last executing test programs:

35.923370567s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x4001, 0x3, 0x208, 0xb8, 0x7000000, 0x148, 0x0, 0x148, 0x170, 0x240, 0x240, 0x170, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'tunl0\x00', 'vlan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48}}, {{@uncond, 0x0, 0x98, 0xb8, 0x0, {}, [@common=@unspec=@state={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x268)

34.619789444s ago: executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$jfs(&(0x7f0000000900), &(0x7f0000005e40)='./file0\x00', 0x1000000, &(0x7f00000011c0)=ANY=[@ANYRES64, @ANYRES32], 0x0, 0x5e9e, &(0x7f0000011b40)="$eJzs3U1vHVf9B/Df3Cc/9N/W6qLqP0LITctDKc1jCYECbRewYMMCZYsSuW4VkQJKAkqriLjyhgUvAoTEEiGWrHgBXbBlxwsgUoIE6opBY5+TjCfXuQ6O79g+n4/kzPzmzPieyfc+embuCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgvv+9H56tIuLyL9KClYj/i2HEIGKpqVcjYml1Ja8/ioiXYqs5XoyI8UJEs/3WP89HvBkRnz4Xce/+7bVm8bk99uO7f/zb7370zA/++ofx6X//6ebwrd3Wu3Xr1//685397TMAAACUpq7rukof80+kz/eDvjsFAMxFfv2vk7xcrVar1Wr18avb6unutIuI2Ghv07xncDgeAI6Yjfis7y7QI/kXbRQRz/TdCeBQq/ruAAfi3v3ba1XKt2q/Hqxut+dzQXbkv1E9uL5jt+ks3XNM5nX/2oxhvLBLf5bm1IfDJOc/6OZ/ebt9ktY76PznZbf8J9uXPhUn5z/s5t9xfPIfTM2/VDn/0RPlP5Q/AAAAAAAcYvnv/ys9H/9d2P+u7Mnjjv+uzqkPAAAAAAAAAPC07Xf8vweM/wcAAACHVvNZvfGb5x4u2+272Jrll6qIZzvrA4VJF8ss990PAAAAAAAAAAAAACjJaPsc3ktVxDginl1eruu6+Wnr1k9qv9sfdaXvP5Ss7yd5AADY9ulznWv5q4jFiLiUvutvvLy8XNeLS8v1cr20kN/PThYW66XW59o8bZYtTPbwhng0qZtfttjarm3W5+VZ7d3f19zWpB7uoWPz0WPgABAR269G97wiHTN1/Xz0/S6Ho8Hj//jx+Gcv+r6fAgAAAAevruu6Sl/nfSId8x/03SkAYC7y63/3uIBarVar1erjV7fV091pFxGx0d6mec+Qh+PfmPZLAYDDZyM+67sL9Ej+RRtFxEt9dwI41Kq+O8CBuHf/9lqV8q3arwdpfPd8LsiO/Deqre3y9tOms3TPMZnX/WszhvHCLv15cU59OExy/oNu/pe32ydpvYPOf152y7/Zz5Ue+tO3nP+wm3/H8cl/MDX/UuX8R0+U/1D+AAAAAABwiOW//684/pt3GQAAAAAAAACOnHv3b6/l617z8f/PTVnP9Z/HU86/kn+Rcv6DTv5f7qw3bM3fffdh/v+8f3vt9zf/8f95utf8F/JMle5ZVbpHVOmWqlGa7mfvHrU5Hk6aWxpXg+EonfNTj9+Pq3Et1uPMjnUH6f/jYfvZHe1NT8c72s/taB890n5+R/s4fe9AvZTbT8Va/DSuxXtb7U3bwoz9X5zRXs9oz/kPPf6LlPMftX6a/JdTe9WZNu5+Mnjkcd+eTrudd65+/ldnDn53ZtqM4YN9a2v272QP/dn6P3lmEj+/sX791K0rN29ePxtpsmPpuUiTpyznP04/D57/X9luz8/77cfr3U8mT5z/YbEZo13zf6U13+zva3PuWx9y/pP0k/N/L7VPf/wf5fx3f/y/3kN/AAAAAAAAAAAAAAAA4HHqut66RPSdiLiQrv/p69pMAGC+8ut/neTlarVarVarj1/dVk/3druIiL+0t2neM/xy2i8DAA6z/0TE3/vuBL2Rf8Hy9/0101f77gwwVzc++vjHV65dW79+o++eAAAAAAAAAAD/qzz+52pr/OdXI2Kls96O8V/fjdX9jv85yjMPBhh9ygN972JzMBkOWsONvxyPH//7ZDx+/O/RjNsbz2ifzGhfmNG+OKN96oUeLTn/l1vjnTf5n+gMv17C+K/dMe9LkPM/2bo/N/l/qbNeO//6t0c5/8GO/E/f/PBnp2989PEbVz+88sH6B+s/OX/27JnzFy5cvHjx9PtXr62f2f63xx4frJx/HvvaeaBlyfnnzOVflpz/F1It/7Lk/L+YavmXJeef3+/Jvyw5//zZR/5lyfm/lmr5lyXn/5VUy78sOf/XUy3/suT8v5pq+Zcl5/9GquVflpz/qVTLvyw5/9Opln9Zcv75CJf8y5Lzz2c2yL8sOf9zqZZ/WXL+51Mt/7Lk/N9MtfzLkvP/WqrlX5ac/4VUy78sOf+vp1r+Zcn5X0y1/MuS8/9GquVflpz/N1Mt/7Lk/N9KtfzLkvP/VqrlX5ac/7dTLf+y5Py/k2r5lyXn/3aq5V+Wh9//b8aMGTN5pu9nJgAAAAAAAAAAAACgax6nE/e9jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/2YEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4tRq76vgP4mfWuvTZJcAKhhhpYG8cYs7DrC76kdXEIIRSSptzS0Au2612bTXzDu26AItkRSYMUR4mqVOWlzUWo5aWKVeUhrWjEQ9WqT6V9SF+qVJXygCoSkUiV2qplqznn///vzHh2Ztcem5lzPh8J/7wzZ+acOfOf2f3u8l0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBow0env1zLsqz+X/7H2ix7T/3vq8fW5pd9+N0+QgAAAOBy/V/+59vXpgv2L+FGDdv8/S3/+L35+fn57DMr/mjkG/Pz6YqxLBtZlWX5ddGFf3+y1rhN8GI2Whtq+Hioy+5XdLl+uMv1I12uX9nl+lVdrh/tcv1FJ+Aiq4vvx+R3tin/69rilGbXZyP5dZva3OrF2qqhofi9nFwtv838yJFsJjuWTWeTTdsX29by7V/bUN/Xg1nc11DDvtbXV8jPXjgcj6EWzvGmpn0t3Gf0k49kYz//2QuH/2zurRvbza6noen+iuPcsrF+nF8MlxTHWstWpXMSj3Oo4TjXt3lOVjQdZy2/Xf3vrcf59hKPc8XCYV5Vrc/5aDaU//2N/DwNN35bL52n9eGy/7oty7JzC4fdus1F+8qGsjVNlwwtPD+jxYqs30d9KX0gG17WOt2whHVan1Obmtdp62siPv8bwu2GFzmGxqfpJ19YedHzvtx1GtUf9WKvldY12OvXSr+swbgu3sgf9Ett1+Cm8Phf2Lz4Gmy7dtqswfS4G9bgxm5rcGjlivyY05NQy2+zsAa3NW2/It9TLZ9vbu68Bifmjp+amH3u+btmjh86On10+sSObdsmd+zatWfPnokjM8emJ4s/L/Fs97812VB6DWwM5y6+Bm5v2bZxqc5/u3evw9EOr8O1Ldv2+nU43PrgalfnBXnxmi5eG4/XT/ro+aFskddY/vxsvfzXYXrcDa/D4YbXYdvPKW1eh8NLeB3Wtzm1dWlfsww3/NfuGK7U54K1DWuw9euR1jXY669H+mUNjoZ18a9bF/9csD4c70vjy/16ZMVFazA93PDeU78kfb0/uicf7dblTfUrrlmZnZmdPn33s4fm5k5vy8K4Kq5rWCut63VNw2PKLlqvQ8ter/tnbnnppjaXrw3navSu+h+jiz5X9W123t35uco/u7U/n02Xbs/C6LGrfT7bfTavn8+UJTucz/o2X5y4/K/FUy5teP8dWeT9N+b+d4r9pbt6ccXIcPH6XZHOzkjT+3HzUzWcv3fV8n2/PbG09+OR8N/Vfj++vsP78bqWbXv9fjzS+uDi+3Gt23c7Lk/r8zka1smxyc7vx/Vt1m1f7poc7vh+fFuYtXD+7whJIeWihrWz2LpN+xoeHgmPazjuoXmd7mjafiRks/q+Xt1+aet0y23Ffa1Ij27B1VqnYy3b9nqdpverxdZprdt33y5N6/M5GtbF9Ts6r9P6Nq/vvPz3ztXxrw3vnSu7rcGRFSvrxzySFmHxfj+/Oq7Bu7PD2cnsWDaVX7syX0+1fF/j9yxtDa4M/13t98p1HdbglpZte70G0+exxdZebfjiB98Drc/naFgXL9/TeQ3Wt7l/d2+/dt0SLknbNHzt2vr9tcW+53VTy2m6kt/zqh/n3+7u/L3Z+jbH9iw3Z3Y+T3eGS65pc55aX7+LvaamsqtzntaF43xrz+LnqX489W2+sXeJ62l/lmVnn7kv/35v+PnKX5754feafu7S7mc6Z5+576fvPfJ3yzl+AAbfO8VYU3yua/jJ1FJ+/g8AAAAMhJj7h8JM5H8AAAAojZj74/8Vnsj/AAAAUBox9w+HmVQk/6+7/62Zd85mqZk/H8Tr02l4qNgudlwnw8dj8wvql9/3yvR//vXZpe17KMuy/33o99tuv+6heFyFsXCcFz7WfPnFNzy7pP0ffGJhu8b++rfC/cfHs9Rl0K6CO5ll2WvXfjXfz9iT5/P5+kMH8/nouZderG/z9t7i43j7N68rtv+TUP7df+RQ0+3fDOfhx2FOPtz+fMTbfff8Het3f3phf/F2tY3vyx/2y08V9xt/T87XXyy2j+d5seP/m6+8+t369s9+qP3xnx1qf/yvhvt9Jcz/vrnYvvE5qH8cb/elcPxxf/F2d3/nB22P/8KXi+1PPVBsdzDMuP8t4eNND7w103i+nq0danpc2ceL7eL+J3/4tfz6eH/x/luPf/TA+abz0bo+Xv/n4n4mWraPl8f9RH/Vsv/6/TSuz7j/V//gYNN57rb/C4++eXP9flv3f2fLdqee2Zrvf+H+mn9j059+6att9xePZ/9fnGp6PPsfCa/jsP+XnwrrMVz/PxeK+2v97QoHH2l+/4nbf2vt2abHEz3482L/F+49ms9Vo6vXXPOe977v3K31c5dlbzxW3F+3/R/95smm4//2DcX5iNfHjn7r/hcT93/68+MnTs6emZlqOKv57875RHE88XivDe+trR8fODn39PTpscmxySwbK++v0Ltk3wnzp8U4t9zbb30iPJ83/fFrazb/01fi5f/yeHH5+YeLz1u3h+2+Hi5fG56/y93/yxtuyF/ftdeLj5t67D2wftN/7FnShuHxt35dENf7qQ8+nZ+H+nX55434ur7M4//RVHE/3w/ndT78ZuaNNyzsr3H7+LsRzj9WvN4v+/yFt7n4vP55eL4/+ePi/uNxxcf7o/B1zA/WNb/fxfXx/bNDrfef/xaPc+H9JDtXXB+3iuf7/Ns3tD28+HtIsnM35h//YbqfG5f1MBcz+9zsxLGZE2eenZibnp2bmH3u+QPHT545MXcg/12eBz7b7fYL709r8venqeldO7P83epkMa6wd/v4Tz1xeGr35Oap6SOHzhyZe+LU9Omjh2dnD09PzW4+dOTI9Oe73X5mat+27Xt37N4+fnRmat+evXt37B2fOXGyfhjFQXWxa/Jz4ydOH8hvMrtv595t99yzc3L8+Mmp6X27JyfHz3S7ff65abx+698bPz197NDczPHp8dmZ56f3bdu7a9f2rr8N8PipI7NjE6fPnJg4Mzt9eqJ4LGNz+cX1z33dbk85zf5b8fVsq1rxi/iyT925K/1+1rpXvrDoXRWbtPwC0bfC76L5h/ef2rOUj2PuHwkzqUj+BwAAgCqIuX9lmIn8DwAAAKURc/+qMBP5HwAAAEoj5v7RMJOK5H/9f/1//X/9f/3/9vvX/x9M+v+d6f93of+v/6//r/9PT/Vb/z/m/tVZVsn8DwAAAFUQc/+aMBP5HwAAAEoj5v5rwkzkfwAAACiNmPvfE2ZSkfyv/6//r/+v/6//337/+v+DSf+/M/3/LvT/9f/1//X/6al+6//H3P/eMJOK5H8AAACogpj73xdmIv8DAABAacTcf22YifwPAAAApRFz/9owk4rkf/1//X/9f/1//f/2+9f/H0z6/53p/3eh/6//r/+v/09P9Vv/P+b+94eZVCT/AwAAQBXE3P+BMBP5HwAAAEoj5v7rwkzkfwAAACiNmPuvDzOpSP7X/9f/1//X/9f/b79//f/BpP/f2RL7//W3Nf1//X/9f/1//X8uW7/1/2Pu/2CYSUXyPwAAAFRBzP03hJnI/wAAAFAaMff/QpiJ/A8AAAClEXP/ujCTiuR//X/9f/1//X/9//b71/8fTPr/nfn3/7vQ/9f/1//X/6en+q3/H3P/jWEmFcn/AAAAUAUx998UZiL/AwAAQGnE3P+LYSbyPwAAAJRGzP3rw0wqkv/1//X/9f/1//X/2+9f/38w6f93pv/fhf6//r/+v/4/PdVv/f+Y+28OM6lI/gcAAIAqiLn/ljAT+R8AAABKI+b+W8NM5H8AAAAojZj7x8JMKpL/9f/1//X/9f/1/9vvX/9/MOn/d6b/34X+v/6//r/+Pz3Vb/3/mPs3hJlUJP8DAABAFcTcvzHMRP4HAACA0oi5/7YwE/kfAAAASiPm/k1hJhXJ//r/+v/6//r/+v8L+6/p/w88/f/O9P+70P/X/9f/1/+np/qt/x9z/4fCTCqS/wEAAKAKYu7fHGYi/wMAAEBpxNx/e5iJ/A8AAAClEXP/ljCTJeT/dp3vQaP/r/+v/6//r//ffv/6/4NJ/78z/f8u9P/1//X/9f/pqX7r/8fcf0eYiZ//AwAAQGnE3L81zET+BwAAgNKIuf/OMBP5HwAAAEoj5v7xMJOK5H/9f/1//X/9f/3/9vvX/x9M+v+d6f93of+v/6//r/9PT/Vb/z/m/rvCTCqS/wEAAKAKYu6/O8xE/gcAAIDSiLl/IsxE/gcAAIDSiLl/MsykIvlf/1//X/9f/1//v/3+9f8Hk/5/Z/r/Xej/6//r/+v/01P91v+PuX9bmElF8j8AAABUQcz928NM5H8AAAAojZj7d4SZyP8AAABQGjH37wwzqUj+1//X/9f/1//X/2+/f/3/waT/35n+fxf6//r/+v/6//RUv/X/Y+6/J8ykIvkfAAAAqiDm/l1hJvI/AAAAlEbM/bvDTOR/AAAAKI2Y+/eEmVQk/+v/l6L/P9y6b/1//f9O+9f/1/8vM/3/zvT/u9D/1//X/9f/p6f6rf8fc//eMJOK5H8AAACogpj7PxxmIv8DAABAacTc/0thJvI/AAAAlEbM/b8cZlKR/N/7/v+t+v+Bf/9f/791fej/6//r/195+v+d6f93of+v/6//r/9PT/Vb/z/m/n1hJhXJ/wAAAFAFMff/SpiJ/A8AAAClEXP/vWEm8j8AAACURsz9+8NMKpL//fv/+v/6//r/+v/t96//P5j0/zvT/+9C/1//X/9f/5+e6rf+f8z9HwkzqUj+BwAAgCqIuf++MBP5HwAAAEoj5v6PhpnI/wAAAFAaMfffH2ZSkfyv/6//r/+v/6//337/+v+DqW/6/6OXtn/9f/1//f/BPX79f/1/LtZv/f+Y+z8WZlKR/A8AAABVEHP/A2Em8j8AAACURsz9Hw8zkf8BAACgNGLufzDMpCL5f6H//838Y/1//X/9f/1//f+C/v9g6pv+/yXuX/9f/1//f3CPX/9f/5+L9Vv/P+b+Xw0zqUj+BwAAgCqIuf+hMBP5HwAAAEoj5v6Hw0zkfwAAACiNmPs/EWZSkfzv3//X/9f/1//X/2+//yvU/z+b6f9fUfr/nen/d6H/r/+v/6//T0/1W/8/5v5PhplUJP8DAABAFcTc/2thJvI/AAAAlEbM/Z8KM5H/AQAAoDRi7v/1MJOK5H/9f/1//X/9f/3/9vv37/8PJv3/zvT/u9D/1//X/9f/p6f6rf8fc/8jYX7t9nBHFcn/AAAAUAUx9z8aZiL/AwAAQGnE3P9YmIn8DwAAAKURc//jYSYVyf/6//r/+v/6//r/7fev/z+Y9P870//vQv9f/1//X/+fnuq3/n/M/U+EmVQk/wMAAEAVxNz/6TAT+R8AAABKI+b+3wgzkf8BAACgNGLu/0yYSUXyv/5/v/X/Vzbdh/6//r/+v/6//v/y6P93pv/fhf6//r/+v/4/PdVv/f+Y+58MM6lI/gcAAIAqiLn/N8NM5H8AAAAojZj7fyvMRP4HAACA0oi5/7fDTCqS//X/37X+f1xs/v1//X/9/3C9/r/+fy/o/3em/9+F/r/+v/6//j891W/9/5j7fyfMpCL5HwAAAKog5v6nwkzkfwAAACiNmPsPhJnI/wAAAFAaMfcfDDOpSP7X/++3f/9f/1//f+F2+v8F/X/9/+XQ/+9M/78L/X/9f/1//X96qt/6/zH3HwozqUj+BwAAgCqIuf93w4w/BwcAAADKI+b+w2Emfv4PAAAApRFz/1SYSUXyv/6//r/+v/6//n/7/ev/Dyb9/870/7vQ/9f/1//X/6en+q3/H3P/dJhJRfI/AAAAVEHM/UfCTJaV/1t/WgUAAAD0k5j7j4aZ+Pk/AAAAlEbM/U+HmVQk/+v/6//r/+v/6/+337/+/2DS/+9M/78L/X/9f/1//X96qt/6/zH3z4SZVCT/AwAAQBXE3P/ZMBP5HwAAAEoj5v7PhZnI/wAAAFAaMfcfCzOpSP7X/9f/v/L9/3v1/8PU/9f/1/+/8vT/O9P/70L/X/9f/1//n57qt/5/zP3Hw0wqkv8BAACgCmLuPxFmIv8DAABAacTcfzLMRP4HAACA0oi5/1SYSUXyv/6//r9//1//X/+//f71/weT/n9n+v9d6P/r/+v/6//TU/3W/4+5/5kwk4rkfwAAAKiCmPtPh5nI/wAAAFAaMffPhpnI/wAAAFAaMffPhZlUJP/r/+v/6//r/+v/t9+//v9g0v/vTP+/C/1//X/9f/1/eur/2buLXUGuI47Dd2NrNnmHPEpeKszMzMzMzMzMzIxW4rCTLKLYVZWMptVHM+nknj71fQuXF5bOtb25f1s/9Wz9f+7+u8YtTfY/AAAAdJC7/25xi/0PAAAAy8jdf/e4xf4HAACAZeTuv0fc0mT/6//1//p//b/+f/t9/f856f/36f8H9P/6f/2//p9Dzdb/5+6/Z9zSZP8DAABAB7n77xW32P8AAACwjNz9945b7H8AAABYRu7++8QtTfa//l//r//X/+v/t9/X/5+T/n+f/n9A/6//1//r/znUbP1/7v77xi1N9j8AAAB0kLv/fnGL/Q8AAADLyN1//7jF/gcAAIBl5O5/QNzSZP/r//X/+v9+/f9dLvT/+v916f/36f8H9P/6f/2//p9Dzdb/5+5/YNzSZP8DAABAB7n7HxS32P8AAACwjNz9D45b7H8AAABYRu7+h8QtTfa//l//r//v1///T7//f+U//j3q/6+i////0P/v0/8P6P/1//p//T+Hmq3/z93/0Lilyf4HAACADnL3Pyxusf8BAABgGbn7Hx632P8AAACwjNz9j4hbmux//b/+X/+v//f9/+339f/npP/fp/8f0P/r//X/+n8ONVv/n7v/kXFLk/0PAAAAHeTuf1TcYv8DAADAMnL3Pzpusf8BAABgGbn7HxO3NNn/+n/9v/5f/6//335f/39O+v99+v8B/b/+X/+v/+dQs/X/ufsfG7c02f8AAADQQe7+x8Ut9j8AAAAsI3f/4+MW+x8AAACWkbv/CXFLk/2v/9f/6//1//r/7ff1/+ek/9+n/x+4rP7/pn//vPr/8/78+n/9P9earf/P3f/EuKXJ/gcAAIAOcvc/KW6x/wEAAGAZufufHLfY/wAAALCM3P1PiVua7H/9v/5f/9+u/79N/6//X5n+f5/+f8D3//X/+n/9P4earf/P3f/UuKXJ/gcAAIAOcvc/LW6x/wEAAGAZufufHrfY/wAAALCM3P3PiFua7H/9v/5f/9+u//f9f/3/0vT/+/T/A/p//b/+X//PoWbr/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAWEbu/mfHLfY/AAAALCN3/3Pilib7X/+v/9f/6//1/9vv6//PSf+/T/8/oP/X/8fP/6/fjPX/+n/+e7P1/7n7nxu3NNn/AAAA0EHu/ufFLfY/AAAALCN3//PjFvsfAAAAlpG7/wVxS5P9r/+/uj2/uND/6//1//r/O+j/z0n/v0//P6D/1//7/r/+n0PN1v/n7n9h3NJk/wMAAEAHuftfFLfY/wAAALCM3P0vjlvsfwAAAFhG7v6XxC1N9r/+3/f/9f/6f/3/9vv6/3PS/+/T/w/o//X/+n/9P4earf/P3f/SuKXJ/gcAAIAOcve/LG6x/wEAAGAZuftfHrfY/wAAALCM3P2viFua7H/9v/5f/6//1/9vv3/Z/f/N+Y7+/7ro//fp/wf0//p//b/+n0PN1v/n7n9l3NJk/wMAAEAHuftfFbfY/wAAALCM3P2vjlvsfwAAAFhG7v7XxC1N9r/+X/+v/9f/6/+337/s/t/3/2+M/n+f/n9A/6//1//r/znUbP1/7v7Xxi1N9j8AAAB0kLv/dXGL/Q8AAADLyN3/+rjF/gcAAIBl5O5/Q9zSZP/r//X/+n/9v/5/+339/znp//fp/wf0//p//b/+n0PN1v/n7n9j3NJk/wMAAEAHufvfFLfY/wAAALCM3P1vjlvsfwAAAFhG7v63xC1N9r/+X/+v/9f/6/+339f/n5P+f5/+f0D/r/+/oZ//jt9E9P/6f641W/+fu/+tcUuT/Q8AAAAd5O5/W9xi/wMAAMAycve/PW6x/wEAAGAZufvfEbc02f/6f/2//l//r//ffl//f076/336/wH9v/7f9//1/xxqtv4/d/8745Ym+x8AAAA6yN3/rrjF/gcAAIBl5O5/d9xi/wMAAMAycve/J25psv/1//p//b/+X/+//b7+/5z0//v0/wP6f/2//l//z6Fm6/9z9783bmmy/wEAAKCD3P3vi1vsfwAAAFhG7v73xy32PwAAACwjd/8H4pYm+1//r//X/+v/9f/b7+v/z0n/v0//P6D/1//r//X/HGq2/j93/wfjlib7HwAAADrI3f+huMX+BwAAgGXk7v9w3GL/AwAAwDJy938kbmmy//X/+n/9v/5f/7/9vv7/nPT/+/T/A/p//b/+X//PoWbr/3P3fzRuabL/AQAAoIPc/R+LW+x/AAAAWEbu/o/HLfY/AAAALCN3/yfilib7X/+v/9f/6//1/9vv6//PSf+/T/8/oP/X/+v/9f8carb+P3f/J+OWJvsfAAAAOsjd/6m4xf4HAACAZeTu/3TcYv8DAADAMnL3fyZuabL/9f/6f/2//l//v/2+/v+c9P/79P8D+n/9v/5f/8+hZuv/c/d/Nm5psv8BAACgg9z9n4tb7H8AAABYRu7+z8ct9j8AAAAsI3f/F+KWJvtf/6//1//r//X/2+9P3//fWf+/Rf+/T/8/oP/X/+v/9f8carb+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAZeTu/3LcYv8DAADAMnL3fyVuabL/9f/6f/2//l//v/3+9P2/7/9v0v/v0/8P6P/1//p//T+Hmq3/z93/1bilyf4HAACADnL3fy1usf8BAABgGbn7vx632P8AAACwjNz934hbmux//b/+X/+v/9f/b7+v/z8n/f8+/f+A/l//r//X/3Oo2fr/3P3fjFua7H8AAADoIHf/t+IW+x8AAACWkbv/23GL/Q8AAADLyN3/nbilyf7X/+v/9f/6f/3/9vv6/3PS/+/T/w/o//X/+n/9P4earf/P3f/duKXJ/gcAAIAOcvd/L26x/wEAAGAZufu/H7fY/wAAALCM3P0/iFua7H/9v/5f/6//1/9vv6//Pyf9/z79/4D+X/+v/9f/c6jZ+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAJaRu//HcYv9DwAAAMvI3f+TuKXJ/tf/9+3/b46/Vv+v/5+1/89/rvp//f/10P/v0/8P6P/1//p//T+Hmq3/z93/07ilyf4HAACADnL3/yxusf8BAABgGbn7fx632P8AAACwjNz9v4hbmux//X/f/v/C9/+L/n/O/j/p//X/10P/v0//P6D/1//r//X/HGq2/j93/y/jlib7HwAAADrI3f+ruMX+BwAAgGXk7v913GL/AwAAwDJy9/8mbmmy//X/+n/9v/5f/7/9vv7/nPT/+/T/A/p//b/+X//PoWbr/3P333L7AL5m/1+50b9PAAAAYB633P7HK/Hf6fv9/38AAADoIHf/b+MW+x8AAACWkbv/d3FLk/2v/9f/6//1//r/7ff1/+ek/9+n/x/Q/+v/9f/6fw41W/+fu//WuKXJ/gcAAIAOcvf/Pm6x/wEAAGAZufv/ELfY/wAAALCM3P1/jFua7H/9v/5f/6//1/9vv6//P6cb6u9vvVP9qf4/6P/1//p//b/+nwPM1v/n7v9T3NJk/wMAAEAHufv/HLfY/wAAALCM3P1/iVvsfwAAAFhG7v6/xi1N9r/+X/9/af3/Tfp//b/+/0L/fzjf/9+n/x/Q/+v/9f/6fw41W/+fu/+2uKXJ/gcAAIAOcvf/LW6x/wEAAGAZufv/HrfY/wAAALCM3P3/iFua7H/9v/7f9//1//r/7ff1/+ek/9+n/x/Q/+v/9f/6fw41W/+fu/+fAQAA//94SGw4")
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0xfffffecc}], 0x1)

31.469318288s ago: executing program 4:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@noauto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000340)='./file1\x00', 0x0)

30.487875512s ago: executing program 4:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = dup(r0)
sendmsg$netlink(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}], 0x1}, 0x0)

29.002378357s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

28.829081448s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
inotify_init()

28.243954977s ago: executing program 4:
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000080015"], 0x4c}}, 0x0)

25.025081287s ago: executing program 1:
r0 = syz_io_uring_setup(0xd79, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000003580)=<r2=>0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000300)=@in={0x2, 0x0, @local}})
io_uring_enter(r0, 0x291c, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x8, &(0x7f0000000000), 0x4)

21.669601441s ago: executing program 1:
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000005c0)={[{@noauto_da_alloc}, {@mblk_io_submit}, {@dioread_nolock}]}, 0x1, 0x4c4, &(0x7f00000000c0)="$eJzs3E9sFNUfAPDvbFta/v3YHyIKohbR2EhsoaBw8ILRxIMmRjzosWkLqRRqaE2EoFkSg0dD4t149OrBq3oxxpOJVzyaGBJiuABeHDO7M+12u9vSdtu12c8nGfa9+ffemzdv9s17XQLoWoPZP0ktfCsi9kREqXGHwdrH/bvXxh/cvTYelTQ9+1dSPexeFs/lp4mdeWSoFFH6LFnYUGf2ytULY9PTk5fz+MjcxQ9HZq9cfXHq4tj5yfOTl0ZPnz554vipl0dfWn2hmqSXlevewU9nDh144/2bb433FusH8s/6crTLYAw2y0rVc+1OrMN214WT3g5mhFXJ7v+suvqq7X9P9ITKg26Rpmna33pzJW10fckaYMtKotM5ADqj+KLP3n+LpVlHYNvGdD867s6Z2gtQVu77+RLxdHVlMQ7S1/B+206DEfFe5e+vsiU2aBwCAKDeD2eKnmBD/688sGi//+VzKOWI+H9E7I2IRyJiX0Q8GhH7I+KxiHi84fw9EZEuk/5gQ3xp/6d0ez3lW0nW/3sln9ta6P9F/SxYuSeP7Y4oOsyTx/JrMhR9/eempiePL5PGj6/99kWrbfX9v2zJ0i/6gnk+bvc2DNBNjM2NrbnADe5cjzjY21j+pDcimZ8JSCLiQEQcXMV5y3XhqRe+OTQf6Vu838rlr0qbzqO1Yaoi/Tri+Vr9V2JR/S+kmCw/PzkyENOTx0ayu+BY0zR++fXG263SX7H83/3ReMjrp74/m7es9cvqf0fd/R/F/O1C+ctJRDI/Xzu7+jRu/P55y3eatd7/25J3q+HivfTjsbm5y8cjtiVvLl0/unBsEc8+o1Ir/9CR5u1/b35MdiWeiIjsJn4yIp6K2htilvfDEfFMRBxZpvw/v/rsB2sv/8bKyj/R9Pm3qP4X5utbBZJKbe8mm3ouHL71oMXD4+Hq/2Q1NJSvaf78SxY9IlrltPi2y9b8s96LBwAAAFtEKSJ21Y0l7YpSaXi4Nga0L3aUpmdm546em/no0kS2LaIcfaVipKs2HtyXFOOf5br4aEP8RD5u/GXP9mp8eHxmeqKjJQd2Vtt8UhqefxbU2n/mz/YMMQP/ZX7yA91rpfa//+YmZQTYdA///f/TJxuaEWDT1bX/SotdKmv4uy9gC/D+D91raftv1Q1Y7hhgq0m1Zehqq2r/R1fuGwBbR2+8Mx8udTQnwGbT/4eutOLv+tcVSPubbxqIpTvHwPIn7Im1ZWN7k7Q6Esh6Vh1Jfftajir+N4WW+0RpdSfsj/bU6bn1X5bz+9t+86f538q3uwa/3ZR22izQkccRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA2/0bAAD//xq14Bs=")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

20.508045596s ago: executing program 1:
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x0, @empty}], 0x1c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x18, 0x0, 0x0, 0x115}, 0x9c)

18.559989558s ago: executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f00000004c0)={0x281})

18.243507541s ago: executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c710016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa73d897e3896d863081b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbd744e517e65ddab19e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f200004304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188541c300f5c1bf56705ba12d198e897186b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710f7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47cbb0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9ea410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be0a33c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06a6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c6062368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c5bed4b0d73dffb17a88aaad5921aee7dae6a2f3009d9cb434898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a64d903b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e7ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000006a728258ca3d846a000e80d5f43109a48ddc54cec5d7f78c80e010ed02ffc0846577cafcd9e0ad83149bfb08ba7b5b431311041deb5e5d65610ad6e8d6ed55e900071b4d37d9fadb17a0407e7251866b63faccfe936980f59ceaa9d6b6863024b482023799a4f30a225b560f320e89ed44130e78f8cf000ac3c743b08d4256f282fc36162ac4b59527a3b67560313914ff6ac4ac43cd0e79d6372da631de3fde6c29de3b43d3046df23019ecadd57f175a2443928b1bcb9be16f54936796c3b928dc07c70771622cef2fafeb239a3ca4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
ioctl$TIOCMIWAIT(r0, 0x545c, 0x0)

6.442652708s ago: executing program 2:
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
syz_read_part_table(0x401f, &(0x7f0000000000)="$eJzs0DEOAUEUBuB/NqKgUbuERk2UjrKNTqLRuIrKMSQaB3EBJ9CMZElIVuv7mvlnMjMv741vp1WSMttu2l1eNJ28bJKSZF73Jf/nvedrsjgnGfX5pDvUtPcvNycfzveHGoZ96j4N6ro+Ti+/vAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEsBAAD//4IoCls=")
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000002d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0)
r0 = eventfd(0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$P9_RSTATFS(r1, &(0x7f0000000080)={0x43, 0x9, 0x0, {0x1ff}}, 0x43)
nanosleep(&(0x7f0000004240)={0x77359400}, 0x0)
write$cgroup_pid(r1, &(0x7f0000004080), 0x12)

6.265718692s ago: executing program 2:

6.089537432s ago: executing program 2:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})

2.499595121s ago: executing program 2:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f00000004c0)={0x281})

2.413137195s ago: executing program 5:
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="280000001c00070d000000000000020007000000", @ANYRES32=r1, @ANYBLOB="800087000a0002000180c2"], 0x28}}, 0x0)

2.219579328s ago: executing program 2:
r0 = socket(0x2a, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89b0, &(0x7f0000000180)={'macvlan1\x00', &(0x7f00000001c0)=@ethtool_cmd={0x0, 0x20000}})

2.080261616s ago: executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$unix(0x1, 0x0, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
r2 = gettid()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0)
tkill(r2, 0x21)
write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46)
r3 = dup3(r1, r0, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
sendto$unix(r3, &(0x7f0000000200)="c7", 0x1, 0x0, 0x0, 0x0)
close(r3)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x15, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x989680}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
close(0xffffffffffffffff)
rt_sigreturn()
r5 = msgget$private(0x0, 0x0)
msgrcv(r5, 0x0, 0x0, 0x0, 0x0)

2.021267127s ago: executing program 2:
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000080)={0x0, 0x0, "6b8ee1", 0x1})
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

1.990178832s ago: executing program 5:
syz_read_part_table(0x5dc, &(0x7f0000000000)="$eJzs2z9o1GcYB/DnoteADi5OTuogpbgojh5F5e5UFMJpliJFQRHxphOEkx6k6KA3GHJDSLcsaeCW/JlyuSFTQgKZQ8iQEsiQpSVZAlly5dK3Q6FDr00KpZ8PBw/ve8/7ft8X3vUX/Kf1xS+dTicTEZ3+iFM9rh5s5gv3Lg7cKj2OyMSTiPj2hy9/7P6TSR3dXbsup/FmGk+Mn2l/2rubbW482r/ydLHe9/uWQ0e/ODvZGjyG63HCpnJL595/qBQ/V3Ov1ou17Y9rqw+nd/Ol1oN6Y+Z+9s7z1Lec6ulU30Q13sXreBbl+D5eROWY8seaW9cOLxSbcy9vHhTawwvXj7p6fde95R892Ijo5r+9NPJNo3b76uz50RvV+ZXSToou95/YEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEbZWDr3/kOl+Lmae7VerG1/XFt9OL2bL7Ue1Bsz97N3nqe+5VRPp/omqvEuXsezKEc5XkTlb+ZP5f6YP9bcunZ4odice3nzoNAeXrie+gb+4T3/Qn6nm//20sjXjdrtq7PnR29U51dKO6d+6yv3/9nqL07oVAAAAAAAAAAAAAAAAAAAAPzf5Av3Lg7cKj2OyMSTiPjq5+/6uvOd9L17JvVdTnUzzU+Mn2l/2rubbW482r/ydLH+U5ofikwMRcTZydbgv34ZevZrAAAA///YkpIV")
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000200)=ANY=[], 0x0)

1.85026613s ago: executing program 3:
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
preadv(r0, &(0x7f000000e2c0)=[{0x0, 0xf0ff7f}, {&(0x7f00000002c0)=""/157, 0x9d}], 0x2, 0x0, 0x0)

1.752131803s ago: executing program 3:
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
syz_read_part_table(0x401f, &(0x7f0000000000)="$eJzs0DEOAUEUBuB/NqKgUbuERk2UjrKNTqLRuIrKMSQaB3EBJ9CMZElIVuv7mvlnMjMv741vp1WSMttu2l1eNJ28bJKSZF73Jf/nvedrsjgnGfX5pDvUtPcvNycfzveHGoZ96j4N6ro+Ti+/vAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEsBAAD//4IoCls=")
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000500)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$cgroup_pressure(r1, &(0x7f00000000c0)={'some'}, 0xffffffb2)

1.571731907s ago: executing program 0:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})

1.500259458s ago: executing program 3:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000003600), 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket(0x1, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000bc0)={'bridge_slave_1\x00', &(0x7f0000000b80)=@ethtool_eee={0x2b}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000002c0)={[{@dioread_lock}, {@usrquota}, {@errors_continue}, {@init_itable}, {@grpquota}, {@grpjquota, 0x2e}, {@resuid}, {@errors_remount}, {@nolazytime}, {@nomblk_io_submit}], [], 0x2c}, 0x84, 0x4ac, &(0x7f0000000740)="$eJzs3MtvG8UfAPDvbh59N2l//QF9QA0FUVFImrRADxwKAqkXJCQ4lGNIQ1WatqgJEq0qGhAqR8RfAByRkDhx4QQSQsCJxxXuCKlCvbRwQEFr7ybrxE4d52GoPx/JzszurGe+uzv2eCfrALpWJXtKIrZGxC8RMVDL1heo1P7cunFl/M8bV8aTmJ198Y+kWu7mjSvjRdFiuy155qfLEem7SextUO/UpctnxyYnJy7m+eHpc68PT126/NiZc2OnJ05PnB89duzokZEnnxh9fFXizOK6ueetC/t2n3j5g+fHZ+OV7z7N2rs1X1+Oo2ZwxXVWohKzufml/dXnh1b86v8u20rppLeDDWFZeiIiO1x91f4/ED0xf/AG4rl35jJfd6iBwJrJPpt2LFrak/9N5z6/gDtRoo9Dlyo+8bPvv8VjPccfnXb96ex5ohr/rfxRW9MbafZddrD2jb2nyfbHV1j/1og4OfPXh9kjGl6HAABYXV9m459HG43/0rirVG57PocyGBGHImJnRPwvInZFxP8jqmXvjoh7lll/ZUF+8fjnx01tBdaibPz3VD63VT/+S/MSyVxuWzX+vuTVM5MTh/N9cjD6NmT5kSXq+OrZn99vtq5SGv9lj6z+YiyYt+P33g3125wamx5bQch1rr8dsae3UfzJ3ExAtgd2R8SeNl4/22dnHvlkX5bevmXx+tvHv4RVmGea/Tji4drxn4kF8ReSWk3N5ieHN8bkxOHh4qxY7Psfrr1QzveV0nXxb2wtpo3tBttAdvw3Nzz/8/iLblDM104tv45rv77X9DvN4uOfxMmZcon8/C+9C2Tnf3/yUjXdny97c2x6+uJIRH++oG756Py2Rb4on8V/8EDj/r8z4u+P8u32RkR2Et8bEfdFxP687fdHxAMRcWCJ+L995sHXlt5DbZ7/qyCL/9RSxz9iMCnP17eR6Dn7zRfN6m/t/e9oNXUwX9LK+1+rDVzJvgMAAID/irQ6B52kQ0W6dHFqV2xOJy9MTR+qxBvnT9XmqgejLy2udA2UroeO5NeGi/zogvyRiNhR/U+jTdX80PiFyW2dDByo3qtT1/8jTYeGaut+a/ZPL8CdY1nzaOW7Az/7fPUbA6wr92tC99L/oXvp/9C99H/oXo36/9WIWx1oCrDOfP5D99L/oXvp/9C99H/oSotviS9+aKGdO/3nEztPrGjzNU/MDqzJK88sf6ueNYo0yj/a0TSRRER7VUS6dJn+FmrvWCK9bZnjbe6WZST254kNEdHqVlfXba929n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgtfwTAAD//+8W3h0=")
syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file0/file0\x00', 0x3a0cc12, &(0x7f0000000540)={[{@unhide}, {@session={'session', 0x3d, 0x13}}, {@mode={'mode', 0x3d, 0x401}}, {@nocompress}, {@cruft}, {}, {@session={'session', 0x3d, 0x54}}, {@unhide}, {@unhide}, {@sbsector}, {@nocompress}, {@map_normal}], [], 0x2c}, 0x1, 0x9be, &(0x7f0000004180)="$eJzs3c1vXOW9B/Dv8Uvia1AIkMvNRUAm4QYM5Dq2U0IjNk3scTLUL5XtSERVRShJqihWqaCVAHWRSlVXRe2i6oLuWHaFxAY2VXbtX9BFpYp/AXUVddGpzplxbGOPx079Rvh8rOM5L7/zPL/H5/g88vHMecLXWbPZrKb7XL78x91Mlv3nwsQXH3/yYTn94nYOpDcvF58lA0lqSV+So0n/+MTc7HSXgm4lV5PcSYokB9N63ZSrKX6Th5eX76T4Q1lv5fJ9NoxNafKNttfnHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EfF+MTIyGiRqcbM5ddrnVVDgHfa2LNc3ufVqN/F513rTYpyysDA0lDfR48sb36i/HYiT7WWnqoGJM9APnjoicOvPt7Xs7T/Bglvxb/agyFvecd33//g1puLi9ff2aZEvm4u1mca87ON6fMX67XG/Gzt3NmzI6cvTc7XJhtT9fkr8wv16dr4XP38wuxcbWj8hdrouXNnavXhK7OXZy5ODE/Vl1a+8v9jIyNna68Nf69+fm5+dub0a8Pz45caU1ONmYtVTLm5jHmlPBG/21ioLdTPT9dqN24uXj+zKqN1TokyaLRbS8qgsW5BYyNjY6OjY2OjZ18+9/IrIyN9yyt6U60Y+Yqs2eXeSVue0Vv5WbOvfdSz2cjtvYDDf6Cn3f9nKo3M5HJeT23dr/FMZC6zme6wvW2p/z95ur5hvSv7/6Ve/ujy5idT9f/PtJae6dT/d8hl977ezfv5ILfyZhazmOt5Z9XWg/dRYrO5963a/NfF1DOTRuYzm0amc75aU2uvqeVczuZsRvJGLmUy86llMo1MpZ75XMl8FlKvzqjxzKWe81noKw90LUMZzwupZTTnci5nUks9w7mS2VzOTC5mIuerUm7kZvVzP7NBjveCRjcTNLZB0Ab9f3vFFvp/vqF24CoO96fZ7v8PdA8dGt+NhAAAAIBt979/yaEjj/3570l/nq7usQMAAAAPmurtek+VL/3l3NMpJhtT9ZG9TgsAAADYRkX1GbsiyWCOteaWPgnlJgAAAAA8IKr//z9TvgyWc8dS+PsfAAAAHjTdn7HfNaI4lVpul5tq11qR19oR7ef8Dk42purD47NTr47mueopA9UnDdaU1pvDSfXxgxdzvBV1fLD1Ori6xIEyanT41dEM5ES7IUPPli/PDq0TOVZGvpjnW5HPL0UOZE3kmTISAB50Jzbojzfb/7+YU62IU09Wj2/ve3KdPnhEzwoA+0X3MXa6RhTfWhr+p8Pf/4/lxrHWWwqG81bezmKu5VT1aYPqHQftUnOnyHKpgyvehnCqy92AwRUjvJxauh9w7OF17wcMrhjo5dSaOwKdYs/swpEAgN1zYk0/vEH/32y25tbc/9/47/9BbykEgH3l3gj2Oziz120EAFa7r166dwcTAgAAAAAAAAAAAAAAAAAAAAAAAAAAgAfAbjz/f1/O3E6yD9Iws7MzA7tzhv/gQLJfmrxNM3t9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA3FEnveut7koNJ30iS07uf1c65vdcJ7LHibu7mvRza6zwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB407ef/96T1+lBrVfp6kpNJrib5/l7nuJ3u7nUCe2zF8//LY55mkb7WYU/RPz4xNztdHv4cLLd/8fEnH5bT/dRTFlDWsGpwiXYNnfd6tNprcOL6u7d++vZPahMXqiQvLExOTUxfnPvOcuATxadJLa1pyVK+Py/aZ/Hqln9atnRz9U5W9U6srfd/1tv7Xr0n//Tbzm1btpzGzcXrY2VNC/XXF37245vvrQh6LMeTZ4eSodU1/aicOtR0PP0b1Vt8WfyqOJTf52p1/Ms0imZRHqJHqvb/142bi9eH33p78VqHnA7nWJJrycDmczq29kgsqc66nv6y1pEqqPx2pEt5G3qo91Cz2SpxtEMbHq1OmcEttaHWuQ2VLj/3dhvPdMjo8Ty35SP9XJca2/7ZbGktFV8Wfysu5a/55YrxP3rK438ym/ntLGOqyBVnSuc2n1xu+djKDW98NbLjbyU74Nf5Yb597/j3rLj+t4/V7lyPVtS4Y78XRasXaqvmj3ylR2pffTpl2c7zSCuqQ57/nZfW7tclz5e6XFG26fd/teLL4qNiKP/IbeP/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+1+R9K63vic5meRwkkfK5VrS3I76egaL7Shmkw6sWXN7F2vfP3ruzRV3czfv5dCepgMAAAAAAADAtrkw8cXHn3xYTtX/43vzf8VnyUDrP/19SQ4Xv+sfn5ibne5SUH9yNcmdcn5gazmU++Xh5eU75dLRrbcFANicfwcAAP//U9R2+g==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)='./file0/../file0/file0\x00', 0x0, 0x2809c11, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0xadc51, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r3, &(0x7f0000002140)={0x2020}, 0x2100)
socket$inet_udp(0x2, 0x2, 0x0)

1.169214952s ago: executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r3, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000880)={0x4c, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16ad}], @NL80211_ATTR_FRAME={0x24, 0x33, @assoc_resp={{{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, 0x0, @default, @val, @void}}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x4c}}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x60, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="010000000000000000000800000008000300", @ANYRES32=r1], 0x1c}}, 0x0)

1.13867866s ago: executing program 0:
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'veth1_vlan\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x2c, 0x2}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2a}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'veth1_vlan\x00'})

953.459147ms ago: executing program 3:
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCGNPMODE(0xffffffffffffffff, 0xc008744c, &(0x7f00000004c0)={0x281})

712.579585ms ago: executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000003600), 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket(0x1, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000bc0)={'bridge_slave_1\x00', &(0x7f0000000b80)=@ethtool_eee={0x2b}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x3, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000002c0)={[{@dioread_lock}, {@usrquota}, {@errors_continue}, {@init_itable}, {@grpquota}, {@grpjquota, 0x2e}, {@resuid}, {@errors_remount}, {@nolazytime}, {@nomblk_io_submit}], [], 0x2c}, 0x84, 0x4ac, &(0x7f0000000740)="$eJzs3MtvG8UfAPDvbh59N2l//QF9QA0FUVFImrRADxwKAqkXJCQ4lGNIQ1WatqgJEq0qGhAqR8RfAByRkDhx4QQSQsCJxxXuCKlCvbRwQEFr7ybrxE4d52GoPx/JzszurGe+uzv2eCfrALpWJXtKIrZGxC8RMVDL1heo1P7cunFl/M8bV8aTmJ198Y+kWu7mjSvjRdFiuy155qfLEem7SextUO/UpctnxyYnJy7m+eHpc68PT126/NiZc2OnJ05PnB89duzokZEnnxh9fFXizOK6ueetC/t2n3j5g+fHZ+OV7z7N2rs1X1+Oo2ZwxXVWohKzufml/dXnh1b86v8u20rppLeDDWFZeiIiO1x91f4/ED0xf/AG4rl35jJfd6iBwJrJPpt2LFrak/9N5z6/gDtRoo9Dlyo+8bPvv8VjPccfnXb96ex5ohr/rfxRW9MbafZddrD2jb2nyfbHV1j/1og4OfPXh9kjGl6HAABYXV9m459HG43/0rirVG57PocyGBGHImJnRPwvInZFxP8jqmXvjoh7lll/ZUF+8fjnx01tBdaibPz3VD63VT/+S/MSyVxuWzX+vuTVM5MTh/N9cjD6NmT5kSXq+OrZn99vtq5SGv9lj6z+YiyYt+P33g3125wamx5bQch1rr8dsae3UfzJ3ExAtgd2R8SeNl4/22dnHvlkX5bevmXx+tvHv4RVmGea/Tji4drxn4kF8ReSWk3N5ieHN8bkxOHh4qxY7Psfrr1QzveV0nXxb2wtpo3tBttAdvw3Nzz/8/iLblDM104tv45rv77X9DvN4uOfxMmZcon8/C+9C2Tnf3/yUjXdny97c2x6+uJIRH++oG756Py2Rb4on8V/8EDj/r8z4u+P8u32RkR2Et8bEfdFxP687fdHxAMRcWCJ+L995sHXlt5DbZ7/qyCL/9RSxz9iMCnP17eR6Dn7zRfN6m/t/e9oNXUwX9LK+1+rDVzJvgMAAID/irQ6B52kQ0W6dHFqV2xOJy9MTR+qxBvnT9XmqgejLy2udA2UroeO5NeGi/zogvyRiNhR/U+jTdX80PiFyW2dDByo3qtT1/8jTYeGaut+a/ZPL8CdY1nzaOW7Az/7fPUbA6wr92tC99L/oXvp/9C99H/oXo36/9WIWx1oCrDOfP5D99L/oXvp/9C99H/oSotviS9+aKGdO/3nEztPrGjzNU/MDqzJK88sf6ueNYo0yj/a0TSRRER7VUS6dJn+FmrvWCK9bZnjbe6WZST254kNEdHqVlfXba929n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgtfwTAAD//+8W3h0=")
syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file0/file0\x00', 0x3a0cc12, &(0x7f0000000540)={[{@unhide}, {@session={'session', 0x3d, 0x13}}, {@mode={'mode', 0x3d, 0x401}}, {@nocompress}, {@cruft}, {}, {@session={'session', 0x3d, 0x54}}, {@unhide}, {@unhide}, {@sbsector}, {@nocompress}, {@map_normal}], [], 0x2c}, 0x1, 0x9be, &(0x7f0000004180)="$eJzs3c1vXOW9B/Dv8Uvia1AIkMvNRUAm4QYM5Dq2U0IjNk3scTLUL5XtSERVRShJqihWqaCVAHWRSlVXRe2i6oLuWHaFxAY2VXbtX9BFpYp/AXUVddGpzplxbGOPx079Rvh8rOM5L7/zPL/H5/g88vHMecLXWbPZrKb7XL78x91Mlv3nwsQXH3/yYTn94nYOpDcvF58lA0lqSV+So0n/+MTc7HSXgm4lV5PcSYokB9N63ZSrKX6Th5eX76T4Q1lv5fJ9NoxNafKNttfnHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EfF+MTIyGiRqcbM5ddrnVVDgHfa2LNc3ufVqN/F513rTYpyysDA0lDfR48sb36i/HYiT7WWnqoGJM9APnjoicOvPt7Xs7T/Bglvxb/agyFvecd33//g1puLi9ff2aZEvm4u1mca87ON6fMX67XG/Gzt3NmzI6cvTc7XJhtT9fkr8wv16dr4XP38wuxcbWj8hdrouXNnavXhK7OXZy5ODE/Vl1a+8v9jIyNna68Nf69+fm5+dub0a8Pz45caU1ONmYtVTLm5jHmlPBG/21ioLdTPT9dqN24uXj+zKqN1TokyaLRbS8qgsW5BYyNjY6OjY2OjZ18+9/IrIyN9yyt6U60Y+Yqs2eXeSVue0Vv5WbOvfdSz2cjtvYDDf6Cn3f9nKo3M5HJeT23dr/FMZC6zme6wvW2p/z95ur5hvSv7/6Ve/ujy5idT9f/PtJae6dT/d8hl977ezfv5ILfyZhazmOt5Z9XWg/dRYrO5963a/NfF1DOTRuYzm0amc75aU2uvqeVczuZsRvJGLmUy86llMo1MpZ75XMl8FlKvzqjxzKWe81noKw90LUMZzwupZTTnci5nUks9w7mS2VzOTC5mIuerUm7kZvVzP7NBjveCRjcTNLZB0Ab9f3vFFvp/vqF24CoO96fZ7v8PdA8dGt+NhAAAAIBt979/yaEjj/3570l/nq7usQMAAAAPmurtek+VL/3l3NMpJhtT9ZG9TgsAAADYRkX1GbsiyWCOteaWPgnlJgAAAAA8IKr//z9TvgyWc8dS+PsfAAAAHjTdn7HfNaI4lVpul5tq11qR19oR7ef8Dk42purD47NTr47mueopA9UnDdaU1pvDSfXxgxdzvBV1fLD1Ori6xIEyanT41dEM5ES7IUPPli/PDq0TOVZGvpjnW5HPL0UOZE3kmTISAB50Jzbojzfb/7+YU62IU09Wj2/ve3KdPnhEzwoA+0X3MXa6RhTfWhr+p8Pf/4/lxrHWWwqG81bezmKu5VT1aYPqHQftUnOnyHKpgyvehnCqy92AwRUjvJxauh9w7OF17wcMrhjo5dSaOwKdYs/swpEAgN1zYk0/vEH/32y25tbc/9/47/9BbykEgH3l3gj2Oziz120EAFa7r166dwcTAgAAAAAAAAAAAAAAAAAAAAAAAAAAgAfAbjz/f1/O3E6yD9Iws7MzA7tzhv/gQLJfmrxNM3t9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA3FEnveut7koNJ30iS07uf1c65vdcJ7LHibu7mvRza6zwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB407ef/96T1+lBrVfp6kpNJrib5/l7nuJ3u7nUCe2zF8//LY55mkb7WYU/RPz4xNztdHv4cLLd/8fEnH5bT/dRTFlDWsGpwiXYNnfd6tNprcOL6u7d++vZPahMXqiQvLExOTUxfnPvOcuATxadJLa1pyVK+Py/aZ/Hqln9atnRz9U5W9U6srfd/1tv7Xr0n//Tbzm1btpzGzcXrY2VNC/XXF37245vvrQh6LMeTZ4eSodU1/aicOtR0PP0b1Vt8WfyqOJTf52p1/Ms0imZRHqJHqvb/142bi9eH33p78VqHnA7nWJJrycDmczq29kgsqc66nv6y1pEqqPx2pEt5G3qo91Cz2SpxtEMbHq1OmcEttaHWuQ2VLj/3dhvPdMjo8Ty35SP9XJca2/7ZbGktFV8Wfysu5a/55YrxP3rK438ym/ntLGOqyBVnSuc2n1xu+djKDW98NbLjbyU74Nf5Yb597/j3rLj+t4/V7lyPVtS4Y78XRasXaqvmj3ylR2pffTpl2c7zSCuqQ57/nZfW7tclz5e6XFG26fd/teLL4qNiKP/IbeP/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+1+R9K63vic5meRwkkfK5VrS3I76egaL7Shmkw6sWXN7F2vfP3ruzRV3czfv5dCepgMAAAAAAADAtrkw8cXHn3xYTtX/43vzf8VnyUDrP/19SQ4Xv+sfn5ibne5SUH9yNcmdcn5gazmU++Xh5eU75dLRrbcFANicfwcAAP//U9R2+g==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)='./file0/../file0/file0\x00', 0x0, 0x2809c11, 0x0)
mount$bind(&(0x7f00000006c0)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0xadc51, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r3, &(0x7f0000002140)={0x2020}, 0x2100)

518.792634ms ago: executing program 3:
syz_emit_vhci(0x0, 0x0)

409.717317ms ago: executing program 5:
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x169, 0x4)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000080)=0x7ff, 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="9fa6cc9078a4d4a74e98d287c82caac53eda90e60c94d8da181892a7fa8fcbf0a1a98fb726569e8de0fce82b0f4a9b678c48928ed16d705fe347d32b7e8183555a571c77fb079c50623893fbba9aa3502809442cae6f4e79b4bd150c1b3f6276774a21f40912a9036ad47ec13a4a4172bc9438e51f94cd8b75beaf584ce4a0ea9c3a339671483b828200980907e55efc3d526e041937e61b08f80f8419dc7f66872128a2491f35b47dbd3ed988", 0xad}, {&(0x7f0000001580)="a94392d6d86d71c32ee3db308f08fab8b2b5bb6e44c2c7f2058d9b82bbe0b6ff12925020aec66f94f0c40d36e24c9a190eeeb0791dc591141200a457549d475f6fc2e257d8f8ef2432595ba14e712a19fb90b8969c7477336357790ae522bfa09918eca0bece80411a03750ec63f684dd2545eef4c6bb7b650d259b27724bb2d40ba28ca29af18b8124192506f", 0x8d}, {&(0x7f0000000180)="66b1cc2d9ebcf7e42d4ecbb2f1605698caeb4f2bad0678374f64923db176b5899a26ae2c0a5bcc7fe8066549f82d7c2b", 0x30}, {&(0x7f0000001640)="c47bffece7719a411b2828ca2c3491987974e325d38356b11f05ea9671deb6ad9f896e3027ba2d6ac57424c324782eb3e96f0417ead9332193088d03b7c02c4259ed6005da3cc649541aac1aa70ce8fa92a5e837001576503ee133204faac3c2c3942ba847f94a0bb301367b648a38a4efa0598ccb6f186b90f63dcf15336f14ef7ec60511e94a226c14eb6288d79c40a3ee4f1e8fc14c", 0x97}], 0x4}}, {{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000001880)="68cd6415d798c355832795c900ee87dc29e27296af5d91a8ffc1e25df7b4edcbf0df6e62d772ece8185858e9ec0d1bec890f98ce42940b1421ddf4189e3a892c9017fe0e03cca86ecd9ddbdb638d223683793db857f9f96179b124dc780533440e1db50acc8432bd39a604c43fa6bd55af2d336db1a32a327910008756687b4b7e003d263d6ebd62639d3281ddc7d1580abf512ef46ebd9fe0c9bbd1a343d22ede1c156f1a21976207235d8ee8fa6265e4cf516cbea0351adba71b448ab31c5b179b157b9d474bd1b4f4c998e077609a2fff7db539d3c3d94ffd8ea7327719863803ed496c77437dc2062beaac648f8c9e80dfb152187b2882545e5fec6df2dc918e9faeeb6ead8661b727b26f178e946d4768a186ed2f742194abb31cde2818ee08019b6b2032b78a7b43e6b4daed626aaa65c64d27926f01e47d620738deb6993c8e30cda77b6270b38054da666e4a0d7a2813ca9c8c0588fd6bb53a8656ac2847416646c78ae14faea16edf0c067d7be51ccaa3144f1686bd92c43f7c468cdd88d507deebec1aed4ca73769b6c5c29313e819ed9daa4c34f7b97e82dc5cc0d7bac965b9a6062361b944d549e465afd0d6f6dd41227a96bcb38c5040e8a2d46fe7c1c8ec4bc2fca23f1dff70746305a9d8f70b6d5ef7cfe3f921da416c8cdb810dc76db80d34de50e6bf3079ecac544c97c4721f3572a6071bb070c7bd012453fe0986acd094a84f2372b263236408cb385870b5b48cb91c0afbb1ef8e871f4b1b29cd8471fac6ad9fd7797453436d4642efbfec549e0b40f8ae634b3dd8a07ce004b7c4bd31a18fe07f7f033e8db16e2ab50afc018cfb3ccc1eb355fd0ed718718f00ab8ef10f2c1ec76ba3c263808f9bdef1c4d76f8aa3320c9922cdd8f65ce948f43d90fc676fdea77fd25b69cf9b7656179be9000ef8e1654671f3e255d99222ece5950c78e90fd21c0ba513e0391472215fb30780d58696bcda7d2973cc85e1c26174e0b43cc178cbf7fd3e5102a254736b167e3c0da2c67468ecbfe106e6ff34792bc15b6d157bffa212c5979ad33bbcdc75ac14a70cb762744c1a8a716207df93b79779ca64a9986a2922e5f3a56bc826e2eb70506a68fc66807e7ba4e1b3f5b8008540ade5a2dc295029b61fc8d062a0474b4ac33c460af08dd97c70338b5b362fd260116be35ac7dbca76205b9157d03fe6b3f5ed406cedf51b1e400ed8a078a987edb2637f8dcbe4917c1f801316eedb0313a3d7d2e34acbda518891374912f68ffa06e718c1730f2f42a0c2af951bcffffd4cec41afb8b011030c2aa624be164c71c278363face03df0cf02a5ed88729b957655c50da362513c277b7bb8e8e994572e76f475c9e1faa559e94f85d6b08a6771cf85b8483d891bdad7aa335f57316b89b4da302a2dae53f5ee00ecd12377f5522694fddcfed29d516339f462e2990dceebe10147d9fbeb61673f48010d4e542d56b5e9810dfd92cdb56d5813e9df8daf6e6ad870c98627549bec2053b0d0693acfbfe448b62babc4e736886fd4259c30836dc0f79de1261335a5ab91a9d6d97bc2dcaa17c9ff1e752ae23e2765e835d7679fa39051fee656987e8e540563a3f8ae156f1c5303dd97484d9788e8a1b1b27b5146378d3820947750239eb002d0f2b44a64ff4cb0ac23a57974534c708edecc6c44ed45617f2dc134a2254b12883ee02c8c3dbab756615f02517b7a82c7b33dc169cf07e2e1d8056d3f905874388a3b0f1643a1d7578ea1dd8c15d318f946194f5713b20d259231ef451c6066294deffa4b230d8287e517dae682de9c61042543a0a3efdf0cb1c48499a86a626e9365a8bc7e714dc8704229a0bce2c18b15a522ade7c05e00342229d96f9126ec3075e3d3c430ab8c0e53cf654b150b3d7fb5ce62f60e4ec57fffa312fe1ce9cda8e8e6e10c112752881b1438632922a03e255a47d33aaff3c3e1f2092013d539a03f6405240ecda2c80a8e378eda4611889b8a3ebf450a23a668aaeddfd33265eef98642d3110aa95420d387537010143cd60f123fc9c3d107b5fc4ab43900667c1e395a3a0863a28d0661ad4cad39c5ecbd6df870cf37d6d77476f02c7e8e259f86210b35aa586a720f4f7f361f527a1fa3fc832673e478193e37f95c14d165e687c8070824b519503855ae5c69d128a2832ea72b60fd52898a0563581d7312b6ca32e702f42c07872d7d6d833dc191e487da719d7816a6b1bfc800514749335b9a5e6aeb71dc39d7de558831a0fdafa10aa50d007383a07b0f40a189c30a5d6313b3aa61c9aca029b8f406f5972ab8b989e92dba08fc89b9c7641645b17d50f6f40edc54d1cd7da9313906f2ffa084a70b17d5cfaa36213eb42be2e75e4380e0487fd3f5eaf1ce0adcf11ac2057063e85bb97de0b5371edef9cb6430294a8cd6188026db3fe739fbeaf324af9c6fd7ce1bc2c9ab38efba3a0c95b6b3af503174012d894c74accf1e240bffd8ce3041a1f1cc58996ecbede2c233ed2f39ef442e6907fbd0d71f071d93b38b46cda3af3152ccb54c6aa4e3da85db7bf96ff10f08cf106c62e3b75fb28cdc80dedae4274f773302eee5d6040df46d0ec5f7754cccf49e1e1374d0a5488f4cddd36941904caaf2711cf8976e6ac72472e897c94a9e9c56c81b83fa69b856f5c28025250f83a7b3569940d55d65ae529c715806bd1d6245679e07d16dcce36821f9073d92f618a1f69cb3d1019fd20aa89819ecd1f98adedc057a3744750d1a76f7f29cc336aeab75e243b070cdaeefef37acd2184bce3cc68f0707c039f3322f8e53ca89b1315f54618b32ab1aeef3143785d50f163221e6d779dbb7c4c9432390f9c1d9cdff40edcf56985237c912ebd20b331e3a2733a069a4171f0db64a875e404d2b1a3d7c47c493a827bc19dd67c446341fcd6aac06beb00c31ea3c3327283235ddcd76c7803b99b98ed3287c08ff6c0084ad708368ac474f48145c73a32d187194efc977c591f7ece9e38088a9f1a4ce271714b2fa96d212e7a6c07581dbbabf6bcecd43812919d684f3bdba4ddff337dbd9b68eb54bc6475c8be31cd5d933e9ea45f8d3e2e0b5ae822c94e3b968433a982d54838c6878eca9e0f55b3b4995c98ddb9e98df4f891bb353b5afa33a024f00d6e9580c3f8ee3da29c1b5e48761648ca135fcf6ce8c91c1889d0978e00ba3c17dc00db4252e08dcdc54f4e614d8097d1a2e07f1910e9a196befab2a82d479a1224cd236d8c125a22f29e4d5f0426f1c79f3a51355a1c2f619d91a7ab1a8cd24449b645887accda311b03d8d03341e023b8f33583fad6b463e7ff2e6d77864a9dffb0014f5e868d8b3df2755d62fada27579c91dd67834320b474aa3dc1d5da0fef7c4479cb0ff097c960bcf769553007ae4caff643ab5ed6d813b6ef1cdcac83ade3aa565e0788810cf3e9827c41a87530cb87d9a21ca5450f8f1e1cc4e7fb6dfe416e656b05af7127971b623a9d3864220c6a085ffe65770056744d213e068293167b3624af2d40949772fc95f11d3a78940f24d14ec49887b5e263d8d1f82eee79d9bfe9ff95da5f1bf037f1d9e9ada1eb6a967f730a7aee6fd8d0000a90208f90b0d6bc85310278566a31c1e97af4fcdc2b5798931f3511e191c81c35bbbeab5b9341b5d62fbe94b08a8ce7b317e55a3efc6e3ba57e79105c47412d94435345d760bd11b64301081a382df985232a820e8cf6b8d3ba0a2c5cafa610a4ee7c9a91933c1ed9742e855cfa8e42a4978de7b3f89db44d7bc235afed016aab5216a27eb88af716c9f29a0a963a126ab973e025e763e1f6e4bb18dd83e042849c8f7d77465c4ea69deb1c49b1ffa3ee36e7f56aaa7dd439a3e779b22635bf2d1ea9bf41b5c7297e78d17e68743fe927eae366db390cd38cfe692c4965723003bea89353f8bb89470772ca45037592778657ac2c97e50ad2226f288aa2746b9b6cbee5dab1e2154a1119c09214623c98d85a1a0d85b96877ba7c5d729a1a56c1e6d99a8da01435d635bb50703a07de64ffcf0e7ac88c0ad1feb99f3c4e9b4723caf3f625815f5eb96333c86ecd84d1b575f633b4e07196c35d01fbbab25575839747f7b56c09090306ac9879bba3dd026c7db6fbd6fd483e4b11c03d08051b14e8d1343d3c635a8e8e96c60e7010434adf0b19e802b351bb8aa1f1b8680dc06cf8a923e17545ea7f7212bd9e2af6eb2cabe41c1f54bddf91c7526fb68783c57dfe265449e4758dd4d17d4836a99f8aff24bcf65f480972885540e52557810c85ab98c7012187045c1e0b6d05cbe1c3d888ef742b3daad83e9c16f1d861d86d8de574a90a8202faaa4349f633fced11940f9ecb4fd311e08ab1217044df4590331b7b608543aa5895c85f03d06f200b63fc6f7d99a271530a7ecd6132d412e9d683ee38d82ab28b90bc4dc58f64307520c16cdf50cc00c269344193914ecd9f61e5f586f49bad06c7d5c56865fc844ee0889424130d049c2838189e2a31c7d998b117d95a3d9cc377fcefc24ac9efb8230a431030ab6808d907aee31d5f9db4969e14d28a951469a4bc82bc29e65182e3978ab7b0e82e19a479ae7f5d443b9bc9a94685bf4b739753b05caf6a34da385cfbe5da4cd7a8c2f997171d2548044aed05d73baeea3f103c8aef4b8b5f79ebb6099bcebe65137df91736d8f0f61e7650680666ca777c517619b850b3c805c6a465daef5388664c9e81cd0c2c79ac0a204dbee071170c80595c2f89e474c86d8b167256a9921737570ee4a86952af33ba1c9fc376453bc86a7d391274b8768a603e200ad0bd3584be0fd4c86803dfdbd1efa7479142e14ae38304e3b8037b5677bc00030cadf424c1343337f270434635ca1311c43742eac1d38888d832103cd967bf8291e6386eb2219c2c10e601038316f068918ffa216c0cc00db0a221533a8cd1d9c2fc3be7b6a6b83d7e8f5be52a2b8f4013b9f121104102282af1213df83760325cbc93a1d2657089a76f5fff113e302306a0323741905d258d459b4f19e82fbf3e523bfa9aee7ca7a3892fe6e45f3d7d33f45f92f01bc4c503e7d14b12447415bb78570e28c8896ee8479d83c4caca24d3c9063b1e0bda03a5bc04ab3eed341e288a8984d5aa4144d175715e1923ed737830a67355526bfa745b2677bca980baf1212d6a64717f11845d25f46fe4d73a9ce3a7dfd807f618c5551563db60baf71aa3336bfc04f359c2fda3ae61e32c9556b6f699ed204803a7128bb7429547acc4359a5d599f44cb6ceb1bf6c0b7a097ad5471d91affe71b90416b31d4fff6513492526365bda0615c7e3193392003c665600303bd8c0f1e29f2ce4c6dce5f925d2856296938ef2c69f2dab9ff0000ca6ff9700baec237cb43872772f9544e60ce7eb90b3ef0837a752b0a21ed2ecaaa4442cbe0a71daa968e051c037e7f16ee65521df40cae8b12193f739ae458ca33512f0fbace7567e3a3b27ffa7faaa516fc7c9c0fc235290f4baa06e1b10618e2f8679ac60fc4e5cca44b613767a4f2abe89bbe9f8a8c3b5ce082c176dfc3104b326d7293841cd232e98a13ca6a4ac42ab2f3204661a5042282715f45a19a512c0e17338cb82b8ee7ce9b6b2ec4d449d6276dfe4d98d1c8a166465645c3e268bdf1fffdf4da82a1c973d3658c24e0b27144e2d92fd8ffc85f1f602d4d117c3797a415ed45e67aa16864c7c4a94f493310646984c437e0c3f19e7d49040680e013d9a00317fcf1c1b75e8a2fa411ae82a2a0a868323d3aee48b1549aaa99f9cceff0c8902507ff0", 0x1000}, {&(0x7f0000002880)="67e34aebf089da6703a72875f5b1925e9ea463efdbf2aa856832e450ed6b6133a7d7bd2448b26eff4d0e2104f0f0f52f3a19128afcdbbb73ea3ed902f5ab654e6f910d9d0b54735345235a47c6c9955c4224596952226a0482ebeab5f513f44b1cde3bb53d8cbb3897bab5c0d7bba7a771dd895346fa7f3c93e4e524bb8a9ee971c9e22e5a879a6979c19370970606d4fe97452b257c206c", 0x98}, {&(0x7f0000002980)="464560866369c7bde89c76b0371f48ff46b142a249ba94e2da45963fd6cb741bd2e927a70e06bb2463ff71271832224567e9a1c866f9a905af172532c05e2b8505aa24e49b764b2756dfdb973e7fe967d851bf42658048e901c52fe7fec67243b30a8fdf46c7be30efb2060008fa4581a42967a76aaf577108c2a7039e2de1399cfd16f08d64fa48af999f114f9435f12ea9e61d7a0c4ad839788be4", 0x9c}, {&(0x7f0000002a40)="6617a7eb85cb23c859739fac3344a10c3f12f6cfa718d833a4b6c249fc8f0737b5b0453e578dd943bc890d1416dabde1cc624bbce774129455e305db55d6bdfdb61bccfde03adc60f9fdfc751b2ee7f488c8db03a6442003526ee42854324662bf19b0f037a75930ef881697e643a04d9d192ffc1273b0ad641f5f7c5a89c43bd316ab16a6fe87e020c2fa44768c7ef590b3101f7f695d11e339b12d0425a72fa8375deb759a7ebc237ff176f9912708410c51276e79900a7c2e9d7827dbbd8b2980bf264f83cd8e49269bc56167cde28db99b", 0xd3}, {&(0x7f0000000480)="61b0e85bf9388923dba82a0cba731251094c2571154ca9541e1dc57a6765fa3b79", 0x21}, {&(0x7f0000002b40)="179c473ac58ae6838d488a8069e73d82bee0bdc813a23ec84a4ec242ef6c7bc872ecba", 0x23}], 0x6}}, {{0x0, 0x0, &(0x7f0000002d80)=[{&(0x7f0000002c40)="cf652ae49830dc5237702184aa61bf8ee140de65b6bfe788c7408bb310aa66e9db1cf01aecb5359430d0eebeaf2f6f4ce1309767fdd2aa770c395701ec5d0222b919d5b4b78af1905879b43853a3ee2e94579ed629858b3d91958a10ffa3de78f7d5f3d1b5beb4f0ea9cf01838f21dae9bd57920c6d9887d5916a298b8837aaa2b007745f1472d69948d40c44f876cd88ad8404df219a44daf4723bdd2dbc2626f0a18b0698ebdda9b2cdce9b576e042bb8fdc8514", 0xb5}, {&(0x7f0000002d00)="50bc46210f13ad83d90cfb0ffc3d96480c077fa4226f9e4b017186a0ab62feafdb", 0x21}, {&(0x7f0000002d40)="633842cfad0bc852e902b1a6df833b575649572a948a00205b2dce73f5b49ac936269ce89b981115ddd1072c", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000002fc0)=[{&(0x7f0000002e80)="f3ba2f61e1144e92402ccba1beb3d435edceb234cf1ed29178e013f5c4f2bcd9cc8eab01dcb09f7862b16974b251853167ce08de13ac34dadedd7f837f4b3b85a56c5295ffd67483f6d37ef16961f7ea387264d333661a216d9dc59660ac19a1c0bec516d146f8ebee586dff231d58c81e8eedb38fd93410c0b074970dc4917b03cf48db268b99524dad235e92537a9a127884c7120ead66c911f1f6e14bf63ae97c55665896d05dc4d6f19aae3aa5e53786f21db18069d27c4600452c2abc88e297acce162867578c96409bd35c71d5c7385c1008945f1f53bb1506592ea46b601201781cbf2163da6312d8", 0xec}, {&(0x7f0000002f80)="8e729c466da27c9a10", 0x9}], 0x2}}, {{0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f00000030c0)="a2034664a00d9041a85060d6f48a23d79f39220e1608a165bfb48b2ecb2739e8f1c098368d606d2e82cbad18d7e911af2af88f26946185829ab2f6e93e55c8a0f72754bed057335a5fbb733136263a6899464370e7e990a471d2172a24959eba65bc56471d1af85f481c4c22e505df6e1d73958b6daf5625287085ce9c6b2b03a0365e633eea971b40f234b270287b4ed14977b714dcf16dd8847474ba35b4e1741d3b2ab8000df4ece54c479db15d3345955baadd4b93ba", 0xb8}], 0x1}}], 0x5, 0x44084)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0)

224.17226ms ago: executing program 0:
r0 = syz_open_dev$media(&(0x7f0000000040), 0x9, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000000)=<r1=>0xffffffffffffffff)
ioctl$MEDIA_REQUEST_IOC_QUEUE(r1, 0x7c80, 0x0)

218.411673ms ago: executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)

17.535349ms ago: executing program 3:
syz_io_uring_setup(0xd79, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000003580)=<r1=>0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000300)=@in={0x2, 0x0, @local}})
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x8, &(0x7f0000000000), 0x4)

10.400411ms ago: executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x8711, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast2, @loopback}}}})

0s ago: executing program 0:
openat$ttyS3(0xffffff9c, &(0x7f00000022c0), 0xc80, 0x0)

kernel console output (not intermixed with test programs):

ee clusters
[   89.416263][ T5256] bcachefs (loop2): journal_replay... done
[   89.456601][ T5263] bcachefs (loop4): alloc_read... done
[   89.490405][ T5256] bcachefs (loop2): resume_logged_ops... done
[   89.517641][ T5263] bcachefs (loop4): stripes_read... done
[   89.528186][ T5256] bcachefs (loop2): going read-write
[   89.528788][ T5286] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[   89.552151][ T5256] bcachefs (loop2): bch2_copygc_start(): error creating copygc thread EINTR
[   89.576827][ T5263] bcachefs (loop4): snapshots_read... done
[   89.596866][ T5256] bcachefs (loop2): error starting copygc thread
[   89.611854][ T5256] bcachefs (loop2): going read-only
[   89.618787][ T5263] bcachefs (loop4): journal_replay... done
[   89.620544][ T5286] EXT4-fs (loop0): This should not happen!! Data will be lost
[   89.620544][ T5286] 
[   89.636867][ T5256] bcachefs (loop2): finished waiting for writes to stop
[   89.650432][ T5263] bcachefs (loop4): resume_logged_ops... done
[   89.659393][ T5256] bcachefs (loop2): flushing journal and stopping allocators, journal seq 8
[   89.695020][ T5256] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 8
[   89.700733][ T5263] bcachefs (loop4): going read-write
[   89.719217][ T5286] EXT4-fs (loop0): Total free blocks count 0
[   89.739869][ T5256] bcachefs (loop2): shutdown complete, journal seq 9
[   89.748064][ T5256] bcachefs (loop2): marking filesystem clean
[   89.756939][ T5286] EXT4-fs (loop0): Free/Dirty block details
[   89.758058][ T5263] bcachefs (loop4): done starting filesystem
[   89.771536][ T5286] EXT4-fs (loop0): free_blocks=2415919120
[   89.791858][ T5256] bcachefs (loop2): bch2_fs_start(): error starting filesystem EINTR
[   89.829458][ T5286] EXT4-fs (loop0): dirty_blocks=16
[   89.855927][ T5256] bcachefs (loop2): shutting down
[   89.881245][ T5286] EXT4-fs (loop0): Block reservation details
[   89.915816][ T5111] bcachefs (loop4): shutting down
[   89.947761][ T5286] EXT4-fs (loop0): i_reserved_data_blocks=1
[   89.958889][ T5111] bcachefs (loop4): going read-only
[   89.987307][ T5111] bcachefs (loop4): finished waiting for writes to stop
[   89.991816][ T5256] bcachefs (loop2): shutdown complete
[   90.049200][ T5111] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10
[   90.089430][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.103212][ T5111] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10
[   90.144834][ T5111] bcachefs (loop4): shutdown complete, journal seq 11
[   90.166760][ T5111] bcachefs (loop4): marking filesystem clean
[   90.290781][ T5111] bcachefs (loop4): shutdown complete
[   90.366414][ T5292] loop1: detected capacity change from 0 to 32768
[   90.427442][ T5292] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5292)
[   90.652877][ T5292] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   90.670431][ T5294] loop3: detected capacity change from 0 to 32768
[   90.697725][ T5292] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[   90.724756][ T5292] BTRFS info (device loop1): using free-space-tree
[   90.757450][ T5294] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (5294)
[   90.891104][ T5294] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.943064][ T5294] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[   91.012497][ T5294] BTRFS info (device loop3): using free-space-tree
[   91.474862][   T29] audit: type=1804 audit(1716881040.237:3): pid=5339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1211045704/syzkaller.Hl7wtF/2/file0/bus" dev="loop1" ino=263 res=1 errno=0
[   91.506328][ T5300] loop5: detected capacity change from 0 to 32768
[   91.841376][ T5172] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   92.028545][ T5109] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   92.101799][ T5172] usb 3-1: Using ep0 maxpacket: 32
[   92.108018][ T5122] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   92.137028][ T5172] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.186208][ T5172] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[   92.214261][ T5172] usb 3-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[   92.228084][ T5172] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.314518][ T5304] loop0: detected capacity change from 0 to 32768
[   92.361394][ T5304] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (5304)
[   92.381272][ T5172] usb 3-1: config 0 descriptor??
[   92.455813][ T5172] usb 3-1: bad CDC descriptors
[   92.471913][ T5172] cdc_acm 3-1:0.0: Control and data interfaces are not separated!
[   92.495845][ T5172] cdc_acm 3-1:0.0: This needs exactly 3 endpoints
[   92.536656][ T5304] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   92.547621][ T5172] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22
[   92.559130][ T5350] loop3: detected capacity change from 0 to 64
[   92.676462][ T5304] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   92.736345][ T5304] BTRFS info (device loop0): using free-space-tree
[   92.749762][   T58] usb 3-1: USB disconnect, device number 2
[   93.349287][   T29] audit: type=1804 audit(1716881042.097:4): pid=5373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1434313591/syzkaller.1TW1eb/3/file0/bus" dev="loop0" ino=263 res=1 errno=0
[   93.687590][ T5116] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.781332][ T5172] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   93.881407][   T58] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   93.995189][ T5172] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.036873][ T5172] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   94.044740][ T5349] loop4: detected capacity change from 0 to 32768
[   94.060661][ T5172] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.084689][ T5349] =======================================================
[   94.084689][ T5349] WARNING: The mand mount option has been deprecated and
[   94.084689][ T5349]          and is ignored by this kernel. Remove the mand
[   94.084689][ T5349]          option from the mount to silence this warning.
[   94.084689][ T5349] =======================================================
[   94.143894][   T58] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   94.153247][ T5172] usb 2-1: Product: syz
[   94.171355][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.181753][ T5172] usb 2-1: Manufacturer: syz
[   94.197559][ T5172] usb 2-1: SerialNumber: syz
[   94.242301][   T58] usb 3-1: config 0 descriptor??
[   94.263186][ T5349] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5349)
[   94.310255][   T58] cp210x 3-1:0.0: cp210x converter detected
[   94.385328][ T5349] BTRFS info (device loop4): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[   94.443952][ T5349] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[   94.483481][ T5349] BTRFS info (device loop4): using free-space-tree
[   94.717789][   T58] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[   94.732640][   T58] cp210x 3-1:0.0: failed to get vendor val 0x370c size 73: -121
[   94.740350][   T58] cp210x 3-1:0.0: GPIO initialisation failed: -121
[   94.772366][   T58] usb 3-1: cp210x converter now attached to ttyUSB0
[   94.857023][ T5172] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS
[   94.885884][ T5172] cdc_ncm 2-1:1.0: bind() failure
[   94.932546][ T5172] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[   94.939396][ T5172] cdc_ncm 2-1:1.1: bind() failure
[   94.970294][   T29] audit: type=1804 audit(1716881043.727:5): pid=5402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/1/file0/bus" dev="loop4" ino=263 res=1 errno=0
[   94.994418][ T5172] usb 2-1: USB disconnect, device number 2
[   95.040860][ T5227] usb 3-1: USB disconnect, device number 3
[   95.074149][ T5227] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   95.091895][   T29] audit: type=1804 audit(1716881043.777:6): pid=5349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/1/file0/bus" dev="loop4" ino=263 res=1 errno=0
[   95.127937][ T5378] loop5: detected capacity change from 0 to 32768
[   95.152509][ T5227] cp210x 3-1:0.0: device disconnected
[   95.212487][ T5372] loop3: detected capacity change from 0 to 32768
[   95.221116][   T29] audit: type=1804 audit(1716881043.787:7): pid=5349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/1/file0/bus" dev="loop4" ino=263 res=1 errno=0
[   95.257822][   T29] audit: type=1804 audit(1716881043.817:8): pid=5349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/1/file0/bus" dev="loop4" ino=263 res=1 errno=0
[   95.293075][ T5372] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 1ef4af3a should be 29d2fb78
[   95.425841][ T5384] loop0: detected capacity change from 0 to 32768
[   95.544757][ T5111] BTRFS info (device loop4): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[   95.550107][ T5378] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[   95.572571][ T5378] bcachefs (loop5): recovering from clean shutdown, journal seq 10
[   95.613998][ T5372] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[   95.632229][ T5384] bcachefs (076a1832-646e-4f3c-b13d-b3e266154efd): filesystem UUID already open
[   95.680940][ T5423] loop1: detected capacity change from 0 to 2048
[   95.684262][ T5372] bcachefs (loop3): recovering from clean shutdown, journal seq 7
[   95.690644][ T5384] bcachefs (076a1832-646e-4f3c-b13d-b3e266154efd): shutdown complete
[   95.748879][ T5423] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.786741][ T5378] bcachefs (loop5): alloc_read... done
[   95.804801][ T5378] bcachefs (loop5): stripes_read... done
[   95.845009][ T5378] bcachefs (loop5): snapshots_read... done
[   95.876014][ T5372] bcachefs (loop3): alloc_read... done
[   95.925389][ T5372] bcachefs (loop3): stripes_read... done
[   95.933395][ T5372] bcachefs (loop3): snapshots_read... done
[   95.939677][ T5423] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   95.942309][ T5378] bcachefs (loop5): journal_replay...
[   95.957680][ T5372] bcachefs (loop3): journal_replay...
[   95.981384][ T5378]  done
[   95.989734][ T5372]  done
[   96.003708][ T5378] bcachefs (loop5): resume_logged_ops... done
[   96.009214][ T5423] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[   96.018749][ T5372] bcachefs (loop3): resume_logged_ops...
[   96.041449][ T5378] bcachefs (loop5): going read-write
[   96.045931][ T5423] EXT4-fs (loop1): This should not happen!! Data will be lost
[   96.045931][ T5423] 
[   96.047186][ T5372]  done
[   96.080521][ T5423] EXT4-fs (loop1): Total free blocks count 0
[   96.094909][ T5423] EXT4-fs (loop1): Free/Dirty block details
[   96.109471][ T5372] bcachefs (loop3): going read-write
[   96.120534][ T5423] EXT4-fs (loop1): free_blocks=2415919120
[   96.124868][ T5378] bcachefs (loop5): done starting filesystem
[   96.150408][ T5423] EXT4-fs (loop1): dirty_blocks=16
[   96.150861][ T5372] bcachefs (loop3): done starting filesystem
[   96.165045][ T5423] EXT4-fs (loop1): Block reservation details
[   96.195972][ T5423] EXT4-fs (loop1): i_reserved_data_blocks=1
[   96.354729][ T5122] bcachefs (loop3): shutting down
[   96.357396][   T29] audit: type=1800 audit(1716881045.117:9): pid=5378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=1073741829 res=0 errno=0
[   96.363936][ T5122] bcachefs (loop3): going read-only
[   96.389428][ T5122] bcachefs (loop3): finished waiting for writes to stop
[   96.423116][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 7
[   96.434419][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 7
[   96.453125][ T5109] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.476844][ T5122] bcachefs (loop3): shutdown complete, journal seq 8
[   96.519518][ T5122] bcachefs (loop3): marking filesystem clean
[   96.558463][ T5112] bcachefs (loop5): shutting down
[   96.563761][ T5112] bcachefs (loop5): going read-only
[   96.568979][ T5112] bcachefs (loop5): finished waiting for writes to stop
[   96.610957][ T5112] bcachefs (loop5): flushing journal and stopping allocators, journal seq 11
[   96.662816][ T5112] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 12
[   96.714306][ T5112] bcachefs (loop5): shutdown complete, journal seq 13
[   96.722234][ T5112] bcachefs (loop5): marking filesystem clean
[   96.748835][ T5122] bcachefs (loop3): shutdown complete
[   96.864135][   T29] audit: type=1800 audit(1716881045.627:10): pid=5384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1954 res=0 errno=0
[   96.932294][   T29] audit: type=1800 audit(1716881045.647:11): pid=5384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1954 res=0 errno=0
[   96.943319][ T5112] bcachefs (loop5): shutdown complete
[   97.713684][ T5438] loop4: detected capacity change from 0 to 32768
[   97.750566][ T5434] loop2: detected capacity change from 0 to 32768
[   98.009968][ T5438] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[   98.101840][ T5438] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[   98.141035][ T5434] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[   98.193925][ T5434] bcachefs (loop2): recovering from clean shutdown, journal seq 8
[   98.240532][ T5438] bcachefs (loop4): alloc_read... done
[   98.258153][ T5438] bcachefs (loop4): stripes_read... done
[   98.269652][ T5440] loop1: detected capacity change from 0 to 32768
[   98.298751][ T5440] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5440)
[   98.303789][ T5438] bcachefs (loop4): snapshots_read...
[   98.341626][ T5434] bcachefs (loop2): alloc_read... done
[   98.350473][ T5438]  done
[   98.377369][ T5440] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   98.386639][ T5438] bcachefs (loop4): journal_replay... done
[   98.397767][ T5434] bcachefs (loop2): stripes_read... done
[   98.413833][ T5440] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[   98.422470][ T5438] bcachefs (loop4): resume_logged_ops... done
[   98.422628][ T5438] bcachefs (loop4): going read-write
[   98.434211][ T5434] bcachefs (loop2): snapshots_read... done
[   98.455816][ T5440] BTRFS info (device loop1): using free-space-tree
[   98.459583][ T5434] bcachefs (loop2): journal_replay... done
[   98.487517][ T5434] bcachefs (loop2): resume_logged_ops... done
[   98.565947][ T5438] bcachefs (loop4): done starting filesystem
[   98.606701][ T5434] bcachefs (loop2): going read-write
[   98.624200][ T5434] bcachefs (loop2): done starting filesystem
[   98.722893][   T29] audit: type=1800 audit(1716881047.487:12): pid=5438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=4098 res=0 errno=0
[   98.831713][ T5442] loop0: detected capacity change from 0 to 32768
[   98.865795][ T5111] bcachefs (loop4): shutting down
[   98.872224][ T5111] bcachefs (loop4): going read-only
[   98.877538][ T5111] bcachefs (loop4): finished waiting for writes to stop
[   98.904373][ T5111] bcachefs (loop4): flushing journal and stopping allocators, journal seq 11
[   98.920546][ T5110] bcachefs (loop2): shutting down
[   98.931509][ T5110] bcachefs (loop2): going read-only
[   98.936801][ T5110] bcachefs (loop2): finished waiting for writes to stop
[   98.985637][ T5111] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 13
[   99.011117][   T29] audit: type=1800 audit(1716881047.747:13): pid=5440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=263 res=0 errno=0
[   99.044987][ T5110] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10
[   99.079615][   T29] audit: type=1804 audit(1716881047.757:14): pid=5440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1211045704/syzkaller.Hl7wtF/5/file0/bus" dev="loop1" ino=263 res=1 errno=0
[   99.110718][ T5110] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10
[   99.124024][ T5111] bcachefs (loop4): shutdown complete, journal seq 14
[   99.124964][ T5111] bcachefs (loop4): marking filesystem clean
[   99.184836][ T5442] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): filesystem UUID already open
[   99.197666][ T5442] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): shutdown complete
[   99.240040][ T5110] bcachefs (loop2): shutdown complete, journal seq 11
[   99.272896][ T5111] bcachefs (loop4): shutdown complete
[   99.274420][ T5110] bcachefs (loop2): marking filesystem clean
[   99.324490][   T63] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[   99.492771][ T5109] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   99.528848][ T5110] bcachefs (loop2): shutdown complete
[   99.873306][ T5458] loop3: detected capacity change from 0 to 32768
[   99.953720][ T5458] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 1ef4af3a should be 29d2fb78
[  100.171480][   T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  100.332139][ T5477] loop5: detected capacity change from 0 to 32768
[  100.364486][ T5477] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (5477)
[  100.379888][   T25] usb 2-1: Using ep0 maxpacket: 32
[  100.382212][ T5458] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  100.382464][ T5458] bcachefs (loop3): recovering from clean shutdown, journal seq 7
[  100.402433][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.402491][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  100.402543][   T25] usb 2-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[  100.402572][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.472741][   T25] usb 2-1: config 0 descriptor??
[  100.483955][   T25] usb 2-1: bad CDC descriptors
[  100.489286][   T25] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[  100.580654][   T25] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[  100.608235][ T5477] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  100.631426][   T25] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[  100.653659][ T5477] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  100.689151][ T5458] bcachefs (loop3): alloc_read... done
[  100.703659][   T25] usb 2-1: USB disconnect, device number 3
[  100.717771][ T5458] bcachefs (loop3): stripes_read... done
[  100.722388][ T5477] BTRFS info (device loop5): using free-space-tree
[  100.760436][ T5458] bcachefs (loop3): snapshots_read... done
[  100.807131][ T5458] bcachefs (loop3): journal_replay... done
[  100.856932][ T5458] bcachefs (loop3): resume_logged_ops... done
[  100.871547][ T5458] bcachefs (loop3): going read-write
[  100.903645][ T5458] bcachefs (loop3): done starting filesystem
[  101.366896][ T5122] bcachefs (loop3): shutting down
[  101.380298][ T5112] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  101.386552][ T5122] bcachefs (loop3): going read-only
[  101.441963][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  101.481890][ T5227] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  101.504767][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 9
[  101.555271][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10
[  101.587124][ T5528] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  101.598772][ T5528] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  101.616955][ T5122] bcachefs (loop3): shutdown complete, journal seq 11
[  101.646491][ T5122] bcachefs (loop3): marking filesystem clean
[  101.691361][ T5227] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  101.725696][ T5227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.775440][ T5227] usb 3-1: config 0 descriptor??
[  101.808716][ T5227] cp210x 3-1:0.0: cp210x converter detected
[  101.884695][ T5530] loop1: detected capacity change from 0 to 2048
[  101.907550][ T5122] bcachefs (loop3): shutdown complete
[  101.972151][ T5502] loop4: detected capacity change from 0 to 32768
[  101.985580][ T5530] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.031538][ T5502] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5502)
[  102.116590][ T5502] BTRFS info (device loop4): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  102.155169][ T5530] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  102.171421][ T5502] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  102.171466][ T5502] BTRFS info (device loop4): using free-space-tree
[  102.217694][ T5227] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  102.228507][ T5227] cp210x 3-1:0.0: failed to get vendor val 0x370c size 73: -121
[  102.236421][ T5227] cp210x 3-1:0.0: GPIO initialisation failed: -121
[  102.295309][ T5530] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[  102.313855][ T5227] usb 3-1: cp210x converter now attached to ttyUSB0
[  102.325559][ T5530] EXT4-fs (loop1): This should not happen!! Data will be lost
[  102.325559][ T5530] 
[  102.383604][ T5530] EXT4-fs (loop1): Total free blocks count 0
[  102.421392][ T5530] EXT4-fs (loop1): Free/Dirty block details
[  102.424710][ T5513] loop0: detected capacity change from 0 to 32768
[  102.432190][ T5530] EXT4-fs (loop1): free_blocks=2415919120
[  102.463220][ T5530] EXT4-fs (loop1): dirty_blocks=16
[  102.469033][ T5513] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (5513)
[  102.482891][ T5530] EXT4-fs (loop1): Block reservation details
[  102.482915][ T5530] EXT4-fs (loop1): i_reserved_data_blocks=1
[  102.521407][   T25] usb 3-1: USB disconnect, device number 4
[  102.547122][   T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  102.548882][ T5513] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  102.581789][ T5173] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  102.595262][   T25] cp210x 3-1:0.0: device disconnected
[  102.623500][ T5513] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  102.678760][ T5109] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.695059][   T29] audit: type=1804 audit(1716881051.457:15): pid=5502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/4/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  102.719936][ T5513] BTRFS info (device loop0): using free-space-tree
[  102.747954][   T29] audit: type=1804 audit(1716881051.487:16): pid=5502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/4/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  102.776390][   T29] audit: type=1804 audit(1716881051.487:17): pid=5502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/4/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  102.812614][ T5173] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.875268][ T5173] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  102.903383][   T29] audit: type=1804 audit(1716881051.497:18): pid=5502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/4/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  102.934941][ T5173] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.954457][ T5173] usb 6-1: Product: syz
[  102.987763][ T5173] usb 6-1: Manufacturer: syz
[  103.007789][ T5173] usb 6-1: SerialNumber: syz
[  103.119297][   T29] audit: type=1800 audit(1716881051.877:19): pid=5569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1948 res=0 errno=0
[  103.336922][ T5111] BTRFS info (device loop4): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  103.501538][ T5116] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.671640][ T5173] cdc_ncm 6-1:1.0: failed GET_NTB_PARAMETERS
[  103.677754][ T5173] cdc_ncm 6-1:1.0: bind() failure
[  103.784438][ T5173] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  103.829566][ T5173] cdc_ncm 6-1:1.1: bind() failure
[  103.868502][ T5173] usb 6-1: USB disconnect, device number 2
[  104.465305][ T5571] loop1: detected capacity change from 0 to 32768
[  104.545098][ T5571] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5571)
[  104.635058][ T5571] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  104.674559][ T5571] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  104.701313][ T5571] BTRFS info (device loop1): using free-space-tree
[  104.741957][ T5585] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  104.770918][ T5585] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.0'.
[  104.784652][ T5227] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  104.794449][ T5573] loop2: detected capacity change from 0 to 32768
[  104.860011][ T5573] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (5573)
[  104.984652][ T5573] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  105.036111][ T5227] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.047176][ T5573] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  105.053050][ T5227] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.073641][ T5227] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.108422][ T5227] usb 6-1: Product: syz
[  105.118623][ T5573] BTRFS info (device loop2): using free-space-tree
[  105.132870][ T5227] usb 6-1: Manufacturer: syz
[  105.153059][ T5227] usb 6-1: SerialNumber: syz
[  105.220572][   T29] audit: type=1804 audit(1716881053.977:20): pid=5571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1211045704/syzkaller.Hl7wtF/9/file0/bus" dev="loop1" ino=263 res=1 errno=0
[  105.486085][ T5579] loop4: detected capacity change from 0 to 32768
[  105.497449][ T5109] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  105.605027][ T5579] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  105.746215][   T29] audit: type=1800 audit(1716881054.507:21): pid=5573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="overlay" ino=1975 res=0 errno=0
[  105.934210][ T5579] XFS (loop4): Ending clean mount
[  105.974655][ T5577] loop3: detected capacity change from 0 to 32768
[  106.058994][ T5227] cdc_ncm 6-1:1.0: bind() failure
[  106.077644][ T5227] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  106.134436][ T5110] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  106.135064][ T5579] XFS (loop4): Quotacheck needed: Please wait.
[  106.152913][ T5227] cdc_ncm 6-1:1.1: bind() failure
[  106.192166][ T5577] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  106.213492][ T5577] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  106.257795][ T5227] usb 6-1: USB disconnect, device number 3
[  106.410615][ T5577] bcachefs (loop3): alloc_read... done
[  106.452814][ T5577] bcachefs (loop3): stripes_read... done
[  106.470342][ T5577] bcachefs (loop3): snapshots_read... done
[  106.480670][ T5579] XFS (loop4): Quotacheck: Done.
[  106.515648][ T5577] bcachefs (loop3): journal_replay... done
[  106.537302][ T5577] bcachefs (loop3): resume_logged_ops... done
[  106.578518][ T5577] bcachefs (loop3): going read-write
[  106.616024][ T5577] bcachefs (loop3): done starting filesystem
[  106.752293][   T29] audit: type=1800 audit(1716881055.517:22): pid=5577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=4098 res=0 errno=0
[  106.853422][ T5111] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  107.001529][ T5122] bcachefs (loop3): shutting down
[  107.006604][ T5122] bcachefs (loop3): going read-only
[  107.032456][ T5621] loop0: detected capacity change from 0 to 32768
[  107.040411][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  107.092015][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12
[  107.118272][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 13
[  107.212432][ T5122] bcachefs (loop3): shutdown complete, journal seq 14
[  107.252826][ T5122] bcachefs (loop3): marking filesystem clean
[  107.273062][ T5227] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  107.307039][ T5621] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  107.354645][ T5621] bcachefs (loop0): recovering from clean shutdown, journal seq 8
[  107.413081][ T5122] bcachefs (loop3): shutdown complete
[  107.476378][ T5621] bcachefs (loop0): alloc_read... done
[  107.509956][ T5621] bcachefs (loop0): stripes_read... done
[  107.519469][ T5227] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  107.556460][ T5227] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  107.558572][ T5652] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  107.570060][ T5621] bcachefs (loop0): snapshots_read...
[  107.600938][ T5227] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  107.615249][ T5653] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  107.626188][ T5621]  done
[  107.646764][ T5621] bcachefs (loop0): journal_replay... done
[  107.673431][ T5227] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  107.687503][ T5621] bcachefs (loop0): resume_logged_ops... done
[  107.709123][ T5227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.736032][ T5621] bcachefs (loop0): going read-write
[  107.761228][ T5227] usb 3-1: config 0 descriptor??
[  107.772264][ T5643] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  107.779767][ T5621] bcachefs (loop0): done starting filesystem
[  107.875112][ T5637] loop1: detected capacity change from 0 to 32768
[  107.916393][ T5637] bcachefs (/dev/loop1): error reading default superblock: checksum error, type crc32c_nonzero: got 2859f616 should be 29d2fb78
[  108.063188][ T5643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.213694][ T5643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.359378][ T5621] syz-executor.0 (5621) used greatest stack depth: 15320 bytes left
[  108.376620][ T5637] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  108.401488][ T5637] bcachefs (loop1): recovering from clean shutdown, journal seq 7
[  108.441914][ T5116] bcachefs (loop0): shutting down
[  108.447139][ T5116] bcachefs (loop0): going read-only
[  108.465730][ T5116] bcachefs (loop0): finished waiting for writes to stop
[  108.489910][ T5116] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10
[  108.516553][ T5641] loop5: detected capacity change from 0 to 32768
[  108.536765][ T5116] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 11
[  108.541322][ T5641] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (5641)
[  108.561360][ T5637] bcachefs (loop1): alloc_read... done
[  108.575713][ T5637] bcachefs (loop1): stripes_read... done
[  108.585055][ T5116] bcachefs (loop0): shutdown complete, journal seq 12
[  108.597685][ T5116] bcachefs (loop0): marking filesystem clean
[  108.602490][ T5637] bcachefs (loop1): snapshots_read... done
[  108.633587][ T5641] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  108.649027][ T5637] bcachefs (loop1): going read-write
[  108.667536][ T5116] bcachefs (loop0): shutdown complete
[  108.679266][ T5641] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  108.688884][ T5173] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  108.696524][ T5637] bcachefs (loop1): journal_replay... done
[  108.735949][ T5227] usbhid 3-1:0.0: can't add hid device: -71
[  108.742600][ T5637] bcachefs (loop1): resume_logged_ops... done
[  108.763440][ T5227] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  108.764856][ T5641] BTRFS info (device loop5): using free-space-tree
[  108.783150][ T5227] usb 3-1: USB disconnect, device number 5
[  108.825981][ T5637] bcachefs (loop1): delete_dead_inodes... done
[  108.849993][ T5637] bcachefs (loop1): done starting filesystem
[  109.009547][ T5173] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  109.038641][ T5662] loop4: detected capacity change from 0 to 32768
[  109.052241][ T5662] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5662)
[  109.069761][ T5109] bcachefs (loop1): shutting down
[  109.084276][ T5662] BTRFS info (device loop4): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  109.091563][ T5173] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.111455][ T5662] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  109.138076][ T5109] bcachefs (loop1): going read-only
[  109.144536][ T5109] bcachefs (loop1): finished waiting for writes to stop
[  109.165875][ T5173] usb 4-1: config 0 descriptor??
[  109.171284][ T5662] BTRFS info (device loop4): using free-space-tree
[  109.188056][ T5173] cp210x 4-1:0.0: cp210x converter detected
[  109.215391][ T5109] bcachefs (loop1): flushing journal and stopping allocators, journal seq 12
[  109.267365][   T29] audit: type=1800 audit(1716881058.027:23): pid=5641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=263 res=0 errno=0
[  109.292722][ T5109] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 13
[  109.341514][ T5109] bcachefs (loop1): shutdown complete, journal seq 14
[  109.401809][ T5109] bcachefs (loop1): marking filesystem clean
[  109.416310][   T29] audit: type=1804 audit(1716881058.077:24): pid=5641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3058478698/syzkaller.FipIiL/8/file0/bus" dev="loop5" ino=263 res=1 errno=0
[  109.510260][   T51] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  109.595699][ T5173] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  109.624354][ T5173] cp210x 4-1:0.0: failed to get vendor val 0x370c size 73: -121
[  109.637450][ T5173] cp210x 4-1:0.0: GPIO initialisation failed: -121
[  109.642797][ T5112] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  109.667836][ T5109] bcachefs (loop1): shutdown complete
[  109.670925][ T5173] usb 4-1: cp210x converter now attached to ttyUSB0
[  109.711553][   T29] audit: type=1804 audit(1716881058.467:25): pid=5662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/7/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  109.831239][ T5172] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  109.873298][ T5227] usb 4-1: USB disconnect, device number 3
[  109.896688][   T29] audit: type=1804 audit(1716881058.497:26): pid=5662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/7/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  109.905911][ T5227] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  110.033532][   T29] audit: type=1804 audit(1716881058.517:27): pid=5662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/7/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  110.052764][ T5227] cp210x 4-1:0.0: device disconnected
[  110.088107][ T5172] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  110.131257][ T5172] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.178515][   T29] audit: type=1804 audit(1716881058.527:28): pid=5662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/7/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  110.206251][ T5172] usb 1-1: config 0 descriptor??
[  110.264277][ T5172] cp210x 1-1:0.0: cp210x converter detected
[  110.543535][ T5111] BTRFS info (device loop4): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  110.655291][ T5172] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  110.708061][ T5172] cp210x 1-1:0.0: failed to get vendor val 0x370c size 73: -121
[  110.731330][ T5172] cp210x 1-1:0.0: GPIO initialisation failed: -121
[  110.779652][ T5172] usb 1-1: cp210x converter now attached to ttyUSB0
[  110.910157][ T5178] usb 1-1: USB disconnect, device number 2
[  110.952663][ T5178] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  110.986383][ T5178] cp210x 1-1:0.0: device disconnected
[  111.407062][ T5722] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  111.449445][ T5722] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.4'.
[  111.968998][ T5718] loop3: detected capacity change from 0 to 32768
[  112.031563][ T5718] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (5718)
[  112.108435][ T5718] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  112.134880][ T5718] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  112.168020][ T5718] BTRFS info (device loop3): using free-space-tree
[  112.193643][ T5720] loop5: detected capacity change from 0 to 32768
[  112.251766][ T5720] BTRFS: device /dev/loop5 (7:5) using temp-fsid 4858b1af-5450-416a-9727-39535bb19df8
[  112.262524][ T5720] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (5720)
[  112.311024][ T5720] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  112.327371][ T5716] loop2: detected capacity change from 0 to 32768
[  112.331327][ T5720] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  112.351251][ T5720] BTRFS info (device loop5): using free-space-tree
[  112.448942][ T5716] BTRFS: device /dev/loop2 (7:2) using temp-fsid 13e36aa7-44fe-4d1c-85e5-b92c093d802d
[  112.541683][ T5729] loop4: detected capacity change from 0 to 8192
[  112.545444][ T5716] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (5716)
[  112.696644][ T5727] loop0: detected capacity change from 0 to 32768
[  112.730450][ T5716] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  112.731358][ T5351] I/O error, dev loop4, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  112.790774][ T5716] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  112.811417][ T5716] BTRFS info (device loop2): using free-space-tree
[  112.822222][ T5727] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.896966][   T29] audit: type=1800 audit(1716881061.657:29): pid=5720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=263 res=0 errno=0
[  113.056192][ T5726] loop1: detected capacity change from 0 to 32768
[  113.083009][ T5726] BTRFS: device /dev/loop1 (7:1) using temp-fsid 2b76b004-316b-429f-a348-5735a79239a5
[  113.091333][   T29] audit: type=1804 audit(1716881061.687:30): pid=5720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3058478698/syzkaller.FipIiL/9/file0/bus" dev="loop5" ino=263 res=1 errno=0
[  113.107103][ T5726] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5726)
[  113.156935][ T5122] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  113.165050][ T5726] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  113.184516][ T5726] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  113.274000][ T5726] BTRFS info (device loop1): using free-space-tree
[  113.274229][   T29] audit: type=1800 audit(1716881061.717:31): pid=5729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1971 res=0 errno=0
[  113.379435][ T5112] BTRFS info (device loop5): last unmount of filesystem 4858b1af-5450-416a-9727-39535bb19df8
[  113.425271][   T11] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  113.512201][   T29] audit: type=1800 audit(1716881062.267:32): pid=5716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=263 res=0 errno=0
[  113.651620][   T29] audit: type=1804 audit(1716881062.267:33): pid=5716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3381517805/syzkaller.HsdmiF/11/file0/bus" dev="loop2" ino=263 res=1 errno=0
[  113.685791][ T5727] XFS (loop0): Ending clean mount
[  113.748531][ T5727] XFS (loop0): Quotacheck needed: Please wait.
[  113.763588][   T11] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[  113.847711][   T29] audit: type=1800 audit(1716881062.607:34): pid=5808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="overlay" ino=1957 res=0 errno=0
[  113.898719][ T5727] XFS (loop0): Quotacheck: Done.
[  113.963014][ T5110] BTRFS info (device loop2): last unmount of filesystem 13e36aa7-44fe-4d1c-85e5-b92c093d802d
[  114.151635][ T5109] BTRFS info (device loop1): last unmount of filesystem 2b76b004-316b-429f-a348-5735a79239a5
[  114.289046][ T5116] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  114.585012][ T5817] binder_alloc: 5816: binder_alloc_buf, no vma
[  115.181461][   T58] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  115.319816][ T5827] loop1: detected capacity change from 0 to 4096
[  115.402001][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  115.416015][ T5827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.481281][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  115.546183][   T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  115.606355][   T58] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  115.643404][ T5109] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.645094][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.707926][   T58] usb 3-1: config 0 descriptor??
[  115.744189][ T5823] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  116.013456][ T5823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.039594][ T5823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.176843][ T5821] loop4: detected capacity change from 0 to 32768
[  116.252939][ T5820] loop3: detected capacity change from 0 to 40427
[  116.281608][ T5227] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  116.338222][ T5820] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  116.356074][ T5820] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  116.384447][ T5820] F2FS-fs (loop3): invalid crc value
[  116.406135][ T5820] F2FS-fs (loop3): Found nat_bits in checkpoint
[  116.483515][   T58] usbhid 3-1:0.0: can't add hid device: -71
[  116.496420][   T58] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  116.521252][ T5227] usb 2-1: Using ep0 maxpacket: 32
[  116.529193][ T5227] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.536808][ T5821] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  116.541883][ T5227] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  116.563081][   T58] usb 3-1: USB disconnect, device number 6
[  116.618812][ T5821] bcachefs (loop4): recovering from clean shutdown, journal seq 8
[  116.627326][ T5227] usb 2-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[  116.632338][ T5178] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  116.648410][ T5227] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.687656][ T5227] usb 2-1: config 0 descriptor??
[  116.695229][ T5821] bcachefs (loop4): alloc_read... done
[  116.712374][ T5830] loop5: detected capacity change from 0 to 32768
[  116.715783][ T5821] bcachefs (loop4): stripes_read... done
[  116.724479][ T5227] usb 2-1: bad CDC descriptors
[  116.745608][ T5821] bcachefs (loop4): snapshots_read...
[  116.745761][ T5227] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[  116.758538][ T5227] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[  116.766267][ T5227] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[  116.781965][ T5820] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  116.789632][ T5821]  done
[  116.820761][ T5821] bcachefs (loop4): journal_replay... done
[  116.824038][ T5820] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  116.840840][ T5821] bcachefs (loop4): resume_logged_ops... done
[  116.849047][ T5178] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  116.867330][ T5178] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.880729][ T5178] usb 1-1: config 0 descriptor??
[  116.895832][ T5178] cp210x 1-1:0.0: cp210x converter detected
[  116.896146][ T5821] bcachefs (loop4): going read-write
[  116.944788][ T5830] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  116.951481][ T5821] bcachefs (loop4): done starting filesystem
[  116.959000][ T5830] bcachefs (loop5): recovering from clean shutdown, journal seq 10
[  116.980719][   T25] usb 2-1: USB disconnect, device number 4
[  117.070924][ T5122] syz-executor.3: attempt to access beyond end of device
[  117.070924][ T5122] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  117.081245][ T5830] bcachefs (loop5): alloc_read... done
[  117.120599][ T5830] bcachefs (loop5): stripes_read... done
[  117.137861][ T5830] bcachefs (loop5): snapshots_read... done
[  117.149366][ T5122] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  117.155701][ T5830] bcachefs (loop5): journal_replay... done
[  117.182549][ T5830] bcachefs (loop5): resume_logged_ops... done
[  117.203309][ T5830] bcachefs (loop5): going read-write
[  117.248122][ T5830] bcachefs (loop5): done starting filesystem
[  117.328756][ T5178] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  117.350464][ T5821] syz-executor.4 (5821) used greatest stack depth: 14832 bytes left
[  117.372207][ T5178] cp210x 1-1:0.0: failed to get vendor val 0x370c size 73: -121
[  117.382940][ T5111] bcachefs (loop4): shutting down
[  117.387992][ T5111] bcachefs (loop4): going read-only
[  117.390353][ T5178] cp210x 1-1:0.0: GPIO initialisation failed: -121
[  117.427237][ T5178] usb 1-1: cp210x converter now attached to ttyUSB0
[  117.438407][ T5111] bcachefs (loop4): finished waiting for writes to stop
[  117.446321][ T5111] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10
[  117.469104][ T5111] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 11
[  117.519339][ T5112] bcachefs (loop5): shutting down
[  117.523133][ T5111] bcachefs (loop4): shutdown complete, journal seq 12
[  117.527059][ T5112] bcachefs (loop5): going read-only
[  117.537832][ T5112] bcachefs (loop5): finished waiting for writes to stop
[  117.563669][ T5112] bcachefs (loop5): flushing journal and stopping allocators, journal seq 12
[  117.579724][ T5112] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 13
[  117.590751][ T5111] bcachefs (loop4): marking filesystem clean
[  117.623857][   T25] usb 1-1: USB disconnect, device number 3
[  117.642628][ T5112] bcachefs (loop5): shutdown complete, journal seq 14
[  117.650339][ T5112] bcachefs (loop5): marking filesystem clean
[  117.745639][   T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  117.796799][   T25] cp210x 1-1:0.0: device disconnected
[  117.825582][ T5111] bcachefs (loop4): shutdown complete
[  117.843513][ T5112] bcachefs (loop5): shutdown complete
[  118.146754][ T5864] loop2: detected capacity change from 0 to 32768
[  118.634502][ T5877] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  118.672173][ T5864] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  118.711882][ T5864] bcachefs (loop2): recovering from clean shutdown, journal seq 10
[  118.843801][ T5866] loop1: detected capacity change from 0 to 32768
[  118.887377][ T5864] bcachefs (loop2): alloc_read... done
[  118.894105][ T5864] bcachefs (loop2): stripes_read... done
[  118.900103][ T5864] bcachefs (loop2): snapshots_read... done
[  118.937028][ T5864] bcachefs (loop2): journal_replay... done
[  118.951440][ T5864] bcachefs (loop2): resume_logged_ops... done
[  118.963333][ T5864] bcachefs (loop2): going read-write
[  119.000084][ T5864] bcachefs (loop2): done starting filesystem
[  119.093261][ T5881] loop4: detected capacity change from 0 to 8192
[  119.170302][ T5866] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  119.188923][   T29] audit: type=1800 audit(1716881067.947:35): pid=5864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=4098 res=0 errno=0
[  119.229776][ T5866] bcachefs (loop1): recovering from clean shutdown, journal seq 8
[  119.259456][   T29] audit: type=1800 audit(1716881067.987:36): pid=5864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=4098 res=0 errno=0
[  119.361063][ T5110] bcachefs (loop2): shutting down
[  119.384475][ T5110] bcachefs (loop2): going read-only
[  119.407273][ T5866] bcachefs (loop1): alloc_read... done
[  119.415157][   T29] audit: type=1800 audit(1716881068.177:37): pid=5881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1962 res=0 errno=0
[  119.415365][ T5110] bcachefs (loop2): finished waiting for writes to stop
[  119.462516][ T5866] bcachefs (loop1): stripes_read... done
[  119.480092][ T5866] bcachefs (loop1): snapshots_read... done
[  119.512614][ T5110] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11
[  119.523365][ T5866] bcachefs (loop1): journal_replay... done
[  119.549217][ T5866] bcachefs (loop1): resume_logged_ops... done
[  119.577113][ T5866] bcachefs (loop1): going read-write
[  119.592867][ T5110] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 12
[  119.618277][ T5866] bcachefs (loop1): done starting filesystem
[  119.649375][ T5110] bcachefs (loop2): shutdown complete, journal seq 13
[  119.662453][ T5110] bcachefs (loop2): marking filesystem clean
[  119.745595][ T5110] bcachefs (loop2): shutdown complete
[  119.884195][ T5109] bcachefs (loop1): shutting down
[  119.891092][ T5109] bcachefs (loop1): going read-only
[  119.927190][ T5109] bcachefs (loop1): finished waiting for writes to stop
[  120.011063][ T5109] bcachefs (loop1): flushing journal and stopping allocators, journal seq 11
[  120.044115][ T5109] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12
[  120.096582][ T5109] bcachefs (loop1): shutdown complete, journal seq 13
[  120.116815][ T5109] bcachefs (loop1): marking filesystem clean
[  120.287727][ T5903] loop0: detected capacity change from 0 to 4096
[  120.342569][ T5109] bcachefs (loop1): shutdown complete
[  120.385996][ T5903] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.617583][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.755343][ T5895] loop5: detected capacity change from 0 to 32768
[  120.800023][ T5892] loop3: detected capacity change from 0 to 32768
[  120.858178][ T5892] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (5892)
[  120.881445][ T5895] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.907221][ T5892] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  120.948413][ T5892] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  121.000257][ T5892] BTRFS info (device loop3): using free-space-tree
[  121.074846][ T5902] loop4: detected capacity change from 0 to 32768
[  121.122796][ T5902] BTRFS: device /dev/loop4 (7:4) using temp-fsid 8396905f-1dd3-486f-b4ff-f22058d786a9
[  121.141279][ T5120] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  121.142227][ T5895] XFS (loop5): Ending clean mount
[  121.165736][ T5902] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5902)
[  121.253130][ T5895] XFS (loop5): Quotacheck needed: Please wait.
[  121.284508][ T5902] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  121.331095][ T5902] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  121.370903][ T5902] BTRFS info (device loop4): using free-space-tree
[  121.371957][ T5120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  121.397759][ T5895] XFS (loop5): Quotacheck: Done.
[  121.422612][   T29] audit: type=1800 audit(1716881070.177:38): pid=5892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=263 res=0 errno=0
[  121.443876][ T5120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  121.471345][ T5120] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  121.485853][ T5120] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  121.495333][ T5120] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.533520][   T29] audit: type=1804 audit(1716881070.187:39): pid=5892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3217221933/syzkaller.JZ0AuQ/16/file0/bus" dev="loop3" ino=263 res=1 errno=0
[  121.582462][ T5120] usb 1-1: config 0 descriptor??
[  121.643877][ T5914] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  121.771905][   T51] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  121.885827][ T5122] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  121.899813][   T29] audit: type=1800 audit(1716881070.657:40): pid=5902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0
[  121.904984][ T5112] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  121.983302][   T29] audit: type=1804 audit(1716881070.707:41): pid=5902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir929937765/syzkaller.W81a6c/16/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  122.010831][ T5914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.046153][ T5914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.289969][   T51] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  122.387042][ T5111] BTRFS info (device loop4): last unmount of filesystem 8396905f-1dd3-486f-b4ff-f22058d786a9
[  122.520581][ T5120] usbhid 1-1:0.0: can't add hid device: -71
[  122.552561][ T5120] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  122.600634][ T5120] usb 1-1: USB disconnect, device number 4
[  123.352157][ T5969] loop0: detected capacity change from 0 to 1024
[  123.663517][ T5951] loop2: detected capacity change from 0 to 40427
[  123.690692][ T5951] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  123.712013][ T5951] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  123.753085][ T5951] F2FS-fs (loop2): invalid crc value
[  123.778619][ T5951] F2FS-fs (loop2): Found nat_bits in checkpoint
[  123.881332][ T5120] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  124.020778][ T5951] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  124.042509][ T5951] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  124.073053][ T5120] usb 1-1: device descriptor read/64, error -71
[  124.125417][ T5963] loop3: detected capacity change from 0 to 32768
[  124.196055][ T5110] syz-executor.2: attempt to access beyond end of device
[  124.196055][ T5110] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  124.253245][ T5961] loop5: detected capacity change from 0 to 32768
[  124.263905][ T5110] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  124.381302][ T5120] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  124.414568][ T5970] loop1: detected capacity change from 0 to 32768
[  124.500833][ T5970] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  124.551309][ T5120] usb 1-1: device descriptor read/64, error -71
[  124.579138][ T5963] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  124.616754][ T5961] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  124.635134][ T5963] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  124.640197][ T5971] loop4: detected capacity change from 0 to 32768
[  124.660272][ T5971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5971)
[  124.697468][ T5120] usb usb1-port1: attempt power cycle
[  124.704724][ T5961] bcachefs (loop5): recovering from clean shutdown, journal seq 8
[  124.728465][ T5963] bcachefs (loop3): alloc_read... done
[  124.741238][ T5963] bcachefs (loop3): stripes_read... done
[  124.741511][ T5971] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  124.758987][ T5963] bcachefs (loop3): snapshots_read... done
[  124.773919][ T5970] XFS (loop1): Ending clean mount
[  124.796254][ T5963] bcachefs (loop3): journal_replay... done
[  124.803547][ T5971] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  124.821788][ T5970] XFS (loop1): Quotacheck needed: Please wait.
[  124.824092][ T5963] bcachefs (loop3): resume_logged_ops... done
[  124.836078][ T5961] bcachefs (loop5): alloc_read... done
[  124.852196][ T5963] bcachefs (loop3): going read-write
[  124.858160][ T5971] BTRFS info (device loop4): using free-space-tree
[  124.866717][ T5961] bcachefs (loop5): stripes_read... done
[  124.885340][ T5961] bcachefs (loop5): snapshots_read... done
[  124.892372][ T5963] bcachefs (loop3): done starting filesystem
[  124.926066][ T5961] bcachefs (loop5): journal_replay... done
[  124.956689][ T5961] bcachefs (loop5): resume_logged_ops... done
[  125.007025][ T5961] bcachefs (loop5): going read-write
[  125.008406][ T5970] XFS (loop1): Quotacheck: Done.
[  125.052482][ T5961] bcachefs (loop5): done starting filesystem
[  125.112463][ T5122] bcachefs (loop3): shutting down
[  125.122401][ T5122] bcachefs (loop3): going read-only
[  125.141484][ T5120] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  125.154325][ T5109] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.171748][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  125.182138][ T5120] usb 1-1: device descriptor read/8, error -71
[  125.242903][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12
[  125.325744][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 13
[  125.348004][ T5961] syz-executor.5 (5961) used greatest stack depth: 13944 bytes left
[  125.401575][ T5112] bcachefs (loop5): shutting down
[  125.406654][ T5112] bcachefs (loop5): going read-only
[  125.422822][ T5122] bcachefs (loop3): shutdown complete, journal seq 14
[  125.430517][ T5122] bcachefs (loop3): marking filesystem clean
[  125.446984][ T5112] bcachefs (loop5): finished waiting for writes to stop
[  125.469356][ T5111] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  125.490711][ T5120] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  125.500668][ T5122] bcachefs (loop3): shutdown complete
[  125.509738][ T5112] bcachefs (loop5): flushing journal and stopping allocators, journal seq 11
[  125.553128][ T5120] usb 1-1: device descriptor read/8, error -71
[  125.565328][ T5112] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 13
[  125.647198][ T5112] bcachefs (loop5): shutdown complete, journal seq 14
[  125.684647][ T5112] bcachefs (loop5): marking filesystem clean
[  125.707600][ T5120] usb usb1-port1: unable to enumerate USB device
[  125.838213][ T5112] bcachefs (loop5): shutdown complete
[  126.427002][ T6023] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  126.503726][ T6024] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  127.201067][ T6019] loop2: detected capacity change from 0 to 32768
[  127.306331][ T6021] loop1: detected capacity change from 0 to 32768
[  127.316657][ T6019] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  127.546417][ T6019] XFS (loop2): Ending clean mount
[  127.583294][ T6019] XFS (loop2): Quotacheck needed: Please wait.
[  127.646843][ T6044] loop5: detected capacity change from 0 to 4096
[  127.686490][ T6021] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  127.735438][ T6019] XFS (loop2): Quotacheck: Done.
[  127.784846][ T6044] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.839137][ T6021] bcachefs (loop1): recovering from clean shutdown, journal seq 8
[  127.859715][ T6030] loop4: detected capacity change from 0 to 32768
[  127.899082][ T6021] bcachefs (loop1): alloc_read... done
[  127.906996][ T6021] bcachefs (loop1): stripes_read... done
[  127.912764][ T6021] bcachefs (loop1): snapshots_read... done
[  127.922657][ T6021] bcachefs (loop1): journal_replay... done
[  127.928541][ T6021] bcachefs (loop1): resume_logged_ops... done
[  127.938170][ T6030] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  127.947990][ T6021] bcachefs (loop1): going read-write
[  127.997368][ T6027] loop0: detected capacity change from 0 to 32768
[  128.019898][ T6021] bcachefs (loop1): done starting filesystem
[  128.030307][ T5110] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  128.034215][ T6027] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6027)
[  128.092944][ T5112] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.191565][ T6027] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  128.218193][ T6027] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  128.230017][ T5109] bcachefs (loop1): shutting down
[  128.250319][ T5109] bcachefs (loop1): going read-only
[  128.255775][ T6028] loop3: detected capacity change from 0 to 32768
[  128.280349][ T6027] BTRFS info (device loop0): using free-space-tree
[  128.307077][ T5109] bcachefs (loop1): finished waiting for writes to stop
[  128.361101][ T5109] bcachefs (loop1): flushing journal and stopping allocators, journal seq 8
[  128.381014][ T5109] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 8
[  128.404738][ T6030] XFS (loop4): Ending clean mount
[  128.426824][ T5109] bcachefs (loop1): shutdown complete, journal seq 9
[  128.438455][ T6030] XFS (loop4): Quotacheck needed: Please wait.
[  128.487062][ T5109] bcachefs (loop1): marking filesystem clean
[  128.608169][ T6030] XFS (loop4): Quotacheck: Done.
[  128.655658][ T6028] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  128.726917][ T6028] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  128.771996][ T5109] bcachefs (loop1): shutdown complete
[  128.842000][   T29] audit: type=1804 audit(1716881077.607:42): pid=6086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1434313591/syzkaller.1TW1eb/21/file0/bus" dev="loop0" ino=263 res=1 errno=0
[  128.862393][ T6028] bcachefs (loop3): alloc_read... done
[  128.912303][ T6028] bcachefs (loop3): stripes_read... done
[  128.948565][ T6028] bcachefs (loop3): snapshots_read... done
[  128.963296][   T29] audit: type=1800 audit(1716881077.647:43): pid=6030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=9291 res=0 errno=0
[  128.995252][ T6028] bcachefs (loop3): journal_replay... done
[  129.028647][ T6028] bcachefs (loop3): resume_logged_ops... done
[  129.050056][ T6028] bcachefs (loop3): going read-write
[  129.057635][ T5111] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  129.076178][ T5116] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.111464][ T6028] bcachefs (loop3): done starting filesystem
[  129.173452][   T29] audit: type=1800 audit(1716881077.937:44): pid=6028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1073741829 res=0 errno=0
[  129.335344][   T29] audit: type=1800 audit(1716881077.937:45): pid=6028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1073741829 res=0 errno=0
[  129.712003][ T5122] bcachefs (loop3): shutting down
[  129.717087][ T5122] bcachefs (loop3): going read-only
[  129.751008][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  129.841429][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12
[  129.875905][ T6072] loop5: detected capacity change from 0 to 32768
[  129.891844][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 13
[  129.936727][ T6072] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (6072)
[  129.981464][ T5122] bcachefs (loop3): shutdown complete, journal seq 14
[  129.989302][ T5122] bcachefs (loop3): marking filesystem clean
[  130.045754][ T6072] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  130.083892][ T6072] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  130.116091][ T5122] bcachefs (loop3): shutdown complete
[  130.174786][ T6072] BTRFS info (device loop5): using free-space-tree
[  130.494468][ T6093] loop0: detected capacity change from 0 to 32768
[  130.507613][ T6093] bcachefs (/dev/loop0): error reading default superblock: checksum error, type crc32c_nonzero: got 1ef4af3a should be 29d2fb78
[  130.624281][   T29] audit: type=1800 audit(1716881079.387:46): pid=6072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=263 res=0 errno=0
[  130.744105][   T29] audit: type=1804 audit(1716881079.427:47): pid=6072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3058478698/syzkaller.FipIiL/15/file0/bus" dev="loop5" ino=263 res=1 errno=0
[  130.757578][ T6089] loop2: detected capacity change from 0 to 32768
[  130.965241][   T12] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  130.975417][ T5112] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  131.156197][ T6093] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  131.183360][ T6089] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  131.220831][ T6089] bcachefs (loop2): recovering from clean shutdown, journal seq 8
[  131.233326][ T6093] bcachefs (loop0): recovering from clean shutdown, journal seq 7
[  131.325632][ T6089] bcachefs (loop2): alloc_read... done
[  131.352167][ T6089] bcachefs (loop2): stripes_read... done
[  131.366823][ T6089] bcachefs (loop2): snapshots_read... done
[  131.409426][ T6089] bcachefs (loop2): journal_replay... done
[  131.428869][ T6093] bcachefs (loop0): alloc_read... done
[  131.442315][ T6089] bcachefs (loop2): resume_logged_ops... done
[  131.461731][ T6093] bcachefs (loop0): stripes_read... done
[  131.467470][ T6093] bcachefs (loop0): snapshots_read... done
[  131.506601][ T6089] bcachefs (loop2): going read-write
[  131.546933][ T6093] bcachefs (loop0): journal_replay... done
[  131.562115][ T6089] bcachefs (loop2): done starting filesystem
[  131.595329][ T6093] bcachefs (loop0): resume_logged_ops... done
[  131.633263][ T6093] bcachefs (loop0): going read-write
[  131.679926][ T6093] bcachefs (loop0): done starting filesystem
[  131.868959][ T5110] bcachefs (loop2): shutting down
[  131.880031][ T5110] bcachefs (loop2): going read-only
[  131.931350][ T5110] bcachefs (loop2): finished waiting for writes to stop
[  131.971484][ T5110] bcachefs (loop2): flushing journal and stopping allocators, journal seq 9
[  132.000697][ T5110] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10
[  132.007833][ T6117] loop4: detected capacity change from 0 to 32768
[  132.021090][ T5110] bcachefs (loop2): shutdown complete, journal seq 11
[  132.047528][ T5116] bcachefs (loop0): shutting down
[  132.048171][ T5110] bcachefs (loop2): marking filesystem clean
[  132.063400][ T5116] bcachefs (loop0): going read-only
[  132.072374][ T6131] loop1: detected capacity change from 0 to 32768
[  132.083110][ T6117] btrfs: Deprecated parameter 'usebackuproot'
[  132.089348][ T6117] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  132.121518][ T5116] bcachefs (loop0): finished waiting for writes to stop
[  132.160716][ T5116] bcachefs (loop0): flushing journal and stopping allocators, journal seq 8
[  132.197915][ T6117] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (6117)
[  132.223828][ T6131] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  132.226821][ T5116] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 9
[  132.262712][ T5110] bcachefs (loop2): shutdown complete
[  132.279105][ T6117] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  132.365083][ T6117] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  132.381370][ T1235] ieee802154 phy0 wpan0: encryption failed: -22
[  132.387758][ T1235] ieee802154 phy1 wpan1: encryption failed: -22
[  132.426089][ T5116] bcachefs (loop0): shutdown complete, journal seq 10
[  132.464484][ T5116] bcachefs (loop0): marking filesystem clean
[  132.487268][ T6117] BTRFS info (device loop4): using free-space-tree
[  132.575658][ T6131] XFS (loop1): Ending clean mount
[  132.601008][ T5116] bcachefs (loop0): shutdown complete
[  132.608328][ T6131] XFS (loop1): Quotacheck needed: Please wait.
[  132.702050][ T6131] XFS (loop1): Quotacheck: Done.
[  132.807875][ T6117] BTRFS info (device loop4): rebuilding free space tree
[  133.013420][ T5109] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  133.153234][ T6144] loop5: detected capacity change from 0 to 32768
[  133.251972][ T5111] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  133.407250][ T6142] loop3: detected capacity change from 0 to 32768
[  133.417851][ T6142] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 1ef4af3a should be 29d2fb78
[  133.721675][ T6144] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  133.791561][ T6142] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  133.804508][ T6144] bcachefs (loop5): recovering from clean shutdown, journal seq 8
[  133.831644][ T6142] bcachefs (loop3): recovering from clean shutdown, journal seq 7
[  134.012439][ T6142] bcachefs (loop3): alloc_read... done
[  134.032870][ T6142] bcachefs (loop3): stripes_read... done
[  134.048511][ T6144] bcachefs (loop5): alloc_read... done
[  134.056647][ T6142] bcachefs (loop3): snapshots_read... done
[  134.089190][ T6144] bcachefs (loop5): stripes_read... done
[  134.106245][ T6142] bcachefs (loop3): journal_replay... done
[  134.111189][ T6144] bcachefs (loop5): snapshots_read... done
[  134.142260][ T6142] bcachefs (loop3): resume_logged_ops... done
[  134.174200][ T6142] bcachefs (loop3): going read-write
[  134.179297][ T6144] bcachefs (loop5): journal_replay... done
[  134.227020][ T6142] bcachefs (loop3): done starting filesystem
[  134.229182][ T6144] bcachefs (loop5): resume_logged_ops... done
[  134.292293][ T6144] bcachefs (loop5): going read-write
[  134.347916][ T6144] bcachefs (loop5): done starting filesystem
[  134.565590][ T6170] loop2: detected capacity change from 0 to 32768
[  134.597589][ T5112] bcachefs (loop5): shutting down
[  134.612332][ T5112] bcachefs (loop5): going read-only
[  134.633659][ T5112] bcachefs (loop5): finished waiting for writes to stop
[  134.645049][ T5112] bcachefs (loop5): flushing journal and stopping allocators, journal seq 10
[  134.696383][ T5112] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 12
[  134.709397][ T5122] bcachefs (loop3): shutting down
[  134.732947][ T5112] bcachefs (loop5): shutdown complete, journal seq 13
[  134.740665][ T5112] bcachefs (loop5): marking filesystem clean
[  134.753773][ T5122] bcachefs (loop3): going read-only
[  134.782806][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  134.826194][ T6170] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): filesystem UUID already open
[  134.841919][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 8
[  134.901463][ T6170] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): shutdown complete
[  134.918573][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 9
[  134.950446][ T5112] bcachefs (loop5): shutdown complete
[  135.001921][ T5122] bcachefs (loop3): shutdown complete, journal seq 10
[  135.026775][ T5122] bcachefs (loop3): marking filesystem clean
[  135.129323][ T5122] bcachefs (loop3): shutdown complete
[  135.359293][ T6186] loop4: detected capacity change from 0 to 32768
[  135.441756][ T6190] loop0: detected capacity change from 0 to 32768
[  135.475489][ T6190] btrfs: Deprecated parameter 'usebackuproot'
[  135.521329][ T6190] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  135.598017][ T6190] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6190)
[  135.718174][ T6188] loop1: detected capacity change from 0 to 32768
[  135.803654][ T6190] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  135.831388][ T6190] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  135.907612][ T6188] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  135.963108][ T6190] BTRFS info (device loop0): using free-space-tree
[  136.011342][ T6186] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  136.038582][ T6186] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  136.092713][ T6214] loop5: detected capacity change from 0 to 4096
[  136.230716][ T6214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.274670][ T6186] bcachefs (loop4): alloc_read... done
[  136.280270][ T6186] bcachefs (loop4): stripes_read... done
[  136.308330][ T6190] BTRFS info (device loop0): rebuilding free space tree
[  136.337084][ T6186] bcachefs (loop4): snapshots_read... done
[  136.385083][ T6188] XFS (loop1): Ending clean mount
[  136.407947][ T6186] bcachefs (loop4): journal_replay... done
[  136.424174][ T6188] XFS (loop1): Quotacheck needed: Please wait.
[  136.438441][ T6186] bcachefs (loop4): resume_logged_ops... done
[  136.464635][ T6186] bcachefs (loop4): going read-write
[  136.516905][ T6186] bcachefs (loop4): done starting filesystem
[  136.523508][ T6188] XFS (loop1): Quotacheck: Done.
[  136.535376][ T5112] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.640666][   T29] audit: type=1800 audit(1716881085.397:48): pid=6186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1073741829 res=0 errno=0
[  136.735328][   T29] audit: type=1800 audit(1716881085.437:49): pid=6186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1073741829 res=0 errno=0
[  136.832720][ T5109] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  136.833978][ T5116] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  136.975706][ T5111] bcachefs (loop4): shutting down
[  136.995787][ T5111] bcachefs (loop4): going read-only
[  137.031276][ T5111] bcachefs (loop4): finished waiting for writes to stop
[  137.108545][ T5111] bcachefs (loop4): flushing journal and stopping allocators, journal seq 12
[  137.168400][ T5111] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 13
[  137.213424][ T5111] bcachefs (loop4): shutdown complete, journal seq 14
[  137.221238][ T5111] bcachefs (loop4): marking filesystem clean
[  137.299897][ T5111] bcachefs (loop4): shutdown complete
[  137.733340][ T6237] loop3: detected capacity change from 0 to 32768
[  137.880494][ T6255] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.1'.
[  138.185013][ T6237] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  138.253114][ T6237] bcachefs (loop3): recovering from clean shutdown, journal seq 8
[  138.381695][ T6237] bcachefs (loop3): alloc_read... done
[  138.387286][ T6237] bcachefs (loop3): stripes_read... done
[  138.422383][ T6237] bcachefs (loop3): snapshots_read... done
[  138.450889][ T6259] netlink: 'syz-executor.1': attribute type 20 has an invalid length.
[  138.464229][ T6237] bcachefs (loop3): journal_replay... done
[  138.470120][ T6237] bcachefs (loop3): resume_logged_ops... done
[  138.474156][ T6242] loop2: detected capacity change from 0 to 32768
[  138.523569][ T6237] bcachefs (loop3): going read-write
[  138.528196][ T6242] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6242)
[  138.533474][ T6259] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  138.554704][ T6244] loop5: detected capacity change from 0 to 32768
[  138.587458][ T6237] bcachefs (loop3): done starting filesystem
[  138.624241][ T6242] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.671962][ T5122] bcachefs (loop3): shutting down
[  138.692130][ T5122] bcachefs (loop3): going read-only
[  138.701428][ T6242] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  138.710331][ T6242] BTRFS info (device loop2): using free-space-tree
[  138.730821][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  138.801367][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 8
[  138.810198][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 8
[  138.867991][ T5122] bcachefs (loop3): shutdown complete, journal seq 9
[  138.882675][ T5122] bcachefs (loop3): marking filesystem clean
[  138.943723][ T6246] loop0: detected capacity change from 0 to 32768
[  138.961979][ T6244] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  138.987185][ T6244] bcachefs (loop5): recovering from clean shutdown, journal seq 10
[  138.999701][ T6246] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6246)
[  139.110759][ T6244] bcachefs (loop5): alloc_read... done
[  139.133438][ T6246] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  139.146019][ T5122] bcachefs (loop3): shutdown complete
[  139.152829][ T6244] bcachefs (loop5): stripes_read... done
[  139.177588][ T6244] bcachefs (loop5): snapshots_read... done
[  139.182952][ T6246] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  139.204309][ T6246] BTRFS info (device loop0): using free-space-tree
[  139.218077][   T29] audit: type=1804 audit(1716881087.977:50): pid=6242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3381517805/syzkaller.HsdmiF/19/file0/bus" dev="loop2" ino=263 res=1 errno=0
[  139.249492][ T6244] bcachefs (loop5): journal_replay... done
[  139.273437][ T6244] bcachefs (loop5): resume_logged_ops... done
[  139.300589][ T6244] bcachefs (loop5): going read-write
[  139.368627][ T6244] bcachefs (loop5): done starting filesystem
[  139.444977][ T5110] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  139.453531][   T29] audit: type=1800 audit(1716881088.217:51): pid=6244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=1073741829 res=0 errno=0
[  139.554028][   T29] audit: type=1800 audit(1716881088.257:52): pid=6244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=1073741829 res=0 errno=0
[  139.729811][ T5112] bcachefs (loop5): shutting down
[  139.774923][ T5112] bcachefs (loop5): going read-only
[  139.780178][ T5112] bcachefs (loop5): finished waiting for writes to stop
[  139.805645][   T29] audit: type=1800 audit(1716881088.567:53): pid=6246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="overlay" ino=1951 res=0 errno=0
[  139.942698][ T5112] bcachefs (loop5): flushing journal and stopping allocators, journal seq 13
[  140.015277][ T5112] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 15
[  140.041433][ T5112] bcachefs (loop5): shutdown complete, journal seq 16
[  140.049124][ T5112] bcachefs (loop5): marking filesystem clean
[  140.126293][ T5112] bcachefs (loop5): shutdown complete
[  140.212861][ T5116] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  140.274952][   T58] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  140.313935][ T6287] loop1: detected capacity change from 0 to 32768
[  140.413409][ T6287] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.474910][   T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  140.521549][   T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  140.572013][   T58] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  140.626977][   T58] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  140.639144][   T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.713132][   T58] usb 4-1: config 0 descriptor??
[  140.745710][ T6310] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  140.755322][ T6287] XFS (loop1): Ending clean mount
[  140.794146][ T6287] XFS (loop1): Quotacheck needed: Please wait.
[  140.845834][ T6287] XFS (loop1): Quotacheck: Done.
[  140.987428][ T5109] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.002895][ T6310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.026475][ T6310] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.458872][   T58] usbhid 4-1:0.0: can't add hid device: -71
[  141.484732][   T58] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  141.535329][   T58] usb 4-1: USB disconnect, device number 4
[  142.032339][ T6332] loop1: detected capacity change from 0 to 4096
[  142.067015][ T6323] loop2: detected capacity change from 0 to 32768
[  142.109529][ T6323] btrfs: Deprecated parameter 'usebackuproot'
[  142.117427][ T6332] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.153581][ T6323] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  142.224506][ T6323] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6323)
[  142.268788][ T6325] loop0: detected capacity change from 0 to 32768
[  142.285572][ T5109] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.300661][ T6323] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  142.344075][ T6323] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  142.377160][ T6323] BTRFS info (device loop2): using free-space-tree
[  142.659919][ T6323] BTRFS info (device loop2): rebuilding free space tree
[  142.798454][ T6325] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  142.841519][ T6325] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  142.897961][ T6328] loop4: detected capacity change from 0 to 32768
[  142.941799][ T6325] bcachefs (loop0): alloc_read... done
[  142.946640][ T6328] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÿÿ" or missing value
[  142.948816][ T6325] bcachefs (loop0): stripes_read... done
[  143.040289][ T6325] bcachefs (loop0): snapshots_read... done
[  143.084392][ T6325] bcachefs (loop0): journal_replay... done
[  143.090317][ T6325] bcachefs (loop0): resume_logged_ops... done
[  143.092531][ T5401] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  143.162907][ T6325] bcachefs (loop0): going read-write
[  143.174169][ T5110] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  143.255895][ T6325] bcachefs (loop0): done starting filesystem
[  143.397112][   T29] audit: type=1800 audit(1716881092.147:54): pid=6325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1073741829 res=0 errno=0
[  143.504710][   T29] audit: type=1800 audit(1716881092.187:55): pid=6325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1073741829 res=0 errno=0
[  143.671497][ T5116] bcachefs (loop0): shutting down
[  143.676732][ T5116] bcachefs (loop0): going read-only
[  143.720863][ T5116] bcachefs (loop0): finished waiting for writes to stop
[  143.803042][ T6330] loop5: detected capacity change from 0 to 32768
[  143.819250][ T5116] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  143.916891][ T5116] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 13
[  144.032925][ T5116] bcachefs (loop0): shutdown complete, journal seq 14
[  144.078464][ T5116] bcachefs (loop0): marking filesystem clean
[  144.120116][ T6330] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  144.142316][ T6336] loop3: detected capacity change from 0 to 32768
[  144.150794][ T6330] bcachefs (loop5): recovering from clean shutdown, journal seq 8
[  144.216309][ T6330] bcachefs (loop5): alloc_read... done
[  144.238569][ T6336] btrfs: Deprecated parameter 'usebackuproot'
[  144.245338][ T6330] bcachefs (loop5): stripes_read... done
[  144.264555][ T6330] bcachefs (loop5): snapshots_read... done
[  144.272627][ T6336] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  144.304865][ T5116] bcachefs (loop0): shutdown complete
[  144.312907][ T6330] bcachefs (loop5): journal_replay... done
[  144.361715][ T6330] bcachefs (loop5): resume_logged_ops... done
[  144.369007][ T6336] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6336)
[  144.414720][ T6330] bcachefs (loop5): going read-write
[  144.444778][ T6330] bcachefs (loop5): done starting filesystem
[  144.501415][ T6336] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  144.513568][ T6377] loop4: detected capacity change from 0 to 1024
[  144.564988][ T6336] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  144.622120][ T6336] BTRFS info (device loop3): using free-space-tree
[  144.682099][ T6358] loop1: detected capacity change from 0 to 32768
[  144.742070][ T6377] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.814939][ T6358] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.870171][ T5112] bcachefs (loop5): shutting down
[  144.894034][ T5112] bcachefs (loop5): going read-only
[  144.899291][ T5112] bcachefs (loop5): finished waiting for writes to stop
[  144.999121][ T6368] loop2: detected capacity change from 0 to 32768
[  145.013568][ T5112] bcachefs (loop5): flushing journal and stopping allocators, journal seq 10
[  145.044144][ T5112] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 11
[  145.056509][ T6336] BTRFS info (device loop3): rebuilding free space tree
[  145.088767][ T5112] bcachefs (loop5): shutdown complete, journal seq 12
[  145.133036][ T5112] bcachefs (loop5): marking filesystem clean
[  145.181742][ T6368] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): filesystem UUID already open
[  145.194319][ T6368] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): shutdown complete
[  145.233693][ T6358] XFS (loop1): Ending clean mount
[  145.288755][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.332154][ T6358] XFS (loop1): Quotacheck needed: Please wait.
[  145.337576][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.380032][ T5112] bcachefs (loop5): shutdown complete
[  145.435781][ T6358] XFS (loop1): Quotacheck: Done.
[  145.436815][ T5122] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  145.465179][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.508488][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.594246][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.718046][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.779646][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.783687][ T5109] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  145.818379][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.856903][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.908126][ T5111] EXT4-fs error (device loop4): ext4_empty_dir:3083: inode #11: comm syz-executor.4: invalid size
[  145.982716][   T25] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  146.205624][   T25] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  146.231496][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.266831][   T25] usb 1-1: config 0 descriptor??
[  146.276577][   T25] cp210x 1-1:0.0: cp210x converter detected
[  146.416972][ T6422] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.424957][ T6422] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.576915][ T5111] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.713267][   T25] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  146.734454][   T25] cp210x 1-1:0.0: failed to get vendor val 0x370c size 73: -121
[  146.789375][   T25] cp210x 1-1:0.0: GPIO initialisation failed: -121
[  146.834740][   T25] usb 1-1: cp210x converter now attached to ttyUSB0
[  146.906985][   T63] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.992691][ T5120] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  147.064221][ T5227] usb 1-1: USB disconnect, device number 9
[  147.129851][ T5227] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  147.193025][ T5227] cp210x 1-1:0.0: device disconnected
[  147.253129][ T5120] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.313322][ T5120] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.344410][ T6436] syz-executor.1[6436] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.344590][ T6436] syz-executor.1[6436] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.373806][ T5120] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  147.471902][   T63] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.472547][ T5120] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.566039][ T5120] usb 3-1: config 0 descriptor??
[  147.686431][   T63] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.921748][   T29] audit: type=1804 audit(1716881096.677:56): pid=6443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1434313591/syzkaller.1TW1eb/27/bus" dev="sda1" ino=1964 res=1 errno=0
[  147.954504][   T63] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.001713][ T5120] usbhid 3-1:0.0: can't add hid device: -71
[  148.032091][ T5120] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  148.068331][ T5120] usb 3-1: USB disconnect, device number 7
[  148.320762][   T63] bridge_slave_1: left allmulticast mode
[  148.353290][   T63] bridge_slave_1: left promiscuous mode
[  148.378545][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.420659][   T63] bridge_slave_0: left allmulticast mode
[  148.447819][   T63] bridge_slave_0: left promiscuous mode
[  148.469841][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.749119][ T5130] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  148.750964][ T5130] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  148.752223][ T5130] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  148.754051][ T5130] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  148.757953][ T5130] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  148.759059][ T5130] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  149.134690][ T6455] loop0: detected capacity change from 0 to 128
[  149.243806][ T6440] loop5: detected capacity change from 0 to 32768
[  149.318245][ T6440] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (6440)
[  149.376332][ T6440] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  149.417821][ T6440] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  149.470701][ T6440] BTRFS info (device loop5): using free-space-tree
[  149.953531][   T29] audit: type=1804 audit(1716881098.707:57): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir3058478698/syzkaller.FipIiL/20/file0/bus" dev="loop5" ino=263 res=1 errno=0
[  150.102165][ T5112] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  150.395694][ T6482] loop2: detected capacity change from 0 to 8192
[  150.438321][ T6482] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  150.814728][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  150.852439][ T5130] Bluetooth: hci2: command tx timeout
[  150.956699][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.058067][   T63] bond0 (unregistering): Released all slaves
[  151.131502][ T6498] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  151.204314][ T6496] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.5'.
[  151.220884][ T6500] loop0: detected capacity change from 0 to 256
[  151.299804][ T6496] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.593692][   T63] hsr_slave_0: left promiscuous mode
[  152.619334][   T63] hsr_slave_1: left promiscuous mode
[  152.669238][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.705891][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.731953][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.759543][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.897340][   T63] veth1_macvtap: left promiscuous mode
[  152.925103][   T63] veth0_macvtap: left promiscuous mode
[  152.931484][ T5130] Bluetooth: hci2: command tx timeout
[  152.952003][   T63] veth1_vlan: left promiscuous mode
[  152.982954][   T63] veth0_vlan: left promiscuous mode
[  153.395229][ T6526] loop3: detected capacity change from 0 to 32768
[  153.661729][ T6526] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names
[  153.709171][ T6526] bcachefs (loop3): recovering from clean shutdown, journal seq 8
[  153.780368][ T6526] bcachefs (loop3): alloc_read... done
[  153.803895][ T6526] bcachefs (loop3): stripes_read... done
[  153.825269][ T6526] bcachefs (loop3): snapshots_read... done
[  153.862892][ T6526] bcachefs (loop3): journal_replay... done
[  153.889171][ T6526] bcachefs (loop3): resume_logged_ops... done
[  153.929334][ T6526] bcachefs (loop3): going read-write
[  153.944317][ T6526] bcachefs (loop3): done starting filesystem
[  154.190231][ T6549] loop1: detected capacity change from 0 to 512
[  154.259593][ T6549] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.301549][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.310086][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.318705][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.327479][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.336046][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.344594][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  154.363196][ T6549] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 4294967295 (level 1)
[  154.478050][ T6549] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 4294967295 (level 1)
[  154.512491][ T6536] loop2: detected capacity change from 0 to 32768
[  154.563212][ T6549] EXT4-fs (loop1): 2 truncates cleaned up
[  154.573686][ T6536] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6536)
[  154.585895][ T6549] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.647283][ T6536] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  154.674932][ T6536] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  154.688464][ T6536] BTRFS info (device loop2): using free-space-tree
[  155.011280][ T5130] Bluetooth: hci2: command tx timeout
[  155.111612][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  155.171658][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  155.200168][ T5109] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.209914][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  155.700929][ T6577] loop5: detected capacity change from 0 to 8192
[  155.741597][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  155.862803][   T63] team0 (unregistering): Port device team_slave_1 removed
[  156.010592][   T63] team0 (unregistering): Port device team_slave_0 removed
[  156.076044][ T6577] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  156.091285][ T6577] FAT-fs (loop5): Filesystem has been set read-only
[  156.117859][ T6575] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 2074)
[  156.192096][ T6575] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 2074)
[  156.214335][ T6575] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 2074)
[  156.355054][ T5112] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 2074)
[  156.580333][ T5122] bcachefs (loop3): shutting down
[  156.586738][ T5122] bcachefs (loop3): going read-only
[  156.593583][ T5122] bcachefs (loop3): finished waiting for writes to stop
[  156.613479][ T5122] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10
[  156.639310][ T5122] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10
[  156.643930][ T5130] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  156.669054][ T5122] bcachefs (loop3): shutdown complete, journal seq 11
[  156.680594][ T5122] bcachefs (loop3): marking filesystem clean
[  156.757660][ T5122] bcachefs (loop3): shutdown complete
[  157.097979][ T5130] Bluetooth: hci2: command tx timeout
[  157.313489][ T5110] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.588103][ T6445] chnl_net:caif_netlink_parms(): no params data found
[  158.148419][ T6445] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.191417][ T6445] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.225072][ T6445] bridge_slave_0: entered allmulticast mode
[  158.248203][ T6445] bridge_slave_0: entered promiscuous mode
[  158.369447][ T6611] loop2: detected capacity change from 0 to 128
[  158.386317][ T6445] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.461647][ T6445] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.478620][ T6611] FAT-fs (loop2): Directory bread(block 3145772) failed
[  158.522343][ T5128] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  158.530587][ T6445] bridge_slave_1: entered allmulticast mode
[  158.540345][ T5128] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  158.549484][ T6611] FAT-fs (loop2): Directory bread(block 3145773) failed
[  158.556653][ T5128] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  158.566015][ T5128] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  158.573989][ T6445] bridge_slave_1: entered promiscuous mode
[  158.581849][ T6611] FAT-fs (loop2): Directory bread(block 3145774) failed
[  158.590029][ T6611] FAT-fs (loop2): Directory bread(block 3145775) failed
[  158.597383][ T6611] FAT-fs (loop2): Directory bread(block 3145776) failed
[  158.604843][ T6611] FAT-fs (loop2): Directory bread(block 3145777) failed
[  158.614033][ T6611] FAT-fs (loop2): Directory bread(block 3145778) failed
[  158.621394][ T6611] FAT-fs (loop2): Directory bread(block 3145779) failed
[  158.741473][ T5128] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  158.763578][ T5128] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  159.174421][ T6611] FAT-fs (loop2): Directory bread(block 3145772) failed
[  159.252451][ T6611] FAT-fs (loop2): Directory bread(block 3145773) failed
[  159.750694][ T6622] loop0: detected capacity change from 0 to 128
[  159.785185][ T6445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.822370][ T6622] FAT-fs (loop0): Directory bread(block 3145772) failed
[  159.828833][ T6445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.829367][ T6622] FAT-fs (loop0): Directory bread(block 3145773) failed
[  159.919934][ T6622] FAT-fs (loop0): Directory bread(block 3145774) failed
[  159.960098][ T6622] FAT-fs (loop0): Directory bread(block 3145775) failed
[  160.002878][ T6622] FAT-fs (loop0): Directory bread(block 3145776) failed
[  160.024747][ T6622] FAT-fs (loop0): Directory bread(block 3145777) failed
[  160.039247][ T6622] FAT-fs (loop0): Directory bread(block 3145778) failed
[  160.046794][ T6622] FAT-fs (loop0): Directory bread(block 3145779) failed
[  160.072899][ T6445] team0: Port device team_slave_0 added
[  160.128203][ T6622] FAT-fs (loop0): Directory bread(block 3145772) failed
[  160.145368][ T6625] loop3: detected capacity change from 0 to 8192
[  160.148178][ T6445] team0: Port device team_slave_1 added
[  160.200167][ T6622] FAT-fs (loop0): Directory bread(block 3145773) failed
[  160.505734][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.632120][ T6445] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.674045][ T6445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.725905][ T6445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.884120][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.931504][ T5128] Bluetooth: hci0: command tx timeout
[  160.973344][ T6445] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.980344][ T6445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.007377][ T6445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.194804][ T6625] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  161.204915][ T6625] FAT-fs (loop3): Filesystem has been set read-only
[  161.289432][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.533966][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.699179][ T6445] hsr_slave_0: entered promiscuous mode
[  161.733090][ T6445] hsr_slave_1: entered promiscuous mode
[  161.769108][ T6445] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.785780][ T6445] Cannot create hsr debugfs directory
[  161.800205][ T6608] chnl_net:caif_netlink_parms(): no params data found
[  161.996927][ T6663] loop0: detected capacity change from 0 to 1024
[  162.070420][ T6663] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.187420][ T6670] loop2: detected capacity change from 0 to 128
[  162.201339][ T6670] FAT-fs (loop2): Directory bread(block 3145772) failed
[  162.208525][ T6670] FAT-fs (loop2): Directory bread(block 3145773) failed
[  162.223337][ T6670] FAT-fs (loop2): Directory bread(block 3145774) failed
[  162.239270][ T6670] FAT-fs (loop2): Directory bread(block 3145775) failed
[  162.252723][ T6670] FAT-fs (loop2): Directory bread(block 3145776) failed
[  162.272071][ T6670] FAT-fs (loop2): Directory bread(block 3145777) failed
[  162.290644][ T6670] FAT-fs (loop2): Directory bread(block 3145778) failed
[  162.298576][ T6670] FAT-fs (loop2): Directory bread(block 3145779) failed
[  162.320728][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.320780][ T6670] FAT-fs (loop2): Directory bread(block 3145772) failed
[  162.340491][ T6670] FAT-fs (loop2): Directory bread(block 3145773) failed
[  162.576660][ T6675] loop0: detected capacity change from 0 to 512
[  162.621619][ T6675] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.640216][ T6675] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  162.711888][ T6675] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  162.744991][ T6675] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002]
[  162.773442][ T6675] EXT4-fs (loop0): orphan cleanup on readonly fs
[  162.784217][ T6677] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'.
[  162.798180][ T6675] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  162.804260][ T4541] udevd[4541]: worker [5351] terminated by signal 33 (Unknown signal 33)
[  162.829951][ T6608] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.842178][ T4541] udevd[4541]: worker [5351] failed while handling '/devices/netdevsim1/net/eth7'
[  162.861312][ T6608] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.890343][ T6608] bridge_slave_0: entered allmulticast mode
[  162.921089][ T6608] bridge_slave_0: entered promiscuous mode
[  162.986402][ T4541] udevd[4541]: worker [5308] terminated by signal 33 (Unknown signal 33)
[  163.009516][ T6675] EXT4-fs warning (device loop0): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  163.045187][ T5128] Bluetooth: hci0: command tx timeout
[  163.076716][ T4541] udevd[4541]: worker [5308] failed while handling '/devices/virtual/block/loop0'
[  163.090301][ T6675] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  163.096967][ T6608] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.097099][ T6608] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.097272][ T6608] bridge_slave_1: entered allmulticast mode
[  163.099247][ T6608] bridge_slave_1: entered promiscuous mode
[  163.128751][   T51] bridge_slave_1: left allmulticast mode
[  163.137647][   T51] bridge_slave_1: left promiscuous mode
[  163.156720][ T6675] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor.0: bg 0: block 40: padding at end of block bitmap is not set
[  163.754958][ T6689] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  163.768778][ T6675] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  163.780529][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.819112][   T51] bridge_slave_0: left allmulticast mode
[  163.833550][ T6675] EXT4-fs (loop0): 1 truncate cleaned up
[  163.840788][ T6675] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  163.860407][   T51] bridge_slave_0: left promiscuous mode
[  163.887059][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.318131][ T6697] loop3: detected capacity change from 0 to 512
[  164.394454][ T6697] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  164.505586][ T6697] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  164.592020][ T6697] EXT4-fs (loop3): 1 orphan inode deleted
[  164.625004][ T6697] EXT4-fs (loop3): 1 truncate cleaned up
[  164.633176][ T6697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.655449][ T6694] loop5: detected capacity change from 0 to 8192
[  164.679904][ T6697] EXT4-fs error (device loop3): ext4_lookup:1854: inode #15: comm syz-executor.3: iget: bad extra_isize 46 (inode size 256)
[  164.696698][ T6697] EXT4-fs (loop3): Remounting filesystem read-only
[  164.804993][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.283263][ T5128] Bluetooth: hci0: command tx timeout
[  165.788857][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.942660][ T6707] loop0: detected capacity change from 0 to 1024
[  165.962721][ T6702] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  165.972340][ T6707] hfsplus: unable to parse mount options
[  165.978513][ T6702] FAT-fs (loop5): Filesystem has been set read-only
[  165.987757][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.018535][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.033882][ T5401] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  166.061113][   T51] bond0 (unregistering): Released all slaves
[  167.180798][ T6608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  167.331557][ T5128] Bluetooth: hci0: command tx timeout
[  167.459209][ T6608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.480537][ T6721] veth0_vlan: entered allmulticast mode
[  167.574012][ T6724] veth0_vlan: left promiscuous mode
[  167.615640][ T6724] veth0_vlan: entered promiscuous mode
[  167.914814][ T6608] team0: Port device team_slave_0 added
[  168.987162][ T6740] loop0: detected capacity change from 0 to 512
[  169.018874][ T6740] EXT4-fs: Ignoring removed nomblk_io_submit option
[  169.020889][ T6608] team0: Port device team_slave_1 added
[  169.057612][ T6740] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  169.096122][ T6740] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  169.123799][ T6740] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002]
[  169.182264][ T6740] EXT4-fs (loop0): orphan cleanup on readonly fs
[  169.188752][ T6740] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  169.241059][ T6740] EXT4-fs warning (device loop0): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  169.318283][ T6740] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  169.397536][ T6740] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor.0: bg 0: block 40: padding at end of block bitmap is not set
[  169.427207][   T51] hsr_slave_0: left promiscuous mode
[  169.458445][ T6740] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  169.468730][   T51] hsr_slave_1: left promiscuous mode
[  169.477782][ T6740] EXT4-fs (loop0): 1 truncate cleaned up
[  169.495270][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.514666][ T6740] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.521430][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.582321][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.589769][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.700616][   T51] veth1_macvtap: left promiscuous mode
[  169.724997][   T51] veth0_macvtap: left promiscuous mode
[  169.746591][   T51] veth1_vlan: left promiscuous mode
[  169.754348][   T51] veth0_vlan: left promiscuous mode
[  171.313488][ T5116] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.358833][ T6772] loop3: detected capacity change from 0 to 32768
[  171.380126][ T6772] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6772)
[  171.451333][ T6772] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  171.487032][ T6772] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  171.532325][ T6772] BTRFS info (device loop3): using free-space-tree
[  171.591646][ T5401] udevd[5401]: '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0' [6780] terminated by signal 33 (Unknown signal 33)
[  171.669624][ T6772] BTRFS info (device loop3): checking UUID tree
[  171.871801][ T4541] udevd[4541]: worker [5401] terminated by signal 33 (Unknown signal 33)
[  171.872751][   T51] team0 (unregistering): Port device team_slave_1 removed
[  171.880293][ T4541] udevd[4541]: worker [5401] failed while handling '/devices/virtual/block/loop3'
[  171.987767][ T5122] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.004213][   T51] team0 (unregistering): Port device team_slave_0 removed
[  172.949878][ T6608] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.957227][ T6608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.983191][    C0] vkms_vblank_simulate: vblank timer overrun
[  172.989493][ T6608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.013970][ T6763] veth0_vlan: entered allmulticast mode
[  173.067408][ T6770] veth0_vlan: left promiscuous mode
[  173.085064][ T6770] veth0_vlan: entered promiscuous mode
[  173.104880][ T6774] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'.
[  173.140104][ T6775] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[  173.187556][ T6608] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.228470][ T6608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.346161][ T6608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.385443][   T29] audit: type=1804 audit(1716881122.147:58): pid=6817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1434313591/syzkaller.1TW1eb/52/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0
[  173.436856][   T29] audit: type=1804 audit(1716881122.147:59): pid=6817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1434313591/syzkaller.1TW1eb/52/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0
[  173.462576][    C0] vkms_vblank_simulate: vblank timer overrun
[  173.838112][ T6608] hsr_slave_0: entered promiscuous mode
[  173.852576][ T6830] loop5: detected capacity change from 0 to 2048
[  173.910596][ T6608] hsr_slave_1: entered promiscuous mode
[  173.937314][ T6608] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  173.960492][ T6608] Cannot create hsr debugfs directory
[  174.199190][ T6830]  loop5: unable to read partition table
[  174.226445][ T6830] loop5: partition table beyond EOD, truncated
[  174.233494][ T6830] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[  174.251881][ T6842] veth0_vlan: entered allmulticast mode
[  174.277714][ T6846] loop3: detected capacity change from 0 to 512
[  174.286988][ T6846] EXT4-fs: Ignoring removed nomblk_io_submit option
[  174.306691][ T6846] EXT4-fs: old and new quota format mixing
[  174.348415][ T6845] veth0_vlan: left promiscuous mode
[  174.364733][ T6845] veth0_vlan: entered promiscuous mode
[  174.537244][ T6445] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  174.556458][ T6844] loop3: detected capacity change from 0 to 1764
[  174.574526][ T4541]  loop5: unable to read partition table
[  174.586190][ T4541] loop5: partition table beyond EOD, truncated
[  174.629038][ T6445] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  174.670860][ T6445] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  174.746906][ T6445] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  175.078081][ T6856] loop0: detected capacity change from 0 to 512
[  175.087599][ T6856] EXT4-fs: Ignoring removed nomblk_io_submit option
[  175.106093][ T6856] EXT4-fs: old and new quota format mixing
[  175.202998][ T6856] loop0: detected capacity change from 0 to 1764
[  175.315602][   T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.477533][   T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.619748][   T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.763103][   T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.811458][ T5128] ==================================================================
[  175.819562][ T5128] BUG: KASAN: slab-use-after-free in hci_cmd_timeout+0x1d9/0x1e0
[  175.827313][ T5128] Read of size 2 at addr ffff88801ec7bdf8 by task kworker/u9:7/5128
[  175.835300][ T5128] 
[  175.837624][ T5128] CPU: 0 PID: 5128 Comm: kworker/u9:7 Not tainted 6.10.0-rc1-syzkaller-00013-g2bfcfd584ff5 #0
[  175.847870][ T5128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
2024/05/28 07:25:24 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  175.857933][ T5128] Workqueue: hci0 hci_cmd_timeout
[  175.862989][ T5128] Call Trace:
[  175.866362][ T5128]  <TASK>
[  175.869318][ T5128]  dump_stack_lvl+0x241/0x360
[  175.874627][ T5128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.879840][ T5128]  ? __pfx__printk+0x10/0x10
[  175.884442][ T5128]  ? _printk+0xd5/0x120
[  175.888608][ T5128]  ? __virt_addr_valid+0x183/0x520
[  175.893745][ T5128]  ? srso_alias_return_thunk+0x5/0xfbef5
[  175.899402][ T5128]  print_report+0x169/0x550
[  175.903928][ T5128]  ? __virt_addr_valid+0x183/0x520
[  175.909060][ T5128]  ? srso_alias_return_thunk+0x5/0xfbef5
[  175.914713][ T5128]  ? __virt_addr_valid+0x44e/0x520
[  175.919849][ T5128]  ? srso_alias_return_thunk+0x5/0xfbef5
[  175.925502][ T5128]  ? __phys_addr+0xba/0x170
[  175.930031][ T5128]  ? hci_cmd_timeout+0x1d9/0x1e0
[  175.934987][ T5128]  kasan_report+0x143/0x180
[  175.939512][ T5128]  ? hci_cmd_timeout+0x1d9/0x1e0
[  175.944463][ T5128]  ? process_scheduled_works+0x945/0x1830
[  175.950184][ T5128]  hci_cmd_timeout+0x1d9/0x1e0
[  175.954948][ T5128]  ? process_scheduled_works+0x945/0x1830
[  175.960664][ T5128]  process_scheduled_works+0xa2e/0x1830
[  175.966231][ T5128]  ? __pfx_process_scheduled_works+0x10/0x10
[  175.972216][ T5128]  ? assign_work+0x364/0x3d0
[  175.976805][ T5128]  worker_thread+0x86d/0xd70
[  175.981406][ T5128]  ? __kthread_parkme+0x169/0x1d0
[  175.986431][ T5128]  ? __pfx_worker_thread+0x10/0x10
[  175.991541][ T5128]  kthread+0x2f2/0x390
[  175.995617][ T5128]  ? __pfx_worker_thread+0x10/0x10
[  176.000728][ T5128]  ? __pfx_kthread+0x10/0x10
[  176.005324][ T5128]  ret_from_fork+0x4d/0x80
[  176.009747][ T5128]  ? __pfx_kthread+0x10/0x10
[  176.014341][ T5128]  ret_from_fork_asm+0x1a/0x30
[  176.019124][ T5128]  </TASK>
[  176.022134][ T5128] 
[  176.024445][ T5128] Allocated by task 5128:
[  176.028760][ T5128]  kasan_save_track+0x3f/0x80
[  176.033435][ T5128]  __kasan_slab_alloc+0x66/0x80
[  176.038283][ T5128]  kmem_cache_alloc_noprof+0x135/0x2a0
[  176.043837][ T5128]  skb_clone+0x20c/0x390
[  176.048077][ T5128]  hci_cmd_work+0x29e/0x670
[  176.052583][ T5128]  process_scheduled_works+0xa2e/0x1830
[  176.058123][ T5128]  worker_thread+0x86d/0xd70
[  176.062711][ T5128]  kthread+0x2f2/0x390
[  176.066781][ T5128]  ret_from_fork+0x4d/0x80
[  176.071205][ T5128]  ret_from_fork_asm+0x1a/0x30
[  176.075977][ T5128] 
[  176.078288][ T5128] Freed by task 6829:
[  176.082257][ T5128]  kasan_save_track+0x3f/0x80
[  176.086933][ T5128]  kasan_save_free_info+0x40/0x50
[  176.091966][ T5128]  poison_slab_object+0xe0/0x150
[  176.096904][ T5128]  __kasan_slab_free+0x37/0x60
[  176.101669][ T5128]  kmem_cache_free+0x145/0x350
[  176.106440][ T5128]  __hci_req_sync+0x62f/0x950
[  176.111116][ T5128]  hci_req_sync+0xa9/0xd0
[  176.115450][ T5128]  hci_inquiry+0x3e1/0x7d0
[  176.119870][ T5128]  sock_do_ioctl+0x15a/0x460
[  176.124462][ T5128]  sock_ioctl+0x629/0x8e0
[  176.128792][ T5128]  __se_sys_ioctl+0xfe/0x170
[  176.133382][ T5128]  do_syscall_64+0xf3/0x230
[  176.137883][ T5128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.143774][ T5128] 
[  176.146086][ T5128] The buggy address belongs to the object at ffff88801ec7bdc0
[  176.146086][ T5128]  which belongs to the cache skbuff_head_cache of size 240
[  176.160662][ T5128] The buggy address is located 56 bytes inside of
[  176.160662][ T5128]  freed 240-byte region [ffff88801ec7bdc0, ffff88801ec7beb0)
[  176.174371][ T5128] 
[  176.176687][ T5128] The buggy address belongs to the physical page:
[  176.183086][ T5128] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ec7b
[  176.191848][ T5128] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  176.198955][ T5128] page_type: 0xffffefff(slab)
[  176.203651][ T5128] raw: 00fff00000000000 ffff888018ad0780 ffffea00011f1dc0 dead000000000004
[  176.212234][ T5128] raw: 0000000000000000 00000000000c000c 00000001ffffefff 0000000000000000
[  176.220807][ T5128] page dumped because: kasan: bad access detected
[  176.227210][ T5128] page_owner tracks the page as allocated
[  176.232913][ T5128] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5618, tgid 5618 (syz-executor.0), ts 108205477474, free_ts 100299161732
[  176.253932][ T5128]  post_alloc_hook+0x1f3/0x230
[  176.258703][ T5128]  get_page_from_freelist+0x2e2d/0x2ee0
[  176.264263][ T5128]  __alloc_pages_noprof+0x256/0x6c0
[  176.269469][ T5128]  alloc_slab_page+0x5f/0x120
[  176.274144][ T5128]  allocate_slab+0x5a/0x2e0
[  176.278645][ T5128]  ___slab_alloc+0xcd1/0x14b0
[  176.283319][ T5128]  __slab_alloc+0x58/0xa0
[  176.287643][ T5128]  kmem_cache_alloc_node_noprof+0x1fe/0x320
[  176.293542][ T5128]  __alloc_skb+0x1c3/0x440
[  176.297964][ T5128]  skb_copy+0x12b/0x820
[  176.302119][ T5128]  mac80211_hwsim_tx_frame_no_nl+0x1068/0x18d0
[  176.308279][ T5128]  mac80211_hwsim_tx_frame+0x1cc/0x220
[  176.313748][ T5128]  mac80211_hwsim_beacon_tx+0x3bf/0x850
[  176.319306][ T5128]  __iterate_interfaces+0x225/0x4c0
[  176.324508][ T5128]  ieee80211_iterate_active_interfaces_atomic+0xd8/0x170
[  176.331536][ T5128]  mac80211_hwsim_beacon+0xd4/0x1f0
[  176.336737][ T5128] page last free pid 58 tgid 58 stack trace:
[  176.342703][ T5128]  free_unref_page+0xd22/0xea0
[  176.347472][ T5128]  kasan_depopulate_vmalloc_pte+0x74/0x90
[  176.353190][ T5128]  __apply_to_page_range+0x8aa/0xe50
[  176.358480][ T5128]  kasan_release_vmalloc+0x9a/0xb0
[  176.363589][ T5128]  purge_vmap_node+0x3e3/0x770
[  176.368353][ T5128]  __purge_vmap_area_lazy+0x708/0xae0
[  176.373726][ T5128]  drain_vmap_area_work+0x27/0x40
[  176.378751][ T5128]  process_scheduled_works+0xa2e/0x1830
[  176.384293][ T5128]  worker_thread+0x86d/0xd70
[  176.388882][ T5128]  kthread+0x2f2/0x390
[  176.392951][ T5128]  ret_from_fork+0x4d/0x80
[  176.397372][ T5128]  ret_from_fork_asm+0x1a/0x30
[  176.402145][ T5128] 
[  176.404459][ T5128] Memory state around the buggy address:
[  176.410164][ T5128]  ffff88801ec7bc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  176.418223][ T5128]  ffff88801ec7bd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  176.426281][ T5128] >ffff88801ec7bd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  176.434329][ T5128]                                                                 ^
[  176.442293][ T5128]  ffff88801ec7be00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  176.450346][ T5128]  ffff88801ec7be80: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  176.458397][ T5128] ==================================================================
[  176.466521][    C0] vkms_vblank_simulate: vblank timer overrun
[  176.483110][ T5128] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  176.490321][ T5128] CPU: 0 PID: 5128 Comm: kworker/u9:7 Not tainted 6.10.0-rc1-syzkaller-00013-g2bfcfd584ff5 #0
[  176.500571][ T5128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  176.510638][ T5128] Workqueue: hci0 hci_cmd_timeout
[  176.515686][ T5128] Call Trace:
[  176.518967][ T5128]  <TASK>
[  176.521918][ T5128]  dump_stack_lvl+0x241/0x360
[  176.526615][ T5128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.531828][ T5128]  ? __pfx__printk+0x10/0x10
[  176.536436][ T5128]  ? preempt_schedule+0xe1/0xf0
[  176.541312][ T5128]  ? srso_alias_return_thunk+0x5/0xfbef5
[  176.546967][ T5128]  ? vscnprintf+0x5d/0x90
[  176.551316][ T5128]  panic+0x349/0x860
[  176.555224][ T5128]  ? check_panic_on_warn+0x21/0xb0
[  176.560362][ T5128]  ? __pfx_panic+0x10/0x10
[  176.564789][ T5128]  ? srso_alias_return_thunk+0x5/0xfbef5
[  176.570449][ T5128]  ? srso_alias_return_thunk+0x5/0xfbef5
[  176.576112][ T5128]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  176.582116][ T5128]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  176.588464][ T5128]  ? print_report+0x502/0x550
[  176.593163][ T5128]  check_panic_on_warn+0x86/0xb0
[  176.598121][ T5128]  ? hci_cmd_timeout+0x1d9/0x1e0
[  176.603075][ T5128]  end_report+0x77/0x160
[  176.607337][ T5128]  kasan_report+0x154/0x180
[  176.611861][ T5128]  ? hci_cmd_timeout+0x1d9/0x1e0
[  176.616816][ T5128]  ? process_scheduled_works+0x945/0x1830
[  176.622549][ T5128]  hci_cmd_timeout+0x1d9/0x1e0
[  176.627330][ T5128]  ? process_scheduled_works+0x945/0x1830
[  176.633062][ T5128]  process_scheduled_works+0xa2e/0x1830
[  176.638645][ T5128]  ? __pfx_process_scheduled_works+0x10/0x10
[  176.644644][ T5128]  ? assign_work+0x364/0x3d0
[  176.649253][ T5128]  worker_thread+0x86d/0xd70
[  176.653870][ T5128]  ? __kthread_parkme+0x169/0x1d0
[  176.658914][ T5128]  ? __pfx_worker_thread+0x10/0x10
[  176.664035][ T5128]  kthread+0x2f2/0x390
[  176.668120][ T5128]  ? __pfx_worker_thread+0x10/0x10
[  176.673231][ T5128]  ? __pfx_kthread+0x10/0x10
[  176.677824][ T5128]  ret_from_fork+0x4d/0x80
[  176.682249][ T5128]  ? __pfx_kthread+0x10/0x10
[  176.686842][ T5128]  ret_from_fork_asm+0x1a/0x30
[  176.691625][ T5128]  </TASK>
[  176.694855][ T5128] Kernel Offset: disabled
[  176.699166][ T5128] Rebooting in 86400 seconds..