last executing test programs:

3m32.960603261s ago: executing program 1 (id=10):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'dummy0\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd6000000000002d9300000c00018008000100", @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0xd4}, 0x24008000)

3m32.591730852s ago: executing program 1 (id=13):
r0 = io_uring_setup(0x2007884, &(0x7f0000000500)={0x0, 0x15, 0x10, 0xfffffffe, 0x5c})
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f0000000000)={0x1a, 0x1, 0x1, 0x1, 0x3f, 0x0, @remote}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

3m32.124194765s ago: executing program 1 (id=15):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0)
ftruncate(r0, 0x8002007ffb)

3m31.532249658s ago: executing program 1 (id=17):
syz_mount_image$jfs(&(0x7f0000006700), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000006740)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESDEC], 0x5, 0x6235, &(0x7f00000004c0)="$eJzs3ctvHVcdB/DfffoRmkZdVCVCyG3Do5TmWUKgQJsFLNiwQN2iRKlbRaSAkoDSKiKuvGHBHwFCYokQS1b8AV2wZccfQKQECdRVpxr7HHs8vfZ16vrOtc/nIzkzv3tmfM/4e+c+MjP3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQP/7RTy/0IuLab9INpyK+EIOIfsRSXa9ExNLKqbz8MCKei43meDYiRgsR9fob/zwd8WpEfHgy3RaxdnGf/fjhX//1p5+d+Mk//zI69/+/3R28ttty9+79/n9/f3CQLQYAAIDyVFVV9dLH/NPp832/604BADORX/+rJN+uVqvVarX6+NVN1WQPmkVErDXXqd8zOBwPAEfMWnzUdRfokPyLNoyIE113Aphrva47wKF49Pj+jV7Kt9d8PVjZbM/nguzIf623sV5ef9J0mvY5JrN6fK3HIJ7ZpT9LM+rDPMn599v5X9tsH6flDjv/Wdkt//HmpU/FyfkP2vm3HJ/8+xPzL1XOf/hE+Q/kDwAAAAAAcyz///+pjo//Lhx8U/Zlr+O/KzPqAwAAAAAAAAB83g46/t+W1vh/+TwA4/8BAABA9+rP6rU/nNy+bbfvYqtvf7MX8VRreaAsvXSxzHLXHQEAAAAAAAAAAACAkgwjlhsDnz+1vFxVVf3T1K6f1EHXP+pK334oWZdP8AAAsO3Dk61r+XsRixHxZvquv9Hy8nJVLS4tV8vV0kJ+PzteWKyWGp9r87S+bWG8jzfEw3FV/7LFxnpN0z4vT2tv/776vsbVYB8dm40OAweAiNh8NXrkFemYqaqno+t3ORwN9v/jx/7PfnT9OAUAAAAOX1VVVS8N83c6HfPvd90pAGAm8ut/+7iAWq1Wq9Xq41c3VZM9aBYRsdZcp37PYDh+ADhi1uKjrrtAh+RftGFEPNd1J4C51uu6AxyKR4/v3+ilfHvN14M0vns+F2RH/mu9jfXy+pOm07TPMZnV42s9BvHMLv15dkZ9mCc5/347/2ub7eO03GHnPyu75V9v56kO+tO1R4+vDutsB+38W45P/v2J+Zcq7//DJ8p/IH8AAAAAAJhj+f//T83V8d/xZ92cqfY6/ruyj/V9NwIAAAAAAAAA8+jR4/s38nWv+fj/lyYs5/rP4ynn35N/kXL+/Vb+X28tN2jMP7y6nf9/H9+/8ee7//linu43/4U800uPrF56RPTSPfWGaXqQrfu09dFgXN/TqNcfDNM5P9Xo7bgZt2I1zu9Ytp/+HtvtF3a01z0dbbRXg832izvah1vtef1LO9pH6Uynaim3n40b8cu4FW9ttNdtC1O2f3FKezWlPec/sP8XKec/bPzU+S+n9l5rWnv4Qf9T+31zOul+3rj55d+dP/zNmWo9Blvb1lRv3wsd9Gfjb3JiHL++s3r77L3rd+/evhBpsuPWi5Emn7Oc/yj9bD3/v7jZnp/3m/vrww/GT5z/vFiP4a75v9iYr7f3pRn3rQs5/3H6yfm/ldon7/9HOf/d9/+XO+gPAAAAAAAAAAAAAAAA7KWqqo1LRN+IiMvp+h/fcQ8AZciv/1WSb59VPZjx/anVR7zuzVl/Zlp/XM1Xf9Tqo1g3VZO93iwi4h/Nder3DL+d9MsAgHn2cUT8u+tO0Bn5Fyx/3189PdN1Z4CZuvPe+z+/fuvW6u07XfcEAAAAAAAAAPis8vifK43xn89UVfWgtdyO8V+vxspBx/8c5pmtAUZ3Gah68OTbtJf1/njQbww3/nzsNv73aGtur/G/h1PubzSlfTylfWFK++KU9okXejTk/J9vjHd+JiJOt4ZfP9Ljv1bbf8W9xn9tj3lfgpz/C43Hc53/11rLNfOv/njE8m9Yj/6O/M/dffdX5+689/4rN9+9/s7qO6u/uHThwvlLly9fuXLl3Ns3b62e3/y3wx4frpx/HvvaeaBlyfnnzOVflpz/V1It/7Lk/L+aavmXJeef3+/Jvyw5//zZR/5lyfm/lGr5lyXn/41Uy78sOf+XUy3/suT8v5lq+Zcl5/9KquVflpz/2VTLvyw5/3Op3mf+S4fdL2Yj55+PcNn/y5Lzz2c2yL8sOf+LqZZ/WXL+l1It/7Lk/F9NtfzLkvP/VqrlX5ac/+VUy78sOf9vp1r+Zcn5X0m1/MuS8/9OquVflpz/d1Mt/7Lk/F9LtfzLkvP/XqrlX5ac//dTLf+y5Px/kGr5lyXn/3qq5V+W7e//N2PmKM4sRcQcdOPYzXT9zAQAAAAAAAAAAAAAtM3idOKutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jXGjrO8A/js1WuHJAZC6qSGbBwTQuJk13biC22KCdeGWwmEQi/YrndtFnzDa5dAI9koUCJhVFTRNnxoCwi1+VIRVXygFaB8QK0qVYL2A/2CqCqhKqoCCkhItIJsdWbe991zzp7L7vp4M2fm95Pix3vOzJl35rwzu886/zMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs1tfP//pkSzLGv/lf2zNshc1/r55emv+2Gte6BECAAAAV+qX+Z/PXZ8eOLSKlZqW+edXfOdrS0tLS9n7xv5s4vNLS+mJ6Syb2JRl+XPRU//1/pHmZYLHsqmR0aavR/tsfqzP8+N9np/o8/xkn+c39Xl+qs/zKw7ACpuL38fkL7Yz/+vW4pBmN2QT+XM7O6z12Mim0dH4u5zcSL7O0sTxbCE7mc1nsy3LF8uO5Mt/49bGtt6SxW2NNm1re2OG/OTRY3EMI+EY72zZ1vJrRj96XTb90588euxvzj97U6fa9zC0vF4xzjt2NMb5yfBIMdaRbFM6JnGco03j3N7hPRlrGedIvl7j7+3jfG6V4xxbHuaGan/Pp7LR/O/fzY/TePOv9dJx2h4e+/ltWZZdWh52+zIrtpWNZltaHhldfn+mihnZeI3GVHpJNr6meXrrKuZpo87tbJ2n7edEfP9vDeuNdxlD89v0o09MNr3vv1hazzyNGnvd7Vxpn4ODPlfKMgfjvPhuvtOPd5yDO8P+P3p79znYce50mINpv5vm4I5+c3B0ciwfc3oTRvJ1lufg7pblx/ItjeT1mdt7z8GZ86fOzix+7ON3L5w6emL+xPzpvbt3z+7dt+/AgQMzxxdOzs8Wf67zaJfflmw0nQM7wrGL58Cr2pZtnqpLX5pccf1d73k41eM83Nq27KDPw/H2nRvZmBNy5Zwuzo33NA761OXRrMs5lr8/d175eZj2u+k8HG86Dzt+T+lwHo6v4jxsLHP2ztX9zDLe9F+nMXT/XnBlc3Br0xxs/3mkfQ4O+ueRsszBqTAvvn9n9+8F28N4H9+11p9HxlbMwbS74drTeCT9vD91IC+d5uXNjSeumcwuLM6fu+eRo+fPn9udhbIhXto0V9rn65amfcpWzNfRNc/XQwuvePzmDo9vDcdq6u7GH1Nd36vGMvfe0/u9yr+7dT6eLY/uyUIZsI0+np2+mzeO52SWfeHbn3jom49+4fVdj2ej3/zkzJX/LJ760qbr70SX62/s+58vtpde6rGxifHi/B1LR2ei5Xrc+laN59eukXzbz82s7no8Ef7b6OvxDT2ux9valh309Xiifefi9Xik3287rkz7+zkV5snJ2d7X48Yy2/asdU6O97we3xbqSDj+rw6dQuqLmuZOt3mbtjU+PhH2azxuoXWe7m1ZfiL0Zo1tPblnffP0jtuK1xpLe7dso+bpdNuyg56n6Xdf3ebpSL/fvq1P+/s5FebFDXt7z9PGMk/fe+XXzs3xr03Xzsl+c3BibLIx5ok0CfPrfba0Oc7Be7Jj2ZnsZDaXPzuZz6eRfFu77lvdHJwM/230tXJbjzl4R9uyg56D6ftYt7k3Mr5y5weg/f2cCvPiift6z8HGMm/YP9ifXe8Ij6Rlmn52bf/9Wrffed3cdpiu1lwZD+P89v7ev5ttLHPywFr7zN7H6a7wyDUdjlP7+dvtnJrLVnucRq74nGqM89kD3Y9TYzyNZT5/cJXz6VCWZRc/8kD++97w7yt/f+F7X2v5d5dO/6Zz8SMP/Pja4/+0lvEDMPyeL8qW4ntd079Mrebf/wEAAIChEPv+0VAT/T8AAABURuz74/8Vnuj/AQAAoDJi3z8ealKT/n/bG55deP5ilpL5S0F8Ph2GB4vlYsZ1Nnw9vbSs8fgDX5n/2T9eXN22R7Ms+8WDf9Rx+W0PxnEVpsM4n3pj6+MrfO3uVW37yMMX03ab8+tfDK8f92e106BTBHc2y7JvXP/ZfDvT77+c16cfPJLXhy49/lhjmecOFl/H9Z95abH8X4bw76HjR1vWfyYchx+GOvvWzscjrvfVy6/evv+9y9uL643suC7f7Sc+ULxuiMhuyh4rlo/Hudv4v/mZJ7/aWOGRV3Ye/8XRzuN/MrzuV0L935cXyze/B42v43qfCuOP24vr3fPlb3Uaf/bUp4vlz76pWO5IqHH7d4Svd77p2YXm4/XIyNGW/creXCwXtz/7vT/Jn4+vF1+/ffxThy+3HI/2+fH0vxevM9O2fHw8bif6h7btN16neX7G7T/5x0dajnO/7T/10DMvb7xu+/bvalvu7EfuzLe//Hqtn9j0V5/6bMftxfEc+ruzLftz6F3hPA7bf+IDYT6G5//vqeL12j9d4ci7Wq8/cfkvbr3Ysj/RW35abP+p157I66apzVuuedG11126pXHssuy7m4rX67X9+BkQzeP/0o3F8YjjiBn99u13E7d/7qO7Tp9ZvLAwl47qo9fnn53ztmI8cbzXh2tr+9eHz5z/4Py56dnp2Sybru5H6K3bl0P9cVEurXX9Ox8O7+fNf/GNLbf/22fi4//xnuLxy28tvm+9Kiz3ufD41vD+Xen2n7j1xvz8Hnm6+Lolxz4A23f+z4FVLRj2v/3ngjjfz77sg/lxaDyXf9+I5/UVjv8Hc8XrfD0c16Xwycw7blzeXvPy8bMRLr+7ON+v+PiFy1x8X/82vN9v/2Hx+nFccX9/EH6O+da21utdnB9fvzja/vr5p3hcCteT7FLxfFwqHu/Lz93YcXjxc0iySzflX/9pep2b1rSb3Sx+bHHm5MLpC4/MnJ9fPD+z+LGPHz515sLp84fzz/I8/KF+6y9fn7bk16e5+X33ZvnV6kxRrrIXevxnHz42t3/29rn540cvHD//8Nn5cyeOLS4em59bvP3o8ePzH+23/sLc/bv3HNy7f8+uEwtz9x84eHDvwV0Lp880hlEMqo99sx/edfrc4XyVxfvvPbj7vvvund116szc/P37Z2d3Xei3fv69aVdj7T/cdW7+5NHzC6fmdy0ufHz+/t0H9+3b0/fTAE+dPb44PXPuwumxbHH+3EyxL9Pn84cb3/v6rU81Lf5n8fNsu5Hig/iyd961L30+a8NXPtH1pYpF2j5A9NnwWTT/8uKzB1bzdez7J0JNatL/AwAAQB3Evn8y1ET/DwAAAJUR+/5NoSb6fwAAAKiM2PdPhZrUpP+vXP5/28VVbV/+v2P+P/uc/L/8fx3y/+/un/9vOPHXZ362Mfn/4noh/z8Yg8n/Pxi+kv+X/5f/l/+X/19z/n/mgvw/Sdny/7Hv35xltez/AQAAoA5i378l1ET/DwAAAJUR+/5rQk30/wAAAFAZse9/UahJTfp/+X/5/3Lk///72jh2+f/l9eT/C/L/8v9r4f7/vcn/9yH/P5PVK/9/aZDjl/+X/2elsuX/Y99/bahJTfp/AAAAqIPY918XaqL/BwAAgMqIff/1oSb6fwAAAKiM2PdvDTWpSf8v/y//X478/zL5/+X15P8L8v/y/2sh/9+b/H8f8v/u/y//L//PQJUt/x/7/heHmtSk/wcAAIA6iH3/S0JN9P8AAABQPuPrWy32/S8NNVnR/69zAwAAAMALLvb9N2RtQfCa/Pu//L/8v/y//L/8f+ftrz7/P5bJ/5eH/H9v8v99yP9XLf8/nsn/y//zgipb/j/v+7Op7GWhJjXp/wEAAKAOYt9/Y6iJ/h8AAAAqI/b9vxJqov8HAACAyoh9/7ZQk5r0//L/Vzv/v1n+X/5f/j/Oy8rm/93/v0yGJf8/2eVx+X/5f/n/4R3/kOT/X/NQl/Xl/7kaypb/j33/TaEmNen/AQAAoA5i339zqIn+HwAAACoj9v2/Gmqi/wcAAIDKiH3/9lCTmvT/8v/u/y//L/8v/995+/L/w2lY8v/dyP/L/8v/D+/4hyT/35X8P1dD2fL/se9/eahJTfp/AAAAqIPY978i1ET/DwAAAJUR+/5bQk30/wAAAFAZse+fDjWpSf8v/y//L/8v/y//33n78v/DSf6/N/n/PuT/5f/l/+X/Gaiy5f9j339rqElN+n8AAACog9j37wg10f8DAABAZcS+/7ZQE/0/AAAAVEbs+3eGmtSk/5f/r27+P85m+X/5f/l/+f86kf/vTf6/D/l/+X/5f/l/Bqps+f/Y978y1KQm/T8AAADUQez7bw810f8DAABAZcS+/1WhJvp/AAAAqIzY998RalKT/l/+v7r5/+G6//8taezy/8vryf8X5P/l/9eicvn/TP4/k/9P5P/LPX75f/l/Vipb/j/2/a8ONalJ/w8AAAB1EPv+O0NN9P8AAABQGbHvvyvURP8PAAAAlRH7/l2hJjXp/+X/5f/Lkf9fJv+/vN7Vz//fdF/z42XJ/7fHvuT/5f/XonL5f/f/z8n/F8qS/+/0c08m/y//L/9PB2XL/8e+/+5Qk5r0/wAAAFAHse+/J9RE/w8AAACVEfv+mVAT/T8AAABURuz7Z0NNKtf/T3d8VP5f/l/+v875/3Xc//+W5dd1//98NOPy/+Ui/9+b/H8f8v/u//+C5/8n5P+plLLl/2PfvzvUpHL9PwAAANRX7Pv3hJro/wEAAKAyYt+/N9RE/w8AAACVEfv+e0NNatL/y//L/8v/y/+X7f7/w5X/d///spH/723w+f+4i/L/8v/y/+7/L//PSmXL/8e+/75Qk5r0/wAAAFAHse/fF2qi/wcAAIDKiH3//lAT/T8AAABURuz7D4Sa1KT/l/+X/5f/l/+X/++8ffn/4ST/35v7//ch/y//L/8v/89AlS3/H/v+g6EmNen/AQAAoA5i3/+aUBP9PwAAAFRG7Pt/LdRE/w8AAACVEfv+Xw81qUn/L/8v/y//L/8v/995+/L/w0n+vzf5/z7k/+X/5f/l/xmosuX/Y99/f6hJTfp/AAAAqIPY9/9GqIn+HwAAACoj9v2vDTXR/wMAAEBlxL7/UKhJTfp/+X/5f/l/+X/5/87bX1f+fyLrSv5/Y8j/99ac/9/ca0H5f/l/+X/5f/l/BqBs+f/Y978u1KQm/T8AAADUQez7Hwg10f8DAABAZcS+//WhJvp/AAAAqIzY978h1KQm/b/8v/y//L/8v/x/5+27//9wkv/vzf3/+5D/l/+X/5f/Z6DKlv+Pff8bQ01q0v8DAABAHcS+/02hJvp/AAAAqIzY97851ET/DwAAAJUR+/63hJrUpP+X/5f/l/+X/5f/77x9+f/hJP/f25ry//HiKv8v/y//L/8v/89qTK18qGz5/9j3/2b7gGvS/wMAAEAdxL7/wVAT/T8AAABURuz73xpqov8HAACAyoh9/9tCTWrS/8v/D0n+f1z+P5P/l/9v2x/5f/n/TuT/exuy+///8rrwuPx/Qf6/3OMfrvz/0qb29eX/uRrKlv+Pff/bQ01q0v8DAABAHcS+/x2hJvp/AAAAqIzY978z1ET/DwAAAJUR+/7fCjWpSf8v/98Yx3J6ubT5f/f/l/+X/5f/l/9fFfn/3oYs/+/+/23k/8s9/uHK/68k/8/VULb8f+z73xVqUpP+HwAAAOog9v0PhZro/wEAAKAyYt//7lAT/T8AAABURuz73xNqUpP+X/5/SO7/L/8v/y//L/8v/78q8v+9yf93lu6ELv8v/y//L//PQJUt/x/7/odDTWrS/wMAAEAdxL7/vaEm+n8AAACojNj3/3aoif4fAAAAKiP2/e8LNalJ/y//Pyz5/2n5f/l/+f+2/ZH/l//vRP6/N/n/PuT/5f/XO/5N8v/y/3RStvx/7PvfH2pSk/4fAAAA6iD2/b8TaqL/BwAAgKFxTZ/nY9//u6Em+n8AAACojNj3/16oSU36f/n/Ycn/u/9/Jv8v/9+2P/L/8v+dbFz+P1555P/l/+X/o1rn/7vd///n4U2V/5f/r6my5f9j3//7oSY16f8BAACgDmLf/4FQE/0/AAAADIVO/092u9j3Hw410f8DAABAZcS+/0ioSU36f/l/+X/5/5Lm//98x79+/zvvOLJb/l/+X/5/TTb0/v+Nk3/d9//f3PFR+X/5f/n/4R2/+//L/7NS2fL/se8/GmpSk/4fAAAA6iD2/X8QaqL/BwAAgMqIff+xUBP9PwAAAFRG7PvnQk1q0v/L/8v/y/+XNP8/xPf/j8dD/r/VwPL/8aIr/9/Rhub/37ucE3f//7Xm/yc7Pir/L/8/zOOX/5f/Z6Wy5f9j3z8falKT/h8AAADqIPT9o8eLuvyE/h8AAAAqI/b9J0JN9P8AAABQGbHv/2CoSU36f/l/+X/5f/l/9//vvP3S5v/d/78n+f8VNjd/UZ78f2fy//L/wzx++X/5f1YqW/4/9v0LoSY16f8BAACgDmLf/6FQE/0/AAAAVEbs+z8caqL/BwAAgMqIff/JUOtG/v+FzP8vdcz/N89C+X/5f/l/+X/5/7WR/+9N/r8P+X/5f/l/+X8Gqmz5/9j3nwo18e//wP+zdx9PktfnHcdn8RKm+AN88AWf/SdwgJMP9tnlg11lH+wqlw9gG+NsA84R5xxwziiAhFBCOYESEspCOWehjFQ1KtjneWanp/fX07PdO7/+Pq/X5bFXXnWDtsAfse/6AgAAw8jdf0vcYv8DAADAMHL33xq32P8AAAAwjNz9PxW3NNn/+n/v/6/Z/99+7a70/zfp/y/1+fr/y+7/ny7T9P/zpP+fpv9fQf+v/9f/6//ZqLn1/7n7fzpuabL/AQAAoIPc/T8Tt9j/AAAAMIzc/bfFLfY/AAAADCN3/8/GLU32/0L/f26vZ/+fGa/+3/v/+n/9v/f/d9yV7f/veuqvfPp//b/+P+j/9f/6fxbNrf/P3X973NJk/wMAAEAHuft/Lm6x/wEAAGAYuft/Pm6x/wEAAGAYuft/IW5psv+9/+/9/0v0/z+w5f5/f0//r//X/9efVf3/5nj/f1qn/v+2x66/5YkHvuvBdT5/W/3/+cN/f/3/Fp3199f/6/85bm79f+7+X4xbmux/AAAA6CB3/y/FLfY/AAAADCN3/y/HLfY/AAAADCN3/6/ELU32v/5f/+/9f/2//n/55+v/d5P+f1qn/v80n+/9f/2//l//z2bNrf/P3f+rcUuT/Q8AAAAd5O7/tbjF/gcAAIBh5O6/I26x/wEAAGAYufvvjFua7H/9v/5f/6//1/8v/3z9/27S/0/T/6+g/9f/r/H9F/7T1f/r/1libv1/7v674pYm+x8AAAA6yN3/63GL/Q8AAADDyN3/G3GL/Q8AAADDyN3/m3FLk/2v/9f/6//1//r/5Z+v/99N+v9p+v8V9P+X289f3an/X6T/1/9z3Jr9/5MTf9neSP+fu/+34pYm+x8AAAA6yN3/23GL/Q8AAADDyN3/O3GL/Q8AAADDyN3/u3FLk/2v/9f/6//1//r/5Z+v/99N+v9pF/f/i2+XH7Ht/v/c+aU/rP/f+f6/1fv/i/T/+n+Om9v7/7n7fy9uabL/AQAAoIPc/b8ft9j/AAAAMIzc/X8Qt9j/AAAAMIzc/X8YtzTZ/9vs/xcb3kX6f/3/YT9/bX13/f/hz9ud/v+aIz/eof9/8KLvp/+fF/3/NO//r6D/1//r//X/bNTc+v/c/X8UtzTZ/wAAANBB7v674xb7HwAAAIaRu/+P4xb7HwAAAIaRu/9P4pYm+395/3/4r3v//2T0/0e/v/f/l//62FT/n/+O2+7/n7LD7//f7P3/nvT/0/T/K+j/9f9n2P8fHFzp/v/o39dX9P/7qz5f/88yG+r/DzbV/+fu/9O4pcn+BwAAgA5y9/9Z3GL/AwAAwDBy9/953GL/AwAAwDBy9/9F3NJk/2/z/f9V9P/6f/3/KO//HzWT/n+r7//vXfH+/7z+/4T0/9P0/yvo//X/3v/3/j8btaH+f29T/X/u/r+MW5rsfwAAAOggd/9fxS32PwAAAOyGi3/vwOJvKA25+/86brH/AQAAYBi5+/8mbmmy//X/+n/9v/5f/7/88+fV/3v//6T0/9P0/yvo/7fRz58frP+/51I/fw79/x36f2bmSP//0OGPn1X/n7v/b+OWJvsfAAAAOsjd/3dxi/0PAAAAw8jd//dxi/0PAAAAw8jd/w9xS5P9v/X+f//Sn63/1//r//X/+n/9/6bp/6e17P/X+U9hnP7/u9f4oy5n/X7+5Trr7z+H/t/7/8zNkf7/ImfV/+fu/8e4pcn+BwAAgA5y9/9T3GL/AwAAwDBy998Tt9j/AAAAMIzc/f8ctzTZ/97/1//r//X/+v/ln6//3036/2kt+/91jNP/n8pZ9/O7/v31//p/jptb/5+7/1/ilib7HwAAADrI3f+vcYv9DwAAAMPI3f9vcYv9DwAAAMPI3f/vcUuT/a//327/nz+u/9f/7+n/T9L/36z/v/B9n9T/n1rb/v/csr8THXeJ/v+Rn7jz+4/+SJ/+/+ifOP2//l//r/9no2bR/x8c/n+Xufv/I25psv8BAACgg9z9/xm32P8AAAAwjNz9/xW32P8AAAAwjNz9/x23NNn/+n/v/+v/9f8z6v+9/1/f95z+/5Ta9v8n5P3/FfT/+n/9v/6fjZpF/3/R/567/3/ilib7HwAAADrI3f+/cYv9DwAAAMPI3f9/cYv9DwAAAMPI3f//cUuT/a//X9n/X3WSPxb9/9Hvr/9f/utD/6//P3n/7/3/09L/T9P/r6D/1//r//X/bNTc+v/c/ffGLU32PwAAAHSQu/8ZcYv9DwAAAMPI3f/MuMX+BwAAgGHk7n9W3NJk/+v/vf+v/9f/6/+Xf77+fzfp/6e16f+/d+Lz75v4Asv6/4Nr9f/6f/2//p9Tmlv/n7v/2XFLk/0PAAAAHeTuvy9usf8BAABgGLn7749b7H8AAAAYRu7+58QtTfa//l//r//X/+v/l3++/n836f+nten/vf9/Kmfdz+/699f/6/85bm79f+7+58YtTfY/AAAAdJC7/4G4xf4HAACAYeTuf17cYv8DAADAMHL3Pxi3NNn/+n/9v/5f/6//X/75+v/dtL3+f0//r//fmf5/f60/6ENn3c9frhN+/5u29f31//p/jptb/5+7//lxS5P9DwAAAB3k7n9B3GL/AwAAwDBy978wbrH/AQAAYBi5+18UtzTZ//p//b/+X/+v/1/++fr/3eT9/2n6/xUG6f9Pq0n/v7Xvr//X/3Pc3Pr/3P0vjlua7H8AAADoIHf/Q3GL/Q8AAADDyN3/krjF/gcAAIBh5O5/adzSZP+v6P8P/4To/yfp/49+f/3/8l8f+n/9/0L/f92e/n/j9P/T9P8r6P/H7P+v2huo/9+/5M/X/zNHc+v/c/e/LG5psv8BAACgg9z9L49b7H8AAAAYRu7+V8Qt9j8AAAAMI3f/K+OWJvvf+//6f/2//l//v/zzvf+/m/T/0/T/K+j/x+z/vf+v/+fMzK3/z93/qrilyf4HAACADnL3vzpusf8BAABgR6z+bXe5+18Tt9j/AAAAMIzc/a+NW5rsf/2//l//r//X/y//fP3/btL/T9P/r6D/1//r//X/bNTc+v/c/a+LW5rsfwAAAOggd//DcYv9DwAAAMPI3f9I3GL/AwAAwDBy978+bmmy//X/+n/9/272/9fp//X/+v+l5tL/33jj9z2q/9f/6//1//p//X93W+v/4yes2//n7n9D3NJk/wMAAEAHufvfGLfY/wAAADCM3P1vilvsfwAAABhG7v43xy1N9v/x/v/qvQuF6gXL+v9o1PT/F9H/H/3++v/lvz68/6//1/9v31z6f+//n+77N+z/n/5Liv5/M876+6/V/99w/Oc/3f/v7+n/Gcrc3v/P3f9o3NJk/wMAAEAHufvfErfY/wAAADCM3P1vjVvsfwAAABhG7v7H4pYm+9/7//p//b/+X/+//PP1/7tJ/z9N/7+C9//1/97/v/XHvuOK9P8Hi3+/Z0xz6/9z978tbmmy/wEAAKCD3P1vj1uW7/9l/5gXAAAAmLnc/e+IW/zzfwAAABhG7v53xi1N9r/+X/8/1/5/f0//r/+/QP+v/1+H/n+a/n8F/f82+vlrNvLlTkD/7/1/5mdu/X/u/nfFLU32PwAAAHSQu//dcYv9DwAAAMPI3f+euMX+BwAAgGHk7n9v3NJk/+v/9f9z7f8vvP//I+v3/zcs9v8/qv9f+Hz9v/5/ZPr//Dv6cvr/FfT/3v/X/+v/2ai59f+5+x+PW5rsfwAAAOggd//74hb7HwAAAIaRu//9cYv9DwAAAMPI3f+BuKXJ/tf/9+r/z+3tWv/v/X/9v/5f/78e/f80/f8K+n/9v/5f/89Gza3/z93/wbilyf4HAACAXfWD3/OTj5/0/zZ3/4fiFvsfAAAAhpG7/8Nxi/0PAAAAw8jd/5G4pcn+1//36v937/1//b/+X/+v/1+P/n/aKfr/IwG7/l//P0X/r//X/7Nobv1/7v6Pxi0XDb/za/9RAgAAAHOSu/9jcUuTf/4PAAAAHeTu/3jccmz/H5zwd7UDAAAAc5O7/xNxS5N//q//n3n/v6f/1//r//X/+v916P+nXeb7/wfn9P/6/wn6f/2//p9Fc+v/c/d/Mm5psv8BAABgUEf+G4Xc/Z+KW+x/AAAAGEbu/k/HLfY/AAAADCN3/2filib7X/8/8/7/VO//79f/pP9v3v/ffd3Sz9f/6/9Hpv+fdpn9v/f/9f+T9P+r+/8fnnhYXP/PiObW/+fu/2zc0mT/AwAAQAe5+z8Xt9j/AAAAMIzc/Z+PW+x/AAAAGEbu/i/ELU32v/5/xP7f+//6/+nPH6f//87r73z4h378/nv1/xy6kv1//lrQ/+v/9f8X6P+9/6//Z9Hc+v/c/V+MW5rsfwAAAOggd/8TcYv9DwAAAMPI3f+luMX+BwAAgGHk7v9y3NJk/+v/9f/6/13s/7Mp7t7/e/9f/3+c9/+n6f9X0P/r//X/+n82am79f+7+r8QtTfY/AAAAdJC7/6txi/0PAAAAw8jd/7W4xf4HAACA3XF++l/O3f/1uKXJ/tf/6//1/3Pt/895/z/o//X/69D/T9P/r6D/1//r//X/bNTc+v/c/d+IW5rsfwAAAOggd/+TcYv9DwAAAMPI3f/NuMX+BwAAgGHk7v9W3NJk/+v/9f/6/7n2/1Pv/+v/9/T/+v9L0P9P0/+voP/X/+v/9f9s1Nz6/9z93w4AAP//hb1f0g==")
mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

3m29.288547684s ago: executing program 1 (id=30):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="7a0af8ff7525347cbfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000072000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6993bad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785b1292fcb9c1d3079a00db453620ce72d75946c2b638f91dbef661935839c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33321d1ec72ed311740d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d07815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc3c9731c9a7bb3a4e67056433edf43fba5566a3e02200bae941d34ac81fd48f9b73126992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000480000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089ba9b19dbe6431c7bf773634f4aac8c91aef83eaa0951d137f8f91a0a9d54f4347431fa96c0b54a503c39d4da796a0dc4a54cb6d9952feb6d282aa2557037b890dc0cf2ed230571ffafccdef2c2c32d3edbcb5ec2cb723149cbed2fbd5fe7452486401e65abb2966c85ec1fdb74b8a492f83e6dd9f2e2f4f75a18a2117b96217adc5dd29bf9192e4419594d1369c1f25e5965f9c601e47f70b0b35c4367102087b9f00c2651c1b5e3134d45a8c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000140)=r2, 0x4)
sendmsg$unix(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x4000840}, 0x20008000)

3m27.784318526s ago: executing program 1 (id=36):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='xprt_reserve\x00', r0, 0x0, 0x1}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

3m26.863763942s ago: executing program 32 (id=36):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='xprt_reserve\x00', r0, 0x0, 0x1}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

36.538128214s ago: executing program 6 (id=1166):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = fanotify_init(0xf00, 0x0)
readv(r1, &(0x7f0000000300)=[{&(0x7f00000007c0)=""/251, 0xfb}], 0x1)

35.407563824s ago: executing program 6 (id=1173):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@dioread_nolock}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
fallocate(r0, 0x0, 0x0, 0x8000c62)

34.952458871s ago: executing program 6 (id=1177):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000001005000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)

34.58453684s ago: executing program 6 (id=1180):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x88, &(0x7f0000000180), 0x3, 0x446, &(0x7f0000000b80)="$eJzs281vG0UbAPBn7Tj9bvJWfYF+AIGCiPhImrSUHriAQOIAEhIcyjEkaRXqNqgJEq0iCAiVI6rEHXFE4o+AG3CKxBXuCFGhXFo4Ga29m9iOkyauEwf8+0nbzuyONfN4d7wzO9kAetZQ+k8ScTAifomIgVq2scBQ7b+7ywuTfy0vTCZRqbz1Z1Itd2d5YTIvmn/uQJ7piyh8lsSJFvXOXb9xeaJcnr6W5Ufnr7w/Onf9xnMzVyYuTV+avjp+/vzZM2MvnBt/vp2wkr6mHWlcd45/NHvy2Gvv3Hpj8sKtd3/8Nsnjb4qjQ4Y2OvhkpdLh6rrrUF16zZfPrlWsddMoVfv/QBRj9eQNxKufdrVxwLaqVCqVB9Y/vFgB/sOS6HYLgO7Ib/Tp/DffdmjosSvcfqk2AUrjvptttSN9UcjKlJrmt500FBEXFv/+Kt1ie55DAAA0+C4d/zzbavxXiPrnQoezNZTBiPhfRByJiHMRcTQi/h9RLftgRDy0xfqbF0nWjn8OtxXXZqXjvxezta3G8V8++ovBYpY7VI2/lFycKU+fzlo2HKU9aX5sgzq+f+XnL1oeyKrIx3/pltafjwWzQr/37Wn82NTE/MT9xFzv9icRx/taxZ+srAQkEXEsIo63WcfM09+cXO/Y0D3j30AH1pkqX0c8VTv/i9EUfy7ZeH1ydG+Up0+P5lfFWj8t3XxzvfrvK/4OSM///pbX/0r8g0n9eu3c1uu4+evn685p7h1/6+u/P3m7Yd+HE/Pz18Yi+pPXa42u3z/eUG5vjK+WT+MfPtW6/x+J1W/iRESkF/HDEfFIRDyatf2xiHg8Ik6tDW2pP0v88PIT71UTpXbi315p/FNbOv+rif5o3tM6UbxcaTyDg1uJPz3/Z6up4WzPZn7/NtOu9q5mAAAA+PcpRMTBSAojK+lCYWSk9jf8R2N/oTw7N//MxdkPrk7V3hEYjFIhf9I1UPc8dCyb1uf58ab8mYiltL4vi/uq+ZHJ2fJUt4OHHndgnf6f+q3Y7dYB2877WtC79H/oXfo/9C79H3pXi/6/rxvtAHZeq/v/x11oB7Dzmvq/ZT/oIeb/0Lva7v9J0tmGADvO/R960ty+2PAl+T82+yK9RI8lorArmiGxTYlu/zIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xj8BAAD///D15qI=")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10)

34.03644281s ago: executing program 6 (id=1183):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3c8, 0x0, 0x43, 0xa0, 0x238, 0x98, 0x330, 0x178, 0x178, 0x330, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1f0, 0x238, 0x0, {0x0, 0x7a010000}, [@common=@inet=@hashlimit3={{0x158}, {'bond_slave_0\x00', {0x9, 0x0, 0x57, 0x0, 0x0, 0x1, 0xe1, 0x3}}}, @inet=@rpfilter={{0x28}, {0xbb}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x428)
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0}}, 0x20044085)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020d0000100000002f3144e8edffffff03000600ff18000002004909000100000000000000001e0e080012000200010000d200000000000030006c540203009f7eae02000000adb20200000000f52c000000cdff00000001020014bb000001000000002300001300030005000020000002"], 0x80}}, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000000c0), 0x2c8, 0x0)

33.304521443s ago: executing program 6 (id=1188):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='A', 0x1, 0x0, 0x0, 0x0)

32.427018469s ago: executing program 33 (id=1188):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='A', 0x1, 0x0, 0x0, 0x0)

20.204546202s ago: executing program 7 (id=1190):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd700039dbdf2d0c00000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005000800"], 0x50}, 0x1, 0x0, 0x0, 0x818}, 0x4000)

16.74512204s ago: executing program 7 (id=1190):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd700039dbdf2d0c00000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005000800"], 0x50}, 0x1, 0x0, 0x0, 0x818}, 0x4000)

13.738827156s ago: executing program 7 (id=1190):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd700039dbdf2d0c00000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005000800"], 0x50}, 0x1, 0x0, 0x0, 0x818}, 0x4000)

9.313902752s ago: executing program 7 (id=1190):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd700039dbdf2d0c00000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005000800"], 0x50}, 0x1, 0x0, 0x0, 0x818}, 0x4000)

6.168169515s ago: executing program 2 (id=1318):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0xfff)
syz_emit_ethernet(0x56, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x9}]}}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000900)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xfffc}}}}}}}, 0x0)

6.167453344s ago: executing program 0 (id=1319):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val, @void, @eth={@multicast, @remote, @val={@val={0x88a8, 0x0, 0x0, 0x3}, {0x6558, 0x7, 0x0, 0x1}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x14, 0x65, 0x0, 0x1, 0x32, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @rand_addr=0x64010102}}}}}}, 0x2e)

5.877652635s ago: executing program 2 (id=1322):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x4000, &(0x7f0000000380)={[{@coherency_buffered}, {@heartbeat_none}, {@coherency_full}, {@err_cont}, {@data_writeback}, {@localflocks}, {@localflocks}, {@dir_resv_level}]}, 0x9, 0x4430, &(0x7f00000088c0)="$eJzs3c9PXNUeAPBzL/QV+to+6OuiL3nJm+Q1MVFDoCuVJlJKS6HFmmob42Y6wLRFB6aBwbjoAndNXJm4MC4aTdyxali4rX+CG5d13agLNyYmjZiZuQNzL4yMhAFbP58Fl3t+D997z5y7uJw4Ubkzt5SbW8oVFnLlmVtLZ3IflEvL88UQ75Nt+z+0f/3Tnk5cJwd97f2dXT1/8a0bZ0L4Zva7J+vr6+uhqjskotBsqOn3X36+N9N8bIhDWrXd0FHvhhBObhlXVVcI4Z2v65/iXJI2mhx7QwjHkk94497HN3N7NJqHj4tn80+n7q8Nn55cfbDW+rNHIXxe+s/Lt+d//H/X8Pcv7lH3AAAAAAAAAAAAAAAAAAA848avXb3+5uBQeBSF7tVo6/u648mx1fux63vmf53/sAAAAAAAAAAAAAAAAAAAAPAXtfn+fy46sc37/2PJcaRF/fXXOz9GOmfijatjFwaHkv3foy35ryRJP53rCv3b7Pue3f/9XKb+9vu/b+1ntxrja/TbF6J4IHUexwMDIXyZbPx+KjoSl8pLlZdulZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+//9/b7maquc39+4Se66l49/VstxXH0Vtxf98pt5+xJ/dS8e/u5bW21xgpD4BVOP/SffO8R/LtN+p+B8PIeSi6lhzqRmguoapprdar5CWjv+hWlpq6kz+kK3u/18z8b+Qaf+g5v+V7BcR20rH/x+1tJ5Uic37vz/e+f6/mGn/IOJfHf+K7/+2pON/uJ7YnSpS+0u2O/+PZ9pvHf8/WGy04XqcjPN4lLoCVqN6eqv/V0daOv49W/I3n//ittZ/lzL19+v5r9Fv4/mvMf3/ENWf/9heOv69Lcu1e/9PZOp1ev4fqa3/2K10/I/U0tJr577az3bjP5lpv1Pxr61Kehrx35xPfjtcT//C+q8t6fj/s54YN5dYqf2srf+indf/lzPtH8T6rzr+lbizvT4vmuPfFY62LFeN/7dtfP9fydTrfPxDGLTW37X0/X+sZbna/d+zc/ynMvU6Hf8XOtk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDNgNDn2hSgeSJ3H8cBACOeT81PhSDRdmM1Pl8oz7y+FMJak58KJ6HapPF0o5ecWyrPFfKFUKs+EcCHJPxl6oqVSuZKfL9y9uNFWb3SnWFisTBcLlRDCeJL+33Cs0db0XGW+cDeEcGkj719xefHuncJCfnZu8bXBwcHBMLExhv6o+GGluFCp917PDWFyo25f1DS4WvbljbEcjd4rLy8uFEq19CtNdUrlmUKpqc5Ukvdp6I8qi8sLM4VKMV8q3270d5BGkuPYxLW3r10Z2pJ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8SY+GX/0shNBdP4tDCCONX6Ltyj98XDybfzp1f2349OTqg7UnrcoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl45RGgiiMAC/GQu18xhWy25nu6KIFq4InkCP4WH0KF7CO6RIkTZFCCSzEDa7sE1SfV/zYH5m3oN5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDxP793HW91EpLjaXEb8ff0vDvOXUn/ux+9fnGFGTuf5tXt4rJvy7+kovytHyzbv0vXq+zNGau93sCfDfdrr+1xPzjW1b1Pz9X1vIuUqItqS36acq2reWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABbduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADxwIAAAAAwvyto+jbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgVAAD//xCzHts=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0x0, 0xffff)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0x0)
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f00000000c0)={{r1}, 0x0, 0x0, 0x100000})

5.102317534s ago: executing program 7 (id=1190):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd700039dbdf2d0c00000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005000800"], 0x50}, 0x1, 0x0, 0x0, 0x818}, 0x4000)

3.587562514s ago: executing program 0 (id=1325):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x82)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x5, 0x12, r0, 0x0)
mount$9p_virtio(0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0)
setuid(0xee01)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3.586500561s ago: executing program 2 (id=1326):
r0 = socket$netlink(0x10, 0x3, 0xc)
r1 = dup(r0)
r2 = open(&(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x1850c2, 0x151)
ftruncate(r2, 0x200004)
sendfile(r1, r2, 0x0, 0x80001d00c0d1)

3.585413153s ago: executing program 3 (id=1327):
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffd3c, 0x40018003, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), r0)

3.584958532s ago: executing program 4 (id=1328):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

3.312323858s ago: executing program 0 (id=1330):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file2\x00', 0x2000000, &(0x7f0000000980)=ANY=[@ANYBLOB="636f6465706167653d63703933362c696f636861727365743d6d6163726f6d616e69616e2c747970653d673696712c0036ffe7939b047f613024df113ab0ed03ec3dd4924825d84f11d4469502870f416b8d6de9166d7fb44226544c3d6fec76fa8a535a7098d484adb91e343f305c3e3cd582d224b0d800a891e1212846961ff205fee6836156ca189ea6a19036df4e30da0e12ec7407264ca4917cdb277b74a264c571c8187f4131b3379b29e424ea0a050df177121a20346fe8f444f98c772a63f849db121a706e76b5c494c0abf9d9b146e0b2556d2a4824da0a4c8554aa411bcb1647475c114f41a2cbe4c9200221e3933eb8e733b9678dabe323a26de4bfbf3deec1d740c62226bc4f835eb612b310bb886cfc4d6bf667e88c282007a982"], 0x5, 0x2e2, &(0x7f0000000500)="$eJzs3btuE00YxvFn1oc4B+XzlwQh0YACkaCJCFAgGiPklp4KAbEjRVhBJEECGgKiRFwAPbfAFVDRgLgBqKi4gHSLZvaQcby7TiwfEvj/JFvj3ZnZd7Q73nlXSiwA/6w7zR8fr/+yLyOVVJJ0Swok1aSypDM6W3u2tbu522m3ijoquRb2ZRS1ND111rfaWU1tO9ciVrefyprzt/lMb88YUBiGt39OOghMnJv9GQJpKp6Hbn9tzHGNyp50ftIxjJt/gs2+9vVc8xMMBwBwAsT3/yC+Tcy5TUZBIK3Et/2/6v6/P+kAhutGp2dTWNjAu/+71V1o7Pn9z+06yPdcomX3B0mWeJRgKoc+VxVdWV0LTNMvq3SxBNMbm2Wtrr9WK9AbNWJetSX33oou3USfaJczctMC+b1VdHcmGo1bUR6WhLSx2WlP2YIXfxLB4vGOOLBqUjBfzDdz39T1Qa10/VcOjarxCaofOlNBxcZ/Nb/rWdfK1lI8sEajEXRV+d8d5JwXRv9R1rIzEr/P5AHBXhpBUZzu2AvqfqwQjW6tT6vFrFb19FNOq6WuVqX4Slhdf9IpfJQyGskQzXtzzyzrtz6p6a3/AxvfiryZWfRVb1zN+MqIxlPNrll2Nes9d46D6XIhjSA2deyxQcp7WpbjnR7ppuZ3Xrx8XOp02tu28DCj8HRu27jC53blrZRZZ/SFkgrqaO9gS2i9CsOj9hyOMvgrQ+3Qfn+kW+z0yapsZ1m6JRj3acop2OvtBIQxvELzq4ouyNNTCEMpZ9eovqZwkuwYf5KqrOlJR4Qxs+suE+V/biUfr+pcgmLf6gXr9OIkU109rqUZXPdScMG9zxwrg5vNz+C8I17LyRldznXxsnTJ22iUf8SMBf4pZ5r6rgc8/wcAAAAAAAAAAAAAAAAAADhtxvXnHwAAAAAAAAAAAAAAAAAAAAAAYHAD/f5v1v+Id7//Wx/L7/8CGI4/AQAA//+roXdK")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f00000016c0)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd52a44fec4f6f1a6f65158bb6911c295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2971f29d9364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7d9f455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b80d8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e807df4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48610ee39fb4171103df2e09d7cfdb0c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681a03007e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fb9bbcd92d47098ae27a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee4c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22f3bb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7c5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7f87030000000000008992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cf8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46070039116694765658bae64b312715a8216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a1626dffe49d0c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d5807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c949ca930e7a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4bc700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

3.284480477s ago: executing program 4 (id=1331):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, r2, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x80)

3.155032489s ago: executing program 3 (id=1332):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x2e, 0x760, &(0x7f0000001100)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKJ0kzaZdNW7cFQoFtzUkJyHkJBMyk9qJBVvXQm02CoKoa5duhVL/AHdSUHAviNa4EDcjZ/JRGmemk6+OpL8fnMzznq/nfXIOb+ZA3hPAS+v14kcSMRQR1yOivLk+jYjjrehExN2N/daf3JkqliSazRu/JMVhsd4sb58r2fw8Ha1D4v8R8agUceH9v+etNVbnJ/M8W95sj9QXlkZqjdWLcwuTs9lstjg2fmX08vj45dHx59bwvx5rPfvWlZMPvn1zbe27r+r3Xxu4mMREq+7YrK3H0+zKxu+kFBM71i8eRrI+SvrdAQAAelJ8zz8WEQOtb6nlONaKAAAAgKOkOdgEAAAAjrwk+t0DAAAA4HBt/R/A1tzew5oH28nPb0TEcLv8A605xBEnohQRp9aTZ2YmJBuHwb7cvRcRDyd23n9fFHfY3X2ee3RH+9k50sf3eXYOwsNi/JloN/6k2+NPtBl/BrbenbBPnce/p/mPdRj/rveY4+tPXyl1zH8v4tWBdvmT7fxJh/xv95j//toHDzpta34eca7t35/kmVxd3g8xMTOXd339wKM/zz/uVv+pTvmT7vUv9Vj/u+u/zXcaS4r85890v/7t8hf3xIeb/Ugj4sHmZ9Fe25HjzML333SrfzqiuZfr/1nXqp9ekh+/HLzddVcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYIY2IoUjSynacppVKxOmI+G+cSvNqrX5hprqyOF1sixiOUjozl2ejEVHeaCdFe6wVP21f2tEej4j//HByI+lcnlWmqvl0v4sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg2+mIGIokrUREGhG/l9O0UokY6OHYwRfQPwAAAOCADPe7AwAAAMCh8/wPAAAAR99en/+TA+4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKRdv3atWJrrT+5MFe3pW42V+eqti9NZbb6ysDJVmaouL1Vmq9XZPKtMVReed768Wl0auxIrt0fqWa0+Umus3lyorizWb84tTM5mN7PSC6kKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3RpqLUlaiYi0FadppRLxr4gYjlIyM5dnoxHx74h4XC4NFu2xfncaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA1drrM5P5nm2vPtgYE9HCQSC/L2I+Ad0owgG2w8FfR6YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoi1pjdX4yz7PlWr97AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH+lPyURUSznymeHdm49nvxRbn1GxDuf3Pjo9mS9vjxWrP91e3394831l/rRfwAAAHgpXN3NzlvP6VvP8QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL2qNVbnJ/M8W95fcDUaq82kwz79rhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANibvwIAAP//UhvDag==")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x82400, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000d00)={0x3, 0x9, 0xec, &(0x7f0000001000)=""/236})

3.0445426s ago: executing program 2 (id=1333):
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000f195"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

2.908520503s ago: executing program 4 (id=1334):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r0, 0xa)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x3, 0x5, 0xffff2d37, 0xffffff05, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x0, 0x0, 0xf7ffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0x10001, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x501, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0xa4f, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x8000, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x6, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x6, 0xb, 0x6, 0x2, 0x6, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x1, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x6, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x10000, 0x2000003, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2.728952258s ago: executing program 5 (id=1335):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e80006558f2878f0200d735be8500003d83d3a12388a8", 0x1b}], 0x2)

2.648546977s ago: executing program 0 (id=1336):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2285080, 0x0)

2.554668067s ago: executing program 2 (id=1337):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8)

2.451737248s ago: executing program 4 (id=1338):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0f0000000400000008000000da"], 0x48)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2.296474412s ago: executing program 3 (id=1339):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x2000c16, &(0x7f0000000340)={[{@usrquota}, {@noblock_validity}, {@grpjquota}, {@inlinecrypt}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000140))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48241, 0x0)
pwrite64(r1, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

2.144259442s ago: executing program 0 (id=1340):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)

2.072919097s ago: executing program 4 (id=1341):
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-serpent-sse2\x00'}, 0x58)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
listen(r0, 0x807)
close(r0)

1.876568235s ago: executing program 2 (id=1342):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000002540)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x9, "83c5b03b"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x2, @lang_id={0x0, 0x3, 0x423}}, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000c80)={0x2c, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0003"], 0x0, 0x0, 0x0}, 0x0)

1.742027874s ago: executing program 5 (id=1343):
r0 = socket$inet(0x2, 0x2, 0x0)
close(r0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x200000000000a, &(0x7f0000000000)="ea00005c00000000", 0x1)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000240), 0x0)

1.559622878s ago: executing program 4 (id=1344):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1.380455367s ago: executing program 5 (id=1345):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountstats\x00')
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200890, 0x0)
pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

1.36352806s ago: executing program 0 (id=1346):
syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x1000008, &(0x7f0000001b40)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030306330612c696f636861727365743d64656661756c742c66696c655f756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d3a16dd612c63726561746f723dd2d868dc2c002e3edc12a312a3f2e00ebd5235750195d31c5be03a8604fec67da6a04f683d360b0ddd64e0ccc354be2a19862b599cd125a6167c219097b372d55bd14920d6d523016675f14596bc3a789b59b720598b4b09b75d11ebdcbb4d690b62a5af318d45c108594b1dd6d7837c77517ba387c18e4de206feace38e4e5003cf23808c69417287e4649d10fdbee156fe24ef2ae6131684c9a56b32b80aa7f4e1cdf8bdf8b24be0e416046e118a32e4ea6ff5cb9901b422c111932c0000f207007c75a674fa5831a9f88fdcb641a8acb02988e4d412d9b62229cf3d51648ed83e6290837b3d000000000000000000"], 0x4, 0x2e5, &(0x7f0000000140)="$eJzs3U1PE0Ecx/HfbFsoD8EVMCZeNCiJXoioB+OlxvTq3ZNR25IQG4iAiXoRjUfjC/DuW/BFeNH4BvTkybucHDPTadnCdkvFshS/n4RmOzuz+5/OPsx/Y60A/LfuVL99uP7D/RmpoIKkW1IkqSwVJZ3R2fLTta3VrWajnrWhgm/h/oxaLc2+OrW1RlpT1863CGL3rqjpZBmGw1p7+3veQSB3/uxPEUnj4Tz068tHHNewbEvn847hqCUH2OxoR880k2M4AIBjINz/o3CbmPZFRlEkLYbb/om6/++cnK44N5r7imxmg8T938/urHHje8qv2s33fArn1kftLPEgwZT2vB9T68jqmmCaflmljyWaWFktaqn2SvVIr1UJEtXm/Wu9dei29Yl2ISU3zdB7ayXdnWz1xs8o92qHtLLabIy7hZT45wbb4+GZT+aLuW9ivVe9M/8rWuOGyY9UvGekopKL/2rvLU75Vq6WQtpfqVSiriqn/U7OhT0EfXpZTs9IkttsPyDY7kSQFaff96y6Hyu0erfcp9VcWqu4865Hq/muVoVwJCzV1puZj1KGo91F887cMwv6qY+qJub/kYtvUYkzM+v6aHzNcGTU1vXb2rH0mkVfM953ud09XS50IgjGB+4bpAGflr3VI93UzObzF48LzWZjwy08TFl4Mr1hQknpjZRaZ/gLBWXU0fZuiXVeWnvQLdtDBGb6fRpX+m/n18F36q4fnRJ3+qRVdmdZpyT6B5+8NTkM93FfqH5W1gE5OgvWSj1WDe06hWNk07QHPRRM5BwQjpqbd5lW/udn8mFW51Mk9xJnzNOzk0x1bXG5k8F1TwVn/evkQBncVO8MLrHHaz1yRp9zXbwsXUoUGmXuMQ5xnhCmqq96wPN/AAAAAAAAAAAAAAAAAACAURP+0X/7K5tD+aZBzl0EAAAAAAAAAAAAAAAAAAAAAGDk/dXv/6b9H/H+939jfv8XGCF/AgAA///7WndM")
r0 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, 0x0)
lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01)

653.065555ms ago: executing program 34 (id=1346):
syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x1000008, &(0x7f0000001b40)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030306330612c696f636861727365743d64656661756c742c66696c655f756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d3a16dd612c63726561746f723dd2d868dc2c002e3edc12a312a3f2e00ebd5235750195d31c5be03a8604fec67da6a04f683d360b0ddd64e0ccc354be2a19862b599cd125a6167c219097b372d55bd14920d6d523016675f14596bc3a789b59b720598b4b09b75d11ebdcbb4d690b62a5af318d45c108594b1dd6d7837c77517ba387c18e4de206feace38e4e5003cf23808c69417287e4649d10fdbee156fe24ef2ae6131684c9a56b32b80aa7f4e1cdf8bdf8b24be0e416046e118a32e4ea6ff5cb9901b422c111932c0000f207007c75a674fa5831a9f88fdcb641a8acb02988e4d412d9b62229cf3d51648ed83e6290837b3d000000000000000000"], 0x4, 0x2e5, &(0x7f0000000140)="$eJzs3U1PE0Ecx/HfbFsoD8EVMCZeNCiJXoioB+OlxvTq3ZNR25IQG4iAiXoRjUfjC/DuW/BFeNH4BvTkybucHDPTadnCdkvFshS/n4RmOzuz+5/OPsx/Y60A/LfuVL99uP7D/RmpoIKkW1IkqSwVJZ3R2fLTta3VrWajnrWhgm/h/oxaLc2+OrW1RlpT1863CGL3rqjpZBmGw1p7+3veQSB3/uxPEUnj4Tz068tHHNewbEvn847hqCUH2OxoR880k2M4AIBjINz/o3CbmPZFRlEkLYbb/om6/++cnK44N5r7imxmg8T938/urHHje8qv2s33fArn1kftLPEgwZT2vB9T68jqmmCaflmljyWaWFktaqn2SvVIr1UJEtXm/Wu9dei29Yl2ISU3zdB7ayXdnWz1xs8o92qHtLLabIy7hZT45wbb4+GZT+aLuW9ivVe9M/8rWuOGyY9UvGekopKL/2rvLU75Vq6WQtpfqVSiriqn/U7OhT0EfXpZTs9IkttsPyDY7kSQFaff96y6Hyu0erfcp9VcWqu4865Hq/muVoVwJCzV1puZj1KGo91F887cMwv6qY+qJub/kYtvUYkzM+v6aHzNcGTU1vXb2rH0mkVfM953ud09XS50IgjGB+4bpAGflr3VI93UzObzF48LzWZjwy08TFl4Mr1hQknpjZRaZ/gLBWXU0fZuiXVeWnvQLdtDBGb6fRpX+m/n18F36q4fnRJ3+qRVdmdZpyT6B5+8NTkM93FfqH5W1gE5OgvWSj1WDe06hWNk07QHPRRM5BwQjpqbd5lW/udn8mFW51Mk9xJnzNOzk0x1bXG5k8F1TwVn/evkQBncVO8MLrHHaz1yRp9zXbwsXUoUGmXuMQ5xnhCmqq96wPN/AAAAAAAAAAAAAAAAAACAURP+0X/7K5tD+aZBzl0EAAAAAAAAAAAAAAAAAAAAAGDk/dXv/6b9H/H+939jfv8XGCF/AgAA///7WndM")
r0 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, 0x0)
lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01)

647.697149ms ago: executing program 3 (id=1348):
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e07000220"], 0xa)
mq_unlink(0x0)
close(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x84800, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

647.041647ms ago: executing program 5 (id=1349):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

416.395167ms ago: executing program 3 (id=1350):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00', {0x0, 0x10, 0x2}, 0xfffffffc, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffeffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x100], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0xeae2, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffb], [0x4, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfff, 0x71d, 0x0, 0x0, 0x0, 0x0, 0x8], [0x0, 0x0, 0x74df, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0xcaa, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)

360.906701ms ago: executing program 5 (id=1351):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000b040)={0x0, 0x0, &(0x7f000000b000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_DELSETELEM={0x10c, 0xe, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0xf8, 0x3, 0x0, 0x1, [{0xf4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x8c, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x85, 0x1, "84ef9caf18592e2246e01f01ad0dd3e3b056b697cee59ac3aaacb20348effd5ba45c91468bc32aa420040f4dfe24c70b972d8d17cad4e1528e492495b936217add45015088ef65ceae08a93ff325f0fefda3cb7a087bd10ed426e484a9e9882ce53863b444e92bb0b45209cb3614e661e2685d3f18be5633674f49b1d5aa37ef79"}]}, @NFTA_SET_ELEM_KEY_END={0x64, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5d, 0x1, "d0dbb26bd74fafc99be4ea118c3ea64ad7aef3217870db94b6e222246e4ac19b127c39158ea34e5026b490838087dcda7bcab5d7588cad6382e5de02c084c51fba941c3c24dea3ae25342a85adce068b3ad777c35b7c8f5228"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x134}, 0x1, 0x0, 0x0, 0x40}, 0x844)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000540)=@ethtool_link_settings={0x4d, 0x400, 0xf, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3]}})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0xf0a}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xfc}]}, 0x3c}}, 0x0)

60.158385ms ago: executing program 5 (id=1352):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x862b01)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
fcntl$setstatus(r1, 0x4, 0x2400)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000240)={0x57, 0xffff, 0x0, {0x7, 0x1}, {0x50, 0x2}, @period={0x59, 0x7, 0xc1f, 0x6773, 0x8000, {0x9, 0x9, 0x1, 0x1}, 0x0, 0x0}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

451.726µs ago: executing program 3 (id=1353):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x101200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000004c0)=0x15)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

0s ago: executing program 7 (id=1190):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd700039dbdf2d0c00000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005000800"], 0x50}, 0x1, 0x0, 0x0, 0x818}, 0x4000)

kernel console output (not intermixed with test programs):

684436][ T5902] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  207.119850][ T7766] loop5: detected capacity change from 0 to 256
[  207.134518][ T5824] ocfs2: Unmounting device (7,0) on (node local)
[  207.213670][ T5902] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  207.233195][ T7766] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d)
[  207.429948][ T5902] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  207.482711][ T5902] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.524688][ T5902] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  207.554751][ T5902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.580775][ T5902] usb 4-1: Product: syz
[  207.592127][ T5902] usb 4-1: Manufacturer: syz
[  207.609614][ T5902] usb 4-1: SerialNumber: syz
[  207.803982][ T7737] usb 5-1: string descriptor 0 read error: -71
[  208.587050][ T5903] usb 5-1: USB disconnect, device number 7
[  208.749267][ T5902] cdc_ncm 4-1:1.0: bind() failure
[  208.762123][ T7790] loop5: detected capacity change from 0 to 256
[  208.771982][ T5902] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  208.800447][ T7790] exfat: Deprecated parameter 'utf8'
[  208.802041][ T5902] cdc_ncm 4-1:1.1: bind() failure
[  208.834100][ T7790] exfat: Deprecated parameter 'namecase'
[  208.867189][ T5902] usb 4-1: USB disconnect, device number 6
[  208.872237][ T7790] exfat: Deprecated parameter 'utf8'
[  208.946607][ T7790] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  209.019544][ T7790] exFAT-fs (loop5): start_clu is invalid cluster(0x0)
[  209.255769][ T7796] bridge0: port 3(gretap0) entered blocking state
[  209.263781][ T7796] bridge0: port 3(gretap0) entered disabled state
[  209.303268][ T7796] gretap0: entered allmulticast mode
[  209.369039][ T7796] gretap0: entered promiscuous mode
[  209.427511][ T7801] gretap0: left allmulticast mode
[  209.437588][ T7805] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  209.437588][ T7805] The task syz.0.588 (7805) triggered the difference, watch for misbehavior.
[  209.485147][ T7801] gretap0: left promiscuous mode
[  209.502307][ T7801] bridge0: port 3(gretap0) entered disabled state
[  210.199172][ T7792] loop2: detected capacity change from 0 to 32768
[  210.409358][ T7792] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  210.502853][ T7792] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  210.851230][ T7812] loop5: detected capacity change from 0 to 32768
[  210.912846][ T7827] loop0: detected capacity change from 0 to 32768
[  210.944611][ T7812] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  211.086886][ T7827] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  211.122996][ T7827] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=gzip,erasure_code,norecovery,nojournal_transaction_names,nocow
[  211.122996][ T7827]   allowing incompatible features above 0.0: (unknown version)
[  211.122996][ T7827]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  211.163061][ T7827] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  211.171384][ T7827] bcachefs (loop0): Version upgrade required:
[  211.171384][ T7827] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  211.171384][ T7827] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  211.171384][ T7827]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  211.293868][ T7812] XFS (loop5): Ending clean mount
[  211.329276][ T7827] bcachefs (loop0): btree node read error at btree freespace level 0/0
[  211.329311][ T7827]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0
[  211.329341][ T7827]   loop0 node offset 0/32: incorrect min_key: got POS_MIN should be 0:3703155162349568:0
[  211.329365][ T7827]   flagging btree freespace lost data
[  211.329383][ T7827]   ret btree_node_read_validate_error
[  211.376897][ T7827] bcachefs (loop0): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[  211.406814][ T7827] bcachefs (loop0): check_topology... done
[  211.413446][ T7827] bcachefs (loop0): accounting_read...
[  211.423717][ T5832] ocfs2: Unmounting device (7,2) on (node local)
[  211.464041][ T7827]  done
[  211.466897][ T7827] bcachefs (loop0): alloc_read... done
[  211.477097][ T7827] bcachefs (loop0): snapshots_read... done
[  211.488198][ T7827] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[  211.504439][ T7827] bcachefs (loop0): done starting filesystem
[  211.883402][ T5824] bcachefs (loop0): shutting down
[  211.965874][ T7845] overlayfs: upper fs does not support tmpfile.
[  211.980250][ T5826] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  212.048946][ T5824] bcachefs (loop0): shutdown complete
[  213.221668][ T7863] netlink: 4 bytes leftover after parsing attributes in process `syz.5.611'.
[  214.271229][ T7873] loop2: detected capacity change from 0 to 4096
[  214.471078][ T7873] NILFS (loop2): invalid segment: Checksum error in segment payload
[  214.548233][ T7873] NILFS (loop2): trying rollback from an earlier position
[  214.715785][ T7873] NILFS (loop2): recovery complete
[  214.852741][ T7884] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  215.120469][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.135277][ T7855] loop4: detected capacity change from 0 to 262144
[  215.184016][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.245528][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.297602][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.331495][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.352303][ T7855] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  215.385190][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.403623][ T7893] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  215.445909][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.471613][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.506972][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.539897][ T7893] CIFS mount error: No usable UNC path provided in device string!
[  215.539897][ T7893] 
[  215.582074][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.649270][ T7893] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  215.658611][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.660127][ T7896] loop3: detected capacity change from 0 to 16
[  215.703375][   T10] hid-generic 0007:0001:0001.000C: unknown main item tag 0x0
[  215.742085][ T7896] erofs (device loop3): mounted with root inode @ nid 36.
[  215.820620][   T10] hid-generic 0007:0001:0001.000C: hidraw0: <UNKNOWN> HID v800.0c Device [] on �IH�E�����ћ�1e� al��}�`����lw�r1��H��*�_�V�5�cʄ	�{=�u;s
[  215.828655][ T7896] erofs (device loop3): read error -22 @ 8200 of nid 36
[  216.066336][ T5902] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  216.252824][ T5902] usb 3-1: Using ep0 maxpacket: 16
[  216.268484][ T7899] fido_id[7899]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  216.284092][ T5902] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  216.299663][ T5902] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  216.324331][ T5892] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  216.338620][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[  216.371565][ T5902] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  216.447476][ T5902] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  216.462817][ T5902] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.491447][ T5902] usb 3-1: Product: syz
[  216.495768][ T5902] usb 3-1: Manufacturer: syz
[  216.500538][ T5902] usb 3-1: SerialNumber: syz
[  216.523813][ T5902] usb 3-1: config 0 descriptor??
[  216.546521][ T5892] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.591011][ T5892] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  216.642356][ T5892] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  216.668374][ T5892] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  216.688033][ T5892] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.711572][ T5892] usb 7-1: config 0 descriptor??
[  216.826121][ T5902] rc_core: IR keymap rc-xbox-dvd not found
[  216.862497][ T5902] Registered IR keymap rc-empty
[  216.903255][ T5902] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  216.955501][ T5902] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input10
[  217.184824][ T5892] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  217.243628][ T5892] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  217.506576][ T5892] usb 7-1: USB disconnect, device number 5
[  217.721165][ T7916] fido_id[7916]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  217.952047][ T5892] usb 3-1: USB disconnect, device number 5
[  217.952170][    C0] xbox_remote 3-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[  218.334366][ T7912] loop3: detected capacity change from 0 to 32768
[  218.426307][ T7912] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  218.756659][ T5825] ocfs2: Unmounting device (7,3) on (node local)
[  219.158623][ T7942] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  219.873307][ T5892] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  220.062694][ T5892] usb 4-1: Using ep0 maxpacket: 32
[  220.080904][ T5892] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  220.105207][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  220.127582][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  220.139905][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  220.164775][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  220.184804][ T5892] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  220.206104][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.224798][ T5892] usb 4-1: Product: syz
[  220.232296][ T5892] usb 4-1: Manufacturer: syz
[  220.259541][ T5892] usb 4-1: SerialNumber: syz
[  220.288172][ T5892] usb 4-1: config 0 descriptor??
[  220.387177][ T7944] loop2: detected capacity change from 0 to 32768
[  220.412347][ T7944] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.642 (7944)
[  220.519699][ T7944] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.531934][ T7944] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  220.541491][ T7944] BTRFS info (device loop2): using free-space-tree
[  220.717078][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -32
[  220.732786][ T5892] input input13: Device does not respond to id packet M
[  220.743701][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -32
[  220.749755][ T5892] input input13: Device does not respond to id packet P
[  220.774347][ T5892] input input13: Device does not respond to id packet B
[  220.891596][ T5832] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.976512][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -71
[  220.982607][ T5892] input input13: Device does not respond to id packet N
[  221.041467][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -71
[  221.073636][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -71
[  221.109217][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -71
[  221.132790][ T5892] iforce 4-1:0.0: usb_submit_urb failed: -71
[  221.198444][ T5892] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input13
[  221.357229][ T5892] usb 4-1: USB disconnect, device number 7
[  221.712131][ T7985] loop0: detected capacity change from 0 to 64
[  222.003056][ T7989] loop3: detected capacity change from 0 to 128
[  222.195631][ T7992] input: syz1 as /devices/virtual/input/input15
[  222.283575][ T7989] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  222.436091][ T7989] ext4 filesystem being mounted at /116/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  222.600179][ T7989] syz.3.655 (pid 7989) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  222.974888][ T5825] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  223.262473][ T5812] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  223.315054][ T5892] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  223.338678][ T8013] loop0: detected capacity change from 0 to 512
[  223.386503][ T8013] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  223.437067][ T8013] EXT4-fs (loop0): 1 truncate cleaned up
[  223.454135][ T8013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.466987][ T5812] usb 3-1: Using ep0 maxpacket: 8
[  223.479288][ T5812] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  223.493174][ T5812] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.509026][ T5812] usb 3-1: Product: syz
[  223.513623][ T5812] usb 3-1: Manufacturer: syz
[  223.518252][ T5812] usb 3-1: SerialNumber: syz
[  223.526314][ T5812] usb 3-1: config 0 descriptor??
[  223.538002][   T30] audit: type=1800 audit(1748849312.719:16): pid=8013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.664" name="file1" dev="loop0" ino=15 res=0 errno=0
[  223.553581][ T5892] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.637167][ T5892] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.670304][ T5892] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  223.756151][ T5892] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  223.783940][ T5892] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.790796][ T5812] usb 3-1: USB disconnect, device number 6
[  223.800157][ T5892] usb 7-1: config 0 descriptor??
[  224.004024][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.275906][ T5892] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  224.346957][ T5892] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  224.396315][ T8034] loop4: detected capacity change from 0 to 256
[  224.565965][ T5892] usb 7-1: USB disconnect, device number 6
[  224.798898][ T8038] fido_id[8038]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  224.907127][ T8044] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes
[  224.922781][ T5902] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  225.005513][ T5812] IPVS: starting estimator thread 0...
[  225.013343][ T8046] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  225.097045][ T5902] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  225.113102][ T8049] IPVS: using max 21 ests per chain, 50400 per kthread
[  225.129859][ T5902] usb 3-1: config 0 has no interface number 0
[  225.149266][ T5902] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  225.169791][ T8052] loop5: detected capacity change from 0 to 256
[  225.183357][ T5902] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.205545][ T5902] usb 3-1: Product: syz
[  225.230168][ T5902] usb 3-1: Manufacturer: syz
[  225.264718][ T5902] usb 3-1: SerialNumber: syz
[  225.312782][ T8052] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  225.340725][ T5902] usb 3-1: config 0 descriptor??
[  225.362969][ T8052] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  225.440419][ T8052] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  225.603922][ T5902] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  225.651305][ T5902] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  225.687277][ T5902] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  225.702054][ T5902] usb 3-1: media controller created
[  225.880972][ T5902] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  226.004270][ T8066] loop4: detected capacity change from 0 to 512
[  226.066960][ T8066] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  226.102819][ T5902] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  226.170307][ T8066] EXT4-fs (loop4): 1 truncate cleaned up
[  226.234921][ T8066] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.412822][   T30] audit: type=1800 audit(1748849315.549:17): pid=8066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.685" name="file1" dev="loop4" ino=15 res=0 errno=0
[  226.437142][ T5829] Bluetooth: hci4: command 0x0406 tx timeout
[  226.445414][ T5829] Bluetooth: hci1: command 0x0406 tx timeout
[  226.451465][ T5829] Bluetooth: hci2: command 0x0406 tx timeout
[  226.457789][ T5829] Bluetooth: hci5: command 0x0406 tx timeout
[  226.463996][ T5829] Bluetooth: hci0: command 0x0406 tx timeout
[  226.634573][ T5902] usb 3-1: USB disconnect, device number 7
[  227.047837][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.286058][ T8084] loop2: detected capacity change from 0 to 4096
[  227.418879][ T8093] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  227.479232][   T30] audit: type=1326 audit(1748849316.659:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8092 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5ad98e969 code=0x7ffc0000
[  227.583387][   T30] audit: type=1326 audit(1748849316.689:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8092 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fe5ad98e969 code=0x7ffc0000
[  227.680262][   T30] audit: type=1326 audit(1748849316.689:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8092 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5ad98e969 code=0x7ffc0000
[  227.788186][   T30] audit: type=1326 audit(1748849316.699:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8092 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5ad98e969 code=0x7ffc0000
[  228.068732][ T8101] loop2: detected capacity change from 0 to 512
[  228.298446][ T8101] EXT4-fs (loop2): 1 orphan inode deleted
[  228.364816][ T8101] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.413762][   T49] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  228.449242][ T8101] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.476383][   T49] EXT4-fs error (device loop2): ext4_release_dquot:6967: comm kworker/u8:3: Failed to release dquot type 1
[  228.832044][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.512318][ T8122] loop2: detected capacity change from 0 to 512
[  229.586903][ T8122] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  229.748078][ T8122] EXT4-fs (loop2): 1 truncate cleaned up
[  229.804845][ T8122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.967146][ T8105] loop5: detected capacity change from 0 to 32768
[  229.968971][ T8120] loop6: detected capacity change from 0 to 65536
[  230.013486][   T30] audit: type=1800 audit(1748849319.199:22): pid=8122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.707" name="file1" dev="loop2" ino=15 res=0 errno=0
[  230.042915][ T8129] loop0: detected capacity change from 0 to 16
[  230.104361][ T8129] erofs (device loop0): mounted with root inode @ nid 36.
[  230.118086][ T8120] XFS (loop6): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  230.183435][ T8105] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  230.287821][ T8120] XFS (loop6): Ending clean mount
[  230.317748][ T8120] XFS (loop6): Metadata CRC error detected at xfs_agf_read_verify+0x139/0x1e0, xfs_agf block 0x1 
[  230.329336][ T8120] XFS (loop6): Unmount and run xfs_repair
[  230.337255][ T8120] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  230.344770][ T8120] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  230.353693][ T8120] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  230.362583][ T8120] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  230.381555][ T8120] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  230.390584][ T8120] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  230.395959][ T8105] (syz.5.701,8105,0):ocfs2_rename:1283 ERROR: status = -2
[  230.399514][ T8120] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  230.415887][ T8120] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  230.424998][ T8120] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  230.434175][ T8120] XFS (loop6): metadata I/O error in "xfs_read_agf+0x290/0x560" at daddr 0x1 len 1 error 74
[  230.465281][ T8120] XFS (loop6): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  230.480141][ T8120] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  230.512737][ T8105] (syz.5.701,8105,1):ocfs2_rename:1699 ERROR: status = -2
[  230.638393][ T6050] XFS (loop6): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  230.864363][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.914145][ T5826] ocfs2: Unmounting device (7,5) on (node local)
[  231.783704][ T8155] overlayfs: statfs failed on './file0'
[  232.672736][ T5812] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  232.843222][ T5812] usb 4-1: Using ep0 maxpacket: 16
[  232.854572][ T5812] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  232.866440][ T5812] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  232.881119][ T5812] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  232.899491][ T5812] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.907873][ T5812] usb 4-1: Product: syz
[  232.912076][ T5812] usb 4-1: Manufacturer: syz
[  232.917195][ T5812] usb 4-1: SerialNumber: syz
[  232.934741][ T5812] usb 4-1: config 0 descriptor??
[  232.944622][ T5812] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  232.954850][ T5812] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  233.489099][ T8185] loop5: detected capacity change from 0 to 512
[  233.506125][ T8186] loop2: detected capacity change from 0 to 256
[  233.529102][ T8185] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  233.553560][ T5812] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  233.593089][ T5812] em28xx 4-1:0.0: Config register raw data: 0x41
[  233.632468][ T8186] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  233.668421][ T8185] EXT4-fs (loop5): 1 truncate cleaned up
[  233.713619][   T30] audit: type=1800 audit(1748849322.889:23): pid=8186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.732" name="file1" dev="loop2" ino=1048636 res=0 errno=0
[  233.736738][ T8185] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.813513][ T5812] usb 4-1: USB disconnect, device number 8
[  233.852311][ T5812] em28xx 4-1:0.0: Disconnecting em28xx
[  233.857598][   T30] audit: type=1800 audit(1748849323.029:24): pid=8185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.730" name="file1" dev="loop5" ino=15 res=0 errno=0
[  233.919376][ T5812] em28xx 4-1:0.0: Freeing device
[  234.288261][ T8198] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 60
[  234.394542][ T8204] block nbd4: shutting down sockets
[  234.415833][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.742691][ T8202] mmap: syz.2.738 (8202) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  234.796868][ T8213] loop5: detected capacity change from 0 to 1024
[  234.943275][ T8213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.978812][ T8218] input: syz0 as /devices/virtual/input/input17
[  235.320221][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.713925][ T8237] loop6: detected capacity change from 0 to 512
[  235.742978][ T8237] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  235.837422][ T8237] EXT4-fs (loop6): 1 truncate cleaned up
[  235.920261][ T8237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.976665][ T8242] loop2: detected capacity change from 0 to 1024
[  236.017403][ T8242] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  236.042843][ T8221] loop0: detected capacity change from 0 to 32768
[  236.082814][   T30] audit: type=1800 audit(1748849325.259:25): pid=8237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.755" name="file1" dev="loop6" ino=15 res=0 errno=0
[  236.210807][ T8242] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.264686][ T8221] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  236.636124][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.756072][ T6050] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.824122][ T5824] ocfs2: Unmounting device (7,0) on (node local)
[  237.089778][ T8263] loop2: detected capacity change from 0 to 256
[  237.111147][ T8265] netlink: 'syz.5.767': attribute type 1 has an invalid length.
[  237.260109][ T8271] loop3: detected capacity change from 0 to 128
[  237.305656][ T8271] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  237.467384][ T8271] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  238.266358][ T8287] loop0: detected capacity change from 0 to 1024
[  238.294682][ T8287] EXT4-fs: Ignoring removed oldalloc option
[  238.300761][ T8287] EXT4-fs: Ignoring removed orlov option
[  238.342877][   T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  238.380544][ T8287] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  238.514555][   T10] usb 5-1: Using ep0 maxpacket: 32
[  238.524487][ T8287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.562042][   T10] usb 5-1: config 1 has an invalid interface number: 242 but max is 0
[  238.595617][   T10] usb 5-1: config 1 has no interface number 0
[  238.632464][ T8298] tipc: Started in network mode
[  238.634685][   T10] usb 5-1: config 1 interface 242 has no altsetting 0
[  238.654941][ T8268] loop6: detected capacity change from 0 to 32768
[  238.664426][   T10] usb 5-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice= 7.df
[  238.678553][ T8298] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  238.691524][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.697986][ T8298] tipc: Enabled bearer <eth:team0>, priority 0
[  238.722326][ T8287] EXT4-fs: Ignoring removed orlov option
[  238.741885][   T10] usb 5-1: Product: syz
[  238.747537][   T10] usb 5-1: Manufacturer: syz
[  238.748511][ T8268] JBD2: Ignoring recovery information on journal
[  238.755899][   T10] usb 5-1: SerialNumber: syz
[  238.812831][ T8287] EXT4-fs (loop0): can't enable nombcache during remount
[  238.954044][ T8268] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  239.108163][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.241076][ T6050] ocfs2: Unmounting device (7,6) on (node local)
[  239.536544][ T8308] loop5: detected capacity change from 0 to 1024
[  239.632537][ T8308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.663935][   T10] aqc111 5-1:1.242 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  239.723524][   T10] aqc111 5-1:1.242: probe with driver aqc111 failed with error -71
[  239.737293][   T10] usb 5-1: USB disconnect, device number 8
[  239.814842][ T5894] tipc: Node number set to 11578026
[  240.069204][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.130984][ T8321] loop6: detected capacity change from 0 to 512
[  240.174589][ T8321] EXT4-fs: Ignoring removed nomblk_io_submit option
[  240.216459][ T8321] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.269938][ T8321] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  240.344760][ T8321] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  240.377057][ T8321] EXT4-fs (loop6): 1 truncate cleaned up
[  240.398388][ T8321] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.445630][ T8326] loop5: detected capacity change from 0 to 2048
[  240.486017][ T8326] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  240.581659][ T5889] udevd[5889]: incorrect nilfs2 checksum on /dev/loop5
[  240.621981][ T8330] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  240.668780][ T6050] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.684838][ T8330] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  240.713645][ T8330] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4)
[  240.806394][ T8330] Remounting filesystem read-only
[  240.811795][ T8326] NILFS (loop5): mounting fs with errors
[  240.843644][ T8326] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=2)
[  240.846009][ T8310] loop2: detected capacity change from 0 to 32768
[  240.910046][ T8326] Remounting filesystem read-only
[  240.954506][ T8326] NILFS error (device loop5): nilfs_readdir: bad page in #2
[  241.020305][ T8310] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  241.217128][ T5826] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer
[  241.552094][ T8345] netlink: 12 bytes leftover after parsing attributes in process `syz.0.798'.
[  241.562391][ T5832] ocfs2: Unmounting device (7,2) on (node local)
[  241.807845][ T8353] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  242.131791][ T8359] loop0: detected capacity change from 0 to 2048
[  242.236082][ T8369] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  242.324970][ T8365] loop5: detected capacity change from 0 to 2048
[  242.362210][ T8369] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  242.418255][ T8369] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  242.470230][ T8369] Remounting filesystem read-only
[  242.553752][ T8365] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.718434][ T5824] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  242.727056][ T8363] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  242.827532][ T8363] EXT4-fs (loop5): Remounting filesystem read-only
[  243.056927][ T8386] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  243.270582][ T8384] loop0: detected capacity change from 0 to 32768
[  243.285984][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.464470][ T8384] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  243.523337][ T8384] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,no_splitbrain_check,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  243.523337][ T8384]   allowing incompatible features above 0.0: (unknown version)
[  243.523337][ T8384]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  243.574011][ T8384] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  243.582303][ T8384] bcachefs (loop0): Version upgrade required:
[  243.582303][ T8384] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  243.582303][ T8384] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  243.582303][ T8384]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  243.657952][ T8384] bcachefs (loop0): dropping and reconstructing all alloc info
[  243.689983][ T8384] bcachefs (loop0): accounting_read... done
[  243.701520][ T8384] bcachefs (loop0): alloc_read... done
[  243.707617][ T8384] bcachefs (loop0): snapshots_read... done
[  243.714613][ T8384] bcachefs (loop0): done starting filesystem
[  243.954489][   T30] audit: type=1800 audit(1748849333.019:26): pid=8384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.812" name="file1" dev="loop0" ino=536870912 res=0 errno=0
[  244.145938][ T5824] bcachefs (loop0): shutting down
[  244.189927][ T8403] loop2: detected capacity change from 0 to 32768
[  244.222584][ T8403] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  244.231062][ T8403] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  244.254789][ T8403] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  244.272291][  T975] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  244.283347][  T975] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  244.405926][  T975] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 122ms
[  244.414248][  T975] gfs2: fsid=syz:syz.0: jid=0: Done
[  244.421165][ T8403] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  244.447272][ T5824] bcachefs (loop0): shutdown complete
[  244.577081][ T8403] gfs2: fsid=syz:syz.0: found 1 quota changes
[  245.333253][ T8421] syz_tun: entered allmulticast mode
[  245.353521][ T8420] syz_tun: left allmulticast mode
[  245.424086][ T8412] orangefs_mount: mount request failed with -4
[  245.873354][  T975] IPVS: starting estimator thread 0...
[  245.982754][ T8430] IPVS: using max 22 ests per chain, 52800 per kthread
[  246.186510][ T8426] loop5: detected capacity change from 0 to 32768
[  246.246425][ T8426] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  246.468592][ T8426] XFS (loop5): Ending clean mount
[  246.499260][ T8426] XFS (loop5): Metadata CRC error detected at xfs_rmapbt_read_verify+0x26/0xe0, xfs_rmapbt block 0x14 
[  246.510713][ T8426] XFS (loop5): Unmount and run xfs_repair
[  246.519338][ T8426] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  246.526919][ T8426] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  246.535855][ T8426] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  246.544765][ T8426] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  246.553691][ T8426] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  246.562572][ T8426] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  246.571703][ T8426] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  246.580692][ T8426] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  246.589610][ T8426] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  246.598714][ T8426] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x14 len 4 error 74
[  246.666147][ T8450] loop4: detected capacity change from 0 to 512
[  246.683766][ T8450] ext4: Bad value for 'debug_want_extra_isize'
[  246.690124][ T8426] XFS (loop5): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  246.705811][ T8426] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  246.736817][ T8452] netlink: 116 bytes leftover after parsing attributes in process `syz.3.836'.
[  246.972420][ T5826] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  247.211428][ T8459] loop4: detected capacity change from 0 to 512
[  247.266560][ T8459] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  247.342994][ T8459] EXT4-fs (loop4): 1 truncate cleaned up
[  247.366177][ T8459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.483850][ T8459] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 3: comm syz.4.841: lblock 1 mapped to illegal pblock 3 (length 1)
[  247.721038][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.890282][ T8469] loop5: detected capacity change from 0 to 128
[  247.927073][ T8469] EXT4-fs (loop5): Test dummy encryption mode enabled
[  247.952740][  T118] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  247.994857][ T8469] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  248.075389][ T8469] ext4 filesystem being mounted at /145/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  248.115235][  T118] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  248.132705][  T118] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  248.169550][  T118] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  248.193025][  T118] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.255532][  T118] usb 4-1: config 0 descriptor??
[  248.282457][  T118] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  248.313128][ T5894] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  248.328587][  T118] dvb-usb: bulk message failed: -22 (3/0)
[  248.331811][ T8461] loop6: detected capacity change from 0 to 32768
[  248.474457][ T5826] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  248.595146][ T8461] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  248.714085][ T8476] loop0: detected capacity change from 0 to 40427
[  248.733553][ T8476] F2FS-fs (loop0): invalid crc value
[  248.735046][ T8461] XFS (loop6): Ending clean mount
[  248.774319][  T118] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  248.882451][ T8476] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  248.893949][ T5894] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  248.912827][ T5894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.921466][  T118] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  248.984257][ T5894] usb 5-1: config 0 descriptor??
[  248.998591][  T118] usb 4-1: media controller created
[  249.019867][  T118] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  249.055206][ T5894] gspca_main: cpia1-2.14.0 probing 0813:0001
[  249.144889][  T118] dvb-usb: bulk message failed: -22 (6/0)
[  249.172872][  T118] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  249.229398][  T118] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input18
[  249.334063][  T118] dvb-usb: schedule remote query interval to 150 msecs.
[  249.382685][  T118] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  249.408399][ T5894] cpia1 5-1:0.0: unexpected state after lo power cmd: 00
[  249.417441][ T6050] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  249.491287][ T8495] netlink: 104 bytes leftover after parsing attributes in process `syz.2.848'.
[  249.501695][ T8495] netlink: 104 bytes leftover after parsing attributes in process `syz.2.848'.
[  249.511233][ T8495] netlink: 81 bytes leftover after parsing attributes in process `syz.2.848'.
[  249.545363][  T118] dvb-usb: bulk message failed: -22 (1/0)
[  249.581312][  T118] dvb-usb: error while querying for an remote control event.
[  249.597064][ T5812] usb 4-1: USB disconnect, device number 9
[  249.792345][   T30] audit: type=1326 audit(1748849338.969:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc8338e969 code=0x7ffc0000
[  249.813763][ T5894] gspca_cpia1: usb_control_msg 02, error -71
[  249.832855][ T5894] gspca_cpia1: usb_control_msg 05, error -71
[  249.838879][ T5894] cpia1 5-1:0.0: unexpected systemstate: 00
[  249.852990][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  249.902694][   T30] audit: type=1326 audit(1748849338.969:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc8338e969 code=0x7ffc0000
[  249.978830][ T5894] usb 5-1: USB disconnect, device number 9
[  249.994834][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  250.027503][ T5812] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  250.177105][   T30] audit: type=1326 audit(1748849339.009:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efc8332ab39 code=0x7ffc0000
[  250.285892][   T30] audit: type=1326 audit(1748849339.009:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efc8332ab39 code=0x7ffc0000
[  250.422781][   T30] audit: type=1326 audit(1748849339.009:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efc8332ab39 code=0x7ffc0000
[  250.526900][   T30] audit: type=1326 audit(1748849339.009:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efc8332ab39 code=0x7ffc0000
[  250.617977][   T30] audit: type=1326 audit(1748849339.029:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efc8332ab39 code=0x7ffc0000
[  250.640636][   T30] audit: type=1326 audit(1748849339.029:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7efc8338e969 code=0x7ffc0000
[  250.642837][ T8507] loop0: detected capacity change from 0 to 512
[  250.663097][   T30] audit: type=1326 audit(1748849339.029:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc8338e969 code=0x7ffc0000
[  250.691645][   T30] audit: type=1326 audit(1748849339.029:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.5.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc8338e969 code=0x7ffc0000
[  250.751532][ T8507] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  250.869923][ T8514] input: syz1 as /devices/virtual/input/input19
[  250.894454][ T8507] EXT4-fs (loop0): 1 truncate cleaned up
[  250.946888][ T8507] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.082276][ T8530] loop2: detected capacity change from 0 to 128
[  251.118127][ T8530] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  251.254627][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.336143][ T8530] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.369014][ T5144] Bluetooth: hci5: unexpected event for opcode 0x080f
[  251.702536][ T8537] loop4: detected capacity change from 0 to 2048
[  251.884771][ T8537] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  253.179550][ T8553] loop2: detected capacity change from 0 to 65536
[  253.290467][ T8553] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  253.350889][ T8569] loop3: detected capacity change from 0 to 47
[  253.473246][ T8553] XFS (loop2): Ending clean mount
[  253.540434][ T8569] bio_check_eod: 875 callbacks suppressed
[  253.540460][ T8569] syz.3.872: attempt to access beyond end of device
[  253.540460][ T8569] loop3: rw=2049, sector=48, nr_sectors = 8 limit=47
[  253.562319][ T8553] XFS (loop2): Metadata corruption detected at xfs_dinode_verify.part.0+0x93e/0x1760, inode 0x45 dinode
[  253.574089][ T8553] XFS (loop2): Unmount and run xfs_repair
[  253.582032][ T8553] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  253.589530][ T8553] 00000000: 49 4e a1 ff 03 01 00 00 00 00 00 00 00 00 00 00  IN..............
[  253.598459][ T8553] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  253.607438][ T8553] 00000020: 34 f7 58 68 a7 8d ff 64 34 f7 58 68 a7 8d ff 64  4.Xh...d4.Xh...d
[  253.616425][ T8553] 00000030: 34 f7 58 68 a7 8d ff 64 00 00 00 00 00 00 00 26  4.Xh...d.......&
[  253.627912][ T8553] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  253.637056][ T8553] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 97 d7 4a ca  ..............J.
[  253.645999][ T8553] 00000060: ff ff ff ff b0 c8 54 15 00 00 00 00 00 00 00 02  ......T.........
[  253.654960][ T8553] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[  253.802734][ T5812] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  253.821199][ T8580] loop6: detected capacity change from 0 to 2048
[  253.909596][ T5832] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  253.915377][ T8580] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  253.964609][ T5812] usb 5-1: Using ep0 maxpacket: 32
[  253.978359][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.047925][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.115344][ T5812] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  254.168276][ T5812] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.215874][ T5812] usb 5-1: config 0 descriptor??
[  254.246736][ T5812] hub 5-1:0.0: USB hub found
[  254.456489][ T5812] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  254.764340][ T8590] loop6: detected capacity change from 0 to 2048
[  254.957346][ T8578] loop4: detected capacity change from 0 to 256
[  255.090038][ T8590] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.143822][ T5812] hid-generic 0003:046D:C31C.000F: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[  255.228391][ T8590] EXT4-fs (loop6): shut down requested (1)
[  255.250706][ T5812] usb 5-1: USB disconnect, device number 10
[  255.491753][ T6050] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.604821][ T8598] fido_id[8598]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  257.187597][ T8626] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.205061][ T8626] batadv_slave_0: entered promiscuous mode
[  257.424723][ T8610] loop4: detected capacity change from 0 to 32768
[  257.565043][ T8610] JBD2: Ignoring recovery information on journal
[  257.838387][ T8610] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  258.082770][ T5892] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  258.268584][ T5839] ocfs2: Unmounting device (7,4) on (node local)
[  258.277478][ T5892] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  258.321684][ T5892] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.341011][ T5892] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  258.360465][ T5892] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.396763][ T5892] usb 1-1: config 0 descriptor??
[  258.839321][ T5892] elan 0003:04F3:0755.0010: failed to start in urb: -90
[  258.883971][ T5892] elan 0003:04F3:0755.0010: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[  258.922856][ T8651] sd 0:0:1:0: device reset
[  259.043462][ T5892] usb 1-1: USB disconnect, device number 5
[  259.124581][ T8657] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.902'.
[  259.235143][ T8661] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  259.243308][ T8661] IPv6: NLM_F_CREATE should be set when creating new route
[  259.250597][ T8661] IPv6: NLM_F_CREATE should be set when creating new route
[  259.365618][ T8655] fido_id[8655]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  259.452762][   T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  259.620982][   T10] usb 6-1: Using ep0 maxpacket: 32
[  259.658032][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  259.709333][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[  259.771768][   T10] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  259.817939][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.887279][   T10] usb 6-1: config 0 descriptor??
[  259.916262][   T10] hub 6-1:0.0: USB hub found
[  259.937589][ T8667] netlink: 8 bytes leftover after parsing attributes in process `syz.6.911'.
[  260.122735][   T10] hub 6-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  260.550209][   T10] hid-generic 0003:046D:C31C.0011: item fetching failed at offset 0/1
[  260.606363][   T10] hid-generic 0003:046D:C31C.0011: probe with driver hid-generic failed with error -22
[  260.790935][ T8688] loop0: detected capacity change from 0 to 2048
[  260.853054][   T10] usb 6-1: USB disconnect, device number 7
[  260.853907][ T8688] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  261.409032][ T8701] loop0: detected capacity change from 0 to 1024
[  261.456439][ T8701] EXT4-fs: Ignoring removed bh option
[  261.461957][ T8701] EXT4-fs: inline encryption not supported
[  261.529808][ T8701] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  261.606493][ T8701] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  261.758332][ T8701] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 2: comm syz.0.927: lblock 2 mapped to illegal pblock 2 (length 1)
[  261.804400][ T8679] loop4: detected capacity change from 0 to 32768
[  261.833067][ T8701] __quota_error: 30 callbacks suppressed
[  261.833090][ T8701] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  261.871318][ T8701] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 48: comm syz.0.927: lblock 0 mapped to illegal pblock 48 (length 1)
[  261.887638][  T975] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  261.925218][ T8716] loop6: detected capacity change from 0 to 256
[  261.988543][ T8679] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  262.010400][ T8701] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  262.055966][  T975] usb 6-1: Using ep0 maxpacket: 8
[  262.071893][ T8701] EXT4-fs error (device loop0): ext4_acquire_dquot:6931: comm syz.0.927: Failed to acquire dquot type 0
[  262.104768][  T975] usb 6-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  262.148460][  T975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.167345][ T8701] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  262.223831][  T975] usb 6-1: Product: syz
[  262.236793][  T975] usb 6-1: Manufacturer: syz
[  262.254078][  T975] usb 6-1: SerialNumber: syz
[  262.268307][ T5839] ocfs2: Unmounting device (7,4) on (node local)
[  262.297177][  T975] usb 6-1: config 0 descriptor??
[  262.309123][ T8701] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.927: mark_inode_dirty error
[  262.345834][  T975] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  262.378784][ T8701] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  262.419211][ T8701] EXT4-fs (loop0): 1 orphan inode deleted
[  262.435411][   T12] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  262.453801][ T8701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.556593][   T12] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  262.596023][   T12] EXT4-fs error (device loop0): ext4_release_dquot:6967: comm kworker/u8:0: Failed to release dquot type 0
[  262.676403][ T8701] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  262.737552][ T8701] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  262.777592][ T8701] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  262.809463][ T8701] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 48: comm syz.0.927: lblock 0 mapped to illegal pblock 48 (length 1)
[  262.880302][ T8701] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=-117
[  262.910566][ T8701] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  263.035572][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.143477][ T5812] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  263.342581][  T118] usb 6-1: USB disconnect, device number 8
[  263.357802][ T5812] usb 5-1: Using ep0 maxpacket: 32
[  263.380104][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.432842][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.456637][ T5812] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  263.494558][ T5812] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.518186][ T5812] usb 5-1: config 0 descriptor??
[  263.551141][ T8736] loop3: detected capacity change from 0 to 512
[  263.672181][ T8736] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  263.714863][ T8736] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.766104][ T8742] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  263.792747][ T5894] IPVS: starting estimator thread 0...
[  263.912901][ T8746] IPVS: using max 22 ests per chain, 52800 per kthread
[  263.983810][ T5812] ft260 0003:0403:6030.0012: unknown main item tag 0x0
[  264.060626][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  264.163776][ T5894] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  264.182002][ T5812] ft260 0003:0403:6030.0012: chip code: 0000 0000
[  264.358638][ T5894] usb 1-1: Using ep0 maxpacket: 8
[  264.377642][ T5894] usb 1-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=d2.54
[  264.383966][ T5812] ft260 0003:0403:6030.0012: failed to retrieve system status
[  264.409747][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.418354][ T8755] netlink: 'syz.3.946': attribute type 1 has an invalid length.
[  264.426885][ T5812] ft260 0003:0403:6030.0012: probe with driver ft260 failed with error -71
[  264.451544][ T5894] usb 1-1: Product: syz
[  264.462885][ T8755] netlink: 'syz.3.946': attribute type 4 has an invalid length.
[  264.473322][ T5812] usb 5-1: USB disconnect, device number 11
[  264.474291][ T5894] usb 1-1: Manufacturer: syz
[  264.491110][ T8755] netlink: 32 bytes leftover after parsing attributes in process `syz.3.946'.
[  264.503179][ T5894] usb 1-1: SerialNumber: syz
[  264.519137][   T10] IPVS: starting estimator thread 0...
[  264.542283][ T5894] usb 1-1: config 0 descriptor??
[  264.553644][ T8761] loop2: detected capacity change from 0 to 256
[  264.611539][ T5894] usb 1-1: invalid MIDI EP
[  264.623286][ T8759] IPVS: using max 21 ests per chain, 50400 per kthread
[  264.636532][ T8761] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  264.661374][ T5894] usb 1-1: snd-bcd2000: error during probing
[  264.676937][ T5894] snd-bcd2000 1-1:0.0: probe with driver snd-bcd2000 failed with error -22
[  264.714501][ T8761] exFAT-fs (loop2): start_clu is invalid cluster(0xffffffff)
[  264.833544][ T5894] usb 1-1: USB disconnect, device number 6
[  265.261351][ T8777] loop2: detected capacity change from 0 to 512
[  265.287890][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  265.299220][ T8777] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  265.299904][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  265.398435][ T8777] EXT4-fs (loop2): 1 truncate cleaned up
[  265.446369][ T8777] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.522084][   T30] audit: type=1800 audit(1748849354.699:67): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.957" name="file1" dev="loop2" ino=15 res=0 errno=0
[  265.668369][   T30] audit: type=1800 audit(1748849354.709:68): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.957" name="file1" dev="loop2" ino=15 res=0 errno=0
[  265.880615][ T8784] loop6: detected capacity change from 0 to 512
[  265.947097][ T8784] EXT4-fs: Ignoring removed mblk_io_submit option
[  265.981341][ T8784] EXT4-fs: Ignoring removed mblk_io_submit option
[  266.021158][ T8784] EXT4-fs (loop6): Test dummy encryption mode enabled
[  266.098928][ T8784] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  266.176716][ T8784] EXT4-fs (loop6): 1 truncate cleaned up
[  266.224533][ T8784] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.386270][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.573551][ T6050] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.747947][ T8804] loop2: detected capacity change from 0 to 512
[  266.811445][ T8804] EXT4-fs: Ignoring removed orlov option
[  266.887113][ T8804] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  266.944487][ T8804] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  266.984406][ T8804] EXT4-fs error (device loop2): ext4_iget_extra_inode:5034: inode #15: comm syz.2.966: corrupted in-inode xattr: e_value size too large
[  267.093271][ T8804] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.966: couldn't read orphan inode 15 (err -117)
[  267.145513][ T8817] netlink: 28 bytes leftover after parsing attributes in process `syz.4.973'.
[  267.161906][ T8804] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.180130][ T8817] netlink: 'syz.4.973': attribute type 7 has an invalid length.
[  267.188145][ T8817] netlink: 'syz.4.973': attribute type 8 has an invalid length.
[  267.232093][ T8817] netlink: 8 bytes leftover after parsing attributes in process `syz.4.973'.
[  267.411791][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.882762][ T5892] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  268.062810][ T5892] usb 5-1: Using ep0 maxpacket: 32
[  268.080765][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.126247][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.192697][ T5892] usb 5-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.00
[  268.247736][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.274743][ T8842] loop3: detected capacity change from 0 to 256
[  268.292481][ T5892] usb 5-1: config 0 descriptor??
[  268.336689][ T8842] MINIX-fs: mounting file system with errors, running fsck is recommended
[  268.382390][ T8810] loop6: detected capacity change from 0 to 32768
[  268.766843][ T5892] hid_mf 0003:0079:1801.0013: hidraw0: USB HID v0.00 Device [HID 0079:1801] on usb-dummy_hcd.4-1/input0
[  268.842773][ T5892] hid_mf 0003:0079:1801.0013: Force feedback for HJZ Mayflash game controller adapters by Marcel Hasler <mahasler@gmail.com>
[  268.943956][ T5892] usb 5-1: USB disconnect, device number 12
[  269.166377][ T8850] fido_id[8850]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  269.623055][ T5892] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  269.642869][ T5903] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  269.789686][ T5892] usb 7-1: Using ep0 maxpacket: 8
[  269.817778][ T5892] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  269.829888][ T5892] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  269.854152][ T5892] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  269.856872][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.907278][ T5892] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  269.917368][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  269.917414][ T5903] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  269.917480][ T5903] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  269.917521][ T5903] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.994034][ T5903] usb 1-1: config 0 descriptor??
[  270.112593][ T5892] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  270.142366][ T8880] loop5: detected capacity change from 0 to 1024
[  270.152378][ T5892] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  270.172998][ T5892] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.239063][ T8882] smc: net device bond0 applied user defined pnetid SYZ2
[  270.305303][ T8880] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.369297][ T8880] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.444037][ T5892] usb 7-1: usb_control_msg returned -32
[  270.449700][ T5892] usbtmc 7-1:16.0: can't read capabilities
[  270.487997][ T5903] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  270.515657][ T8892] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #15: block 3: comm syz.5.1001: lblock 3 mapped to illegal pblock 3 (length 5)
[  270.557408][ T5903] plantronics 0003:047F:FFFF.0014: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  270.610810][ T8892] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 5 with error 117
[  270.655713][ T8892] EXT4-fs (loop5): This should not happen!! Data will be lost
[  270.655713][ T8892] 
[  270.721478][ T5812] usb 1-1: USB disconnect, device number 7
[  270.910464][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.952818][ T5903] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  271.002566][ T8897] fido_id[8897]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  271.051913][ T8900] loop3: detected capacity change from 0 to 4096
[  271.125204][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  271.159894][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  271.222341][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  271.289335][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  271.334539][ T8905] ntfs3(loop3): ino=0, "file0" ni_find_attr
[  271.372761][ T5903] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  271.402988][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.435474][ T5903] usb 3-1: config 0 descriptor??
[  271.479121][ T8909] loop4: detected capacity change from 0 to 2048
[  271.565119][ T8909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.762947][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  271.831175][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.915943][ T5903] plantronics 0003:047F:FFFF.0015: ignoring exceeding usage max
[  271.943241][   T10] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  271.984853][   T10] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  271.997436][ T5903] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[  272.029444][   T10] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  272.040602][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.061677][ T5903] plantronics 0003:047F:FFFF.0015: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  272.105612][ T8911] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  272.105752][  T975] usb 3-1: USB disconnect, device number 8
[  272.136733][ T8923] loop5: detected capacity change from 0 to 128
[  272.203050][   T10] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  272.276681][ T8923] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  272.347903][ T8923] ext4 filesystem being mounted at /185/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  272.380019][    C1] vkms_vblank_simulate: vblank timer overrun
[  272.515403][   T10] usb 1-1: USB disconnect, device number 8
[  272.538867][ T8924] fido_id[8924]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  272.575144][  T975] usb 7-1: USB disconnect, device number 7
[  272.926308][ T5826] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  273.390170][ T8944] loop6: detected capacity change from 0 to 2048
[  273.522739][ T8944] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  273.591649][ T8947] loop2: detected capacity change from 0 to 4096
[  273.701240][ T8947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.884097][ T8947] EXT4-fs (loop2): shut down requested (1)
[  274.196247][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.860967][ T8976] loop6: detected capacity change from 0 to 2048
[  275.001289][ T8973] loop3: detected capacity change from 0 to 4096
[  275.056106][ T8973] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  275.228238][ T8988] loop5: detected capacity change from 0 to 512
[  275.284032][ T8988] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  275.320770][ T8973] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  275.367253][ T8988] EXT4-fs (loop5): 1 truncate cleaned up
[  275.388115][ T8973] ntfs3(loop3): ino=19, mi_enum_attr
[  275.415240][ T8988] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.509130][ T8997] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1051'.
[  275.616050][ T8988] EXT4-fs (loop5): shut down requested (1)
[  275.658235][ T8995] loop6: detected capacity change from 0 to 2048
[  275.792950][ T8997] syz.0.1051 (8997) used greatest stack depth: 17752 bytes left
[  275.893272][ T5826] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.164430][ T9007] loop4: detected capacity change from 0 to 1024
[  276.317993][   T30] audit: type=1800 audit(1748849365.479:69): pid=9007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1055" name="file1" dev="loop4" ino=20 res=0 errno=0
[  276.648400][ T9017] loop6: detected capacity change from 0 to 1024
[  276.768138][ T9017] EXT4-fs: Ignoring removed nobh option
[  276.826186][ T9017] EXT4-fs: Ignoring removed bh option
[  276.840274][ T9019] loop3: detected capacity change from 0 to 1024
[  277.262149][ T9023] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  277.377504][ T9023] hfsplus: xattr searching failed
[  277.443488][ T9019] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  277.555290][ T9013] loop2: detected capacity change from 0 to 131072
[  277.562384][ T9019] hfsplus: xattr searching failed
[  277.615630][ T9013] F2FS-fs (loop2): Test dummy encryption mode enabled
[  277.647716][ T9013] F2FS-fs (loop2): invalid crc value
[  277.764678][ T9013] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  278.044286][ T6458] hfsplus: b-tree write err: -5, ino 4
[  278.815915][ T9046] loop3: detected capacity change from 0 to 32768
[  278.837214][ T9046] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  278.845550][ T9046] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  278.917459][ T9046] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  278.942998][  T118] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  278.949821][  T118] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  279.248766][ T9059] loop0: detected capacity change from 0 to 1024
[  279.332441][  T118] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 382ms
[  279.402576][ T9059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.413810][  T118] gfs2: fsid=syz:syz.0: jid=0: Done
[  279.420768][ T9046] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  279.576394][ T9068] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.1074: Abort forced by user
[  279.704692][ T9068] EXT4-fs (loop0): Remounting filesystem read-only
[  279.732577][ T9068] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  279.950991][ T9075] loop4: detected capacity change from 0 to 256
[  279.991511][ T9075] exfat: Unknown parameter 'namecascard'
[  280.177019][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.581517][ T9080] loop5: detected capacity change from 0 to 2048
[  280.748475][ T9080] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  280.773122][ T9080] NILFS (loop5): mounting unchecked fs
[  280.945258][ T6055] udevd[6055]: incorrect nilfs2 checksum on /dev/loop5
[  280.989301][ T9080] NILFS (loop5): recovery complete
[  281.023170][ T9092] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  281.257182][ T9096] netlink: 'syz.2.1085': attribute type 10 has an invalid length.
[  281.683277][ T9102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  282.386399][ T9112] loop0: detected capacity change from 0 to 2048
[  282.523692][ T9112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.550922][ T9112] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.694188][ T9112] fs-verity: sha512 using implementation "sha512-avx2"
[  282.927909][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.940329][ T9131] input: syz1 as /devices/virtual/input/input20
[  282.947353][ T5902] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  283.000137][ T9124] loop6: detected capacity change from 0 to 4096
[  283.156177][ T5902] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.213631][ T5902] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.251358][ T5902] usb 6-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  283.281936][ T5902] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.316947][ T9140] loop3: detected capacity change from 0 to 128
[  283.327358][ T5902] usb 6-1: config 0 descriptor??
[  283.754553][ T9151] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  283.758655][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  283.807619][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  283.859432][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  283.885942][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  283.910933][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  283.942223][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  283.969448][ T9156] loop4: detected capacity change from 0 to 128
[  283.989616][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  284.028545][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  284.054486][ T9156] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  284.059616][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  284.082133][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  284.090636][ T5902] hid-rmi 0003:0461:4E72.0016: unknown main item tag 0x0
[  284.107044][ T5902] hid-rmi 0003:0461:4E72.0016: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.5-1/input0
[  284.173176][ T5902] usb 6-1: USB disconnect, device number 9
[  284.237401][ T9156] ext4 filesystem being mounted at /169/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  284.701375][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  284.798511][ T9166] fido_id[9166]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  285.029210][ T9178] loop6: detected capacity change from 0 to 512
[  285.351468][ T9181] loop0: detected capacity change from 0 to 2048
[  285.423719][ T9186] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  285.700117][ T9190] loop4: detected capacity change from 0 to 8
[  285.973526][ T9186] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  285.990556][ T9190] SQUASHFS error: xz decompression failed, data probably corrupt
[  286.037591][ T9196] loop5: detected capacity change from 0 to 128
[  286.052987][ T9190] SQUASHFS error: Failed to read block 0xa8: -5
[  286.068558][ T9186] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  286.092057][ T9196] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  286.126179][ T9186] Remounting filesystem read-only
[  286.161327][ T5824] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  286.202174][ T9196] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  286.212854][ T9190] SQUASHFS error: xz decompression failed, data probably corrupt
[  286.273165][ T9190] SQUASHFS error: Failed to read block 0xa8: -5
[  286.317059][   T30] audit: type=1800 audit(1748849375.499:70): pid=9190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1125" name="file0" dev="loop4" ino=3 res=0 errno=0
[  286.359153][ T5925] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  286.829350][ T9208] loop2: detected capacity change from 0 to 512
[  286.838665][ T9203] loop0: detected capacity change from 0 to 4096
[  286.902940][ T9208] EXT4-fs error (device loop2): ext4_iget_extra_inode:5034: inode #15: comm syz.2.1133: corrupted in-inode xattr: overlapping e_value 
[  286.955145][ T9208] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1133: couldn't read orphan inode 15 (err -117)
[  287.046463][ T9208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.439568][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.602840][   T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  287.782808][   T10] usb 5-1: Using ep0 maxpacket: 32
[  287.797822][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.814130][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.822877][  T118] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  287.824580][ T9198] loop6: detected capacity change from 0 to 32768
[  287.837956][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  287.848514][ T9235] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input21
[  287.891921][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.944048][   T10] usb 5-1: config 0 descriptor??
[  288.003207][  T118] usb 3-1: Using ep0 maxpacket: 16
[  288.029654][  T118] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  288.071923][  T118] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.118497][  T118] usb 3-1: Product: syz
[  288.132879][  T118] usb 3-1: Manufacturer: syz
[  288.165444][  T118] usb 3-1: SerialNumber: syz
[  288.215850][  T118] usb 3-1: config 0 descriptor??
[  288.250188][  T118] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  288.278204][  T118] usb 3-1: Detected FT232H
[  288.420413][   T10] savu 0003:1E7D:2D5A.0017: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  288.476598][  T118] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  288.648435][   T10] usb 5-1: USB disconnect, device number 13
[  288.682077][ T9247] loop6: detected capacity change from 0 to 1024
[  288.726794][ T9247] EXT4-fs: Ignoring removed oldalloc option
[  288.790421][ T9244] fido_id[9244]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  288.826695][ T9249] syz.3.1147 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  288.955574][  T118] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  289.145942][  T118] usb 3-1: USB disconnect, device number 9
[  289.495448][ T9255] loop5: detected capacity change from 0 to 256
[  289.530719][ T9253] loop3: detected capacity change from 0 to 32768
[  289.556384][  T118] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  289.568622][ T9253] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  289.572872][ T9255] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  289.593420][  T118] ftdi_sio 3-1:0.0: device disconnected
[  289.647002][ T9255] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  289.777682][ T9255] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  289.806378][ T9253] XFS (loop3): Ending clean mount
[  289.818367][ T9253] XFS (loop3): Quotacheck needed: Please wait.
[  289.979852][ T9253] XFS (loop3): Quotacheck: Done.
[  289.992975][   T10] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  290.000823][   T30] audit: type=1800 audit(1748849379.179:71): pid=9253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1149" name="file1" dev="loop3" ino=9286 res=0 errno=0
[  290.203607][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  290.238652][ T5825] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  290.248991][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  290.302855][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  290.344843][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  290.378291][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  290.425819][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.453790][   T10] usb 5-1: config 0 descriptor??
[  290.546222][ T9281] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1161'.
[  290.842971][ T5902] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  290.922060][   T10] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  290.992141][   T10] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  291.052238][ T5902] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  291.083138][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.098485][ T5902] usb 1-1: Product: syz
[  291.106665][ T5902] usb 1-1: Manufacturer: syz
[  291.111313][ T5902] usb 1-1: SerialNumber: syz
[  291.194180][ T5902] usb 1-1: config 0 descriptor??
[  291.226758][   T10] usb 5-1: USB disconnect, device number 14
[  291.440115][ T9296] fido_id[9296]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  291.613407][ T5902] usb 1-1: Firmware: major: 0, minor: 105, hardware type: UNKNOWN (35)
[  291.763704][   T36] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  291.795934][  T118] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  291.807510][   T36] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  291.830278][ T5902] usb 1-1: failed to fetch extended address, random address set
[  291.833095][  T118] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  291.867760][ T5902] usb 1-1: atusb_probe: initialization failed, error = -524
[  291.896027][ T5902] atusb 1-1:0.0: probe with driver atusb failed with error -524
[  291.950062][ T5902] usb 1-1: USB disconnect, device number 9
[  292.134049][ T5892] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  292.238969][ T9319] loop6: detected capacity change from 0 to 1024
[  292.329603][ T5892] usb 3-1: unable to get BOS descriptor or descriptor too short
[  292.344819][ T5892] usb 3-1: not running at top speed; connect to a high speed hub
[  292.393872][ T5892] usb 3-1: config 17 has an invalid interface number: 8 but max is 1
[  292.429810][ T5892] usb 3-1: config 17 has 1 interface, different from the descriptor's value: 2
[  292.432840][ T9315] loop4: detected capacity change from 0 to 8192
[  292.482863][ T5892] usb 3-1: config 17 has no interface number 0
[  292.489130][ T5892] usb 3-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 10707, setting to 64
[  292.587935][ T5892] usb 3-1: config 17 interface 8 has no altsetting 0
[  292.632060][ T5892] usb 3-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  292.644093][  T118] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  292.652159][ T9323] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  292.671164][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.697782][ T9323] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  292.703606][ T5892] usb 3-1: Product: syz
[  292.716035][ T9327] loop0: detected capacity change from 0 to 512
[  292.728936][ T5892] usb 3-1: Manufacturer: syz
[  292.734553][ T5892] usb 3-1: SerialNumber: syz
[  292.755829][ T9327] EXT4-fs: Ignoring removed oldalloc option
[  292.782216][ T9311] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  292.815286][ T9327] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  292.833585][  T975] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  292.888881][ T9327] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  292.947051][ T9327] System zones: 1-12
[  292.998117][ T9327] EXT4-fs error (device loop0): ext4_iget_extra_inode:5034: inode #15: comm syz.0.1176: corrupted in-inode xattr: e_value size too large
[  293.035263][  T975] usb 6-1: Using ep0 maxpacket: 8
[  293.075637][ T9327] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1176: couldn't read orphan inode 15 (err -117)
[  293.086386][ T5892] usb 3-1: selecting invalid altsetting 0
[  293.094802][  T975] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  293.122146][  T975] usb 6-1: config 0 has no interface number 0
[  293.153488][  T975] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  293.170878][ T9327] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.196921][  T975] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  293.212037][ T9335] loop6: detected capacity change from 0 to 512
[  293.234278][  T975] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  293.245804][  T975] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  293.283620][ T9327] EXT4-fs (loop0): shut down requested (1)
[  293.302703][  T975] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  293.324282][ T5892] usb 3-1: USB disconnect, device number 10
[  293.360927][  T975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.414363][  T975] usb 6-1: config 0 descriptor??
[  293.426617][ T9338] loop3: detected capacity change from 0 to 512
[  293.445740][  T975] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  293.525588][ T9338] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.539153][ T9339] loop4: detected capacity change from 0 to 1024
[  293.564122][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.574427][ T9339] EXT4-fs: Ignoring removed bh option
[  293.579574][ T9338] ext4 filesystem being mounted at /222/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  293.606625][ T5889] udevd[5889]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  293.695296][  T975] usb 6-1: USB disconnect, device number 10
[  293.729815][ T9338] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.1181: iget: bad i_size value: 2533274857506816
[  293.747416][ T9339] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.782224][  T975] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  294.053140][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.099822][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.274040][ T5812] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  294.361179][ T9352] loop2: detected capacity change from 0 to 512
[  294.424025][ T9352] EXT4-fs: Ignoring removed oldalloc option
[  294.452758][ T5812] usb 1-1: Using ep0 maxpacket: 32
[  294.471534][ T9352] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  294.489326][ T5812] usb 1-1: config 0 has an invalid interface number: 146 but max is 0
[  294.514717][ T5812] usb 1-1: config 0 has no interface number 0
[  294.535731][ T5812] usb 1-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  294.541283][   T36] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.602766][ T5812] usb 1-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  294.662657][ T5812] usb 1-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  294.692676][ T5812] usb 1-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  294.732829][ T5812] usb 1-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  294.768799][ T5812] usb 1-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  294.824431][ T5812] usb 1-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  294.849932][   T36] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.873074][ T5812] usb 1-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 26159, setting to 1024
[  294.904626][ T9352] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  294.923638][ T5812] usb 1-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  294.950478][ T5812] usb 1-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  294.969530][   T36] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.991425][ T5812] usb 1-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  295.014474][ T5812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.023471][ T5812] usb 1-1: Product: syz
[  295.030198][ T5812] usb 1-1: Manufacturer: syz
[  295.067104][ T5812] usb 1-1: SerialNumber: syz
[  295.127331][ T5812] usb 1-1: config 0 descriptor??
[  295.134836][ T9346] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  295.142327][ T9346] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  295.212834][ T5812] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  295.221334][ T5812] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  295.299073][   T36] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.312156][ T5812] scsi host1: microtekX6
[  295.486081][ T5812] usb 1-1: USB disconnect, device number 10
[  295.572951][ T5902] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  295.682280][   T36] bridge_slave_1: left allmulticast mode
[  295.714681][   T36] bridge_slave_1: left promiscuous mode
[  295.721782][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.754839][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.786553][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.808729][ T5902] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  295.814397][   T36] bridge_slave_0: left allmulticast mode
[  295.842244][ T5902] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  295.862353][ T5902] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.877256][   T36] bridge_slave_0: left promiscuous mode
[  295.901949][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.917312][ T5902] usb 3-1: config 0 descriptor??
[  296.188894][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  296.201245][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  296.221859][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  296.236219][ T5846] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  296.245759][ T5846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  296.421984][ T5902] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[  296.494957][ T5902] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  296.656576][ T5812] usb 3-1: USB disconnect, device number 11
[  296.768991][ T9389] fido_id[9389]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  297.619317][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.633341][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.647396][   T36] bond0 (unregistering): Released all slaves
[  297.702994][ T9391] netlink: 'syz.0.1200': attribute type 1 has an invalid length.
[  297.927880][ T9401] loop2: detected capacity change from 0 to 2048
[  297.960042][ T9401] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  298.323047][ T5846] Bluetooth: hci3: command tx timeout
[  299.136220][   T36] hsr_slave_0: left promiscuous mode
[  299.176426][   T36] hsr_slave_1: left promiscuous mode
[  299.193645][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.201461][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.216639][ T9403] loop0: detected capacity change from 0 to 32768
[  299.224567][  T975] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  299.246506][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.260558][ T9403] XFS: attr2 mount option is deprecated.
[  299.274485][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.346697][ T9403] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  299.365168][   T36] veth1_macvtap: left promiscuous mode
[  299.370837][   T36] veth0_macvtap: left promiscuous mode
[  299.376801][   T36] veth1_vlan: left promiscuous mode
[  299.384231][   T36] veth0_vlan: left promiscuous mode
[  299.423361][  T975] usb 4-1: Using ep0 maxpacket: 16
[  299.487512][  T975] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[  299.512065][  T975] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  299.553153][ T9403] XFS (loop0): Ending clean mount
[  299.560636][  T975] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  299.580963][ T9403] XFS (loop0): Quotacheck needed: Please wait.
[  299.599254][  T975] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  299.632745][  T975] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  299.641681][  T975] usb 4-1: config 0 has no interface number 0
[  299.687521][  T975] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  299.744275][ T9403] XFS (loop0): Quotacheck: Done.
[  299.764301][  T975] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  299.804253][  T975] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  299.834587][  T975] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  299.927869][  T975] usb 4-1: config 0 interface 125 has no altsetting 0
[  299.939382][  T975] usb 4-1: config 0 interface 125 has no altsetting 2
[  299.960569][ T5812] kernel write not supported for file /uhid (pid: 5812 comm: kworker/0:3)
[  299.961722][  T975] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  299.981645][ T9445] loop4: detected capacity change from 0 to 8
[  299.992276][  T975] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.028237][  T975] usb 4-1: Product: syz
[  300.032533][  T975] usb 4-1: Manufacturer: syz
[  300.041345][  T975] usb 4-1: SerialNumber: syz
[  300.074359][ T9445] SQUASHFS error: lzo decompression failed, data probably corrupt
[  300.134368][ T5824] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  300.157509][ T9445] SQUASHFS error: Failed to read block 0x144: -5
[  300.195803][  T975] usb 4-1: config 0 descriptor??
[  300.209580][ T9445] SQUASHFS error: Unable to read metadata cache entry [142]
[  300.238767][  T975] usb 4-1: selecting invalid altsetting 2
[  300.246078][ T9445] SQUASHFS error: Unable to read inode 0x11f
[  300.422983][ T9449] sock: sock_set_timeout: `syz.5.1220' (pid 9449) tries to set negative timeout
[  300.913767][ T9454] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  301.312188][  T975] usb 4-1: USB disconnect, device number 10
[  301.585287][ T5894] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  301.631193][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  301.654908][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  301.685093][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  301.699818][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  301.709114][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  301.753017][ T5894] usb 5-1: Using ep0 maxpacket: 8
[  301.760162][ T5894] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  301.783113][ T5894] usb 5-1: config 0 has no interface number 0
[  301.789302][ T5894] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  301.805327][ T5894] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  301.819835][ T5894] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  301.843105][ T5894] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  301.863118][ T5894] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  301.872741][ T5894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.885659][ T5894] usb 5-1: config 0 descriptor??
[  301.902972][ T5894] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  302.136660][ T9479] loop3: detected capacity change from 0 to 1024
[  302.294804][ T9479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.308785][ T9477] loop0: detected capacity change from 0 to 32768
[  302.324878][ T9477] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1229 (9477)
[  302.341182][ T9477] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  302.351508][ T9477] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  302.360381][ T9477] BTRFS info (device loop0): using free-space-tree
[  302.400219][   T30] audit: type=1800 audit(1748849391.579:72): pid=9479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1231" name="file1" dev="loop3" ino=15 res=0 errno=0
[  302.425777][ T9479] EXT4-fs (loop3): Online defrag not supported with bigalloc
[  302.468249][   T30] audit: type=1800 audit(1748849391.579:73): pid=9479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1231" name="file2" dev="loop3" ino=16 res=0 errno=0
[  302.630900][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.867646][ T5824] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  303.244801][   T36] team0 (unregistering): Port device team_slave_1 removed
[  303.256501][ T9509] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  303.558221][   T36] team0 (unregistering): Port device team_slave_0 removed
[  303.762974][ T5144] Bluetooth: hci3: command tx timeout
[  304.167726][  T975] usb 5-1: USB disconnect, device number 15
[  304.193874][  T975] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  304.706666][ T9523] loop3: detected capacity change from 0 to 32768
[  304.741744][ T9523] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  304.750098][ T9523] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  304.763675][ T9523] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  304.775389][ T5894] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  304.794619][ T5894] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  304.852976][ T9527] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  305.098274][ T5894] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 303ms
[  305.133173][ T5894] gfs2: fsid=syz:syz.0: jid=0: Done
[  305.138486][ T9523] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  305.554826][ T9534] loop4: detected capacity change from 0 to 32768
[  305.586656][ T9534] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1244 (9534)
[  305.637224][ T9534] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.647821][ T9534] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  305.657406][ T9534] BTRFS info (device loop4): using free-space-tree
[  305.850288][ T5144] Bluetooth: hci3: command tx timeout
[  306.047144][ T5839] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  306.382704][ T5894] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  306.585485][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  306.632653][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  306.697042][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  306.749151][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  306.805902][ T5894] usb 4-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  306.844059][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.852206][ T5894] usb 4-1: Product: syz
[  306.896828][ T5894] usb 4-1: Manufacturer: syz
[  306.901500][ T5894] usb 4-1: SerialNumber: syz
[  306.917845][ T9570] input: syz0 as /devices/virtual/input/input25
[  306.947515][ T5894] usb 4-1: config 0 descriptor??
[  307.062685][ T5892] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  307.214049][ T5812] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  307.226451][ T5894] adutux 4-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  307.244246][   T36] IPVS: stop unused estimator thread 0...
[  307.261440][ T5892] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.292634][ T5892] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.348240][ T5892] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  307.406134][ T5894] usb 4-1: USB disconnect, device number 11
[  307.413068][ T5812] usb 5-1: Using ep0 maxpacket: 32
[  307.445010][ T5892] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  307.466343][ T5812] usb 5-1: config 0 has an invalid interface number: 85 but max is 0
[  307.489854][ T5892] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.505578][ T5812] usb 5-1: config 0 has no interface number 0
[  307.511732][ T5812] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  307.585672][ T5892] usb 6-1: config 0 descriptor??
[  307.623344][ T5812] usb 5-1: config 0 interface 85 has no altsetting 0
[  307.665142][ T5812] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  307.686614][ T9585] netlink: 596 bytes leftover after parsing attributes in process `syz.0.1255'.
[  307.712954][ T5812] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.721024][ T5812] usb 5-1: Product: syz
[  307.765579][ T5812] usb 5-1: Manufacturer: syz
[  307.780460][ T5812] usb 5-1: SerialNumber: syz
[  307.833831][ T5812] usb 5-1: config 0 descriptor??
[  308.045034][ T5892] plantronics 0003:047F:FFFF.001A: reserved main item tag 0xd
[  308.093013][ T9581] netlink: 'syz.0.1255': attribute type 29 has an invalid length.
[  308.100348][ T5892] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[  308.121742][ T9584] netlink: 'syz.0.1255': attribute type 29 has an invalid length.
[  308.180046][ T5892] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  308.316598][ T5892] usb 6-1: USB disconnect, device number 11
[  308.478809][ T5812] appletouch 5-1:0.85: Geyser mode initialized.
[  308.562546][ T5812] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.85/input/input26
[  308.662292][ T9591] fido_id[9591]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  308.684335][    C1] appletouch 5-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  308.684339][ T5812] usb 5-1: USB disconnect, device number 16
[  308.832701][ T5892] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  308.995211][ T5812] appletouch 5-1:0.85: input: appletouch disconnected
[  309.032654][ T5892] usb 3-1: Using ep0 maxpacket: 16
[  309.072448][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.125756][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.171162][ T5892] usb 3-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  309.215355][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.264304][ T5892] usb 3-1: config 0 descriptor??
[  309.605112][ T9610] loop4: detected capacity change from 0 to 1024
[  309.688190][ T9610] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.725020][ T5892] playstation 0003:054C:05C4.001B: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.2-1/input0
[  309.786745][ T9610] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.815174][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  309.831482][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  309.840503][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  309.858114][ T5846] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  309.866373][ T5846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  309.903020][ T5892] playstation 0003:054C:05C4.001B: Invalid byte count transferred, expected 16 got 0
[  309.914909][ T5892] playstation 0003:054C:05C4.001B: Failed to retrieve DualShock4 pairing info: -22
[  309.925032][ T5892] playstation 0003:054C:05C4.001B: Failed to get MAC address from DualShock4
[  309.934058][ T5892] playstation 0003:054C:05C4.001B: Failed to create dualshock4.
[  309.947813][ T5892] playstation 0003:054C:05C4.001B: probe with driver playstation failed with error -22
[  310.023638][ T9610] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  310.119644][ T5892] usb 3-1: USB disconnect, device number 12
[  310.273788][ T9620] fido_id[9620]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  310.274156][ T9626] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1264'.
[  310.375773][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.996851][ T9642] overlayfs: unescaped trailing colons in lowerdir mount option.
[  311.083990][ T9644] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  311.223957][ T5892] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  311.393357][ T5892] usb 3-1: Using ep0 maxpacket: 16
[  311.415457][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.452755][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.503953][ T5892] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  311.522136][ T5892] usb 3-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0
[  311.553829][ T5892] usb 3-1: Product: syz
[  311.572430][ T5892] usb 3-1: Manufacturer: syz
[  311.605209][ T5892] usb 3-1: config 0 descriptor??
[  311.818254][ T9654] loop4: detected capacity change from 0 to 64
[  312.054976][ T5892] kovaplus 0003:1E7D:2D50.001C: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.2-1/input0
[  312.210718][ T5839] hfs: node 4:3 still has 1 user(s)!
[  312.283623][ T9663] netlink: 'syz.0.1275': attribute type 1 has an invalid length.
[  312.424816][ T5902] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  312.428038][ T5892] kovaplus 0003:1E7D:2D50.001C: couldn't init struct kovaplus_device
[  312.483396][ T5892] kovaplus 0003:1E7D:2D50.001C: couldn't install mouse
[  312.514600][ T5892] kovaplus 0003:1E7D:2D50.001C: probe with driver kovaplus failed with error -71
[  312.586035][ T5892] usb 3-1: USB disconnect, device number 13
[  312.625854][ T5902] usb 6-1: Using ep0 maxpacket: 8
[  312.674426][ T5902] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  312.706117][ T5902] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  312.771515][ T5902] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  312.812846][ T5902] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  312.857981][ T5902] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  312.922717][  T118] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  312.934438][ T5902] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  312.937414][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  312.977271][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  312.982509][ T5902] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.992734][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  313.013576][ T9672] fido_id[9672]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  313.029522][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  313.045095][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  313.155393][  T118] usb 1-1: Using ep0 maxpacket: 16
[  313.198634][  T118] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  313.234133][  T118] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  313.265631][  T118] usb 1-1: config 0 interface 0 has no altsetting 0
[  313.272331][  T118] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  313.302961][ T5902] usb 6-1: usb_control_msg returned -32
[  313.308626][ T5902] usbtmc 6-1:16.0: can't read capabilities
[  313.338687][  T118] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.397977][  T118] usb 1-1: config 0 descriptor??
[  313.456512][ T9680] netlink: 'syz.2.1280': attribute type 4 has an invalid length.
[  313.688478][ T9684] usbtmc 6-1:16.0: usb_control_msg returned -32
[  313.746691][ T5902] usb 6-1: USB disconnect, device number 12
[  313.856363][  T118] hid (null): report_id 0 is invalid
[  313.861743][  T118] hid (null): invalid report_size 4076
[  313.911714][  T118] hid (null): unknown global tag 0xc
[  313.932140][  T118] hid (null): invalid report_size 59118
[  313.960112][ T9666] loop4: detected capacity change from 0 to 32768
[  313.976578][  T118] hid (null): global environment stack underflow
[  314.000778][  T118] hid (null): unknown global tag 0xd
[  314.070897][  T118] usb 1-1: USB disconnect, device number 11
[  314.101717][ T9666] JBD2: Ignoring recovery information on journal
[  314.323297][ T9666] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  314.843932][ T5839] ocfs2: Unmounting device (7,4) on (node local)
[  315.420518][ T9710] loop0: detected capacity change from 0 to 1024
[  315.497980][ T9713] can0: slcan on ptm0.
[  315.535952][ T9710] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[  315.620301][ T9710] System zones: 0-1, 3-12
[  315.685295][ T9710] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.750597][ T9723] loop5: detected capacity change from 0 to 64
[  315.802835][ T9723] hfs: Unknown parameter 'u;��r�a�
��Dmas'
[  315.844515][ T9705] can0 (unregistered): slcan off ptm0.
[  316.302888][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.803300][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  316.821934][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  316.832020][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  316.864491][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  316.889958][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  316.919523][ T9709] loop2: detected capacity change from 0 to 32768
[  317.108683][ T9749] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input28
[  317.165403][   T30] audit: type=1800 audit(1748849406.329:74): pid=9709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1283" name="file1" dev="loop2" ino=4 res=0 errno=0
[  317.282571][ T9755] ipvlan2: entered promiscuous mode
[  317.320327][ T9755] ipvlan2: entered allmulticast mode
[  317.389566][ T9755] bridge0: entered allmulticast mode
[  317.446958][ T9755] batman_adv: batadv0: Adding interface: ipvlan2
[  317.503007][ T9755] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.535832][ T9755] batman_adv: batadv0: Interface activated: ipvlan2
[  317.696145][ T9761] netlink: 'syz.4.1299': attribute type 11 has an invalid length.
[  318.231126][   T30] audit: type=1326 audit(1748849407.409:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.0.1302" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23e498e969 code=0x0
[  319.781395][ T9811] loop5: detected capacity change from 0 to 256
[  320.512782][ T9821] loop4: detected capacity change from 0 to 32768
[  320.674793][ T9821] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  320.866604][ T9821] XFS (loop4): Ending clean mount
[  320.924881][ T9821] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x26/0xe0, xfs_bnobt block 0x8 
[  320.936931][ T9821] XFS (loop4): Unmount and run xfs_repair
[  320.942740][ T9821] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  320.950175][ T9821] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff  AB3B............
[  320.951507][ T9843] XFS (loop4): Metadata CRC error detected at xfs_inobt_read_verify+0x26/0xe0, xfs_finobt block 0x20 
[  320.959995][ T9821] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 40  ...............@
[  320.960056][ T9821] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  320.960101][ T9821] 00000030: 00 00 00 00 72 89 6f 7a 00 00 00 06 00 00 00 02  ....r.oz........
[  320.960131][ T9821] 00000040: 00 00 05 9a 00 00 00 06 00 00 05 b0 00 00 0a 50  ...............P
[  320.960161][ T9821] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  320.960190][ T9821] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  320.960220][ T9821] 00000070: 00 00 00 00 00 00 00 00 00 07 00 00 00 00 00 00  ................
[  320.960252][ T9821] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x8 len 8 error 74
[  321.032957][ T9844] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1316'.
[  321.042214][ T9821] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  321.071999][ T9821] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  321.107497][ T9843] XFS (loop4): Unmount and run xfs_repair
[  321.114378][ T9843] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  321.121796][ T9843] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  321.130936][ T9843] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[  321.139851][ T9843] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[  321.148957][ T9843] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[  321.159001][ T9843] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  321.169601][ T9843] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[  321.186634][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  321.194758][ T9843] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  321.214289][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  321.232915][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  321.247278][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  321.252709][ T9843] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  321.265256][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  321.721463][ T5839] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  321.795696][ T9856] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1320'.
[  322.206351][ T9860] loop3: detected capacity change from 0 to 4096
[  322.512631][ T9860] ntfs3(loop3): failed to convert "0080" to macinuit
[  322.566386][ T9860] ntfs3(loop3): failed to convert name for inode 1e.
[  322.616677][ T9860] ntfs3(loop3): ino=1f, mi_enum_attr
[  322.652706][ T9860] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  323.307137][ T9863] loop2: detected capacity change from 0 to 32768
[  323.392221][ T9863] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  323.416671][   T36] (kworker/u8:2,36,1):ocfs2_check_dir_entry:321 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  323.568929][ T5832] ocfs2: Unmounting device (7,2) on (node local)
[  324.475586][ T9904] loop0: detected capacity change from 0 to 64
[  324.603668][ T9906] loop3: detected capacity change from 0 to 2048
[  324.693862][   T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[  324.735863][ T9906] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.789741][ T9906] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.220233][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.511887][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  325.526065][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  325.534978][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  325.550285][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  325.560430][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  325.670816][ T9933] loop3: detected capacity change from 0 to 128
[  325.689802][ T9933] EXT4-fs: inline encryption not supported
[  325.836308][ T9933] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  325.959809][ T9933] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.972693][ T5892] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  326.152174][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  326.172881][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  326.195801][ T5892] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  326.235323][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.299138][ T5892] usb 3-1: config 0 descriptor??
[  326.470303][ T5825] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  326.737510][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  326.955505][ T5892] usb 3-1: string descriptor 0 read error: -22
[  326.984052][ T5144] Bluetooth: hci2: unexpected event for opcode 0x2002
[  327.030031][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.257900][ T9956] input input29: cannot allocate more than FF_MAX_EFFECTS effects
[  327.362990][ T5892] uclogic 0003:256C:006D.001E: failed retrieving string descriptor #100: -71
[  327.371882][ T5892] uclogic 0003:256C:006D.001E: failed retrieving pen parameters: -71
[  327.437027][ T5892] uclogic 0003:256C:006D.001E: failed probing pen v1 parameters: -71
[  327.485615][ T5892] uclogic 0003:256C:006D.001E: failed probing parameters: -71
[  327.545625][ T5892] uclogic 0003:256C:006D.001E: probe with driver uclogic failed with error -71
[  327.590221][ T5892] usb 3-1: USB disconnect, device number 14
[  327.614567][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.703606][ T9964] 
[  327.705995][ T9964] =====================================================
[  327.712938][ T9964] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  327.720409][ T9964] 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 Not tainted
[  327.727188][ T9964] -----------------------------------------------------
[  327.734129][ T9964] syz.5.1352/9964 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  327.741787][ T9964] ffff88805b6160c0 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510
[  327.750567][ T9964] 
[  327.750567][ T9964] and this task is already holding:
[  327.757943][ T9964] ffff888029106028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0
[  327.767856][ T9964] which would create a new lock dependency:
[  327.773755][ T9964]  (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3}
[  327.781935][ T9964] 
[  327.781935][ T9964] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  327.791397][ T9964]  (&dev->event_lock#2){..-.}-{3:3}
[  327.791465][ T9964] 
[  327.791465][ T9964] ... which became SOFTIRQ-irq-safe at:
[  327.804374][ T9964]   lock_acquire+0x179/0x350
[  327.809002][ T9964]   _raw_spin_lock_irqsave+0x3a/0x60
[  327.814312][ T9964]   input_event+0x70/0xb0
[  327.818671][ T9964]   atp_complete_geyser_3_4+0xa2c/0x16f0
[  327.824345][ T9964]   __usb_hcd_giveback_urb+0x38d/0x6e0
[  327.829838][ T9964]   usb_hcd_giveback_urb+0x39b/0x450
[  327.835157][ T9964]   dummy_timer+0x180e/0x3a20
[  327.839845][ T9964]   __hrtimer_run_queues+0x202/0xad0
[  327.845166][ T9964]   hrtimer_run_softirq+0x17d/0x350
[  327.850401][ T9964]   handle_softirqs+0x219/0x8e0
[  327.855291][ T9964]   __irq_exit_rcu+0x109/0x170
[  327.860088][ T9964]   irq_exit_rcu+0x9/0x30
[  327.864433][ T9964]   sysvec_apic_timer_interrupt+0xa4/0xc0
[  327.870183][ T9964]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  327.876269][ T9964]   __sanitizer_cov_trace_pc+0x41/0x70
[  327.881762][ T9964]   input_open_device+0x296/0x390
[  327.886810][ T9964]   mousedev_open_device+0xe0/0x140
[  327.892023][ T9964]   mousedev_open+0x2fd/0x580
[  327.897258][ T9964]   chrdev_open+0x234/0x6a0
[  327.901775][ T9964]   do_dentry_open+0x744/0x1c10
[  327.906742][ T9964]   vfs_open+0x82/0x3f0
[  327.910940][ T9964]   path_openat+0x1de4/0x2cb0
[  327.915662][ T9964]   do_filp_open+0x20b/0x470
[  327.920277][ T9964]   do_sys_openat2+0x11b/0x1d0
[  327.925067][ T9964]   __x64_sys_openat+0x174/0x210
[  327.930062][ T9964]   do_syscall_64+0xcd/0x4c0
[  327.934684][ T9964]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.940679][ T9964] 
[  327.940679][ T9964] to a SOFTIRQ-irq-unsafe lock:
[  327.947693][ T9964]  (tasklist_lock){.+.+}-{3:3}
[  327.947740][ T9964] 
[  327.947740][ T9964] ... which became SOFTIRQ-irq-unsafe at:
[  327.960368][ T9964] ...
[  327.960381][ T9964]   lock_acquire+0x179/0x350
[  327.967559][ T9964]   _raw_read_lock+0x5f/0x70
[  327.972174][ T9964]   __do_wait+0x105/0x890
[  327.976524][ T9964]   do_wait+0x21e/0x5a0
[  327.980698][ T9964]   kernel_wait+0x9f/0x160
[  327.985133][ T9964]   call_usermodehelper_exec_work+0xf1/0x170
[  327.991151][ T9964]   process_one_work+0x9cf/0x1b70
[  327.996206][ T9964]   worker_thread+0x6c8/0xf10
[  328.000910][ T9964]   kthread+0x3c5/0x780
[  328.005088][ T9964]   ret_from_fork+0x5d7/0x6f0
[  328.009870][ T9964]   ret_from_fork_asm+0x1a/0x30
[  328.014734][ T9964] 
[  328.014734][ T9964] other info that might help us debug this:
[  328.014734][ T9964] 
[  328.024962][ T9964] Chain exists of:
[  328.024962][ T9964]   &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
[  328.024962][ T9964] 
[  328.038672][ T9964]  Possible interrupt unsafe locking scenario:
[  328.038672][ T9964] 
[  328.047452][ T9964]        CPU0                    CPU1
[  328.052831][ T9964]        ----                    ----
[  328.058200][ T9964]   lock(tasklist_lock);
[  328.062550][ T9964]                                local_irq_disable();
[  328.069313][ T9964]                                lock(&dev->event_lock#2);
[  328.076549][ T9964]                                lock(&client->buffer_lock);
[  328.083942][ T9964]   <Interrupt>
[  328.087423][ T9964]     lock(&dev->event_lock#2);
[  328.092322][ T9964] 
[  328.092322][ T9964]  *** DEADLOCK ***
[  328.092322][ T9964] 
[  328.100492][ T9964] 7 locks held by syz.5.1352/9964:
[  328.105611][ T9964]  #0: ffff88802a7f9118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x206/0x750
[  328.114823][ T9964]  #1: ffff88802a61d230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x390
[  328.125002][ T9964]  #2: ffffffff8e3c4d80 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x390
[  328.134908][ T9964]  #3: ffffffff8e3c4d80 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x890
[  328.144556][ T9964]  #4: ffffffff8e3c4d80 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390
[  328.153846][ T9964]  #5: ffff888029106028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0
[  328.164196][ T9964]  #6: ffffffff8e3c4d80 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510
[  328.173331][ T9964] 
[  328.173331][ T9964] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  328.183743][ T9964]  -> (&dev->event_lock#2){..-.}-{3:3} {
[  328.189440][ T9964]     IN-SOFTIRQ-W at:
[  328.193516][ T9964]                       lock_acquire+0x179/0x350
[  328.199875][ T9964]                       _raw_spin_lock_irqsave+0x3a/0x60
[  328.206919][ T9964]                       input_event+0x70/0xb0
[  328.213011][ T9964]                       atp_complete_geyser_3_4+0xa2c/0x16f0
[  328.220421][ T9964]                       __usb_hcd_giveback_urb+0x38d/0x6e0
[  328.227655][ T9964]                       usb_hcd_giveback_urb+0x39b/0x450
[  328.234730][ T9964]                       dummy_timer+0x180e/0x3a20
[  328.241170][ T9964]                       __hrtimer_run_queues+0x202/0xad0
[  328.248235][ T9964]                       hrtimer_run_softirq+0x17d/0x350
[  328.255213][ T9964]                       handle_softirqs+0x219/0x8e0
[  328.261839][ T9964]                       __irq_exit_rcu+0x109/0x170
[  328.268376][ T9964]                       irq_exit_rcu+0x9/0x30
[  328.274477][ T9964]                       sysvec_apic_timer_interrupt+0xa4/0xc0
[  328.281960][ T9964]                       asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  328.289784][ T9964]                       __sanitizer_cov_trace_pc+0x41/0x70
[  328.297014][ T9964]                       input_open_device+0x296/0x390
[  328.303803][ T9964]                       mousedev_open_device+0xe0/0x140
[  328.310753][ T9964]                       mousedev_open+0x2fd/0x580
[  328.317271][ T9964]                       chrdev_open+0x234/0x6a0
[  328.323529][ T9964]                       do_dentry_open+0x744/0x1c10
[  328.330152][ T9964]                       vfs_open+0x82/0x3f0
[  328.336062][ T9964]                       path_openat+0x1de4/0x2cb0
[  328.342486][ T9964]                       do_filp_open+0x20b/0x470
[  328.348826][ T9964]                       do_sys_openat2+0x11b/0x1d0
[  328.355351][ T9964]                       __x64_sys_openat+0x174/0x210
[  328.362056][ T9964]                       do_syscall_64+0xcd/0x4c0
[  328.368418][ T9964]                       entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.376151][ T9964]     INITIAL USE at:
[  328.380138][ T9964]                      lock_acquire+0x179/0x350
[  328.386403][ T9964]                      _raw_spin_lock_irqsave+0x3a/0x60
[  328.393360][ T9964]                      input_inject_event+0x9f/0x390
[  328.400065][ T9964]                      led_set_brightness+0x217/0x290
[  328.406851][ T9964]                      kbd_led_trigger_activate+0xcb/0x110
[  328.414084][ T9964]                      led_trigger_set+0x59a/0xc50
[  328.420612][ T9964]                      led_trigger_set_default+0x1bd/0x2a0
[  328.427838][ T9964]                      led_classdev_register_ext+0x7b8/0xa10
[  328.435230][ T9964]                      input_leds_connect+0x552/0x8e0
[  328.442002][ T9964]                      input_attach_handler.isra.0+0x184/0x260
[  328.449561][ T9964]                      input_register_device+0xa84/0x1130
[  328.456691][ T9964]                      atkbd_connect+0x5da/0xa20
[  328.463045][ T9964]                      serio_driver_probe+0x77/0xb0
[  328.469654][ T9964]                      really_probe+0x241/0xa90
[  328.475921][ T9964]                      __driver_probe_device+0x1de/0x440
[  328.482984][ T9964]                      driver_probe_device+0x4c/0x1b0
[  328.489775][ T9964]                      __driver_attach+0x283/0x580
[  328.496390][ T9964]                      bus_for_each_dev+0x13e/0x1d0
[  328.502996][ T9964]                      serio_handle_event+0x247/0xa50
[  328.509863][ T9964]                      process_one_work+0x9cf/0x1b70
[  328.516564][ T9964]                      worker_thread+0x6c8/0xf10
[  328.522921][ T9964]                      kthread+0x3c5/0x780
[  328.528747][ T9964]                      ret_from_fork+0x5d7/0x6f0
[  328.535094][ T9964]                      ret_from_fork_asm+0x1a/0x30
[  328.541615][ T9964]   }
[  328.544203][ T9964]   ... key      at: [<ffffffff9aeb0740>] __key.7+0x0/0x40
[  328.551457][ T9964] -> (&client->buffer_lock){....}-{3:3} {
[  328.557228][ T9964]    INITIAL USE at:
[  328.561128][ T9964]                    lock_acquire+0x179/0x350
[  328.567245][ T9964]                    _raw_spin_lock_irqsave+0x3a/0x60
[  328.574026][ T9964]                    evdev_do_ioctl+0x347/0x1b30
[  328.580394][ T9964]                    evdev_ioctl+0x16f/0x1a0
[  328.586396][ T9964]                    __x64_sys_ioctl+0x18e/0x210
[  328.592754][ T9964]                    do_syscall_64+0xcd/0x4c0
[  328.598954][ T9964]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.606422][ T9964]  }
[  328.608918][ T9964]  ... key      at: [<ffffffff9aeb0bc0>] __key.1+0x0/0x40
[  328.616060][ T9964]  ... acquired at:
[  328.619862][ T9964]    _raw_spin_lock+0x2e/0x40
[  328.624552][ T9964]    evdev_pass_values+0x10e/0x9b0
[  328.629681][ T9964]    evdev_events+0x1bb/0x390
[  328.634377][ T9964]    input_pass_values+0x6c7/0x890
[  328.639509][ T9964]    input_handle_event+0xf00/0x14d0
[  328.644819][ T9964]    input_inject_event+0x1cd/0x390
[  328.650213][ T9964]    evdev_write+0x457/0x750
[  328.654823][ T9964]    vfs_write+0x2a0/0x1150
[  328.659359][ T9964]    ksys_write+0x1f8/0x250
[  328.663893][ T9964]    do_syscall_64+0xcd/0x4c0
[  328.668598][ T9964]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.674677][ T9964] 
[  328.677002][ T9964] 
[  328.677002][ T9964] the dependencies between the lock to be acquired
[  328.677019][ T9964]  and SOFTIRQ-irq-unsafe lock:
[  328.690527][ T9964]   -> (tasklist_lock){.+.+}-{3:3} {
[  328.695861][ T9964]      HARDIRQ-ON-R at:
[  328.700019][ T9964]                         lock_acquire+0x179/0x350
[  328.706552][ T9964]                         _raw_read_lock+0x5f/0x70
[  328.713072][ T9964]                         __do_wait+0x105/0x890
[  328.719331][ T9964]                         do_wait+0x21e/0x5a0
[  328.725416][ T9964]                         kernel_wait+0x9f/0x160
[  328.731763][ T9964]                         call_usermodehelper_exec_work+0xf1/0x170
[  328.739690][ T9964]                         process_one_work+0x9cf/0x1b70
[  328.746664][ T9964]                         worker_thread+0x6c8/0xf10
[  328.753281][ T9964]                         kthread+0x3c5/0x780
[  328.759383][ T9964]                         ret_from_fork+0x5d7/0x6f0
[  328.765987][ T9964]                         ret_from_fork_asm+0x1a/0x30
[  328.773021][ T9964]      SOFTIRQ-ON-R at:
[  328.777182][ T9964]                         lock_acquire+0x179/0x350
[  328.783705][ T9964]                         _raw_read_lock+0x5f/0x70
[  328.790224][ T9964]                         __do_wait+0x105/0x890
[  328.796483][ T9964]                         do_wait+0x21e/0x5a0
[  328.802567][ T9964]                         kernel_wait+0x9f/0x160
[  328.808924][ T9964]                         call_usermodehelper_exec_work+0xf1/0x170
[  328.816848][ T9964]                         process_one_work+0x9cf/0x1b70
[  328.823813][ T9964]                         worker_thread+0x6c8/0xf10
[  328.830424][ T9964]                         kthread+0x3c5/0x780
[  328.836512][ T9964]                         ret_from_fork+0x5d7/0x6f0
[  328.843122][ T9964]                         ret_from_fork_asm+0x1a/0x30
[  328.849897][ T9964]      INITIAL USE at:
[  328.853972][ T9964]                        lock_acquire+0x179/0x350
[  328.860406][ T9964]                        _raw_write_lock_irq+0x36/0x50
[  328.867278][ T9964]                        copy_process+0x4caf/0x76a0
[  328.873885][ T9964]                        kernel_clone+0xfc/0x960
[  328.880223][ T9964]                        user_mode_thread+0xc7/0x110
[  328.886911][ T9964]                        rest_init+0x23/0x2b0
[  328.892987][ T9964]                        start_kernel+0x3ee/0x4d0
[  328.899426][ T9964]                        x86_64_start_reservations+0x18/0x30
[  328.906825][ T9964]                        x86_64_start_kernel+0x130/0x190
[  328.913876][ T9964]                        common_startup_64+0x13e/0x148
[  328.920755][ T9964]      INITIAL READ USE at:
[  328.925265][ T9964]                             lock_acquire+0x179/0x350
[  328.932145][ T9964]                             _raw_read_lock+0x5f/0x70
[  328.939014][ T9964]                             __do_wait+0x105/0x890
[  328.945631][ T9964]                             do_wait+0x21e/0x5a0
[  328.952062][ T9964]                             kernel_wait+0x9f/0x160
[  328.958782][ T9964]                             call_usermodehelper_exec_work+0xf1/0x170
[  328.967056][ T9964]                             process_one_work+0x9cf/0x1b70
[  328.974365][ T9964]                             worker_thread+0x6c8/0xf10
[  328.981327][ T9964]                             kthread+0x3c5/0x780
[  328.987765][ T9964]                             ret_from_fork+0x5d7/0x6f0
[  328.994716][ T9964]                             ret_from_fork_asm+0x1a/0x30
[  329.001840][ T9964]    }
[  329.004512][ T9964]    ... key      at: [<ffffffff8e00c098>] tasklist_lock+0x18/0x40
[  329.012424][ T9964]    ... acquired at:
[  329.016400][ T9964]    _raw_read_lock+0x5f/0x70
[  329.021094][ T9964]    send_sigurg+0xed/0xc80
[  329.025616][ T9964]    sk_send_sigurg+0x76/0x360
[  329.030401][ T9964]    unix_stream_sendmsg+0xeb3/0x11d0
[  329.035796][ T9964]    ____sys_sendmsg+0xa98/0xc70
[  329.040742][ T9964]    ___sys_sendmsg+0x134/0x1d0
[  329.045618][ T9964]    __sys_sendmmsg+0x200/0x420
[  329.050494][ T9964]    __x64_sys_sendmmsg+0x9c/0x100
[  329.055633][ T9964]    do_syscall_64+0xcd/0x4c0
[  329.060358][ T9964]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.066442][ T9964] 
[  329.068760][ T9964]  -> (&f_owner->lock){....}-{3:3} {
[  329.074097][ T9964]     INITIAL USE at:
[  329.078082][ T9964]                      lock_acquire+0x179/0x350
[  329.084349][ T9964]                      _raw_write_lock_irq+0x36/0x50
[  329.091050][ T9964]                      __f_setown+0x61/0x3c0
[  329.097049][ T9964]                      fcntl_dirnotify+0x78f/0xb50
[  329.103592][ T9964]                      do_fcntl+0xe62/0x15a0
[  329.109589][ T9964]                      __x64_sys_fcntl+0x163/0x200
[  329.116108][ T9964]                      do_syscall_64+0xcd/0x4c0
[  329.122555][ T9964]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.130319][ T9964]     INITIAL READ USE at:
[  329.134749][ T9964]                           lock_acquire+0x179/0x350
[  329.142749][ T9964]                           _raw_read_lock_irqsave+0x74/0x90
[  329.150170][ T9964]                           send_sigio+0x31/0x3e0
[  329.156611][ T9964]                           dnotify_handle_event+0x15e/0x2b0
[  329.164002][ T9964]                           fsnotify_handle_inode_event.isra.0+0x1e2/0x3f0
[  329.172626][ T9964]                           fsnotify+0x13d6/0x1dc0
[  329.179157][ T9964]                           path_openat+0x1b50/0x2cb0
[  329.185929][ T9964]                           do_filp_open+0x20b/0x470
[  329.192616][ T9964]                           do_sys_openat2+0x11b/0x1d0
[  329.199484][ T9964]                           __x64_sys_openat+0x174/0x210
[  329.206528][ T9964]                           do_syscall_64+0xcd/0x4c0
[  329.213232][ T9964]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.221311][ T9964]   }
[  329.223899][ T9964]   ... key      at: [<ffffffff9abde740>] __key.1+0x0/0x40
[  329.231124][ T9964]   ... acquired at:
[  329.235012][ T9964]    _raw_read_lock_irqsave+0x74/0x90
[  329.240409][ T9964]    send_sigio+0x31/0x3e0
[  329.244849][ T9964]    kill_fasync+0x214/0x510
[  329.249462][ T9964]    lease_break_callback+0x23/0x30
[  329.254717][ T9964]    __break_lease+0x674/0x1810
[  329.259600][ T9964]    do_dentry_open+0x6e1/0x1c10
[  329.264600][ T9964]    vfs_open+0x82/0x3f0
[  329.268863][ T9964]    path_openat+0x1de4/0x2cb0
[  329.273639][ T9964]    do_filp_open+0x20b/0x470
[  329.278325][ T9964]    do_sys_openat2+0x11b/0x1d0
[  329.283201][ T9964]    __x64_sys_openat+0x174/0x210
[  329.288249][ T9964]    do_syscall_64+0xcd/0x4c0
[  329.292953][ T9964]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.299034][ T9964] 
[  329.301356][ T9964] -> (&new->fa_lock){....}-{3:3} {
[  329.306519][ T9964]    INITIAL USE at:
[  329.310421][ T9964]                    lock_acquire+0x179/0x350
[  329.316542][ T9964]                    _raw_write_lock_irq+0x36/0x50
[  329.323181][ T9964]                    fasync_remove_entry+0xb2/0x1e0
[  329.329798][ T9964]                    fasync_helper+0xaf/0xd0
[  329.335813][ T9964]                    snd_fasync_helper+0xdd/0x250
[  329.342260][ T9964]                    do_fcntl+0xa3d/0x15a0
[  329.348092][ T9964]                    __x64_sys_fcntl+0x163/0x200
[  329.354451][ T9964]                    do_syscall_64+0xcd/0x4c0
[  329.360554][ T9964]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.368031][ T9964]    INITIAL READ USE at:
[  329.372370][ T9964]                         lock_acquire+0x179/0x350
[  329.378895][ T9964]                         _raw_read_lock_irqsave+0x74/0x90
[  329.386129][ T9964]                         kill_fasync+0x138/0x510
[  329.392573][ T9964]                         do_splice+0xb53/0x1fc0
[  329.398915][ T9964]                         __do_splice+0x15d/0x360
[  329.405347][ T9964]                         __x64_sys_splice+0x187/0x250
[  329.412214][ T9964]                         do_syscall_64+0xcd/0x4c0
[  329.418747][ T9964]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.426655][ T9964]  }
[  329.429172][ T9964]  ... key      at: [<ffffffff9abde700>] __key.0+0x0/0x40
[  329.436350][ T9964]  ... acquired at:
[  329.440157][ T9964]    lock_acquire+0x179/0x350
[  329.444859][ T9964]    _raw_read_lock_irqsave+0x74/0x90
[  329.450260][ T9964]    kill_fasync+0x138/0x510
[  329.454871][ T9964]    evdev_pass_values+0x619/0x9b0
[  329.460096][ T9964]    evdev_events+0x1bb/0x390
[  329.464802][ T9964]    input_pass_values+0x6c7/0x890
[  329.469947][ T9964]    input_handle_event+0xf00/0x14d0
[  329.475264][ T9964]    input_inject_event+0x1cd/0x390
[  329.480486][ T9964]    evdev_write+0x457/0x750
[  329.485099][ T9964]    vfs_write+0x2a0/0x1150
[  329.489634][ T9964]    ksys_write+0x1f8/0x250
[  329.494173][ T9964]    do_syscall_64+0xcd/0x4c0
[  329.498880][ T9964]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.504965][ T9964] 
[  329.507287][ T9964] 
[  329.507287][ T9964] stack backtrace:
[  329.513179][ T9964] CPU: 1 UID: 0 PID: 9964 Comm: syz.5.1352 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  329.513222][ T9964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.513243][ T9964] Call Trace:
[  329.513256][ T9964]  <TASK>
[  329.513268][ T9964]  dump_stack_lvl+0x116/0x1f0
[  329.513316][ T9964]  check_irq_usage+0x7dc/0x920
[  329.513362][ T9964]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  329.513426][ T9964]  ? check_path.constprop.0+0x24/0x50
[  329.513470][ T9964]  ? __lock_acquire+0x1285/0x1c90
[  329.513511][ T9964]  __lock_acquire+0x1285/0x1c90
[  329.513561][ T9964]  lock_acquire+0x179/0x350
[  329.513603][ T9964]  ? kill_fasync+0x138/0x510
[  329.513646][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.513688][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.513732][ T9964]  _raw_read_lock_irqsave+0x74/0x90
[  329.513774][ T9964]  ? kill_fasync+0x138/0x510
[  329.513815][ T9964]  kill_fasync+0x138/0x510
[  329.513858][ T9964]  evdev_pass_values+0x619/0x9b0
[  329.513908][ T9964]  evdev_events+0x1bb/0x390
[  329.513950][ T9964]  input_pass_values+0x6c7/0x890
[  329.513994][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514037][ T9964]  input_handle_event+0xf00/0x14d0
[  329.514080][ T9964]  ? _copy_from_user+0x59/0xd0
[  329.514112][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514157][ T9964]  input_inject_event+0x1cd/0x390
[  329.514204][ T9964]  evdev_write+0x457/0x750
[  329.514250][ T9964]  ? __pfx_evdev_write+0x10/0x10
[  329.514295][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514335][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514380][ T9964]  ? security_file_permission+0x71/0x210
[  329.514427][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514467][ T9964]  ? rw_verify_area+0xcf/0x680
[  329.514514][ T9964]  ? __pfx_evdev_write+0x10/0x10
[  329.514557][ T9964]  vfs_write+0x2a0/0x1150
[  329.514611][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514653][ T9964]  ? __pfx_vfs_write+0x10/0x10
[  329.514704][ T9964]  ? find_held_lock+0x2b/0x80
[  329.514734][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514779][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.514819][ T9964]  ? __fget_files+0x20e/0x3c0
[  329.514857][ T9964]  ksys_write+0x1f8/0x250
[  329.514908][ T9964]  ? __pfx_ksys_write+0x10/0x10
[  329.514962][ T9964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  329.515007][ T9964]  do_syscall_64+0xcd/0x4c0
[  329.515056][ T9964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.515090][ T9964] RIP: 0033:0x7efc8338e969
[  329.515116][ T9964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.515150][ T9964] RSP: 002b:00007efc8415b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  329.515180][ T9964] RAX: ffffffffffffffda RBX: 00007efc835b5fa0 RCX: 00007efc8338e969
[  329.515204][ T9964] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003
[  329.515225][ T9964] RBP: 00007efc83410ab1 R08: 0000000000000000 R09: 0000000000000000
[  329.515246][ T9964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  329.515266][ T9964] R13: 0000000000000000 R14: 00007efc835b5fa0 R15: 00007ffd0bca84a8
[  329.515299][ T9964]  </TASK>
[  329.953265][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  329.960882][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  329.969952][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  329.986393][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  329.994236][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  330.094917][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.203841][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  331.117744][ T5144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  331.125654][ T5144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  331.133551][ T5144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  331.141241][ T5144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  331.150421][ T5144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  331.179558][   T13] bond0 (unregistering): Released all slaves
[  331.565886][   T13] hsr_slave_0: left promiscuous mode
[  331.581504][   T13] hsr_slave_1: left promiscuous mode
[  331.603060][   T13] veth1_macvtap: left promiscuous mode
[  331.610053][   T13] veth0_macvtap: left promiscuous mode
[  331.621859][   T13] veth1_vlan: left promiscuous mode
[  331.627225][   T13] veth0_vlan: left promiscuous mode
[  332.431505][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.471886][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.538521][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.609189][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.698672][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.760736][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.820490][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.893628][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.999236][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.071567][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.138283][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.188009][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.298979][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.345366][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.401803][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.450789][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.563821][   T13] bridge_slave_1: left allmulticast mode
[  333.569518][   T13] bridge_slave_1: left promiscuous mode
[  333.576181][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.585338][   T13] bridge_slave_0: left allmulticast mode
[  333.591009][   T13] bridge_slave_0: left promiscuous mode
[  333.597079][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.606452][   T13] bridge_slave_1: left allmulticast mode
[  333.612113][   T13] bridge_slave_1: left promiscuous mode
[  333.618438][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.627014][   T13] bridge_slave_0: left allmulticast mode
[  333.633722][   T13] bridge_slave_0: left promiscuous mode
[  333.639386][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.649126][   T13] bridge_slave_1: left allmulticast mode
[  333.655675][   T13] bridge_slave_1: left promiscuous mode
[  333.661338][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.670849][   T13] bridge_slave_0: left allmulticast mode
[  333.676630][   T13] bridge_slave_0: left promiscuous mode
[  333.682277][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.692494][   T13] bridge_slave_1: left allmulticast mode
[  333.698324][   T13] bridge_slave_1: left promiscuous mode
[  333.704037][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.712372][   T13] bridge_slave_0: left allmulticast mode
[  333.718361][   T13] bridge_slave_0: left promiscuous mode
[  333.725354][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.887140][   T13] batman_adv: batadv0: Interface deactivated: ipvlan2
[  333.896731][   T13] batman_adv: batadv0: Removing interface: ipvlan2
[  333.938167][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.948385][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.958630][   T13] bond0 (unregistering): Released all slaves
[  334.056288][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.067285][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.077619][   T13] bond0 (unregistering): Released all slaves
[  334.224321][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.234852][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.244945][   T13] bond0 (unregistering): Released all slaves
[  334.328435][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.339518][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.349272][   T13] bond0 (unregistering): Released all slaves
[  334.465921][   T13] tipc: Disabling bearer <eth:team0>
[  334.471477][   T13] tipc: Left network mode
[  334.989814][   T13] hsr_slave_0: left promiscuous mode
[  334.997089][   T13] hsr_slave_1: left promiscuous mode
[  335.004591][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.012383][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.020179][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.034139][   T13] hsr_slave_0: left promiscuous mode
[  335.040006][   T13] hsr_slave_1: left promiscuous mode
[  335.050804][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  335.058806][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.068543][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.076212][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.096984][   T13] hsr_slave_0: left promiscuous mode
[  335.114254][   T13] hsr_slave_1: left promiscuous mode
[  335.119992][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  335.136907][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.144802][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.152249][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.173908][   T13] hsr_slave_0: left promiscuous mode
[  335.179761][   T13] hsr_slave_1: left promiscuous mode
[  335.185785][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  335.193236][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.201044][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.208878][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.231440][   T13] team_slave_0: left promiscuous mode
[  335.236903][   T13] team_slave_1: left promiscuous mode
[  335.242498][   T13] veth1_macvtap: left promiscuous mode
[  335.250131][   T13] veth0_macvtap: left promiscuous mode
[  335.255791][   T13] veth1_vlan: left promiscuous mode
[  335.261105][   T13] veth0_vlan: left promiscuous mode
[  335.267528][   T13] veth1_macvtap: left promiscuous mode
[  335.273300][   T13] veth0_macvtap: left promiscuous mode
[  335.278888][   T13] veth1_vlan: left promiscuous mode
[  335.284308][   T13] veth0_vlan: left promiscuous mode
[  335.290606][   T13] veth1_macvtap: left promiscuous mode
[  335.297666][   T13] veth0_macvtap: left promiscuous mode
[  335.303296][   T13] veth1_vlan: left promiscuous mode
[  335.308637][   T13] veth0_vlan: left promiscuous mode
[  335.315224][   T13] veth1_macvtap: left promiscuous mode
[  335.320756][   T13] veth0_macvtap: left promiscuous mode
[  335.326467][   T13] veth1_vlan: left promiscuous mode
[  335.331759][   T13] veth0_vlan: left promiscuous mode
[  335.688963][   T13] team0 (unregistering): Port device team_slave_1 removed
[  335.710279][   T13] team0 (unregistering): Port device team_slave_0 removed
[  335.912345][   T13] team0 (unregistering): Port device team_slave_1 removed
[  335.927759][   T13] team0 (unregistering): Port device team_slave_0 removed
[  336.131257][   T13] team0 (unregistering): Port device team_slave_1 removed
[  336.159474][   T13] team0 (unregistering): Port device team_slave_0 removed
[  336.372007][   T13] team0 (unregistering): Port device team_slave_1 removed
[  336.396334][   T13] team0 (unregistering): Port device team_slave_0 removed
[  337.499690][   T13] IPVS: stop unused estimator thread 0...
[  337.507006][   T13] IPVS: stop unused estimator thread 0...
[  337.519562][   T13] IPVS: stop unused estimator thread 0...
[  337.527531][   T13] IPVS: stop unused estimator thread 0...