing attributes in process `syz.0.370'.
[  251.986251][   T59] Process accounting resumed
[  252.095343][ T7241] loop2: detected capacity change from 0 to 16
[  252.116821][ T7241] erofs (device loop2): mounted with root inode @ nid 36.
[  252.424639][ T6761] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.682957][ T7254] loop0: detected capacity change from 0 to 512
[  252.879693][ T7254] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  253.175259][ T7254] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.374: bg 0: block 255: padding at end of block bitmap is not set
[  253.430325][ T7254] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  253.478730][ T7254] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #11: comm syz.0.374: invalid indirect mapped block 1 (level 1)
[  253.546502][ T7254] EXT4-fs (loop0): 1 truncate cleaned up
[  253.612552][ T7254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.716372][ T6951] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  253.777252][ T6761] 8021q: adding VLAN 0 to HW filter on device team0
[  253.818578][ T6951] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  253.840082][ T6951] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  253.868709][ T6951] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  253.894133][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.905729][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.912911][ T5959] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.990836][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.998103][ T5960] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.173589][ T7265] loop2: detected capacity change from 0 to 1024
[  254.199198][ T7265] EXT4-fs: Ignoring removed bh option
[  254.262004][ T7265] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  254.353285][ T7265] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.476118][ T7280] loop0: detected capacity change from 0 to 256
[  254.765331][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.826901][ T6951] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.960911][ T6951] 8021q: adding VLAN 0 to HW filter on device team0
[  255.052631][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.059920][ T5947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.090193][ T7287] loop5: detected capacity change from 0 to 1024
[  255.161003][ T7287] ext4: Unknown parameter 'noacl'
[  255.236107][ T7291] netlink: 'syz.0.384': attribute type 13 has an invalid length.
[  256.099841][ T5895] Process accounting resumed
[  256.322037][ T7301] loop5: detected capacity change from 0 to 512
[  256.346003][ T7301] EXT4-fs: Ignoring removed i_version option
[  256.430609][ T7301] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.591333][   T30] audit: type=1800 audit(1746804077.484:8): pid=7301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.385" name="file1" dev="loop5" ino=15 res=0 errno=0
[  256.791801][ T7291] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.802130][ T7291] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.775988][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.284730][ T7291] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.304270][ T7291] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.344782][ T7291] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.363733][ T7291] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.390453][ T7291] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.413165][ T7291] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.597429][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.602101][ T7343] loop1: detected capacity change from 0 to 1024
[  260.604658][ T5947] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.619297][ T7343] EXT4-fs: Ignoring removed bh option
[  260.628143][ T7343] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  260.799573][ T7343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.886553][ T7343] netlink: 28 bytes leftover after parsing attributes in process `syz.1.392'.
[  261.134721][ T6761] 8021q: adding VLAN 0 to HW filter on device batadv0
[  261.148146][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.426924][ T6951] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  263.459152][ T7323] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[  263.754173][ T7375] syz_tun: refused to change device tx_queue_len
[  264.513516][ T7323] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 65535, setting to 8
[  264.529243][ T7323] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  264.772030][ T7323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.423828][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  265.430282][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  265.633607][ T7323] usb 2-1: can't set config #32, error -71
[  265.744119][ T7323] usb 2-1: USB disconnect, device number 5
[  266.184048][ T6951] 8021q: adding VLAN 0 to HW filter on device batadv0
[  266.247069][ T7396] netlink: 136 bytes leftover after parsing attributes in process `syz.1.401'.
[  266.281887][ T7399] loop5: detected capacity change from 0 to 1024
[  266.339340][ T7396] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  266.470430][ T7399] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.293322][ T7409] netlink: 'syz.2.403': attribute type 13 has an invalid length.
[  267.363306][ T7398] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  267.379118][ T7398] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  267.391569][ T7398] EXT4-fs (loop5): This should not happen!! Data will be lost
[  267.391569][ T7398] 
[  267.401246][ T7398] EXT4-fs (loop5): Total free blocks count 0
[  267.407297][ T7398] EXT4-fs (loop5): Free/Dirty block details
[  267.413233][ T7398] EXT4-fs (loop5): free_blocks=68451041280
[  267.420548][ T7398] EXT4-fs (loop5): dirty_blocks=32
[  267.425797][ T7398] EXT4-fs (loop5): Block reservation details
[  267.431794][ T7398] EXT4-fs (loop5): i_reserved_data_blocks=2
[  267.648191][ T5917] Process accounting resumed
[  267.791025][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.980670][ T7415] loop0: detected capacity change from 0 to 1024
[  268.024849][ T7415] EXT4-fs: Ignoring removed bh option
[  268.048229][ T7409] bridge0: port 3(syz_tun) entered disabled state
[  268.073708][ T7415] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  268.142602][ T7409] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.150664][ T7409] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.172188][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  268.195811][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  268.205690][ T7415] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.221746][ T5835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  268.224082][ T7425] loop5: detected capacity change from 0 to 512
[  268.261655][ T5835] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  268.272246][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  268.304598][ T7415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.405'.
[  268.362456][ T7425] EXT4-fs (loop5): Test dummy encryption mode enabled
[  268.437039][ T7425] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.515262][ T5832] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.534409][ T7425] EXT4-fs error (device loop5): ext4_search_dir:1475: inode #12: block 5: comm syz.5.406: bad entry in directory: inode out of bounds - offset=16, inode=1806, rec_len=40, size=56 fake=0
[  268.568161][ T7409] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  268.710939][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.907246][ T7409] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  268.930189][ T7409] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  268.973616][ T7409] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  268.982571][ T7409] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  269.102314][ T7433] loop0: detected capacity change from 0 to 8192
[  270.374487][ T5835] Bluetooth: hci2: command tx timeout
[  270.432066][ T7323] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  270.682919][ T7323] usb 3-1: unable to get BOS descriptor or descriptor too short
[  270.743661][ T7323] usb 3-1: not running at top speed; connect to a high speed hub
[  270.815874][ T7323] usb 3-1: config 4 has an invalid interface number: 147 but max is 0
[  270.861419][ T7323] usb 3-1: config 4 has an invalid descriptor of length 255, skipping remainder of the config
[  271.891861][ T7323] usb 3-1: config 4 has no interface number 0
[  272.180447][ T5980] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  272.190902][ T7323] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  272.214642][ T7323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.223636][ T7323] usb 3-1: Product: syz
[  272.227832][ T7323] usb 3-1: Manufacturer: syz
[  272.233156][ T7323] usb 3-1: SerialNumber: syz
[  272.394018][ T5980] usb 6-1: Using ep0 maxpacket: 16
[  272.464790][ T5835] Bluetooth: hci2: command tx timeout
[  272.562861][ T5980] usb 6-1: config 0 has an invalid interface number: 251 but max is 0
[  272.618318][ T5980] usb 6-1: config 0 has no interface number 0
[  272.664863][ T7458] loop0: detected capacity change from 0 to 512
[  272.665391][ T5980] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  272.678228][ T7459] loop1: detected capacity change from 0 to 512
[  272.696406][ T5980] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  272.750201][ T5980] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  272.809534][ T7458] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.413: bad orphan inode 15
[  272.811322][ T5980] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.868888][ T7458] ext4_test_bit(bit=14, block=18) = 1
[  272.878740][ T7458] is_bad_inode(inode)=0
[  272.883033][ T7458] NEXT_ORPHAN(inode)=1023
[  272.897297][ T7459] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.903200][ T7458] max_ino=32
[  272.920607][ T7459] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  272.944275][ T7458] i_nlink=0
[  272.958036][ T7458] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2962: inode #15: comm syz.0.413: corrupted xattr block 19: invalid header
[  272.977814][ T5980] usb 6-1: Product: syz
[  272.988823][   T30] audit: type=1326 audit(1746804093.884:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.415" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1593f8e969 code=0x0
[  273.015400][ T5980] usb 6-1: Manufacturer: syz
[  273.020256][ T7323] usb 3-1: Found UVC 0.02 device syz (04f2:b746)
[  273.027889][ T5980] usb 6-1: SerialNumber: syz
[  273.033639][ T7323] usb 3-1: No valid video chain found.
[  273.041570][ T7458] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -117)
[  273.042133][ T5980] usb 6-1: config 0 descriptor??
[  273.068315][ T7453] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  273.080105][ T7458] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  273.095250][ T7323] usb 3-1: USB disconnect, device number 4
[  273.101387][ T7453] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  273.128516][ T7458] ext4 filesystem being mounted at /syzcgroup/unified/syz0/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  273.311025][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.373793][ T7453] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  273.420234][ T7453] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  273.629618][ T7471] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  273.662819][ T7453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.683658][ T7471] overlayfs: failed to set xattr on upper
[  273.692309][ T7453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.722201][ T7474] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  273.761644][ T7471] overlayfs: ...falling back to redirect_dir=nofollow.
[  273.788994][ T7471] overlayfs: ...falling back to index=off.
[  273.843630][ T5980] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  273.846450][ T7471] overlayfs: ...falling back to uuid=null.
[  273.904341][ T5980] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -61
[  273.941408][ T5980] asix 6-1:0.251: probe with driver asix failed with error -5
[  274.037118][ T7477] loop2: detected capacity change from 0 to 256
[  274.535210][ T6951] veth0_vlan: entered promiscuous mode
[  274.535536][ T5835] Bluetooth: hci2: command tx timeout
[  274.739718][ T7423] chnl_net:caif_netlink_parms(): no params data found
[  274.830709][ T5958] bridge_slave_1: left allmulticast mode
[  274.863606][ T5958] bridge_slave_1: left promiscuous mode
[  274.888402][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.964241][ T5958] bridge_slave_0: left allmulticast mode
[  274.994743][ T5958] bridge_slave_0: left promiscuous mode
[  275.028670][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.049999][ T7497] loop1: detected capacity change from 0 to 256
[  275.230468][ T7497] FAT-fs (loop1): Directory bread(block 64) failed
[  275.253355][ T7497] FAT-fs (loop1): Directory bread(block 65) failed
[  275.285214][ T7497] FAT-fs (loop1): Directory bread(block 66) failed
[  275.322921][ T7497] FAT-fs (loop1): Directory bread(block 67) failed
[  275.348935][ T7497] FAT-fs (loop1): Directory bread(block 68) failed
[  275.388212][ T7497] FAT-fs (loop1): Directory bread(block 69) failed
[  275.413667][ T7497] FAT-fs (loop1): Directory bread(block 70) failed
[  275.437179][ T7497] FAT-fs (loop1): Directory bread(block 71) failed
[  275.452873][ T7497] FAT-fs (loop1): Directory bread(block 72) failed
[  275.484090][ T7497] FAT-fs (loop1): Directory bread(block 73) failed
[  275.689410][ T5917] usb 6-1: USB disconnect, device number 3
[  276.037497][ T7461] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 449: padding at end of block bitmap is not set
[  276.613589][ T5835] Bluetooth: hci2: command tx timeout
[  276.708470][ T7508] loop1: detected capacity change from 0 to 8192
[  276.839793][ T5958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  276.853725][ T5958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  276.865208][ T5958] bond0 (unregistering): Released all slaves
[  277.006839][ T6951] veth1_vlan: entered promiscuous mode
[  277.662150][ T5958] hsr_slave_0: left promiscuous mode
[  277.704509][ T5958] hsr_slave_1: left promiscuous mode
[  277.719367][ T5958] batman_adv: batadv0: Removing interface: batadv_slave_0
[  277.767216][ T5958] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.866930][   T30] audit: type=1326 audit(1746804098.764:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7519 comm="syz.0.426" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb97bd8e969 code=0x0
[  278.796306][ T5958] team0 (unregistering): Port device team_slave_1 removed
[  278.948858][ T5958] team0 (unregistering): Port device team_slave_0 removed
[  280.086756][   T55] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  280.107090][   T55] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  280.115901][   T55] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  280.143986][   T55] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  280.154466][   T55] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  280.725075][ T7423] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.743130][ T7423] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.753314][ T7423] bridge_slave_0: entered allmulticast mode
[  280.773351][ T7423] bridge_slave_0: entered promiscuous mode
[  280.856764][ T5890] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  281.020302][ T5890] usb 1-1: unable to get BOS descriptor or descriptor too short
[  281.028711][ T5890] usb 1-1: not running at top speed; connect to a high speed hub
[  281.040934][ T7423] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.044240][ T5890] usb 1-1: config 17 has an invalid interface number: 8 but max is 1
[  281.063457][ T5890] usb 1-1: config 17 has 1 interface, different from the descriptor's value: 2
[  281.072436][ T5890] usb 1-1: config 17 has no interface number 0
[  281.096710][ T7423] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.103523][ T5890] usb 1-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 77, changing to 4
[  281.123456][ T5890] usb 1-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 46306, setting to 1023
[  281.127254][ T7423] bridge_slave_1: entered allmulticast mode
[  281.143473][ T5890] usb 1-1: config 17 interface 8 has no altsetting 0
[  281.165675][ T5890] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  281.183501][ T5890] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.191522][ T5890] usb 1-1: Product: syz
[  281.213467][ T5890] usb 1-1: Manufacturer: syz
[  281.218093][ T5890] usb 1-1: SerialNumber: syz
[  281.222563][ T7423] bridge_slave_1: entered promiscuous mode
[  281.481278][ T5890] usb 1-1: selecting invalid altsetting 0
[  281.506573][ T5890] usb 1-1: 8:6 : no UAC_FORMAT_TYPE desc
[  281.512264][ T5890] usb 1-1: selecting invalid altsetting 0
[  281.712274][ T5890] usb 1-1: USB disconnect, device number 6
[  282.269928][   T55] Bluetooth: hci6: command tx timeout
[  282.651218][ T5953] udevd[5953]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  282.721732][ T7558] loop1: detected capacity change from 0 to 512
[  282.759669][ T7558] EXT4-fs: Ignoring removed mblk_io_submit option
[  282.871521][ T7558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.897432][ T7423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.931586][ T7558] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.013012][ T7423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.211925][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.241290][ T7423] team0: Port device team_slave_0 added
[  283.298712][ T7423] team0: Port device team_slave_1 added
[  283.556437][ T7575] loop5: detected capacity change from 0 to 512
[  283.614954][ T7575] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.640267][ T7575] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.680280][   T30] audit: type=1326 audit(1746804104.574:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7574 comm="syz.5.440" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff54598e969 code=0x0
[  284.613023][   T55] Bluetooth: hci6: command tx timeout
[  284.904440][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.984868][ T7423] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.013561][ T7423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.140736][ T7423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.219812][ T7423] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.261650][ T7423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.096135][ T7423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.272789][ T7600] loop1: detected capacity change from 0 to 512
[  286.584897][ T7604] netlink: 8 bytes leftover after parsing attributes in process `syz.5.445'.
[  286.694135][   T55] Bluetooth: hci6: command tx timeout
[  287.352629][ T7423] hsr_slave_0: entered promiscuous mode
[  287.391034][ T7423] hsr_slave_1: entered promiscuous mode
[  287.415300][ T7423] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  287.447452][ T7423] Cannot create hsr debugfs directory
[  287.760749][ T7544] chnl_net:caif_netlink_parms(): no params data found
[  287.934474][ T7600] loop1: detected capacity change from 0 to 40427
[  287.977951][ T7600] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  288.013670][ T7600] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  288.081679][ T7600] F2FS-fs (loop1): invalid crc value
[  288.110368][ T5958] bridge_slave_1: left allmulticast mode
[  288.127178][ T5958] bridge_slave_1: left promiscuous mode
[  288.141324][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.178076][ T5958] bridge_slave_0: left allmulticast mode
[  288.202333][ T5958] bridge_slave_0: left promiscuous mode
[  288.223472][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.510703][ T7614] loop5: detected capacity change from 0 to 40427
[  288.510770][ T7600] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  288.588004][ T7600] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  288.693778][   T30] audit: type=1804 audit(1746804109.584:12): pid=7600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.444" name="/newroot/99/bus/file1" dev="loop1" ino=10 res=1 errno=0
[  288.783532][   T55] Bluetooth: hci6: command tx timeout
[  289.097304][ T7614] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  289.194842][ T7339] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  289.251671][ T5831] syz-executor: attempt to access beyond end of device
[  289.251671][ T5831] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  289.305543][ T5831] CPU: 0 UID: 0 PID: 5831 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) 
[  289.305595][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  289.305617][ T5831] Call Trace:
[  289.305630][ T5831]  <TASK>
[  289.305644][ T5831]  dump_stack_lvl+0x16c/0x1f0
[  289.305714][ T5831]  f2fs_handle_critical_error+0x621/0x9f0
[  289.305763][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.305811][ T5831]  ? __asan_memset+0x23/0x50
[  289.305857][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.305919][ T5831]  f2fs_write_end_io+0x73d/0xac0
[  289.305980][ T5831]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  289.306042][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.306102][ T5831]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  289.306155][ T5831]  bio_endio+0x6d2/0x810
[  289.306200][ T5831]  submit_bio_noacct+0x56d/0x1ec0
[  289.306266][ T5831]  __submit_merged_bio+0x33c/0x770
[  289.306328][ T5831]  __submit_merged_write_cond+0x319/0x3f0
[  289.306400][ T5831]  f2fs_write_cache_pages+0x2139/0x2680
[  289.306500][ T5831]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  289.306567][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.306612][ T5831]  ? __lock_acquire+0x5ca/0x1ba0
[  289.306686][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.306733][ T5831]  ? __lock_acquire+0x5ca/0x1ba0
[  289.306911][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.306955][ T5831]  ? arch_stack_walk+0xa6/0x100
[  289.307013][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307070][ T5831]  f2fs_write_data_pages+0x4ad/0xd90
[  289.307145][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  289.307223][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307274][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307321][ T5831]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  289.307386][ T5831]  do_writepages+0x1b5/0x820
[  289.307450][ T5831]  ? __pfx_do_writepages+0x10/0x10
[  289.307503][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307550][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307595][ T5831]  ? do_raw_spin_lock+0x12c/0x2b0
[  289.307631][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307676][ T5831]  ? find_held_lock+0x2b/0x80
[  289.307731][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307782][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307827][ T5831]  ? do_raw_spin_unlock+0x172/0x230
[  289.307868][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.307922][ T5831]  filemap_fdatawrite_wbc+0x104/0x160
[  289.307981][ T5831]  __filemap_fdatawrite_range+0xb2/0xf0
[  289.308045][ T5831]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  289.308187][ T5831]  ? find_held_lock+0x2b/0x80
[  289.308235][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.308281][ T5831]  ? do_raw_spin_unlock+0x172/0x230
[  289.308322][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.308377][ T5831]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  289.308472][ T5831]  block_operations+0x2a3/0xfd0
[  289.308526][ T5831]  ? __pfx_block_operations+0x10/0x10
[  289.308664][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.308718][ T5831]  ? down_write+0x14d/0x200
[  289.308779][ T5831]  ? __pfx_down_write+0x10/0x10
[  289.308844][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.308888][ T5831]  ? rcu_is_watching+0x12/0xc0
[  289.308941][ T5831]  f2fs_write_checkpoint+0x2b8/0x45b0
[  289.308985][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.309030][ T5831]  ? kfree+0x2b6/0x4d0
[  289.309071][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.309122][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.309166][ T5831]  ? rcu_is_watching+0x12/0xc0
[  289.309209][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.309254][ T5831]  ? kthread_stop+0x273/0x650
[  289.309323][ T5831]  kill_f2fs_super+0x3c2/0x470
[  289.309363][ T5831]  ? __pfx_kill_f2fs_super+0x10/0x10
[  289.309400][ T5831]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.309481][ T5831]  deactivate_locked_super+0xc1/0x1a0
[  289.309533][ T5831]  deactivate_super+0xde/0x100
[  289.309584][ T5831]  cleanup_mnt+0x225/0x450
[  289.309635][ T5831]  task_work_run+0x150/0x240
[  289.309678][ T5831]  ? __pfx_task_work_run+0x10/0x10
[  289.309723][ T5831]  ? srso_alias_return_thunk+0x5/0xfbef5
[  289.309773][ T5831]  ? __pfx___x64_sys_umount+0x10/0x10
[  289.309841][ T5831]  syscall_exit_to_user_mode+0x27b/0x2a0
[  289.309902][ T5831]  do_syscall_64+0xda/0x260
[  289.309965][ T5831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.310002][ T5831] RIP: 0033:0x7ff54598fc97
[  289.310033][ T5831] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  289.310070][ T5831] RSP: 002b:00007ffd445be528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  289.310105][ T5831] RAX: 0000000000000000 RBX: 00007ff545a1089d RCX: 00007ff54598fc97
[  289.310129][ T5831] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd445be5e0
[  289.310153][ T5831] RBP: 00007ffd445be5e0 R08: 0000000000000000 R09: 0000000000000000
[  289.310176][ T5831] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd445bf670
[  289.310199][ T5831] R13: 00007ff545a1089d R14: 0000000000046984 R15: 00007ffd445bf6b0
[  289.310258][ T5831]  </TASK>
[  289.310271][ T5831] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  289.838217][ T7339] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  289.849422][ T7339] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  289.878324][ T7339] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  289.890966][ T7339] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.933544][ T7339] usb 1-1: Product: syz
[  289.937790][ T7339] usb 1-1: Manufacturer: syz
[  289.942415][ T7339] usb 1-1: SerialNumber: syz
[  289.972722][ T7339] usb 1-1: config 0 descriptor??
[  289.991072][ T7634] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.008655][ T7634] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.055039][ T5958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  290.071063][ T5958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  290.108333][ T5958] bond0 (unregistering): Released all slaves
[  290.286445][ T7644] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.303740][ T7644] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.433989][ T5958] hsr_slave_0: left promiscuous mode
[  290.483557][ T5958] hsr_slave_1: left promiscuous mode
[  290.501560][ T5958] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.547205][ T5958] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.673389][ T5958] veth1_vlan: left promiscuous mode
[  290.715521][ T5958] veth0_vlan: left promiscuous mode
[  290.751043][ T7652] loop1: detected capacity change from 0 to 512
[  290.787561][ T7652] EXT4-fs (loop1): Invalid log block size: 8
[  290.923579][ T5890] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  290.967992][ T7339] dm9601 1-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  291.015590][ T7339] usb 1-1: USB disconnect, device number 7
[  291.095932][ T5890] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  291.114752][ T5890] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  291.126806][ T5890] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  291.150873][ T5890] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  291.162821][ T5890] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.181576][ T5890] usb 3-1: Product: syz
[  291.196948][ T5890] usb 3-1: Manufacturer: syz
[  291.203781][ T5890] usb 3-1: SerialNumber: syz
[  291.222214][ T5890] usb 3-1: config 0 descriptor??
[  291.466686][ T5890] usb 3-1: Found UVC 34.00 device syz (8086:0b5b)
[  291.473221][ T5890] usb 3-1: No valid video chain found.
[  291.565140][ T5890] usb 3-1: USB disconnect, device number 5
[  293.128624][ T7667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.461'.
[  293.241697][ T7669] loop1: detected capacity change from 0 to 512
[  293.275804][ T7669] ext4: Unknown parameter 'seclabel'
[  293.597682][ T5958] team0 (unregistering): Port device team_slave_1 removed
[  293.706459][ T5958] team0 (unregistering): Port device team_slave_0 removed
[  293.824297][ T5917] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  294.014639][ T5917] usb 2-1: Using ep0 maxpacket: 32
[  294.037935][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.083576][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  294.111408][ T7677] loop2: detected capacity change from 0 to 2048
[  294.139099][ T5917] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  294.171428][ T5917] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.208300][ T5917] usb 2-1: config 0 descriptor??
[  294.242185][ T5917] hub 2-1:0.0: USB hub found
[  294.446681][ T5917] hub 2-1:0.0: 1 port detected
[  294.678384][ T7677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.858537][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.062730][ T7544] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.077633][ T5917] hub 2-1:0.0: activate --> -90
[  295.096198][ T7544] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.126963][ T7544] bridge_slave_0: entered allmulticast mode
[  295.140226][ T7544] bridge_slave_0: entered promiscuous mode
[  295.152775][ T7544] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.154637][ T7685] loop2: detected capacity change from 0 to 256
[  295.190853][ T7544] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.214571][ T7544] bridge_slave_1: entered allmulticast mode
[  295.229583][ T7544] bridge_slave_1: entered promiscuous mode
[  295.477624][ T7544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.534926][ T5917] hub 2-1:0.0: hub_ext_port_status failed (err = -71)
[  295.535722][ T7339] usb 2-1: USB disconnect, device number 6
[  295.549100][ T5917] usb 2-1-port1: connect-debounce failed
[  297.258188][ T7544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  299.167833][ T7708] loop2: detected capacity change from 0 to 512
[  299.358565][ T7708] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.383693][ T7708] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.475279][ T7708] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.475: bg 0: block 248: padding at end of block bitmap is not set
[  299.508960][ T7710] loop1: detected capacity change from 0 to 512
[  299.535964][ T7544] team0: Port device team_slave_0 added
[  299.618059][ T7708] Quota error (device loop2): write_blk: dquota write failed
[  299.620956][ T7710] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.638866][ T7710] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.686491][ T7708] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[  299.758417][ T7544] team0: Port device team_slave_1 added
[  299.765441][ T7708] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.475: Failed to acquire dquot type 0
[  299.917743][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.039011][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.224190][ T7544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  300.231202][ T7544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.273495][ T7544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  301.298951][ T7544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  301.306017][ T7544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.599183][ T7544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  302.312439][ T7747] loop2: detected capacity change from 0 to 128
[  303.601911][ T7752] netlink: 144 bytes leftover after parsing attributes in process `syz.5.486'.
[  303.631903][ T7544] hsr_slave_0: entered promiscuous mode
[  303.650817][ T7544] hsr_slave_1: entered promiscuous mode
[  304.039416][ T7747] tty tty24: ldisc open failed (-12), clearing slot 23
[  305.060541][ T7759] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  305.136684][ T7423] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  305.230013][ T7423] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  305.327792][ T7423] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  305.366937][ T7423] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  305.666312][ T7764] loop2: detected capacity change from 0 to 256
[  306.057423][ T7764] FAT-fs (loop2): Directory bread(block 64) failed
[  306.200545][ T7764] FAT-fs (loop2): Directory bread(block 65) failed
[  306.393826][ T7764] FAT-fs (loop2): Directory bread(block 66) failed
[  306.400460][ T7764] FAT-fs (loop2): Directory bread(block 67) failed
[  306.482041][ T7764] FAT-fs (loop2): Directory bread(block 68) failed
[  306.553690][ T7764] FAT-fs (loop2): Directory bread(block 69) failed
[  306.560417][ T7764] FAT-fs (loop2): Directory bread(block 70) failed
[  306.631782][ T7423] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.640655][ T7764] FAT-fs (loop2): Directory bread(block 71) failed
[  306.693646][ T7764] FAT-fs (loop2): Directory bread(block 72) failed
[  306.700251][ T7764] FAT-fs (loop2): Directory bread(block 73) failed
[  306.837558][ T7423] 8021q: adding VLAN 0 to HW filter on device team0
[  306.926970][ T7755] loop5: detected capacity change from 0 to 40427
[  306.950112][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.957321][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.023020][ T7755] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  307.090645][ T7755] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  307.129325][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.136554][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.170440][ T7755] F2FS-fs (loop5): Unrecognized mount option "00000000000000000000003" or missing value
[  307.182263][ T7772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.492'.
[  307.277148][ T7774] loop1: detected capacity change from 0 to 512
[  307.370515][ T7774] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  307.471826][ T7774] EXT4-fs (loop1): orphan cleanup on readonly fs
[  307.528404][ T7774] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #3: comm syz.1.487: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[  307.673597][ T7774] EXT4-fs error (device loop1): ext4_quota_enable:7128: comm syz.1.487: Bad quota inode: 3, type: 0
[  307.777732][ T7774] EXT4-fs warning (device loop1): ext4_enable_quotas:7166: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  307.923638][ T7774] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  307.998538][ T7774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  308.423579][ T7339] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  308.615976][ T7792] loop2: detected capacity change from 0 to 512
[  308.642839][ T7339] usb 2-1: unable to get BOS descriptor or descriptor too short
[  308.696087][ T7339] usb 2-1: not running at top speed; connect to a high speed hub
[  308.794804][ T7339] usb 2-1: config 17 has an invalid interface number: 8 but max is 1
[  308.803059][ T7339] usb 2-1: config 17 has 1 interface, different from the descriptor's value: 2
[  308.917635][ T7339] usb 2-1: config 17 has no interface number 0
[  308.990021][ T7792] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.003252][ T7339] usb 2-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 77, changing to 4
[  309.091431][ T7339] usb 2-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 46306, setting to 1023
[  309.143897][ T7792] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.197569][ T7544] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  309.211310][ T7339] usb 2-1: config 17 interface 8 has no altsetting 0
[  309.280108][ T7339] usb 2-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  309.331386][ T7339] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.656776][ T7339] usb 2-1: Product: syz
[  309.661033][ T7339] usb 2-1: Manufacturer: syz
[  309.666220][ T7339] usb 2-1: SerialNumber: syz
[  310.319377][ T7806] loop5: detected capacity change from 0 to 512
[  310.581069][ T7806] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  310.594694][ T7806] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.475167][ T7544] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  311.759429][ T7544] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  311.791623][ T7339] usb 2-1: selecting invalid altsetting 0
[  311.837986][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.884190][ T7339] usb 2-1: 8:6 : no UAC_FORMAT_TYPE desc
[  311.917040][ T7544] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  311.943821][ T7339] usb 2-1: selecting invalid altsetting 0
[  311.983263][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.158775][ T7339] usb 2-1: USB disconnect, device number 7
[  312.532153][ T5850] udevd[5850]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  312.638184][ T7820] xt_hashlimit: size too large, truncated to 1048576
[  312.861937][ T7423] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.932904][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  313.128736][ T7544] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.263004][ T7544] 8021q: adding VLAN 0 to HW filter on device team0
[  313.357482][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.364779][ T5946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.409478][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.416749][ T5946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.437958][ T7834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.506'.
[  313.828209][ T7847] loop5: detected capacity change from 0 to 256
[  314.752619][ T7859] loop5: detected capacity change from 0 to 2048
[  314.861662][ T7859] EXT4-fs: Ignoring removed oldalloc option
[  315.163816][ T7859] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.217307][ T7859] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.782585][ T7544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.512513][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.624078][ T7423] veth0_vlan: entered promiscuous mode
[  316.680997][ T7423] veth1_vlan: entered promiscuous mode
[  316.889233][ T7423] veth0_macvtap: entered promiscuous mode
[  317.067177][ T7882] loop1: detected capacity change from 0 to 512
[  317.167784][ T7882] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  317.181366][ T7882] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.421069][ T7891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.519'.
[  318.726861][ T7897] xt_NFQUEUE: number of total queues is 0
[  318.882244][ T7899] loop2: detected capacity change from 0 to 512
[  318.893240][ T7423] veth1_macvtap: entered promiscuous mode
[  319.136822][ T7899] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  319.201889][ T7899] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  319.241996][ T7423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.283460][ T7423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.313521][ T7423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.352821][ T7423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.385693][ T7423] batman_adv: batadv0: Interface activated: batadv_slave_0
[  319.449389][ T7423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.496005][ T7423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.541448][ T7423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.594060][ T7423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.664570][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  319.684171][ T7423] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.748787][ T7423] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.800309][ T7423] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.843676][ T7423] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.912937][ T7423] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.726315][ T7924] loop1: detected capacity change from 0 to 16
[  320.842010][ T7924] erofs (device loop1): mounted with root inode @ nid 36.
[  320.975521][ T5958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.999399][ T5958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.237556][ T3500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.237589][ T3500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.327966][ T7919] loop5: detected capacity change from 0 to 1024
[  321.329428][ T7919] EXT4-fs: Ignoring removed bh option
[  321.366850][ T7544] veth0_vlan: entered promiscuous mode
[  321.410304][ T7919] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  321.441619][ T7919] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.469639][ T7544] veth1_vlan: entered promiscuous mode
[  322.689915][ T7544] veth0_macvtap: entered promiscuous mode
[  322.741057][ T7544] veth1_macvtap: entered promiscuous mode
[  322.751058][ T7940] loop6: detected capacity change from 0 to 512
[  322.779195][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.837056][ T7940] EXT4-fs (loop6): first meta block group too large: 7 (group descriptor block count 1)
[  322.859064][ T7544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.896383][ T7544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.923955][ T7544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.953726][ T7544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.973516][ T7544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.024968][ T7544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.089014][ T7544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  323.190185][ T7544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.262639][ T7544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.305445][ T7544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.360694][ T7544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.680544][ T7949] loop6: detected capacity change from 0 to 4096
[  323.713503][ T7544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.743827][ T7544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.775233][ T7949] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[  323.775651][ T7544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  323.858795][ T7544] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.926617][ T7544] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.953490][ T7544] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.993094][ T7544] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.009232][ T7953] netlink: 'syz.5.536': attribute type 13 has an invalid length.
[  324.165427][ T7313] Process accounting resumed
[  324.458476][ T7953] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.466401][ T7953] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.750368][ T7941] loop2: detected capacity change from 0 to 40427
[  324.818064][ T7941] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  324.978228][ T7941] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  325.136742][ T7953] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.201758][ T7953] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  325.352081][ T7969] loop6: detected capacity change from 0 to 512
[  325.769754][ T7969] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  325.786113][ T7969] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.675647][ T7975] loop1: detected capacity change from 0 to 16
[  326.753721][ T7975] erofs (device loop1): mounted with root inode @ nid 36.
[  326.862099][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  326.870814][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  329.013579][   T55] Bluetooth: hci5: command 0x0406 tx timeout
[  329.032161][ T7953] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.053595][ T7953] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.082266][ T7953] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.121693][ T7953] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.309668][ T7423] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  329.970317][ T3500] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.035179][ T3500] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.215435][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.260511][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.480498][ T7997] loop1: detected capacity change from 0 to 1024
[  330.522100][ T7997] EXT4-fs: Ignoring removed bh option
[  330.563763][ T8015] loop2: detected capacity change from 0 to 512
[  330.571233][ T8015] EXT4-fs: Ignoring removed mblk_io_submit option
[  330.610347][ T7997] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  331.645222][ T8015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.627891][ T7997] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.820846][ T7997] siw: device registration error -23
[  333.578413][ T8032] loop5: detected capacity change from 0 to 40427
[  334.217233][ T8032] F2FS-fs (loop5): Unrecognized mount option "whint_mode=off" or missing value
[  334.407649][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.656106][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.112430][ T8041] netlink: 80 bytes leftover after parsing attributes in process `syz.5.552'.
[  336.031781][ T8045] overlayfs: missing 'lowerdir'
[  336.721912][ T8050] netlink: 'syz.7.558': attribute type 13 has an invalid length.
[  337.041355][ T5889] Process accounting resumed
[  337.915176][ T8067] loop2: detected capacity change from 0 to 1024
[  338.090794][ T8067] EXT4-fs: Ignoring removed mblk_io_submit option
[  338.431999][ T8067] EXT4-fs: Ignoring removed nomblk_io_submit option
[  338.707969][ T8067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.766723][ T8050] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.774626][ T8050] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.983744][ T8088] loop5: detected capacity change from 0 to 512
[  339.994486][ T8088] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  340.083032][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.094435][ T8088] EXT4-fs (loop5): orphan cleanup on readonly fs
[  340.106488][ T8088] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  340.116475][ T8088] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  340.127610][ T8088] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.565: Failed to acquire dquot type 1
[  340.158757][ T8088] EXT4-fs (loop5): 1 truncate cleaned up
[  340.250686][ T8088] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  340.266147][ T8088] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.622637][ T8050] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  340.708191][ T8050] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.511114][ T8050] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  341.557092][ T8050] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  341.608870][ T8050] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  341.666056][ T8050] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  342.949044][ T8091] loop6: detected capacity change from 0 to 40427
[  342.992009][ T8091] F2FS-fs (loop6): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  343.056637][ T8091] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  343.129212][ T8091] F2FS-fs (loop6): invalid crc value
[  343.429233][ T8093] loop2: detected capacity change from 0 to 40427
[  343.520133][ T8093] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  343.563387][ T8116] raw_sendmsg: syz.7.572 forgot to set AF_INET. Fix it!
[  343.580246][ T8093] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  343.662117][ T8093] F2FS-fs (loop2): invalid crc value
[  344.908277][ T8128] loop5: detected capacity change from 0 to 256
[  344.916161][ T8127] overlayfs: missing 'lowerdir'
[  345.308820][ T8128] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  345.664418][ T8128] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  345.787210][ T8128] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  345.897849][   T30] audit: type=1800 audit(1746804166.764:13): pid=8128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.574" name="file1" dev="loop5" ino=1048636 res=0 errno=0
[  345.918359][ T8128] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001)
[  347.561570][ T8158] loop5: detected capacity change from 0 to 512
[  347.668360][ T8158] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  347.756046][ T8158] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  347.823629][ T8158] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.834520][ T7317] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  348.005840][ T7317] usb 8-1: config 0 has an invalid interface number: 41 but max is 0
[  348.047308][ T7317] usb 8-1: config 0 has no interface number 0
[  348.077689][ T7317] usb 8-1: config 0 interface 41 has no altsetting 0
[  348.126250][ T7317] usb 8-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  348.172262][ T7317] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.212735][ T7317] usb 8-1: Product: syz
[  348.240052][ T7317] usb 8-1: Manufacturer: syz
[  348.253745][ T7317] usb 8-1: SerialNumber: syz
[  348.302052][ T7317] usb 8-1: config 0 descriptor??
[  348.596838][   T30] audit: type=1800 audit(1746804169.494:14): pid=8158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.581" name="file2" dev="loop5" ino=16 res=0 errno=0
[  348.769399][ T7317] CoreChips 8-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  348.834844][ T7317] CoreChips 8-1:0.41: probe with driver CoreChips failed with error -71
[  348.943598][ T7317] usb 8-1: USB disconnect, device number 2
[  349.700723][ T8183] overlayfs: missing 'lowerdir'
[  349.703266][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  349.834268][ T8149] loop1: detected capacity change from 0 to 40427
[  350.031429][ T8188] loop2: detected capacity change from 0 to 512
[  350.169333][ T8188] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[  352.912594][ T8212] loop5: detected capacity change from 0 to 2048
[  352.919818][ T8216] loop2: detected capacity change from 0 to 1024
[  352.961155][ T8216] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  353.259741][ T8212] EXT4-fs (loop5): #clusters per group too big: 16384
[  353.305644][ T8216] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  353.548450][ T8216] EXT4-fs (loop2): orphan cleanup on readonly fs
[  353.607186][ T8216] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #3: comm syz.2.601: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[  353.830687][ T8232] loop6: detected capacity change from 0 to 512
[  353.843633][ T8216] EXT4-fs error (device loop2): ext4_quota_enable:7128: comm syz.2.601: Bad quota inode: 3, type: 0
[  353.913498][ T8232] EXT4-fs (loop6): Test dummy encryption mode enabled
[  353.933652][ T8216] EXT4-fs warning (device loop2): ext4_enable_quotas:7166: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  354.013995][ T8232] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.026267][ T8216] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  354.125403][ T8216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  354.184825][ T8236] overlayfs: missing 'lowerdir'
[  354.425761][ T7423] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.594890][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.465550][ T8256] loop2: detected capacity change from 0 to 512
[  355.849342][ T8247] loop7: detected capacity change from 0 to 8192
[  355.866331][ T8256] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  355.912856][ T8256] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  356.022120][ T8256] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  357.024056][ T8256] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  357.073774][ T8256] System zones: 0-2, 18-18, 34-35
[  357.612794][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.620873][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.628153][ T8269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  357.715564][ T8256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.863721][ T8256] fscrypt (loop2, inode 12): Error -61 getting encryption context
[  358.199229][ T8281] loop5: detected capacity change from 0 to 512
[  358.243666][ T8281] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  358.314051][ T8281] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  358.350465][ T8281] EXT4-fs error (device loop5): ext4_iget_extra_inode:4692: inode #15: comm syz.5.616: corrupted in-inode xattr: e_value size too large
[  358.396681][ T8281] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.616: couldn't read orphan inode 15 (err -117)
[  358.413273][ T5828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.435324][ T5896] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  359.228468][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.236651][ T8281] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.432627][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.522546][ T5896] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  359.599498][ T8288] loop6: detected capacity change from 0 to 512
[  359.939586][ T8288] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  360.035273][ T8288] EXT4-fs (loop6): invalid journal inode
[  360.041069][ T8288] EXT4-fs (loop6): can't get journal size
[  360.183688][ T8288] EXT4-fs (loop6): 1 truncate cleaned up
[  360.265671][ T8288] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.289313][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.314761][ T5896] usb 2-1: config 0 descriptor??
[  360.366404][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.598127][ T8278] loop1: detected capacity change from 0 to 512
[  360.685782][ T8278] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent
[  360.774841][ T8303] overlayfs: missing 'lowerdir'
[  360.776254][ T7423] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.166287][ T8311] netlink: 4 bytes leftover after parsing attributes in process `syz.6.622'.
[  361.203807][ T7317] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  361.221762][ T5896] usb 2-1: string descriptor 0 read error: -22
[  361.447616][ T7317] usb 1-1: Using ep0 maxpacket: 8
[  361.694918][ T7317] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  361.855272][ T7317] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  361.903824][ T5896] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0003/input/input7
[  362.196964][ T7317] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  362.223542][ T7317] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  362.237418][ T7317] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  363.055274][ T7317] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.085188][ T5896] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0003/input/input8
[  363.143953][ T7317] usb 1-1: Product: syz
[  363.181451][ T7317] usb 1-1: Manufacturer: syz
[  363.215841][ T7317] usb 1-1: SerialNumber: syz
[  363.309783][ T7317] usb 1-1: config 0 descriptor??
[  363.350556][ T5896] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0003/input/input9
[  363.419536][ T7317] hub 1-1:0.0: bad descriptor, ignoring hub
[  363.444979][ T7317] hub 1-1:0.0: probe with driver hub failed with error -5
[  363.587149][ T8307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.623'.
[  363.603813][ T8321] loop5: detected capacity change from 0 to 1024
[  363.649214][ T5896] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0003/input/input10
[  363.743533][ T8321] EXT4-fs (loop5): can't mount with journal_async_commit, fs mounted w/o journal
[  363.856371][ T5896] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  363.935480][ T8324] loop1: detected capacity change from 0 to 512
[  363.980184][ T5896] usb 2-1: USB disconnect, device number 8
[  364.148493][ T8324] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.203861][ T7341] usb 1-1: USB disconnect, device number 8
[  364.216216][ T8324] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  364.349294][ T8339] loop5: detected capacity change from 0 to 1024
[  364.468871][ T8339] EXT4-fs error (device loop5): __ext4_fill_super:5502: inode #2: comm syz.5.631: casefold flag without casefold feature
[  364.533534][ T8339] EXT4-fs (loop5): get root inode failed
[  364.553565][ T8339] EXT4-fs (loop5): mount failed
[  364.665829][ T8339] overlayfs: failed to resolve './file0': -2
[  364.703497][   T30] audit: type=1800 audit(1746804185.584:15): pid=8346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.628" name="file2" dev="loop1" ino=16 res=0 errno=0
[  365.050030][ T8349] fido_id[8349]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  365.199669][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.212560][ T8345] loop6: detected capacity change from 0 to 8192
[  365.225408][ T5828] syz_tun (unregistering): left allmulticast mode
[  365.273477][ T5828] syz_tun (unregistering): left promiscuous mode
[  365.280002][ T5828] bridge0: port 3(syz_tun) entered disabled state
[  365.797708][ T8366] overlayfs: missing 'lowerdir'
[  369.550735][ T8404] loop5: detected capacity change from 0 to 256
[  369.567343][ T8400] loop7: detected capacity change from 0 to 256
[  369.928378][ T8400] FAT-fs (loop7): Directory bread(block 64) failed
[  369.986038][ T8400] FAT-fs (loop7): Directory bread(block 65) failed
[  369.992785][ T8400] FAT-fs (loop7): Directory bread(block 66) failed
[  370.133870][ T3500] bridge_slave_1: left allmulticast mode
[  370.139599][ T3500] bridge_slave_1: left promiscuous mode
[  370.162748][ T8400] FAT-fs (loop7): Directory bread(block 67) failed
[  370.193814][ T8400] FAT-fs (loop7): Directory bread(block 68) failed
[  370.200452][ T8400] FAT-fs (loop7): Directory bread(block 69) failed
[  370.219492][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.273816][ T8400] FAT-fs (loop7): Directory bread(block 70) failed
[  370.294140][ T8400] FAT-fs (loop7): Directory bread(block 71) failed
[  370.300854][ T8400] FAT-fs (loop7): Directory bread(block 72) failed
[  370.352457][ T8400] FAT-fs (loop7): Directory bread(block 73) failed
[  370.371577][ T3500] bridge_slave_0: left allmulticast mode
[  370.393621][ T3500] bridge_slave_0: left promiscuous mode
[  370.399535][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.481550][ T8401] loop1: detected capacity change from 0 to 4096
[  370.530474][ T8401] EXT4-fs: inline encryption not supported
[  370.594018][ T8401] EXT4-fs (loop1): Test dummy encryption mode enabled
[  370.645454][ T8401] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[  371.070399][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  371.185542][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  371.250485][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  371.269460][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  371.282272][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  371.936847][ T8431] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  371.953650][ T8431] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  372.123844][ T5889] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  372.311461][ T5889] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  372.332069][ T5889] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  372.371871][ T5889] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  372.391921][ T5889] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  372.407259][ T8415] loop6: detected capacity change from 0 to 40427
[  372.411879][ T5889] usb 8-1: SerialNumber: syz
[  372.438659][ T8415] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  372.460905][ T8415] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  372.667773][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.671600][ T5889] usb 8-1: 0:2 : does not exist
[  372.688001][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.688135][ T5889] usb 8-1: unit 1 not found!
[  372.699646][ T8415] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  372.703976][ T7341] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  372.710888][ T8415] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  372.724800][ T3500] bond0 (unregistering): Released all slaves
[  372.774920][ T5889] usb 8-1: USB disconnect, device number 3
[  372.886468][ T8368] udevd[8368]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  372.923505][ T7341] usb 6-1: Using ep0 maxpacket: 32
[  372.945062][ T7341] usb 6-1: config 0 has an invalid interface number: 2 but max is 0
[  372.956269][ T7341] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  372.980414][ T7341] usb 6-1: config 0 has no interface number 0
[  372.994664][ T7341] usb 6-1: config 0 interface 2 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[  373.018953][ T7341] usb 6-1: config 0 interface 2 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  373.041198][ T7341] usb 6-1: config 0 interface 2 has no altsetting 0
[  373.099063][ T7341] usb 6-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  373.114146][ T8415] syz.6.650: attempt to access beyond end of device
[  373.114146][ T8415] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  373.138896][ T7341] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.161241][ T7341] usb 6-1: Product: syz
[  373.177281][ T7341] usb 6-1: Manufacturer: syz
[  373.187496][ T7341] usb 6-1: SerialNumber: syz
[  373.287198][ T7341] usb 6-1: config 0 descriptor??
[  373.425611][ T5835] Bluetooth: hci0: command tx timeout
[  373.524985][ T7341] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  374.604399][ T3500] hsr_slave_0: left promiscuous mode
[  374.660977][ T3500] hsr_slave_1: left promiscuous mode
[  374.684661][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_0
[  374.711601][ T7341] snd-usb-audio 6-1:0.2: probe with driver snd-usb-audio failed with error -2
[  374.743774][ T7341] usb 6-1: USB disconnect, device number 4
[  374.916380][ T8368] udevd[8368]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  375.514142][ T5835] Bluetooth: hci0: command tx timeout
[  375.774347][ T8488] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  375.810625][ T8488] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  377.573889][ T5835] Bluetooth: hci0: command tx timeout
[  377.844587][ T8502] loop1: detected capacity change from 0 to 1024
[  378.024191][ T8502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.626933][ T3500] team0 (unregistering): Port device team_slave_1 removed
[  379.673526][ T5835] Bluetooth: hci0: command tx timeout
[  379.788841][ T3500] team0 (unregistering): Port device team_slave_0 removed
[  382.243006][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.690505][ T8536] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  382.706291][ T8536] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  384.067412][ T8547] loop6: detected capacity change from 0 to 128
[  385.923576][ T8565] 
[  385.926181][ T8565] =============================
[  385.931080][ T8565] WARNING: suspicious RCU usage
[  385.936596][ T8565] 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 Not tainted
[  385.945128][ T8565] -----------------------------
[  385.949995][ T8565] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage!
[  385.959079][ T8565] 
[  385.959079][ T8565] other info that might help us debug this:
[  385.959079][ T8565] 
[  385.969908][ T8565] 
[  385.969908][ T8565] rcu_scheduler_active = 2, debug_locks = 1
[  385.978596][ T8565] 1 lock held by syz.1.687/8565:
[  385.984443][ T8565]  #0: ffffffff8e3bec40 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x344/0x780
[  385.996119][ T8565] 
[  385.996119][ T8565] stack backtrace:
[  386.003219][ T8565] CPU: 0 UID: 0 PID: 8565 Comm: syz.1.687 Not tainted 6.15.0-rc5-syzkaller-00136-g9c69f8884904 #0 PREEMPT(full) 
[  386.003270][ T8565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  386.003293][ T8565] Call Trace:
[  386.003305][ T8565]  <TASK>
[  386.003318][ T8565]  dump_stack_lvl+0x16c/0x1f0
[  386.003380][ T8565]  lockdep_rcu_suspicious+0x166/0x260
[  386.003450][ T8565]  get_callchain_entry+0x278/0x3f0
[  386.003513][ T8565]  get_perf_callchain+0xdb/0x760
[  386.003575][ T8565]  ? __pfx_get_perf_callchain+0x10/0x10
[  386.003643][ T8565]  ? __pfx___schedule+0x10/0x10
[  386.003698][ T8565]  ? find_held_lock+0x2b/0x80
[  386.003750][ T8565]  __bpf_get_stack+0x4f5/0xa10
[  386.003806][ T8565]  ? __pfx___bpf_get_stack+0x10/0x10
[  386.003850][ T8565]  ? irqentry_exit+0x3b/0x90
[  386.003903][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.003964][ T8565]  bpf_get_stack+0x32/0x40
[  386.004011][ T8565]  bpf_get_stack_raw_tp+0x124/0x160
[  386.004075][ T8565]  bpf_prog_b8a90dd1efcc4ad9+0x46/0x4e
[  386.004110][ T8565]  bpf_prog_test_run_syscall+0x5b3/0x780
[  386.004165][ T8565]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  386.004215][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.004260][ T8565]  ? fput+0x70/0xf0
[  386.004292][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.004337][ T8565]  ? __bpf_prog_get+0xa0/0x290
[  386.004394][ T8565]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  386.004443][ T8565]  __sys_bpf+0x1488/0x4d80
[  386.004490][ T8565]  ? __pfx___sys_bpf+0x10/0x10
[  386.004527][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.004573][ T8565]  ? trace_sched_exit_tp+0xde/0x130
[  386.004630][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.004680][ T8565]  ? __schedule+0x1186/0x5de0
[  386.004734][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.004780][ T8565]  ? do_futex+0x122/0x350
[  386.004834][ T8565]  ? __pfx_do_futex+0x10/0x10
[  386.004909][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.004955][ T8565]  ? xfd_validate_state+0x5d/0x180
[  386.004997][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.005042][ T8565]  ? rcu_is_watching+0x12/0xc0
[  386.005096][ T8565]  __x64_sys_bpf+0x78/0xc0
[  386.005135][ T8565]  ? srso_alias_return_thunk+0x5/0xfbef5
[  386.005180][ T8565]  ? lockdep_hardirqs_on+0x7c/0x110
[  386.005234][ T8565]  do_syscall_64+0xcd/0x260
[  386.005296][ T8565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.005334][ T8565] RIP: 0033:0x7f1593f8e969
[  386.005363][ T8565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.005402][ T8565] RSP: 002b:00007f1594dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  386.005436][ T8565] RAX: ffffffffffffffda RBX: 00007f15941b5fa0 RCX: 00007f1593f8e969
[  386.005463][ T8565] RDX: 0000000000000010 RSI: 0000200000000740 RDI: 000000000000000a
[  386.005487][ T8565] RBP: 00007f1594010ab1 R08: 0000000000000000 R09: 0000000000000000
[  386.005511][ T8565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  386.005534][ T8565] R13: 0000000000000000 R14: 00007f15941b5fa0 R15: 00007ffc0eb3d248
[  386.005585][ T8565]  </TASK>
[  386.393336][ T5811] syz-executor (5811) used greatest stack depth: 21368 bytes left
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  386.937895][ T7693] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  388.309094][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  388.315530][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  389.286077][ T3500] bridge_slave_1: left allmulticast mode
[  389.300491][ T3500] bridge_slave_1: left promiscuous mode
[  389.308018][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.321078][ T3500] bridge_slave_0: left allmulticast mode
[  389.326879][ T3500] bridge_slave_0: left promiscuous mode
[  389.333920][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.891235][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  389.902382][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  389.917010][ T3500] bond0 (unregistering): Released all slaves
[  390.210068][ T3500] hsr_slave_0: left promiscuous mode
[  390.217193][ T3500] hsr_slave_1: left promiscuous mode
[  390.223375][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_0
[  390.237655][ T3500] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.678371][ T3500] team0 (unregistering): Port device team_slave_1 removed
[  390.749626][ T3500] team0 (unregistering): Port device team_slave_0 removed
[  392.083235][ T3500] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.162820][ T3500] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.249799][ T3500] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.332166][ T3500] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.586629][ T3500] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.672616][ T3500] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.741359][ T3500] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.826156][ T3500] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.481916][ T3500] bridge_slave_1: left allmulticast mode
[  393.488451][ T3500] bridge_slave_1: left promiscuous mode
[  393.494928][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.504977][ T3500] bridge_slave_0: left allmulticast mode
[  393.510635][ T3500] bridge_slave_0: left promiscuous mode
[  393.517732][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.529069][ T3500] bridge_slave_1: left allmulticast mode
[  393.535148][ T3500] bridge_slave_1: left promiscuous mode
[  393.540888][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.550490][ T3500] bridge_slave_0: left allmulticast mode
[  393.556293][ T3500] bridge_slave_0: left promiscuous mode
[  393.562015][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.576742][ T3500] bridge_slave_1: left promiscuous mode
[  393.582478][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.592430][ T3500] bridge_slave_0: left allmulticast mode
[  393.598616][ T3500] bridge_slave_0: left promiscuous mode
[  393.607242][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.620969][ T3500] bridge_slave_1: left allmulticast mode
[  393.626996][ T3500] bridge_slave_1: left promiscuous mode
[  393.632740][ T3500] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.642162][ T3500] bridge_slave_0: left allmulticast mode
[  393.647975][ T3500] bridge_slave_0: left promiscuous mode
[  393.655238][ T3500] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.738917][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.754935][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.769198][ T3500] bond0 (unregistering): Released all slaves
[  394.855708][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.869475][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.880104][ T3500] bond0 (unregistering): Released all slaves
[  394.960242][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.972334][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.987385][ T3500] bond0 (unregistering): Released all slaves
[  395.005787][ T3500] bond0 (unregistering): Released all slaves
[  395.089956][ T3500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  395.100825][ T3500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  395.111648][ T3500] bond0 (unregistering): Released all slaves