last executing test programs:

21.802590444s ago: executing program 5 (id=355):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000040)={[{@mb_optimize_scan}, {@nobarrier}]}, 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000302, 0x0, 0x0)

16.929564009s ago: executing program 5 (id=364):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x2, 0x1}}, 0x2e)
getsockopt(0xffffffffffffffff, 0x111, 0x1, 0x0, &(0x7f0000000080))

15.820423631s ago: executing program 5 (id=367):
openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x4181, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x88800, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003460200bfa30000000000001702000000feffff7a0a00fe14ffffff79a4f0ff00000000b7060000ff0800007e640200000000005502faff037202000404000001007d60a6040000001000006a0a58fe39000f00850000005a000000bc600000000000009500000000000000a81bbfa32d51a7d0679fd43041097666ab982de7b0efc5733ed236e4add6de094e0832aaa6912a8b2ce571c4580034fb000000e3a94bd24d2eb3860d808922433e3e0f242a46b3009a54f4077db0d4968a384b0559c7919b893d3b72cd6c832e986440ff0a7e8620cb231ccd00000000000000000000007777e2704653f620b2272c3c7fea60491073847c4b7bbaed91f33fb382d91ae8e18c9b6c9f0322ec5f1c7cc5869ff455896712198c4e2ddf8b86e714229527ca40b24cfd6a1f00e891728807982d90e116bba29bb70900000000000000c63ad2e7402f9cb424ac416e66af9ebbfea905d37cf226312cb81ec8439cea06e7fa5e5b3596301460142f83b464d9e57dfdb06dcf9101000100130033d649d2110cf2e1f4682c24a314447c5e0807f0b1766ebdecbd061772daa52a38539295d3fea7a7e669441e1ff04114dfa904fb43897f8d9c3c287acba716973eadf1bf9cd0a38edc345415c42d3d2dd3339d32a5796cbe8925efd0c81af69a3e97588878d7ce18b68bc37e061d33357d6a39d33c702576cc2a8891663e3776c7a37c5c962e12102f237bbf60c0a3bf07d55b3888418de2b2ad23d25395dd4ccddf247dd2c712e2e2eaf7d432e968122cc5dcaa7ba330963b7093a58a02dba114f75e1ffd5c2912b506bfb93122fc776aadec51a367658100000000000000b148a90000000000a2a283801ff218538cb12c72b56ffb6b7a062581ec749f5700000000009f1f5ab2e02739ccd50523d3360300005cbeaf95c7d797d6e094c4a3aee025bf43cebde7e7cdbae9b1698e19eb0e6d5244c1ffb0e97628a88a5e37032f1e8f6c893e514f2b3e1028cd404a1d8fe6569da0385e65e4d523166c4213abb8dae5b1409317f29572e788af92aedb0287f2816e301fc8a24dba6fca8b270d44fe65e7bd90a5fc16387bcb5e3df18d7d2a33c72cfda827b8926a6dc6bc19ce398cb8fe48b11b7f93e6fdfb040283c9627bd40909ee4307c4197b15797af17845fbc02846d2f8543f65594cb535a9598eb067b21111dbaa58b19a52f3f12880128d08eb477ad349ca214bc7f80000000000ffb52da89cff41552996e20a585c7d265bd749eeba040fa7111c84142757709d7c475fac2839beb833327db41c6b647c7ee9ad419a6c68dd5c2ce4fa23c280518fc6e54d1b055cae5492e8c4cdd314a49631a15de2bffc920dd74e670794acec7a9da17d809bf956f1af51cf3c0711792d3071dfdaec3c66053cdb00028f6fba8da8f53de39a5999e56fc26ae866674627c8a53d3fd245050060ed40782d1d98bf1e1f5dfd4d1fb399624c12732e300818b222ce029ce01055f941721226e3e5f05d2837240f8f6831b6ef2a02ec64aae1eea9cfac06d8b7042e8ebdc6cb0d4a140e1e631d06afc99d397c5b67b290344e347c953806b298f288884335f624378b3748a4a86bbd0a62127b2c28ce3737661b98bd45965b537ece7bd4e365ffd5567df4d02034c8d488a49c6fb1a0a02eaab2f271d3a14e44211e4ff602d146f72355972860bdd14719d65301964d022819b75696ce47534c9d989d69a445095ff8fbebd2c84635acc333f2aca4623cfe9f9e6c3f9fbb4374c08e1be5eec12c329a87d335fd7a52a4e4e7c2e57fa2f0df9500347b300f84230783cb665f3fa44f5d6fa987aa93c2619ef4977f9e4d38adec323778f3bc987533ffd85fe5417398a3001b394fccbd2faee83b5e2b8a2dd18cf067b619a82c4706531b3ef336a84e825c63b9bc7b98b4ad6a471692224adef86f4c9930169dfa133e22929d5a27e10bfbcfe7c02ca451afd74d26f489e0e09cf1b596ae0c959cf26cb0c8114a9311b7f2fe2ad977074ff5f62f6777a20700414ed03ba3d7404eadd43a62ad1173491a5c099290393e1f85aeb3886fbb7f6646212054a850d58a71c6d6027cd3a5ff22e98672349f9bddb23622e2f19b39e51ced84524567ec1fcb233a2fb85371e9b08b6fd4adcd4db148ed26757123a0e604bcf6ffdcc303956e1805f1746361bd3eeb55d3fefe6ac274c2e6c78963430118942d62a465698e600dadd81a53ffd29358746e8db2499e3fca62b0ff660b0aaeedadeb194a9217e9fed2ce04cc24451871d5bcd76173ab7123cc27eef33dbb4d3c3bf1fc2df68a98345c15667388c5000000000000000000000015000000c0459f900702908d4979288d06c7159ef2663dc7ea9302b10bf2da21e3990ddf20a38adc1fd15124310daf2461224cfbfd5e6265d012d60fc9e39209ce3209720f8d7bf39bf71d0d46ed6d51eede797da70cf0b7463cffc80a7a56eeb25ed0adfb146a3221c20d51f172cf2eefe1e6b28cffc1e40a789d5513626f5c4fbf65a2b5a093634b806b7ee570f70f624ce8c02d4c1ec7a9370f42a807f1d46fe77be0637a8007343b7771788f64b36cab94a99243bc780702f98f34a80f81aeb853f97c3e9586805d1a240d7e870b15defbc6b2"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x4e76, 0x8})
socket$nl_xfrm(0x10, 0x3, 0x6)

15.280746495s ago: executing program 3 (id=370):
pipe(&(0x7f00000000c0))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00000004000000080000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='contention_end\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r2, 0x4010744d, &(0x7f0000000180))

14.16976131s ago: executing program 3 (id=375):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="580000001000010400000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="83200000c6010500240012800b00010067656e65766500001400028005000c000000000008000100010000001400030067"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x4000880)

13.121351653s ago: executing program 3 (id=378):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
syz_open_dev$sndpcmc(0x0, 0x8, 0x14100)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000200)={'netdevsim0\x00', &(0x7f0000000280)=@ethtool_pauseparam={0x12}})
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000200)={0x2, 'vlan0\x00', {0x7}, 0x5})
syz_80211_inject_frame(0x0, 0x0, 0x36)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000400)={0x0, 0x3d})

11.905693388s ago: executing program 5 (id=383):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000009800)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0x81}, {{0x0, 0x0, 0x0}, 0x8}], 0x4, 0x2100, 0x0)

11.749787592s ago: executing program 1 (id=385):
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)

10.463737117s ago: executing program 1 (id=390):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
mq_open(&(0x7f00000005c0)='TPROXY\x00', 0x40, 0x8, 0x0)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = userfaultfd(0x801)
r4 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r4)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, 0x0)
r5 = syz_io_uring_setup(0x3d36, &(0x7f0000000300)={0x0, 0x7bee, 0x1000, 0x2, 0x3f}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1})
io_uring_enter(r5, 0x2def, 0x4000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="180800000000000000000000000f00008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f0000000000)='GPL\x00', 0x1}, 0x90)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

10.444781271s ago: executing program 3 (id=391):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
r3 = socket(0x1, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='&'], 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r5, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r3}, 0x20)
bind$unix(r3, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000001c0))
write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0)

10.299851324s ago: executing program 2 (id=392):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
mount$fuse(0x0, &(0x7f0000000100)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000010000,user_id=', @ANYBLOB="e9116ebe88266d473cdf3e0c636a7904255b896b6d6b49560597e58f9984898cce84ea47007286cb8247b858d59b9b68ff7cb72a99c430a7f7bdfee370c276a497ecff5986c1126580afde75c3d841b1413abea4d735fc8354f4f9476d1b686603f14a11e72c72f1a25721e3c99e673d2b2e3188ea8466092f674ed0b7c49d6444d13911519cd39bdaae174fb98b7b94b25144f22f2349fbefdbf9676363c000b62772ace1c72e", @ANYBLOB="6f75705f69643d72d756b5feee7cb454225c8393838785993734b0f83491d8e717131a1ed02408a71569a685ffad29f228631b0327d1f630915fec7170bef195d98489f690087a24d36dea50017b6ec5a489d3d85b5ee777f88c1f4cebbecd152257", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0xfc}}}}}]}}]}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYRES32=r4, @ANYBLOB='&\x00'/11, @ANYRES32], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)
socket$kcm(0x2, 0x2, 0x73)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'team_slave_0\x00', @local})

10.299047127s ago: executing program 5 (id=393):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6)
syz_open_dev$tty1(0xc, 0x4, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0)

9.361629589s ago: executing program 3 (id=394):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = epoll_create1(0x0)
r3 = epoll_create1(0x0)
r4 = socket(0x1, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&'], 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r4}, 0x20)
bind$unix(r4, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r4, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000001c0))
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/fib_triestat\x00')
write$P9_RWSTAT(r9, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

9.354220935s ago: executing program 0 (id=395):
r0 = syz_open_dev$sndctrl(&(0x7f0000000580), 0x1, 0x100)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000080)=0xffffbf7f)

9.318339362s ago: executing program 4 (id=396):
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000340)=ANY=[@ANYBLOB="0002020100000000ff020000000000000000000000000001"], 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x42, &(0x7f0000000240)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "7f00ef", 0xc, 0x2c, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, @mcast2, {[], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x5}}, 0x20)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000f00000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r6, 0x4b41, &(0x7f0000000f80))
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x272)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYBLOB="01160700000000000025020000000800010003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40005}, 0x8000)
syz_open_dev$video4linux(&(0x7f0000000180), 0xae, 0x20000)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a017f7f00000000000000050000000900010073797a30000000000900030073797a300000000008000a400000000328000480080002400000001208000140000000000d0003"], 0xac}}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)

8.357208943s ago: executing program 3 (id=397):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f00000016c0)=[{{&(0x7f0000001740)=@ethernet={0x306, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, 0x80, &(0x7f0000000100)=[{&(0x7f00000017c0)="189a36251f356a9371894962e9726faab5797a0819461bfbd12d1fabf44f1ef2446359d88c98b0c41a4cf152fdb102041365c459b48c3cbf333c22bc758f9a230794f87ffd3e7b054b634bc5e16761", 0x4f}, {&(0x7f0000001840)="47484a76b61c28233058b57125feb13c507226944bbb3bd5c2e02ea09c57d46f31282120958351bb9f2d63d4aa596d30d0b3087c7029fdb269a0ab044f144481f91f9d90a3c8f10c42bd20c249be338d9b94a46c0c7f152402f9278815be0c61465a1252b1d68a046cdcade2b9650cb3", 0x70}], 0x2, &(0x7f00000018c0)=ANY=[@ANYBLOB="80000000000000000100000000000000e9a9bb772d2bff6786b774cf337062386780771d3aed87f098af5050fcb23fae279fb1151b505769b84397697b789e86fd9fa97247eea9d1d1f2d2088766b94b035dd758ee37c90cc503007954fcdb57205014aa61b3e0c31bd79a1bd27149b45c93b813a7ac1eb682e3ee9400000000c80000000000000017010000090000007dd45d4abf038f3753af0dbf73ed17450d3b66ad5ccde02ce92597e49e92d529f3eb68616762fdf2433ad4852941ea2ab1fa5e16e20661b7fea6549c5378c26b716e714c3e48b0ab80bea7d4c1859f4a8028b81b60fb18d45fdb5b407c155653f1f4f3a90d0b78390ab2d058d71e8e2950d46b7394fb7b049c3bb40c45006809eb3c38d50307136cd60884429fa36d53b0166203b97f7aca839e047c2827f783288c361ca512bcb3d8d7392b3421157c7e78000000000000b800000000000000010000000b0a0000916025a9c36d7fa5cb1a1ade7d5ce74fd64ca32baca3e84dd0e92f130704dd62c08c278afa267401a34ad56e1c8667cf0e0a27db6027548c16afd673382cd47a57edd99b370297f5fb7a461483b3e171984ed2ecf880e423c4a2e7209708d5d789b5b8f1e02764e72647e5f6c4044a872448e630ccba3fef96a2085520767b3e9c2db60dc3da3bbbedf4bed991bf0fed510694750645bd45ef2686090b20866606ab000000000000c80000000000000011010000ff01000032327f76214ca91a330a2a755a25f7ec23d9c9ff13b5991331534f74ce63d52cdb83bac48a699ca9ae61809da7bb8dbe0fcd6b061ab60e080894bf4b7dbda10dcbf0e9906a4956deefd0ef41746cde9840a02aa08171f04778958fc6d6d8eab62c242c96cc0256a526e4b17e327da2ec38c2cc7d141072910fd1f68c605c3f066c64193d5b5bfb5c5edb821b67105ba476ff7f5e5b248d9fd57c2bc7c4f1c403008cbeee575514d6889595a5ec8d032c84b2646a565a5300f00000000000000084000000070000008a2e0ceebc7f85373af247a9a5c7655ebf63b9a1156e9c834eb6b0023f2dfe218ac151d7461a2335a0ab2b427881c26b2663df3509d4f5999e33457cf837cc744212f3c7ea0e62cce0dd8cc2388c5c256adf82b40c18254e654ae04f38d74d8bc45d2997a074e852f5c86bb64def47f42835d6a7e55a59e23f447b7d125d5a4d94be35170920ddf49aa7bd39b6631fe1dd841457625729daa211cc43fc276af1ff0bf405ecc27d32cb7ae31dea1f351068cfa1065eb993bbb902751c46598c72e3e018c9f10cd9559590dd8567fef08ca67378000d1912b4595493000000000050000000000000000a010000800000000ca9a0286c123128ece3981ac3937b53afaf8369eaeb7c5bff079603fd3bfe9cd1afaf376bf87bdd01da35c3de270314293362be22cf0da90ecd1175d67086000000000000e80000000000000000000000f4000000b984ebfb26f9536f3b159d7bb52fdf23ea1a103e125b5f1a2c999781becb4e52d0c0812c33f31b2cd235a9b2d6a1900cbfb1a40b9aabd509b90fc856ba6b56cb76737a41d12104d25c62dd10ce592ac63b414d899e3c1b652b498068484f9c0379640593ffdb634decdb229bbe4d746ce9e2961a7b2d2f8a6c819e35c808b866d5f06904b4a508363f11f1012f4f10f96ed9fa9ad16b4ab4bf393062758f332c13c4928d9a030000000000000032ea5057e780f7efca57efde085328c5332c851de393ff68176200fab200e2828adf99375ebeb9e5ef0000f00000000000000013010000900d0000141709950c0df529320cef084799dd1b835e1086913d403d371d04b24411f435ccaa2863b572cd4c104b867d7363787342513acfdc04d1ba8a09b95b63d64e856798660d2c02ad359157162b64edab4ab03921b09ab109709cf9804758721d7107c43bc1ab907ffd7f07bcaa83c998fd3c92a9671ef69202893c10d2ac88a767b169d345f05ac4e7b4adc548d3cfeda61887c7c672afb8bbff28818501c80e4d7586de3948b0bae6e915174190b461b5c62e4b467c1f9107b96ce69dff40630230717951a40ea17874def2a29186605850c2b2f841af7a65cc0000"], 0x5e0}}], 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'sh\x00', 0x39, 0x7, 0x13}, 0x2c)
shutdown(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000034000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000040)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x7}}, 0x8, 0x8099, 0x8, 0x3, 0xa, 0x7}, 0x9c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1e029000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
gettid()
clock_nanosleep(0x2, 0x0, &(0x7f0000000180)={0x77359400}, 0x0)
r6 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
lseek(r6, 0x9, 0x1)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r7=>0x0, 0x20, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r7, @in6={{0xa, 0x4e21, 0x4, @empty, 0x9}}, 0x4, 0x4, 0x624e, 0xa, 0x55, 0x7f}, 0x9c)

8.112381926s ago: executing program 0 (id=398):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd3f, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r6, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
close_range(r0, 0xffffffffffffffff, 0x0)

7.05322644s ago: executing program 5 (id=399):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r2, 0xffffffffffffffff, &(0x7f0000002080)=0x68, 0x23b)
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_io_uring_setup(0x204, &(0x7f0000000480)={0x0, 0xbe09, 0x800, 0x0, 0x31e}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
r6 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
r7 = dup(r6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x4, r7, 0x0, 0x0, 0x0, 0x80800, 0x1})
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)

6.908589879s ago: executing program 1 (id=400):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

5.837702357s ago: executing program 4 (id=401):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c0005000400000200000200080001000300000005000200940000000500020008"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0)

5.649767332s ago: executing program 2 (id=402):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TCFLSH(r1, 0x540b, 0x2)

5.601812802s ago: executing program 1 (id=403):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
syz_open_dev$sndpcmc(0x0, 0x8, 0x14100)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000200)={'netdevsim0\x00', &(0x7f0000000280)=@ethtool_pauseparam={0x12}})
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000200)={0x2, 'vlan0\x00', {0x7}, 0x5})
syz_80211_inject_frame(0x0, 0x0, 0x36)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000400)={0x0, 0x3d})

5.466897418s ago: executing program 4 (id=404):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf090000000000005509010000"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x14c0e, &(0x7f00000001c0)=ANY=[@ANYBLOB="6d61703d6f66662c6d61703d61636f726e006e6f726f636b2c73657373696f6e3d307830203030303030303030332c636865636b3d72656c617865642c6e6f726f636b416e0400000000000000c86b2c6d6f44653d30783030303030303090cf5cee73e4fdbccf1ad8f6238d714830303030303030756e686964652c6d61703d61636f726e2c6f76657272696467726f636b706572916964652c00add51ea2b35249a135fa479f9069028397e9808a385f6e0c9ab44fb55e327ad812fe293a6347f7f50263af07e2638e5c5522fc046bdeb75ac5ae4dfa74f42b394b1587068ecfa5acd43d2ca29a5d67adb9bfb87ce6ccb85cb9ae05ac0000000000", @ANYRESOCT], 0xfd, 0x6b1, &(0x7f0000001f80)="$eJzs3V1vG1kdx/Hf2E7iZFFVAapWVbc5bVkpFcW1nW2qqFzsMBknA7bHmnEgkZBWhSarqk6Btkg0NyU3PEjLG+Bub7jgRazE9b4LuAJpBXcgJDRoZjx+iB9St0m6D99P1Ho8c+ac/5zj+t+JPWcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkORvlcsVS3Wtu75jJnI3Ab2RP8hrZntY2p5vpws1pbc7F7UpW/EfFot5OV7/9zX6RS/Ff13UlfXZFxfihqMO3Ll28941CLtt/SsCvQrNW+PT54aP7nc7ek5com9fM1b9Jyr1EoU236YW+17A3XeOFvllfWyvf3qqFpubV3XA3bLsN4wRuru0HZsW5aSrr66vGLe36283NDbvuZivvfqdaLq+Z7y+kAy2pFDpbXr3uNTeTMvHmuMxd89GP0wKu3TBm/2Fnb3Ugnhfj+jguVDnpSOJC1ZMKVcvVaqVSrVbW7qzfuVsuF0ZWlGNWuUcjJU79RYsvmNN9AwdeQy7O/3+1pLqKampbOzJjfxxtKJCvxoTtXVn+f/e2O7XdwfyfZfm5/ubLSvL/1fTZ1Un5f0IsRibZYdwWa8L62X7mkoiMnuq5DvVI99VRR3t6cgp1G5nlU6nlHH425aopT6F8eWrITtaY7hqjda1pTWV9oC3VFMqoJk91uQq1q1BtufEraj4eLVe22vIVyGhFjm7KqKJ1rWtVRq5K2pWvbTW1qQ3Z+ncURft6mPT7aj+m/PGRV1aoMuEgFlTIXnd7qk452kn5/ycv0r27+b9M/v+qSl8HC+nDp9PKAJ8DUff8f0bLZxMNAAAAAAA4C1by23cr+VT+HUmRal7dLb/psAAAAAAAwCmyFC3oiqz0W/l6Rxbn/wAAAAAAfNlYyTV2lqSl5Ev9Vv9yqZf5JUD+HEIEAAAAAACvKbny/+q8FCWTVizLmun8HwAAAAAAfAH8bmCO/UI2x26Ufayfk7T8twXrk38uKJizjlo737IO7HiLfdAtM/INgHbtsnWhO1Fv8jAvKXnmuFesbmvdSTB78w5+tn/SXP9WcCyA+fxgBRMCsOKW1wrdZ/pI19JdrnXnmX9wmFOyJW1lqebV3ZLj1+9VZNsXcm13p/3Lxw9/JQW949x/2Nkr/fRnnQdJLEfxqqODuNIXQ+HkxndGP5ZnyXwLyTUX4454UbWsyd83G0tW0m45O/687IPcYEPTBqDf5m90PR2z61FadumwN+O+JS0nkz9USsmQDR19MGf1o6gcP/JxAzEhimISxY20zI2VG+lDFl9cT84qfjsvVUujYzAURXUwipP7wvrXSF9Mi0JWMe6L1TiKv8QVHYviR5+kO6/OFsXIiADAm7Lfz0LJJOYjeTdLD9mb2ivlnZOz+/vD2f3ZH6M0Q+WlQveziamtFBW/o69YSR6aTyd0L1we845eLv0niiL7QlGD7+j/i1K9HPty2e0oiqLjx/rn/j2QumGPRPHfKIruVZJM8odjWfXjeIePJ7Yb1qv5uAtvPzv4eTIBfuzDvQ/3Hlerq2vl98rlO1XNJf9V6D7kRe4BAIw4+R47SYnclBLWe7qW1nHtwT/eTZeGMt7Xu18pyHT0QLeyWwgsj691aeBrCLfSs1bp+lL6uHRoLl28tygNlLUKyR1ebk08q0ty6UC91V7Z7L5Dx88A+2VXz3IIAAA4d9cn5GFpKP9rOP8Xh/L/La2kJVYujz3vHs7l3bPj3in9pLKVk4N//5Q7AwCArwg3+Mxaav/WCgKv9UFlfb1it7dcE/jOD0zgbWy6xmu23cDZspubrmkFftt3/LppBVrwFt3QhNutlh+0Tc0PTMsPvZ3kzu+me+v30G3YzbbnhK26a4eucfxm23baZsMLHdPa/l7dC7fcINk5bLmOV/Mcu+35TRP624HjlowJXXegoLfhNttezYsXm6YVeA072DU/9OvbDddsuKETeK22n1aYteU1a37QSKotKZr5RocAAHwZPX1++Oh+p7P35PjCYnxqnq450oQyowvzYypkjiAAAD5n+ul6hp2KZxgQAAAAAAAAAAAAAAAAAAAAAAAYcfIlfTMuzI27WFDqrfnFhe4a/Vr9SwxH6rF02oHNspCbda/skojDR59OKbzYW5N1/2CZo1ka1UXplQ/w71+T3krWKF1TOP0+XJwyuGex8N39tEcn95gm9NhCbywKp//PIV54/KcJm6IoiqbvvjDch/PTDnB4oSDpyfxrDMH5vxcBOF//DwAA//9wiz37")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x100, 0x2e0)
getdents64(r0, &(0x7f0000001f00)=""/4096, 0x1000)

5.383842591s ago: executing program 0 (id=405):
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)

5.31696239s ago: executing program 2 (id=406):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
r3 = socket(0x1, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='&'], 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r5, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r3}, 0x20)
bind$unix(r3, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000001c0))
write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0)

4.513444235s ago: executing program 0 (id=407):
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="b898d4373890dfaeab0fd463eee809f8336f56d0524e", 0x16, 0x4000000, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94)
syz_emit_ethernet(0x7a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6015690900442f"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x0)

3.57777495s ago: executing program 2 (id=408):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'})
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e23, 0x3, @remote, 0x3}, 0x1c)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x801}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r2, 0x7277, 0x0, 0x28, 0x0, 0x0)

3.451707098s ago: executing program 4 (id=409):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f00000000c0)={0x0, 0x0})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = dup3(r4, 0xffffffffffffffff, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340), 0x0, 0x0, 0x0})
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

2.740203266s ago: executing program 0 (id=410):
socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000100)=0x8000000000000001)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x7000000)
r1 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c)

2.633811583s ago: executing program 1 (id=411):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
bind$xdp(r0, &(0x7f00000001c0)={0x2c, 0x1, r2, 0xc}, 0x10)

2.602913676s ago: executing program 2 (id=412):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257", 0x5d}, {&(0x7f00000002c0)="9c811ff500139d7d28a5f0de", 0xc}], 0x2}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa101b89215bd330c4e706c1f09d781a5a50aef5e424a7a88b3241a338ca7411cda28aa167b5628b79e8a7d588efb69636181b9c54f6d296386c95f8a08e27d5792dcb20fa3b5b4f60c71f310b31bb1ab4a825c2dc10fac150a17d92bb51849d9eea53c78d427d8d1036dc906084046fcae09499c220ef50c2c7c475f392bc288eb5efb8032d1ade92e88e50a05a95dd5c6cbbdfb086fa53bca14d40c8c3f7149b39b16b7c7370978389366174db5fbc99dbe958f8c1690cd695dfbe6c384162a412c8d3cfd7cf223f9df4c67b92514111891f53d4e19826797302e1a87e7a627c52740bb3bd311771a68d349c0a68ef6f2a765f8220323add67b2b6695ca41adcda387a4264bcd94c8578a9ccca3b55ebcda45369b56068cfeec34abc2cbd94b9b12d057fa9d4328d57073f40e5ae64443e4a10ed400575bbd1168a170a0134b9ad28735dbd9603a9e417cce864f2141a92f57e1fdfcff4776f94a794d6db8d3e9e0ecc783956c7ab15a8d5639d3df1ac9da6057af913a563bd55b657f37cbf4cae2919aea6ff8a748eb4c036361b8866cc062bbad019f43d02b0c38bd6309f2baa53924466203ab8d00daaac4c9da846e645d64c10e47c32e9824e79ade4eeee7cbf71b1bb48f760800b04334745ab553dea12a85f0671eb07a4cc67ceaffa8269e0b052f25136cfb8a6b9327a2d165c42933642d3171ad00ebf0be485f5ed319021600a94072f251c8905a2451eba3ba7db2ec5fb8613463a796610629719166259ffa3261e06f09b5a69798b88848da9028ff7ed8a729c384374fce0f4f5cda3b61cc4d61da382c5708f26edb16e9b65d667ed61248dfbed35a6a886adec25361c17d9f30f94db7e3085440df135ddec94f3f01fe2e2f9edb9e19fd8ae0b93363f", 0x347}], 0x1}}], 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.123110595s ago: executing program 4 (id=413):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e20, 0xefe0, @mcast1, 0xe}}, 0x94, 0x7e1}, 0x90)

165.853155ms ago: executing program 4 (id=414):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
ioctl$NBD_SET_FLAGS(r0, 0xab0a, 0xfff)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)

165.382726ms ago: executing program 1 (id=415):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = gettid()
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r2, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r3=>0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(r4, &(0x7f0000000000)='map_files\x00')
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010027bd7000000000001a00000006002100620000000500920000000004080022"], 0x2c}}, 0x20048895)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000019340)={0x0, 0x0, &(0x7f0000019300)={&(0x7f0000019240)={0x88, r7, 0x200, 0x70bd29, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7fffffff, 0x32}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x34}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xfff}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x10000}, @NL80211_ATTR_DURATION={0x8}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x2}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x34}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x350}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x2b4}]]}, 0x88}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000081)
mq_notify(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x16, 0x0, @tid=r4})
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r8, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00', @ANYBLOB="fe4cecb210"], 0x53)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x800000, &(0x7f0000019200)=ANY=[@ANYBLOB='{\x00\x00\x00\x00\x00\x00\x00', @ANYRESHEX, @ANYBLOB=',wfdno', @ANYBLOB])
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600"], 0x48)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0x100000}, 0x10)

49.249909ms ago: executing program 0 (id=416):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 2 (id=417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.48' (ED25519) to the list of known hosts.
[   85.120504][ T5831] cgroup: Unknown subsys name 'net'
[   85.319718][ T5831] cgroup: Unknown subsys name 'cpuset'
[   85.329650][ T5831] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   86.998210][ T5831] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   90.021207][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.031116][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   90.039896][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.047876][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.056540][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.064048][ T5859] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   90.072540][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   90.079832][ T5859] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   90.091760][ T5865] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   90.098062][ T5860] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   90.105948][ T5865] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   90.112156][ T5860] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   90.120608][ T5863] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   90.128459][ T5863] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   90.136943][ T5863] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   90.145023][ T5863] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   90.153489][ T5860] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   90.162395][ T5860] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   90.169565][ T5865] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   90.173413][ T5852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   90.184948][ T5865] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   90.186015][ T5852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   90.192528][ T5865] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   90.199706][ T5852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   90.207687][ T5865] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   90.214544][ T5852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   90.221045][ T5865] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   90.228425][ T5852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   90.253491][ T5865] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   90.261398][ T5865] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   90.954182][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   91.199464][   T43] cfg80211: failed to load regulatory.db
[   91.334420][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   91.420763][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   91.445874][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   91.458429][ T5864] chnl_net:caif_netlink_parms(): no params data found
[   91.511254][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.518516][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.529522][ T5843] bridge_slave_0: entered allmulticast mode
[   91.537247][ T5843] bridge_slave_0: entered promiscuous mode
[   91.587684][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   91.645898][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.656656][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.666333][ T5843] bridge_slave_1: entered allmulticast mode
[   91.674618][ T5843] bridge_slave_1: entered promiscuous mode
[   91.867035][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.923212][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.930790][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.938550][ T5846] bridge_slave_0: entered allmulticast mode
[   91.946215][ T5846] bridge_slave_0: entered promiscuous mode
[   91.981736][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.037299][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.044607][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.051865][ T5846] bridge_slave_1: entered allmulticast mode
[   92.060397][ T5846] bridge_slave_1: entered promiscuous mode
[   92.137176][ T5864] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.145566][ T5864] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.152726][ T5864] bridge_slave_0: entered allmulticast mode
[   92.160516][ T5864] bridge_slave_0: entered promiscuous mode
[   92.183634][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.190977][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.198625][ T5847] bridge_slave_0: entered allmulticast mode
[   92.206844][ T5847] bridge_slave_0: entered promiscuous mode
[   92.215738][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.222892][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.230122][ T5847] bridge_slave_1: entered allmulticast mode
[   92.238275][ T5847] bridge_slave_1: entered promiscuous mode
[   92.260406][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.267851][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.275276][ T5845] bridge_slave_0: entered allmulticast mode
[   92.282835][ T5845] bridge_slave_0: entered promiscuous mode
[   92.306366][ T5864] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.314441][   T51] Bluetooth: hci0: command tx timeout
[   92.314483][ T5863] Bluetooth: hci3: command tx timeout
[   92.319995][   T51] Bluetooth: hci1: command tx timeout
[   92.325599][ T5852] Bluetooth: hci4: command tx timeout
[   92.326113][ T5860] Bluetooth: hci5: command tx timeout
[   92.333058][ T5865] Bluetooth: hci2: command tx timeout
[   92.342653][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.358443][ T5864] bridge_slave_1: entered allmulticast mode
[   92.366585][ T5864] bridge_slave_1: entered promiscuous mode
[   92.391857][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.405804][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.451241][ T5843] team0: Port device team_slave_0 added
[   92.457651][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.465355][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.472538][ T5845] bridge_slave_1: entered allmulticast mode
[   92.480933][ T5845] bridge_slave_1: entered promiscuous mode
[   92.554549][ T5843] team0: Port device team_slave_1 added
[   92.577111][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.587961][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.595978][ T5842] bridge_slave_0: entered allmulticast mode
[   92.603797][ T5842] bridge_slave_0: entered promiscuous mode
[   92.612024][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.624949][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.632187][ T5842] bridge_slave_1: entered allmulticast mode
[   92.641216][ T5842] bridge_slave_1: entered promiscuous mode
[   92.653377][ T5864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.667248][ T5846] team0: Port device team_slave_0 added
[   92.677369][ T5846] team0: Port device team_slave_1 added
[   92.687053][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.745043][ T5864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.804419][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.856061][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.869055][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.897832][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.925625][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.932579][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.959262][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.999015][ T5847] team0: Port device team_slave_0 added
[   93.007254][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.014773][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.041070][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.071642][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.102463][ T5864] team0: Port device team_slave_0 added
[   93.109286][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.116528][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.143075][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.156622][ T5847] team0: Port device team_slave_1 added
[   93.181010][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.188441][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.214967][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.268617][ T5842] team0: Port device team_slave_0 added
[   93.276957][ T5864] team0: Port device team_slave_1 added
[   93.316013][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.326806][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.357841][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.371225][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.378716][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.404746][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.418867][ T5845] team0: Port device team_slave_0 added
[   93.427284][ T5842] team0: Port device team_slave_1 added
[   93.508823][ T5845] team0: Port device team_slave_1 added
[   93.546067][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.556873][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.583838][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.649299][ T5843] hsr_slave_0: entered promiscuous mode
[   93.657163][ T5843] hsr_slave_1: entered promiscuous mode
[   93.681358][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.688848][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.715362][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.728236][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.735428][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.762671][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.787243][ T5846] hsr_slave_0: entered promiscuous mode
[   93.794135][ T5846] hsr_slave_1: entered promiscuous mode
[   93.800308][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.808383][ T5846] Cannot create hsr debugfs directory
[   93.846761][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.854037][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.880494][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.893865][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.900834][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.927127][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.971727][ T5847] hsr_slave_0: entered promiscuous mode
[   93.978457][ T5847] hsr_slave_1: entered promiscuous mode
[   93.985221][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.992797][ T5847] Cannot create hsr debugfs directory
[   93.999210][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.007394][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.033525][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.239838][ T5842] hsr_slave_0: entered promiscuous mode
[   94.246812][ T5842] hsr_slave_1: entered promiscuous mode
[   94.253483][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.261049][ T5842] Cannot create hsr debugfs directory
[   94.288300][ T5864] hsr_slave_0: entered promiscuous mode
[   94.298717][ T5864] hsr_slave_1: entered promiscuous mode
[   94.305065][ T5864] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.312621][ T5864] Cannot create hsr debugfs directory
[   94.402195][ T5865] Bluetooth: hci2: command tx timeout
[   94.407714][ T5865] Bluetooth: hci5: command tx timeout
[   94.408099][ T5860] Bluetooth: hci1: command tx timeout
[   94.413147][ T5865] Bluetooth: hci3: command tx timeout
[   94.418517][ T5860] Bluetooth: hci4: command tx timeout
[   94.423889][   T51] Bluetooth: hci0: command tx timeout
[   94.444679][ T5845] hsr_slave_0: entered promiscuous mode
[   94.451109][ T5845] hsr_slave_1: entered promiscuous mode
[   94.461312][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.469461][ T5845] Cannot create hsr debugfs directory
[   95.132486][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.159887][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.181837][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.201030][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.245055][ T5846] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   95.259755][ T5846] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   95.270970][ T5846] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   95.287788][ T5846] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   95.369957][ T5864] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   95.391018][ T5864] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   95.404925][ T5864] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   95.417603][ T5864] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   95.585409][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   95.597662][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   95.635616][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   95.655588][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   95.783096][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   95.819417][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.828980][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   95.866226][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   95.878426][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   95.930871][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   95.951365][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.972405][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.000256][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.007803][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.067458][ T5847] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   96.082746][  T197] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.090041][  T197] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.105246][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   96.120718][   T73] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.128008][   T73] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.139879][ T5847] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.161912][ T5864] 8021q: adding VLAN 0 to HW filter on device team0
[   96.180863][ T5847] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.205992][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.213208][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.223679][ T5847] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.249990][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.257264][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.296909][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.304137][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.473770][ T5860] Bluetooth: hci3: command tx timeout
[   96.474003][ T5865] Bluetooth: hci4: command tx timeout
[   96.479202][ T5860] Bluetooth: hci0: command tx timeout
[   96.484715][ T5850] Bluetooth: hci1: command tx timeout
[   96.484757][ T5850] Bluetooth: hci5: command tx timeout
[   96.484793][ T5850] Bluetooth: hci2: command tx timeout
[   96.509331][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.525423][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.571720][ T5864] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   96.582534][ T5864] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   96.758481][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   96.772956][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   96.818956][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.826239][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.929866][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.937111][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.958987][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.966357][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.982762][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.990005][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.087155][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.214133][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   97.282222][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.299012][   T73] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.306221][   T73] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.341535][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   97.370577][   T73] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.377798][   T73] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.431722][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.462383][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.620628][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.786273][ T5843] veth0_vlan: entered promiscuous mode
[   97.862814][ T5843] veth1_vlan: entered promiscuous mode
[   98.031154][ T5845] veth0_vlan: entered promiscuous mode
[   98.092266][ T5843] veth0_macvtap: entered promiscuous mode
[   98.117880][ T5843] veth1_macvtap: entered promiscuous mode
[   98.137692][ T5845] veth1_vlan: entered promiscuous mode
[   98.320553][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.340925][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.365921][ T5845] veth0_macvtap: entered promiscuous mode
[   98.385174][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.425733][ T5845] veth1_macvtap: entered promiscuous mode
[   98.437998][ T5843] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.447552][ T5843] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.456697][ T5843] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.465489][ T5843] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.508421][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.541203][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.553325][ T5860] Bluetooth: hci0: command tx timeout
[   98.554384][   T51] Bluetooth: hci2: command tx timeout
[   98.558750][ T5860] Bluetooth: hci5: command tx timeout
[   98.564250][ T5850] Bluetooth: hci1: command tx timeout
[   98.570412][ T5863] Bluetooth: hci3: command tx timeout
[   98.575190][ T5865] Bluetooth: hci4: command tx timeout
[   98.638888][ T5864] veth0_vlan: entered promiscuous mode
[   98.659367][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.671745][ T5845] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.681485][ T5845] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.690407][ T5845] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.699254][ T5845] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.728258][ T5842] veth0_vlan: entered promiscuous mode
[   98.752784][ T5864] veth1_vlan: entered promiscuous mode
[   98.812568][ T5842] veth1_vlan: entered promiscuous mode
[   98.832090][ T5846] veth0_vlan: entered promiscuous mode
[   98.888070][ T5846] veth1_vlan: entered promiscuous mode
[   98.921669][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.940240][ T5864] veth0_macvtap: entered promiscuous mode
[   98.951149][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.993099][ T5847] veth0_vlan: entered promiscuous mode
[   99.004895][ T5842] veth0_macvtap: entered promiscuous mode
[   99.035209][ T5864] veth1_macvtap: entered promiscuous mode
[   99.067698][ T5842] veth1_macvtap: entered promiscuous mode
[   99.086532][ T5847] veth1_vlan: entered promiscuous mode
[   99.099196][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.110027][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.144818][ T5846] veth0_macvtap: entered promiscuous mode
[   99.169059][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.182641][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.209435][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.219186][ T5846] veth1_macvtap: entered promiscuous mode
[   99.230153][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.250600][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.259769][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   99.297880][ T5842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.307376][ T5842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.316566][ T5842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.325329][ T5842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.401889][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.427111][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.441480][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.456828][ T5864] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.470377][ T5864] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.479363][ T5864] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.488522][ T5864] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.510539][ T5847] veth0_macvtap: entered promiscuous mode
[   99.544973][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.567254][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.578983][ T5847] veth1_macvtap: entered promiscuous mode
[   99.670050][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.698887][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.715524][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.735835][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.750823][ T5993] loop3: detected capacity change from 0 to 1024
[   99.809574][ T5993] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.971281][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.013896][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.068388][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.105704][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.212117][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.263761][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.314815][ T6001] program syz.3.7 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.323996][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.402326][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.402707][ T5847] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.428410][ T5847] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.439900][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.440090][ T5847] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.462646][ T5847] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.644778][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.652641][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.865163][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2'.
[  100.891135][ T6012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11'.
[  100.893603][   T30] audit: type=1326 audit(1752569045.912:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  100.899984][ T6010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2'.
[  100.958345][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.968116][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.996739][ T6013] Zero length message leads to an empty skb
[  100.997731][   T30] audit: type=1326 audit(1752569045.912:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.041253][ T6015] loop0: detected capacity change from 0 to 128
[  101.060847][   T30] audit: type=1326 audit(1752569045.922:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.103157][   T30] audit: type=1326 audit(1752569045.922:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.121590][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.157399][ T6015] =======================================================
[  101.157399][ T6015] WARNING: The mand mount option has been deprecated and
[  101.157399][ T6015]          and is ignored by this kernel. Remove the mand
[  101.157399][ T6015]          option from the mount to silence this warning.
[  101.157399][ T6015] =======================================================
[  101.206335][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.238381][   T30] audit: type=1326 audit(1752569045.922:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.328966][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.330512][   T30] audit: type=1326 audit(1752569045.922:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.372440][   T30] audit: type=1326 audit(1752569045.922:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.396953][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.397677][   T30] audit: type=1326 audit(1752569045.972:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.418878][ T6015] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  101.427326][   T30] audit: type=1326 audit(1752569045.972:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.573167][   T30] audit: type=1326 audit(1752569045.972:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6011 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  101.614349][ T6015] ext4 filesystem being mounted at /3/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  101.615791][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.643358][ T6019] futex_wake_op: syz.1.13 tries to shift op by -1; fix this program
[  101.684473][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.056752][ T6027] loop3: detected capacity change from 0 to 1024
[  102.213890][ T6027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  102.216102][ T5843] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.295000][ T6027] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.381020][ T6036] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  102.647448][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  102.748322][ T6047] netlink: 'syz.4.19': attribute type 3 has an invalid length.
[  102.840843][ T6038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16'.
[  103.055080][ T6057] netlink: 28 bytes leftover after parsing attributes in process `syz.5.22'.
[  103.133485][ T6057] netlink: 8 bytes leftover after parsing attributes in process `syz.5.22'.
[  103.283597][ T6067] loop2: detected capacity change from 0 to 164
[  103.351691][ T6067] rock: directory entry would overflow storage
[  103.388859][ T6067] rock: sig=0x4f50, size=4, remaining=3
[  103.442757][ T6067] iso9660: Corrupted directory entry in block 4 of inode 1792
[  103.479128][ T6043] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  103.635158][ T6043] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  103.772642][ T6043] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  103.872977][ T6043] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  103.887143][ T6043] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  103.915919][ T6043] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  103.964545][ T6043] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  103.977103][ T6071] bridge0: entered promiscuous mode
[  103.985890][ T6043] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  104.031355][ T6043] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  104.101352][ T6043] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  104.126568][ T6043] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  104.212382][ T6043] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  104.299260][ T6043] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  104.318018][ T6043] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  104.407833][ T6043] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  104.808263][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout
[  104.816200][ T6043] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  104.822186][ T6043] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  105.029598][ T6084] netlink: 28 bytes leftover after parsing attributes in process `syz.5.30'.
[  105.410808][ T6043] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  105.507137][ T6082] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.819602][ T6090] loop5: detected capacity change from 0 to 256
[  105.920237][ T5860] Bluetooth: hci2: command 0x0c1a tx timeout
[  105.985310][ T6082] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.995915][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout
[  106.155488][ T5860] Bluetooth: hci4: command 0x0c1a tx timeout
[  106.323185][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout
[  106.331536][ T6096] loop1: detected capacity change from 0 to 512
[  106.391980][ T6096] EXT4-fs: Ignoring removed nobh option
[  106.431463][   T30] kauditd_printk_skb: 102 callbacks suppressed
[  106.431484][   T30] audit: type=1326 audit(1752569051.462:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.3.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  106.528809][ T6096] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  106.575625][   T30] audit: type=1326 audit(1752569051.512:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.3.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  106.599405][   T30] audit: type=1326 audit(1752569051.522:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.3.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  106.627831][   T30] audit: type=1326 audit(1752569051.522:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.3.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  106.656905][ T6082] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.689780][ T6102] netlink: 28 bytes leftover after parsing attributes in process `syz.5.37'.
[  106.723678][ T6096] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.36: corrupted inode contents
[  106.737766][   T30] audit: type=1326 audit(1752569051.522:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.3.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4818e929 code=0x7ffc0000
[  106.786478][ T6102] netlink: 8 bytes leftover after parsing attributes in process `syz.5.37'.
[  106.840786][ T6096] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #3: comm syz.1.36: mark_inode_dirty error
[  106.875746][ T5860] Bluetooth: hci5: command 0x0c1a tx timeout
[  106.880309][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout
[  106.938995][ T6096] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #3: comm syz.1.36: corrupted inode contents
[  106.962434][ T6110] loop3: detected capacity change from 0 to 2048
[  107.000060][ T6082] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.028883][ T6096] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.36: mark_inode_dirty error
[  107.075903][ T6096] Quota error (device loop1): write_blk: dquota write failed
[  107.119584][ T6096] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  107.134979][ T6096] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.36: Failed to acquire dquot type 0
[  107.259206][ T6096] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.36: corrupted inode contents
[  107.359651][ T6096] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #16: comm syz.1.36: mark_inode_dirty error
[  107.407580][ T6096] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.36: corrupted inode contents
[  107.483779][ T6096] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.36: mark_inode_dirty error
[  107.506236][ T6116] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.514562][ T6116] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.551502][ T6096] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.36: corrupted inode contents
[  107.582867][ T6096] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  107.633221][ T6096] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.36: corrupted inode contents
[  107.691264][ T6096] EXT4-fs error (device loop1): ext4_truncate:4597: inode #16: comm syz.1.36: mark_inode_dirty error
[  107.732776][ T6096] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  107.756434][ T6096] EXT4-fs (loop1): 1 truncate cleaned up
[  107.781338][ T6096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.810482][ T6096] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.983671][ T6116] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.993612][ T5865] Bluetooth: hci2: command 0x0c1a tx timeout
[  108.073414][ T5865] Bluetooth: hci1: command 0x0c1a tx timeout
[  108.102924][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.106832][ T6116] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.243095][ T5865] Bluetooth: hci4: command 0x0c1a tx timeout
[  108.395546][ T5865] Bluetooth: hci3: command 0x0c1a tx timeout
[  108.482607][ T6137] netlink: 4 bytes leftover after parsing attributes in process `syz.3.52'.
[  108.528457][ T6135] loop1: detected capacity change from 0 to 764
[  108.576513][ T6135] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  108.629720][ T6135] Symlink component flag not implemented
[  108.640777][ T6116] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.666386][ T6116] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.689651][ T6116] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.693859][ T6135] Symlink component flag not implemented (7)
[  108.718335][ T6116] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.963285][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout
[  108.963390][ T5860] Bluetooth: hci5: command 0x0c1a tx timeout
[  109.128629][ T6143] netlink: 28 bytes leftover after parsing attributes in process `syz.1.55'.
[  109.172422][ T6143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.55'.
[  109.262564][ T6147] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  109.570347][ T6082] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.709437][ T6082] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.739217][ T6169] syz.2.63 uses obsolete (PF_INET,SOCK_PACKET)
[  109.924412][ T6082] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.988061][ T6082] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.073647][ T5860] Bluetooth: hci2: command 0x0c1a tx timeout
[  110.154810][ T5860] Bluetooth: hci1: command 0x0c1a tx timeout
[  110.237323][ T6178] loop5: detected capacity change from 0 to 1024
[  110.280489][ T6178] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[  110.329172][ T5860] Bluetooth: hci4: command 0x0c1a tx timeout
[  110.428645][ T6178] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  110.475569][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout
[  110.482330][ T6178] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.67: Failed to acquire dquot type 0
[  110.575070][ T6178] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  110.613221][ T6178] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.67: corrupted inode contents
[  110.659190][ T6178] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.67: mark_inode_dirty error
[  110.716368][ T6178] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.67: corrupted inode contents
[  110.768752][ T6178] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.67: mark_inode_dirty error
[  110.817699][ T6178] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.67: corrupted inode contents
[  110.843983][ T6190] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:bb to non-existent VLAN 2048
[  110.850221][ T6178] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  110.889623][ T6189] loop4: detected capacity change from 0 to 512
[  110.898177][ T6178] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.67: corrupted inode contents
[  110.929171][ T6178] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.67: mark_inode_dirty error
[  110.981262][ T6178] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  111.017510][ T6178] EXT4-fs (loop5): 1 truncate cleaned up
[  111.037563][ T5860] Bluetooth: hci5: command 0x0c1a tx timeout
[  111.060411][ T6178] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.127935][ T6189] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  111.153411][ T6194] loop1: detected capacity change from 0 to 128
[  111.225727][ T6189] EXT4-fs (loop4): 1 truncate cleaned up
[  111.260625][ T6189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.283414][   T30] audit: type=1800 audit(1752569056.312:119): pid=6194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.73" name="file0" dev="loop1" ino=1048606 res=0 errno=0
[  111.400678][ T6199] cgroup: Invalid name
[  111.433516][ T6199] netlink: 16 bytes leftover after parsing attributes in process `syz.0.72'.
[  111.443050][    C1] hrtimer: interrupt took 661011 ns
[  111.916422][ T5864] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.209653][ T6208] netlink: 'syz.3.77': attribute type 4 has an invalid length.
[  112.242872][ T6201] syz.1.73: attempt to access beyond end of device
[  112.242872][ T6201] loop1: rw=0, sector=121, nr_sectors = 8 limit=128
[  112.354868][ T5846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.525437][ T1095] kworker/u8:6: attempt to access beyond end of device
[  112.525437][ T1095] loop1: rw=1, sector=129, nr_sectors = 912 limit=128
[  114.422352][ T6235] loop4: detected capacity change from 0 to 2048
[  114.662238][ T6235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.739007][ T6235] EXT4-fs error (device loop4): ext4_read_inline_dir:1502: inode #12: block 9: comm syz.4.85: path /7/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=24, inode=13, rec_len=21, size=80 fake=0
[  114.812874][ T6235] EXT4-fs (loop4): Remounting filesystem read-only
[  114.872135][ T5846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.994027][ T6252] cgroup: Invalid name
[  115.024810][ T6252] netlink: 16 bytes leftover after parsing attributes in process `syz.1.88'.
[  115.685352][ T6256] netlink: 'syz.2.93': attribute type 4 has an invalid length.
[  115.856025][ T6264] loop4: detected capacity change from 0 to 512
[  115.874966][ T6264] EXT4-fs: Ignoring removed bh option
[  115.919468][ T6264] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  115.989044][ T6268] syzkaller1: entered promiscuous mode
[  115.991647][ T6264] EXT4-fs (loop4): invalid journal inode
[  116.000330][   T30] audit: type=1326 audit(1752569061.022:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.032301][ T6268] syzkaller1: entered allmulticast mode
[  116.041869][ T6264] EXT4-fs (loop4): can't get journal size
[  116.081919][   T30] audit: type=1326 audit(1752569061.062:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.129626][ T6278] loop1: detected capacity change from 0 to 164
[  116.159940][   T30] audit: type=1326 audit(1752569061.082:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.184027][   T30] audit: type=1326 audit(1752569061.082:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.208088][   T30] audit: type=1326 audit(1752569061.082:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.234016][   T30] audit: type=1326 audit(1752569061.082:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.268094][   T30] audit: type=1326 audit(1752569061.082:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  116.323426][   T30] audit: type=1326 audit(1752569061.082:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1dfb8d290 code=0x7ffc0000
[  116.367986][ T6264] EXT4-fs (loop4): 1 truncate cleaned up
[  116.399587][   T30] audit: type=1326 audit(1752569061.082:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1dfb8d290 code=0x7ffc0000
[  116.406136][ T6264] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.427567][ T6281] loop2: detected capacity change from 0 to 2048
[  116.440709][ T6278] rock: directory entry would overflow storage
[  116.829336][ T6284] loop3: detected capacity change from 0 to 512
[  116.839223][ T6284] EXT4-fs: Ignoring removed mblk_io_submit option
[  116.846647][ T6284] EXT4-fs: Ignoring removed bh option
[  116.871549][ T6278] rock: sig=0x4f50, size=4, remaining=3
[  116.970652][ T6284] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  117.018603][ T6284] EXT4-fs (loop3): 1 truncate cleaned up
[  117.034250][ T6284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.361390][ T6278] iso9660: Corrupted directory entry in block 4 of inode 1792
[  117.403822][   T30] audit: type=1326 audit(1752569061.082:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  117.474100][ T5924] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  117.482232][ T5924] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  117.541522][ T5924] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0
[  117.567296][ T6281] EXT4-fs (loop2): failed to initialize system zone (-117)
[  117.594165][ T6281] EXT4-fs (loop2): mount failed
[  117.621006][ T5924] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  117.758690][ T6293] netlink: 12 bytes leftover after parsing attributes in process `syz.1.103'.
[  117.816256][ T5924] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  117.836942][ T5924] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  117.845421][ T5924] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0
[  117.962134][ T5924] hid-generic 0003:0004:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  118.062981][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.136835][ T6300] loop1: detected capacity change from 0 to 1024
[  118.154832][ T6302] netlink: 24 bytes leftover after parsing attributes in process `syz.0.104'.
[  118.198379][ T6300] EXT4-fs: Ignoring removed orlov option
[  118.236781][ T6300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.389783][ T5846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.615266][ T6318] netlink: 'syz.4.111': attribute type 4 has an invalid length.
[  119.127948][ T6330] xt_hashlimit: max too large, truncated to 1048576
[  119.180343][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.768783][ T6346] cgroup: Invalid name
[  119.803325][ T6346] netlink: 16 bytes leftover after parsing attributes in process `syz.0.120'.
[  121.104021][ T6370] loop9: detected capacity change from 0 to 7
[  121.140216][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.173406][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.223455][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.232052][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.311166][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.363887][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.377519][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.393208][ T6338] loop2: detected capacity change from 0 to 40427
[  121.405441][ T6370] ldm_validate_partition_table(): Disk read failed.
[  121.429948][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.432983][ T6338] F2FS-fs (loop2): invalid crc value
[  121.447645][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.469638][ T6370] Buffer I/O error on dev loop9, logical block 0, async page read
[  121.543371][ T6370] Dev loop9: unable to read RDB block 0
[  121.572248][ T6370]  loop9: unable to read partition table
[  121.595081][ T6370] loop9: partition table beyond EOD, truncated
[  121.619758][ T6370] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[  121.619758][ T6370] 
U�������) failed (rc=-5)
[  121.686530][ T6338] F2FS-fs (loop2): Start checkpoint disabled!
[  121.736009][ T6338] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  121.894597][   T30] kauditd_printk_skb: 54 callbacks suppressed
[  121.894622][   T30] audit: type=1326 audit(1752569066.872:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  122.039494][   T30] audit: type=1326 audit(1752569066.872:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  122.191122][   T30] audit: type=1326 audit(1752569066.882:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  122.216279][   T30] audit: type=1326 audit(1752569066.882:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  122.241987][   T30] audit: type=1326 audit(1752569066.882:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  122.273224][   T30] audit: type=1326 audit(1752569066.892:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  123.010754][   T30] audit: type=1326 audit(1752569066.892:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  123.106120][ T1095] kworker/u8:6: attempt to access beyond end of device
[  123.106120][ T1095] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.163864][   T30] audit: type=1326 audit(1752569066.892:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  123.174144][ T1095] CPU: 0 UID: 0 PID: 1095 Comm: kworker/u8:6 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  123.174182][ T1095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.174199][ T1095] Workqueue: writeback wb_workfn (flush-7:2)
[  123.174256][ T1095] Call Trace:
[  123.174266][ T1095]  <TASK>
[  123.174277][ T1095]  dump_stack_lvl+0x189/0x250
[  123.174325][ T1095]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.174357][ T1095]  ? __pfx_queue_work_on+0x10/0x10
[  123.174387][ T1095]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  123.174429][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.174459][ T1095]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  123.174497][ T1095]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.174536][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.174566][ T1095]  ? f2fs_hw_is_readonly+0x39b/0x470
[  123.174614][ T1095]  f2fs_handle_critical_error+0x37c/0x540
[  123.174665][ T1095]  f2fs_write_end_io+0x495/0x810
[  123.174688][ T1095]  ? blkg_put+0x22/0x240
[  123.174749][ T1095]  __submit_merged_bio+0x27a/0x6a0
[  123.174799][ T1095]  __submit_merged_write_cond+0x255/0x530
[  123.174850][ T1095]  f2fs_write_data_pages+0x261d/0x3000
[  123.174950][ T1095]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.175079][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175109][ T1095]  ? __lock_acquire+0xab9/0xd20
[  123.175173][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175229][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175259][ T1095]  ? __lock_acquire+0xab9/0xd20
[  123.175295][ T1095]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.175345][ T1095]  do_writepages+0x32e/0x550
[  123.175384][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175413][ T1095]  ? reacquire_held_locks+0x127/0x1d0
[  123.175446][ T1095]  ? writeback_sb_inodes+0x372/0x1000
[  123.175536][ T1095]  __writeback_single_inode+0x145/0xff0
[  123.175566][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175615][ T1095]  ? do_raw_spin_unlock+0x122/0x240
[  123.175672][ T1095]  writeback_sb_inodes+0x6b5/0x1000
[  123.175751][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175804][ T1095]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  123.175897][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175925][ T1095]  ? rcu_is_watching+0x15/0xb0
[  123.175957][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.175999][ T1095]  wb_writeback+0x43b/0xaf0
[  123.176041][ T1095]  ? queue_io+0x3b1/0x590
[  123.176074][ T1095]  ? __pfx_wb_writeback+0x10/0x10
[  123.176116][ T1095]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.176162][ T1095]  wb_workfn+0x409/0xef0
[  123.176243][ T1095]  ? __pfx_wb_workfn+0x10/0x10
[  123.176289][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.176329][ T1095]  ? __lock_acquire+0xab9/0xd20
[  123.176384][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.176437][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.176474][ T1095]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.176510][ T1095]  ? process_scheduled_works+0x9ef/0x17b0
[  123.176539][ T1095]  ? process_scheduled_works+0x9ef/0x17b0
[  123.176572][ T1095]  process_scheduled_works+0xae1/0x17b0
[  123.176649][ T1095]  ? __pfx_process_scheduled_works+0x10/0x10
[  123.176691][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.176734][ T1095]  worker_thread+0x8a0/0xda0
[  123.176807][ T1095]  kthread+0x711/0x8a0
[  123.176850][ T1095]  ? __pfx_worker_thread+0x10/0x10
[  123.176880][ T1095]  ? __pfx_kthread+0x10/0x10
[  123.176913][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.176948][ T1095]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.176983][ T1095]  ? srso_alias_return_thunk+0x5/0xfbef5
[  123.177011][ T1095]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.177048][ T1095]  ? __pfx_kthread+0x10/0x10
[  123.177087][ T1095]  ret_from_fork+0x3fc/0x770
[  123.177120][ T1095]  ? __pfx_ret_from_fork+0x10/0x10
[  123.177158][ T1095]  ? __switch_to_asm+0x39/0x70
[  123.177192][ T1095]  ? __switch_to_asm+0x33/0x70
[  123.177224][ T1095]  ? __pfx_kthread+0x10/0x10
[  123.177263][ T1095]  ret_from_fork_asm+0x1a/0x30
[  123.177329][ T1095]  </TASK>
[  123.177339][ T1095] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  123.207591][   T30] audit: type=1326 audit(1752569066.892:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  124.242105][ T6409] xt_hashlimit: size too large, truncated to 1048576
[  124.378567][ T6410] �: renamed from vxcan1 (while UP)
[  124.606199][   T30] audit: type=1326 audit(1752569066.892:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f982818e929 code=0x7ffc0000
[  125.083139][ T6414] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  125.942790][ T6436] netlink: 'syz.0.150': attribute type 10 has an invalid length.
[  125.983282][ T6436] netlink: 40 bytes leftover after parsing attributes in process `syz.0.150'.
[  126.156406][ T6436] dummy0: entered promiscuous mode
[  126.195030][ T6436] bridge0: port 3(dummy0) entered blocking state
[  126.246966][ T6436] bridge0: port 3(dummy0) entered disabled state
[  126.289472][ T6436] dummy0: entered allmulticast mode
[  126.327282][ T6436] bridge0: port 3(dummy0) entered blocking state
[  126.334337][ T6436] bridge0: port 3(dummy0) entered forwarding state
[  127.289421][ T6451] loop5: detected capacity change from 0 to 164
[  127.519305][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.4.158'.
[  127.669183][ T6451] rock: directory entry would overflow storage
[  127.713852][ T6451] rock: sig=0x4f50, size=4, remaining=3
[  127.776169][ T6451] iso9660: Corrupted directory entry in block 4 of inode 1792
[  127.884613][ T6468] loop4: detected capacity change from 0 to 2048
[  127.976965][ T6468]  loop4: p1 < > p4
[  128.083504][ T6468] loop4: p4 size 8388608 extends beyond EOD, truncated
[  129.596339][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  129.644124][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  130.012591][ T6492] pim6reg: entered allmulticast mode
[  130.205550][ T6504] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.425786][ T6510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.176'.
[  130.446414][ T6504] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.538902][ T6504] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.621310][ T6514] loop5: detected capacity change from 0 to 164
[  130.695500][ T6504] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.725940][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.180'.
[  130.741187][ T6514] rock: directory entry would overflow storage
[  130.772796][ T6514] rock: sig=0x4f50, size=4, remaining=3
[  130.902203][ T6522] [U] 
[  130.905066][ T6522] [U] 
[  130.907782][ T6522] [U] 
[  130.910580][ T6522] [U] 
[  130.913723][ T6522] [U] 
[  130.916443][ T6522] [U] 
[  130.919160][ T6522] [U] 
[  130.922131][ T6522] [U] 
[  130.925752][ T6522] [U] 
[  130.928500][ T6522] [U] 
[  130.931219][ T6522] [U] 
[  130.933279][ T6514] iso9660: Corrupted directory entry in block 4 of inode 1792
[  130.933917][ T6522] [U] 
[  130.947654][ T6522] [U] 
[  130.950397][ T6522] [U] 
[  130.953111][ T6522] [U] 
[  130.955842][ T6522] [U] 
[  130.959591][ T6522] [U] 
[  130.962315][ T6522] [U] 
[  130.965031][ T6522] [U] 
[  130.967752][ T6522] [U] 
[  130.970724][ T6522] [U] 
[  130.973453][ T6522] [U] 
[  130.976168][ T6522] [U] 
[  130.978888][ T6522] [U] 
[  130.985526][ T6522] [U] 
[  130.988253][ T6522] [U] 
[  130.990972][ T6522] [U] 
[  130.993686][ T6522] [U] 
[  130.996884][ T6522] [U] 
[  130.999604][ T6522] [U] 
[  131.002342][ T6522] [U] 
[  131.005061][ T6522] [U] 
[  131.008214][ T6522] [U] 
[  131.010932][ T6522] [U] 
[  131.013645][ T6522] [U] 
[  131.016359][ T6522] [U] 
[  131.019173][ T6522] [U] 
[  131.021893][ T6522] [U] 
[  131.024609][ T6522] [U] 
[  131.027322][ T6522] [U] 
[  131.087912][ T6522] [U] 
[  131.090683][ T6522] [U] 
[  131.093395][ T6522] [U] 
[  131.096112][ T6522] [U] 
[  131.099304][ T6522] [U] 
[  131.102032][ T6522] [U] 
[  131.104764][ T6522] [U] 
[  131.107477][ T6522] [U] 
[  131.110833][ T6522] [U] 
[  131.113551][ T6522] [U] 
[  131.116264][ T6522] [U] 
[  131.118977][ T6522] [U] 
[  131.121972][ T6522] [U] 
[  131.124689][ T6522] [U] 
[  131.127397][ T6522] [U] 
[  131.130120][ T6522] [U] 
[  131.133563][ T6522] [U] 
[  131.136283][ T6522] [U] 
[  131.139000][ T6522] [U] 
[  131.141714][ T6522] [U] 
[  131.144638][ T6522] [U] 
[  131.147350][ T6522] [U] 
[  131.150051][ T6522] [U] 
[  131.152754][ T6522] [U] 
[  131.155772][ T6522] [U] 
[  131.158517][ T6522] [U] 
[  131.161245][ T6522] [U] 
[  131.163982][ T6522] [U] 
[  131.166943][ T6522] [U] 
[  131.169667][ T6522] [U] 
[  131.172373][ T6522] [U] 
[  131.175125][ T6522] [U] 
[  131.177998][ T6522] [U] 
[  131.180721][ T6522] [U] 
[  131.183430][ T6522] [U] 
[  131.186135][ T6522] [U] 
[  131.191963][ T6522] [U] 
[  131.194683][ T6522] [U] 
[  131.197396][ T6522] [U] 
[  131.200144][ T6522] [U] 
[  131.203193][ T6522] [U] 
[  131.205938][ T6522] [U] 
[  131.208661][ T6522] [U] 
[  131.211375][ T6522] [U] 
[  131.214227][ T6522] [U] 
[  131.216952][ T6522] [U] 
[  131.219673][ T6522] [U] 
[  131.222408][ T6522] [U] 
[  131.225633][ T6522] [U] 
[  131.228369][ T6522] [U] 
[  131.231100][ T6522] [U] 
[  131.233817][ T6522] [U] 
[  131.237491][ T6522] [U] 
[  131.240217][ T6522] [U] 
[  131.242934][ T6522] [U] 
[  131.245647][ T6522] [U] 
[  131.250876][ T6522] [U] 
[  131.253606][ T6522] [U] 
[  131.256323][ T6522] [U] 
[  131.259045][ T6522] [U] 
[  131.262197][ T6522] [U] 
[  131.264919][ T6522] [U] 
[  131.267632][ T6522] [U] 
[  131.270429][ T6522] [U] 
[  131.273948][ T6522] [U] 
[  131.276682][ T6522] [U] 
[  131.279393][ T6522] [U] 
[  131.282218][ T6522] [U] 
[  131.286570][ T6522] [U] 
[  131.289294][ T6522] [U] 
[  131.292000][ T6522] [U] 
[  131.294703][ T6522] [U] 
[  131.299795][ T6522] [U] 
[  131.302525][ T6522] [U] 
[  131.305238][ T6522] [U] 
[  131.307946][ T6522] [U] 
[  131.311018][ T6522] [U] 
[  131.313743][ T6522] [U] 
[  131.316488][ T6522] [U] 
[  131.319193][ T6522] [U] 
[  131.322550][ T6522] [U] 
[  131.325270][ T6522] [U] 
[  131.328077][ T6522] [U] 
[  131.330789][ T6522] [U] 
[  131.334088][ T6522] [U] 
[  131.336813][ T6522] [U] 
[  131.339520][ T6522] [U] 
[  131.959762][ T6515] [U] 
[  132.168896][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  132.176172][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  132.405093][ T6531] loop5: detected capacity change from 0 to 1024
[  132.461633][ T6531] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  132.580675][ T6531] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.653856][ T6531] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: inode #11: comm syz.5.184: missing EA_INODE flag
[  132.668711][ T6531] EXT4-fs (loop5): Remounting filesystem read-only
[  132.682013][ T6531] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  132.715224][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  132.817616][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  133.023242][    T0] NOHZ tick-stop error: local softirq work is pending, handler #246!!!
[  133.114067][ T5864] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.293681][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  133.639327][ T6504] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.756843][ T6504] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.783404][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  133.846468][ T6504] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.859293][ T6553] loop3: detected capacity change from 0 to 1024
[  133.931467][ T6504] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.997036][ T6553] __quota_error: 2 callbacks suppressed
[  133.997082][ T6553] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5
[  134.053084][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  134.099725][ T6553] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  134.148620][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  134.172612][ T6553] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.189: Failed to acquire dquot type 0
[  134.201112][ T6566] tipc: Started in network mode
[  134.211441][ T6566] tipc: Node identity 5eee0f40233f, cluster identity 4711
[  134.250949][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  134.266660][ T6553] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  134.268089][ T6566] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  134.293538][ T6553] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.189: corrupted inode contents
[  134.330862][ T6553] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #13: comm syz.3.189: mark_inode_dirty error
[  134.364731][ T6553] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.189: corrupted inode contents
[  134.397596][ T6553] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.189: mark_inode_dirty error
[  134.401459][ T6571] loop2: detected capacity change from 0 to 164
[  134.415931][ T6553] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.189: corrupted inode contents
[  134.416239][ T6553] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  134.416483][ T6553] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.189: corrupted inode contents
[  134.462069][ T6553] EXT4-fs error (device loop3): ext4_truncate:4597: inode #13: comm syz.3.189: mark_inode_dirty error
[  134.481758][ T6567] syzkaller0: entered promiscuous mode
[  134.487771][ T6567] syzkaller0: entered allmulticast mode
[  134.560341][ T6553] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  134.585926][ T6571] rock: directory entry would overflow storage
[  134.589818][ T6553] EXT4-fs (loop3): 1 truncate cleaned up
[  134.598184][ T6571] rock: sig=0x4f50, size=4, remaining=3
[  134.605364][ T6553] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.613382][ T6571] iso9660: Corrupted directory entry in block 4 of inode 1792
[  134.626683][ T6566] tipc: Resetting bearer <eth:syzkaller0>
[  134.688356][ T6565] tipc: Resetting bearer <eth:syzkaller0>
[  134.787438][ T6565] tipc: Disabling bearer <eth:syzkaller0>
[  134.839229][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.175106][ T5952] IPVS: starting estimator thread 0...
[  135.303356][ T6588] IPVS: using max 26 ests per chain, 62400 per kthread
[  135.471367][ T6582] loop3: detected capacity change from 0 to 1024
[  137.127785][ T6582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.349147][ T6582] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  137.377003][   T30] audit: type=1326 audit(1752569082.412:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.430129][ T6603] netlink: 4 bytes leftover after parsing attributes in process `syz.1.207'.
[  137.448062][   T30] audit: type=1326 audit(1752569082.412:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.487810][ T6602] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  137.488665][ T6603] netlink: 24 bytes leftover after parsing attributes in process `syz.1.207'.
[  137.541523][   T30] audit: type=1326 audit(1752569082.422:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.571259][   T30] audit: type=1326 audit(1752569082.422:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.638934][   T30] audit: type=1326 audit(1752569082.422:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.745328][   T30] audit: type=1326 audit(1752569082.422:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.821400][   T30] audit: type=1326 audit(1752569082.442:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  137.832180][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  137.860885][   T30] audit: type=1326 audit(1752569082.442:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.2.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1dfb8e929 code=0x7ffc0000
[  138.003513][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.014366][   T10] usb 5-1: device descriptor read/64, error -71
[  138.062671][ T6622] loop0: detected capacity change from 0 to 1024
[  138.097466][ T6622] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.213: Failed to acquire dquot type 0
[  138.145389][ T6622] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  138.196019][ T6622] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.213: corrupted inode contents
[  138.230966][ T6622] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #13: comm syz.0.213: mark_inode_dirty error
[  138.253169][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  138.309015][ T6629] netlink: 24 bytes leftover after parsing attributes in process `syz.2.217'.
[  138.319579][ T6622] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.213: corrupted inode contents
[  138.352678][ T6622] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.213: mark_inode_dirty error
[  138.374944][ T6622] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.213: corrupted inode contents
[  138.397058][ T6622] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  138.404016][   T10] usb 5-1: device descriptor read/64, error -71
[  138.409877][ T6622] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.213: corrupted inode contents
[  138.438333][ T6622] EXT4-fs error (device loop0): ext4_truncate:4597: inode #13: comm syz.0.213: mark_inode_dirty error
[  138.457693][ T6622] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  138.543620][   T10] usb usb5-port1: attempt power cycle
[  138.582100][ T6636] netlink: 56 bytes leftover after parsing attributes in process `syz.3.218'.
[  138.615857][ T6622] EXT4-fs (loop0): 1 truncate cleaned up
[  138.804530][ T6622] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.113662][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  139.319155][ T6640] openvswitch: netlink: Missing valid actions attribute.
[  139.339435][   T10] usb 5-1: device descriptor read/8, error -71
[  139.382637][ T6640] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  139.418974][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.609933][ T6644] netlink: 4 bytes leftover after parsing attributes in process `syz.5.222'.
[  139.623911][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  139.684095][   T10] usb 5-1: device descriptor read/8, error -71
[  139.695907][ T6644] netlink: 24 bytes leftover after parsing attributes in process `syz.5.222'.
[  139.795599][   T10] usb usb5-port1: unable to enumerate USB device
[  140.419532][ T6657] netlink: 68 bytes leftover after parsing attributes in process `syz.1.224'.
[  141.245468][ T6675] netlink: 4 bytes leftover after parsing attributes in process `syz.1.231'.
[  141.450310][ T6679] loop3: detected capacity change from 0 to 512
[  142.262165][ T6679] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.293161][ T6679] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.475913][ T6679] netlink: 148 bytes leftover after parsing attributes in process `syz.3.233'.
[  142.528116][ T6693] loop0: detected capacity change from 0 to 1024
[  142.583304][ T6698] netlink: 4 bytes leftover after parsing attributes in process `syz.1.239'.
[  142.605037][ T6693] __quota_error: 5 callbacks suppressed
[  142.605056][ T6693] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[  142.641762][ T6698] netlink: 24 bytes leftover after parsing attributes in process `syz.1.239'.
[  142.658083][ T6700] netlink: 56 bytes leftover after parsing attributes in process `syz.5.240'.
[  142.665054][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.673472][ T6693] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  142.687823][ T6693] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.236: Failed to acquire dquot type 0
[  142.714757][ T6703] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  142.774195][ T6693] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  142.877482][ T6693] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.236: corrupted inode contents
[  143.056092][ T6693] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #13: comm syz.0.236: mark_inode_dirty error
[  143.198633][ T6693] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.236: corrupted inode contents
[  143.417325][ T6693] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.236: mark_inode_dirty error
[  143.573420][ T6693] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.236: corrupted inode contents
[  143.594913][ T6693] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  143.632059][ T6693] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.236: corrupted inode contents
[  143.675771][ T6708] netlink: 60 bytes leftover after parsing attributes in process `syz.5.243'.
[  143.690524][ T6693] EXT4-fs error (device loop0): ext4_truncate:4597: inode #13: comm syz.0.236: mark_inode_dirty error
[  143.718828][ T6708] unsupported nlmsg_type 40
[  143.749295][ T6693] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  143.843966][ T6693] EXT4-fs (loop0): 1 truncate cleaned up
[  143.851585][ T6693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.036019][ T6722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.249'.
[  144.199543][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.103927][ T6733] netlink: 28 bytes leftover after parsing attributes in process `syz.5.254'.
[  145.431203][ T6743] netlink: 4 bytes leftover after parsing attributes in process `syz.3.256'.
[  145.466098][ T6743] netlink: 12 bytes leftover after parsing attributes in process `syz.3.256'.
[  151.707494][ T6790] JFS: discard option not supported on device
[  151.742678][ T6790] Mount JFS Failure: -22
[  151.747869][ T6790] jfs_mount failed w/return code = -22
[  152.769641][ T6796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.271'.
[  152.844153][ T6796] netlink: 12 bytes leftover after parsing attributes in process `syz.5.271'.
[  153.173257][ T1988] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  153.557309][ T1988] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.616088][ T1988] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.648866][ T1988] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  153.687062][ T1988] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.718365][ T1988] usb 4-1: config 0 descriptor??
[  154.100590][ T6815] loop2: detected capacity change from 0 to 2048
[  154.205954][ T6815]  loop2: p1 < > p4
[  154.219949][ T6815] loop2: p4 size 8388608 extends beyond EOD, truncated
[  154.367060][ T1988] usb 4-1: string descriptor 0 read error: -22
[  154.573352][ T1988] uclogic 0003:256C:006D.0003: interface is invalid, ignoring
[  154.653753][ T5865] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  154.674004][ T5865] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  154.688841][ T5865] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  154.699354][ T5865] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  154.707382][ T5865] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  154.815422][   T10] usb 4-1: USB disconnect, device number 2
[  154.824428][ T6836] netlink: 4 bytes leftover after parsing attributes in process `syz.0.286'.
[  154.847245][ T6836] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'.
[  154.947188][ T6837] 8021q: adding VLAN 0 to HW filter on device batadv1
[  154.984482][ T6840] 9pnet_fd: Insufficient options for proto=fd
[  154.997152][ T6837] team0: Failed to send options change via netlink (err -105)
[  155.005195][ T6837] team0: Port device batadv1 added
[  157.020413][ T6859] loop1: detected capacity change from 0 to 512
[  157.027905][ T6859] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.034416][ T6859] EXT4-fs: Ignoring removed bh option
[  157.336884][ T5865] Bluetooth: hci3: command tx timeout
[  157.587619][ T6859] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  157.898355][ T6859] EXT4-fs (loop1): 1 truncate cleaned up
[  157.910933][ T6859] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.471624][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.683725][ T6878] loop1: detected capacity change from 0 to 1024
[  158.743122][ T6878] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  158.807303][ T6878] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.867723][ T6878] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.300: missing EA_INODE flag
[  158.911640][ T6878] EXT4-fs (loop1): Remounting filesystem read-only
[  159.060611][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.070592][ T6896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.304'.
[  159.134869][ T6896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.304'.
[  159.286265][ T6829] chnl_net:caif_netlink_parms(): no params data found
[  159.353130][ T5865] Bluetooth: hci3: command tx timeout
[  159.431620][ T6904] loop3: detected capacity change from 0 to 2048
[  159.496815][ T6908] usb usb1: check_ctrlrecip: process 6908 (syz.5.309) requesting ep 01 but needs 81
[  159.514803][ T6908] usb usb1: usbfs: process 6908 (syz.5.309) did not claim interface 0 before use
[  159.538357][ T6902] loop0: detected capacity change from 0 to 1024
[  159.566375][ T6904]  loop3: p1 < > p4
[  159.593799][ T6904] loop3: p4 size 8388608 extends beyond EOD, truncated
[  159.699635][ T6902] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[  159.742825][ T6916] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  159.770813][ T6916] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  159.927923][ T6902] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  160.050728][ T6902] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.307: Failed to acquire dquot type 0
[  160.876167][ T6926] loop5: detected capacity change from 0 to 512
[  160.884353][ T6926] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.891292][ T6926] EXT4-fs: Ignoring removed bh option
[  160.902635][ T6926] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  160.936840][ T6926] EXT4-fs (loop5): 1 truncate cleaned up
[  160.951103][ T6926] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.019413][ T6916] warning: `syz.2.312' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  161.041640][ T6902] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  161.065663][ T6929] loop1: detected capacity change from 0 to 128
[  161.567458][ T5865] Bluetooth: hci3: command tx timeout
[  161.614810][ T6902] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.307: corrupted inode contents
[  161.840575][ T6902] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #13: comm syz.0.307: mark_inode_dirty error
[  161.852471][ T6902] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.307: corrupted inode contents
[  161.864709][ T6902] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.307: mark_inode_dirty error
[  161.876523][ T6902] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.307: corrupted inode contents
[  162.691152][   T30] audit: type=1800 audit(1752569106.642:207): pid=6929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.314" name="bus" dev="loop1" ino=1048620 res=0 errno=0
[  162.968819][ T6902] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  163.154712][ T6829] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.162010][ T6902] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.307: corrupted inode contents
[  163.173053][ T6902] EXT4-fs error (device loop0): ext4_truncate:4597: inode #13: comm syz.0.307: mark_inode_dirty error
[  163.193365][ T6829] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.201254][ T6829] bridge_slave_0: entered allmulticast mode
[  163.339342][ T6829] bridge_slave_0: entered promiscuous mode
[  163.524262][ T6902] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  163.630138][ T5865] Bluetooth: hci3: command tx timeout
[  163.670550][ T6829] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.693442][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.815136][ T6829] bridge_slave_1: entered allmulticast mode
[  164.136114][ T6829] bridge_slave_1: entered promiscuous mode
[  164.143569][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  164.175614][ T6902] EXT4-fs (loop0): 1 truncate cleaned up
[  164.233701][ T6902] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.333111][   T10] usb 4-1: device descriptor read/64, error -71
[  164.668941][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  165.478913][   T10] usb 4-1: device descriptor read/64, error -71
[  165.491411][ T6829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.530748][ T6829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.572468][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.628068][   T10] usb usb4-port1: attempt power cycle
[  165.842984][ T5864] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.866743][ T6952] netlink: 8 bytes leftover after parsing attributes in process `syz.1.321'.
[  165.916277][ T6829] team0: Port device team_slave_0 added
[  165.934706][ T6829] team0: Port device team_slave_1 added
[  165.947209][ T6952] netlink: 3 bytes leftover after parsing attributes in process `syz.1.321'.
[  166.098219][ T6952] batadv1: entered promiscuous mode
[  166.124275][ T6952] batadv1: entered allmulticast mode
[  166.135471][ T6829] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.142579][ T6829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.169588][ T6956] 9pnet_fd: Insufficient options for proto=fd
[  166.185790][ T6829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.211672][   T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  166.286712][   T10] usb 4-1: device descriptor read/8, error -71
[  166.346375][ T6829] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.383239][ T6829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.392796][ T6962] usb usb1: check_ctrlrecip: process 6962 (syz.3.325) requesting ep 01 but needs 81
[  166.483191][ T6829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.489704][ T6962] usb usb1: usbfs: process 6962 (syz.3.325) did not claim interface 0 before use
[  166.605774][ T6968] blktrace: Concurrent blktraces are not allowed on sg0
[  167.151900][ T6970] netlink: 'syz.2.328': attribute type 4 has an invalid length.
[  167.375021][ T6973] loop5: detected capacity change from 0 to 128
[  167.432984][ T6829] hsr_slave_0: entered promiscuous mode
[  167.466314][   T30] audit: type=1800 audit(1752569112.502:208): pid=6973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.329" name="bus" dev="loop5" ino=1048621 res=0 errno=0
[  167.494763][ T6829] hsr_slave_1: entered promiscuous mode
[  167.508381][ T6829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  167.520283][ T6829] Cannot create hsr debugfs directory
[  168.938703][ T6990] loop1: detected capacity change from 0 to 1024
[  169.037159][ T6990] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5
[  169.103211][ T6990] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  169.183237][ T6990] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.332: Failed to acquire dquot type 0
[  169.220525][ T6829] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.257501][ T6990] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  169.302724][ T6998] netlink: 8 bytes leftover after parsing attributes in process `syz.2.338'.
[  169.311882][ T6990] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.332: corrupted inode contents
[  169.351061][ T6990] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #13: comm syz.1.332: mark_inode_dirty error
[  169.362913][ T6998] netlink: 3 bytes leftover after parsing attributes in process `syz.2.338'.
[  169.402547][ T6990] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.332: corrupted inode contents
[  169.438479][ T6829] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.456460][ T6990] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.332: mark_inode_dirty error
[  169.484375][ T6990] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.332: corrupted inode contents
[  169.539017][ T7002] 9pnet_fd: Insufficient options for proto=fd
[  169.543869][ T6990] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  169.566070][ T6829] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.577231][ T6990] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #13: comm syz.1.332: corrupted inode contents
[  169.612804][ T6990] EXT4-fs error (device loop1): ext4_truncate:4597: inode #13: comm syz.1.332: mark_inode_dirty error
[  169.648373][ T6990] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  169.682427][ T6990] EXT4-fs (loop1): 1 truncate cleaned up
[  169.696397][ T6990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.723856][ T6829] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.771177][ T7005] loop2: detected capacity change from 0 to 2048
[  169.832697][ T7005]  loop2: p1 < > p4
[  169.849300][ T7005] loop2: p4 size 8388608 extends beyond EOD, truncated
[  169.994117][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.152529][ T6829] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  170.347832][ T6829] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  170.801372][ T6829] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  170.987924][ T7013] usb usb1: check_ctrlrecip: process 7013 (syz.1.343) requesting ep 01 but needs 81
[  170.994874][ T6829] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  171.025438][ T7013] usb usb1: usbfs: process 7013 (syz.1.343) did not claim interface 0 before use
[  172.251279][ T6829] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.260143][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  172.429066][ T6829] 8021q: adding VLAN 0 to HW filter on device team0
[  172.437332][   T10] usb 4-1: Using ep0 maxpacket: 16
[  172.446713][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.465568][ T6426] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.468015][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  172.473324][ T6426] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.484855][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  172.501243][   T10] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  172.511731][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  172.572117][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  172.610384][   T10] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  172.636489][   T10] usb 4-1: Manufacturer: syz
[  172.665239][   T10] usb 4-1: config 0 descriptor??
[  172.859466][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.866698][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.240010][ T7045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.352'.
[  173.293085][   T10] rc_core: IR keymap rc-hauppauge not found
[  173.293281][ T7045] netlink: 3 bytes leftover after parsing attributes in process `syz.1.352'.
[  173.299105][   T10] Registered IR keymap rc-empty
[  173.299465][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  173.333970][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  173.417287][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  173.477626][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input5
[  173.595666][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  173.643690][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  173.713279][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  173.744150][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.594653][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.625058][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.768287][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.833445][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.864233][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.885879][ T7059] capability: warning: `syz.0.356' uses deprecated v2 capabilities in a way that may be insecure
[  174.912227][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  174.968092][   T10] mceusb 4-1:0.0: Registered ￲ with mce emulator interface version 1
[  174.996860][   T10] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  175.005154][ T7063] loop5: detected capacity change from 0 to 1024
[  175.054223][   T10] usb 4-1: USB disconnect, device number 7
[  176.056063][ T7063] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[  176.608726][ T7063] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  176.650926][ T6829] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.175279][ T7063] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.355: Failed to acquire dquot type 0
[  177.278242][ T7063] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  177.643586][ T7063] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.355: corrupted inode contents
[  178.082044][ T7063] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.355: mark_inode_dirty error
[  178.137481][ T7063] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.355: corrupted inode contents
[  178.914162][ T7063] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.355: mark_inode_dirty error
[  178.945361][ T7063] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.355: corrupted inode contents
[  178.990102][ T7080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.032864][ T7063] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  179.060121][ T7063] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.355: corrupted inode contents
[  179.090850][ T7063] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.355: mark_inode_dirty error
[  179.151468][ T7063] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  179.209739][ T7063] EXT4-fs (loop5): 1 truncate cleaned up
[  179.245373][ T7063] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.431284][ T5864] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.674994][ T7093] netlink: 40 bytes leftover after parsing attributes in process `syz.0.363'.
[  180.593708][ T7101] netlink: 8 bytes leftover after parsing attributes in process `syz.3.366'.
[  180.602970][ T7101] netlink: 3 bytes leftover after parsing attributes in process `syz.3.366'.
[  180.861803][ T6829] veth0_vlan: entered promiscuous mode
[  180.939677][ T6829] veth1_vlan: entered promiscuous mode
[  181.100400][ T7108] loop0: detected capacity change from 0 to 512
[  181.307580][ T7108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.320271][ T7108] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.320843][ T6829] veth0_macvtap: entered promiscuous mode
[  181.337607][ T7108] netlink: 772 bytes leftover after parsing attributes in process `syz.0.368'.
[  181.391876][ T6829] veth1_macvtap: entered promiscuous mode
[  181.421517][ T6829] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.515726][ T6829] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.558036][ T6829] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.593212][ T6829] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.623409][ T6829] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.633258][ T6829] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.682115][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.249475][ T7131] sg_write: data in/out 1480/14 bytes for SCSI command 0x0-- guessing data in;
[  183.249475][ T7131]    program syz.2.377 not setting count and/or reply_len properly
[  183.363653][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.405524][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.432094][ T7104] loop5: detected capacity change from 0 to 40427
[  183.820688][ T7104] F2FS-fs (loop5): invalid crc value
[  183.890624][ T7104] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-4)
[  184.047551][ T6429] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.159985][ T6429] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.342624][ T7134] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  184.481167][ T7146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.382'.
[  184.511519][ T7147] block device autoloading is deprecated and will be removed.
[  184.519897][ T7146] netlink: 3 bytes leftover after parsing attributes in process `syz.0.382'.
[  184.552858][ T7146] batadv1: entered promiscuous mode
[  184.592779][ T7146] batadv1: entered allmulticast mode
[  184.866977][ T7158] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  185.302485][ T7160] loop2: detected capacity change from 0 to 256
[  185.325505][ T7160] exfat: Bad value for 'uid'
[  185.330736][ T7160] exfat: Bad value for 'uid'
[  185.399363][ T7160] 9pnet_virtio: no channels available for device syz
[  187.383410][ T7178] fuse: Bad value for 'user_id'
[  187.928443][ T7178] fuse: Bad value for 'user_id'
[  187.987610][ T1988] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  189.455184][ T5924] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  189.512011][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.396'.
[  189.526840][ T7198] netlink: 4 bytes leftover after parsing attributes in process `syz.4.396'.
[  189.903825][ T5924] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.008144][  T972] IPVS: starting estimator thread 0...
[  190.333519][ T7204] IPVS: using max 25 ests per chain, 60000 per kthread
[  190.380355][ T5924] usb 3-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  190.526308][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.588658][ T5924] usb 3-1: config 0 descriptor??
[  190.785949][ T5924] usb 3-1: can't set config #0, error -71
[  190.794651][ T5924] usb 3-1: USB disconnect, device number 2
[  191.812155][ T7227] loop4: detected capacity change from 0 to 164
[  191.885564][ T7227] rock: directory entry would overflow storage
[  191.898346][ T7221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.910934][ T7227] rock: sig=0x4f50, size=4, remaining=3
[  192.678777][ T7227] iso9660: Corrupted directory entry in block 4 of inode 1792
[  193.598106][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  193.623238][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  194.262910][ T7243] binder: 7237:7243 ioctl 4018620d 0 returned -22
[  195.120440][ T7243] syz.4.409 (7243): drop_caches: 2
[  196.557362][ T7254] 
[  196.559735][ T7254] ======================================================
[  196.566752][ T7254] WARNING: possible circular locking dependency detected
[  196.573806][ T7254] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted
[  196.581094][ T7254] ------------------------------------------------------
[  196.588111][ T7254] syz.4.414/7254 is trying to acquire lock:
[  196.594084][ T7254] ffff8880255da188 (&set->update_nr_hwq_lock){++++}-{4:4}, at: blk_mq_update_nr_hw_queues+0x3b/0x14c0
[  196.605075][ T7254] 
[  196.605075][ T7254] but task is already holding lock:
[  196.612518][ T7254] ffff8880255da230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x131/0xeb0
[  196.621439][ T7254] 
[  196.621439][ T7254] which lock already depends on the new lock.
[  196.621439][ T7254] 
[  196.631864][ T7254] 
[  196.631864][ T7254] the existing dependency chain (in reverse order) is:
[  196.640968][ T7254] 
[  196.640968][ T7254] -> #2 (&nbd->config_lock){+.+.}-{4:4}:
[  196.648802][ T7254]        lock_acquire+0x120/0x360
[  196.653833][ T7254]        __mutex_lock+0x182/0xe80
[  196.658860][ T7254]        refcount_dec_and_mutex_lock+0x30/0xa0
[  196.665040][ T7254]        nbd_config_put+0x2c/0x790
[  196.670157][ T7254]        nbd_release+0xfe/0x140
[  196.675026][ T7254]        bdev_release+0x536/0x650
[  196.680072][ T7254]        blkdev_release+0x15/0x20
[  196.685099][ T7254]        __fput+0x44c/0xa70
[  196.689617][ T7254]        fput_close_sync+0x119/0x200
[  196.694912][ T7254]        __x64_sys_close+0x7f/0x110
[  196.700104][ T7254]        do_syscall_64+0xfa/0x3b0
[  196.705133][ T7254]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.711556][ T7254] 
[  196.711556][ T7254] -> #1 (&disk->open_mutex){+.+.}-{4:4}:
[  196.719392][ T7254]        lock_acquire+0x120/0x360
[  196.724421][ T7254]        __mutex_lock+0x182/0xe80
[  196.729443][ T7254]        __del_gendisk+0x129/0x9e0
[  196.734562][ T7254]        del_gendisk+0xe8/0x160
[  196.739416][ T7254]        loop_remove+0x42/0xc0
[  196.744187][ T7254]        loop_control_ioctl+0x4ac/0x5a0
[  196.749755][ T7254]        __se_sys_ioctl+0xfc/0x170
[  196.754879][ T7254]        do_syscall_64+0xfa/0x3b0
[  196.759897][ T7254]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.766312][ T7254] 
[  196.766312][ T7254] -> #0 (&set->update_nr_hwq_lock){++++}-{4:4}:
[  196.774754][ T7254]        validate_chain+0xb9b/0x2140
[  196.780045][ T7254]        __lock_acquire+0xab9/0xd20
[  196.785246][ T7254]        lock_acquire+0x120/0x360
[  196.790268][ T7254]        down_write+0x96/0x1f0
[  196.795027][ T7254]        blk_mq_update_nr_hw_queues+0x3b/0x14c0
[  196.801270][ T7254]        nbd_start_device+0x16c/0xac0
[  196.806638][ T7254]        nbd_ioctl+0x636/0xeb0
[  196.811399][ T7254]        blkdev_ioctl+0x5a8/0x6d0
[  196.816426][ T7254]        __se_sys_ioctl+0xfc/0x170
[  196.821538][ T7254]        do_syscall_64+0xfa/0x3b0
[  196.826562][ T7254]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.832972][ T7254] 
[  196.832972][ T7254] other info that might help us debug this:
[  196.832972][ T7254] 
[  196.843195][ T7254] Chain exists of:
[  196.843195][ T7254]   &set->update_nr_hwq_lock --> &disk->open_mutex --> &nbd->config_lock
[  196.843195][ T7254] 
[  196.857392][ T7254]  Possible unsafe locking scenario:
[  196.857392][ T7254] 
[  196.864836][ T7254]        CPU0                    CPU1
[  196.870192][ T7254]        ----                    ----
[  196.875588][ T7254]   lock(&nbd->config_lock);
[  196.880238][ T7254]                                lock(&disk->open_mutex);
[  196.887354][ T7254]                                lock(&nbd->config_lock);
[  196.894474][ T7254]   lock(&set->update_nr_hwq_lock);
[  196.899673][ T7254] 
[  196.899673][ T7254]  *** DEADLOCK ***
[  196.899673][ T7254] 
[  196.907806][ T7254] 1 lock held by syz.4.414/7254:
[  196.912732][ T7254]  #0: ffff8880255da230 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x131/0xeb0
[  196.922082][ T7254] 
[  196.922082][ T7254] stack backtrace:
[  196.927977][ T7254] CPU: 0 UID: 0 PID: 7254 Comm: syz.4.414 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[  196.928006][ T7254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.928021][ T7254] Call Trace:
[  196.928030][ T7254]  <TASK>
[  196.928040][ T7254]  dump_stack_lvl+0x189/0x250
[  196.928074][ T7254]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.928102][ T7254]  ? __pfx__printk+0x10/0x10
[  196.928140][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928168][ T7254]  ? print_lock_name+0xde/0x100
[  196.928200][ T7254]  print_circular_bug+0x2ee/0x310
[  196.928234][ T7254]  check_noncircular+0x134/0x160
[  196.928267][ T7254]  validate_chain+0xb9b/0x2140
[  196.928298][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928324][ T7254]  ? stack_depot_save_flags+0x40/0x900
[  196.928367][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928397][ T7254]  __lock_acquire+0xab9/0xd20
[  196.928425][ T7254]  ? blk_mq_update_nr_hw_queues+0x3b/0x14c0
[  196.928451][ T7254]  lock_acquire+0x120/0x360
[  196.928474][ T7254]  ? blk_mq_update_nr_hw_queues+0x3b/0x14c0
[  196.928503][ T7254]  ? __mutex_trylock_common+0x153/0x260
[  196.928537][ T7254]  down_write+0x96/0x1f0
[  196.928562][ T7254]  ? blk_mq_update_nr_hw_queues+0x3b/0x14c0
[  196.928588][ T7254]  ? __pfx_down_write+0x10/0x10
[  196.928613][ T7254]  ? rcu_is_watching+0x15/0xb0
[  196.928640][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928667][ T7254]  ? trace_contention_end+0x39/0x120
[  196.928696][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928722][ T7254]  ? __mutex_lock+0x330/0xe80
[  196.928744][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928772][ T7254]  blk_mq_update_nr_hw_queues+0x3b/0x14c0
[  196.928800][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.928826][ T7254]  ? blkdev_common_ioctl+0xfc3/0x2450
[  196.928848][ T7254]  ? __pfx_aa_get_newest_label+0x10/0x10
[  196.928884][ T7254]  ? nbd_ioctl+0x131/0xeb0
[  196.928910][ T7254]  ? __pfx___mutex_lock+0x10/0x10
[  196.928936][ T7254]  nbd_start_device+0x16c/0xac0
[  196.928961][ T7254]  ? security_capable+0x7e/0x2e0
[  196.928999][ T7254]  nbd_ioctl+0x636/0xeb0
[  196.929024][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.929053][ T7254]  ? __pfx_nbd_ioctl+0x10/0x10
[  196.929085][ T7254]  ? __pfx_nbd_ioctl+0x10/0x10
[  196.929110][ T7254]  blkdev_ioctl+0x5a8/0x6d0
[  196.929134][ T7254]  ? __pfx_blkdev_ioctl+0x10/0x10
[  196.929194][ T7254]  ? __fget_files+0x2a/0x420
[  196.929228][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.929254][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.929282][ T7254]  ? __pfx_blkdev_ioctl+0x10/0x10
[  196.929303][ T7254]  __se_sys_ioctl+0xfc/0x170
[  196.929329][ T7254]  do_syscall_64+0xfa/0x3b0
[  196.929351][ T7254]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.929387][ T7254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.929409][ T7254]  ? srso_alias_return_thunk+0x5/0xfbef5
[  196.929435][ T7254]  ? exc_page_fault+0x9f/0xf0
[  196.929472][ T7254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.929495][ T7254] RIP: 0033:0x7fef0678e929
[  196.929515][ T7254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.929534][ T7254] RSP: 002b:00007fef075bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  196.929556][ T7254] RAX: ffffffffffffffda RBX: 00007fef069b5fa0 RCX: 00007fef0678e929
[  196.929573][ T7254] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
[  196.929588][ T7254] RBP: 00007fef06810b39 R08: 0000000000000000 R09: 0000000000000000
[  196.929602][ T7254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  196.929615][ T7254] R13: 0000000000000000 R14: 00007fef069b5fa0 R15: 00007ffd834608f8
[  196.929639][ T7254]  </TASK>
[  197.499045][ T5865] block nbd4: Receive control failed (result -32)
[  197.531900][ T7261] Illegal XDP return value 4294967294 on prog  (id 156) dev N/A, expect packet loss!
[  197.555017][ T7262] block nbd4: shutting down sockets