last executing test programs:

3m44.433858404s ago: executing program 2 (id=27):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=@newtaction={0x434, 0x30, 0x300, 0x71bd22, 0x25dfdbff, {}, [{0x4}, {0x41c, 0x1, [@m_bpf={0x9c, 0x6, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x5d, 0x6, "bfb48d1c9cbd39c403490f71e7c26903a2429639badf09f7f1460a1a37776d69ba43d012403ff817b805f05e15fda7d5abfefd6f88a71220a3dc2a6660c265b59ed90ce6980eda6d48215f2ed37602646c6855209b52b2022e"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_csum={0x124, 0x10, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x6, 0x4, 0x6}, 0x32}}]}, {0xd9, 0x6, "51faf7335320ed7b354230acb137694145a70ec11e2f79535356bbabe75c1cf43e9599937f1222c821355d08c9296f647da3cee86f1d1307ada4d0439b9958f20eb60a1d09a36a8e8fe2b40dee67235407cc32d0443c90f719783f20e6af042b71dbe4822e96811047bc3dc33abb68997d8c395fcfde396685e34c9745023c01b8034c2a377139cd8f089779ee6e63205ae08445df2b7bc020bf93d087ce5855407ce1b50c7b8c9863ecdc8c8c115836bfc1cca102463d7fbd85dfbc9582fff4b7a15f5512df23731e9dd64cc418f9d0d8411afd63"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}, @m_csum={0x134, 0x19, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xe215, 0x7fffffff, 0x5, 0x7, 0xd}, 0x70}}]}, {0xe9, 0x6, "f0b8bf92cf8611111a0ff27fcc8825ca405600cfd0f6876d2892df6b5723118bb7d9d86de0a2706031cc8c62f7d1b04f3a9ed11665c75023f87c16ce970413ede5e5f6782d0d17be877ac54c09075ed841c7daeddf3395a210eab4335ed3bcb36fe1598dc94259da01363ad59d8dc384cb8fe469869c99849bd0d19e999b2e8f62d563a2dcea91347cdc754302a566d6d8b7de1368972acbf9cfbdc3db5b71ceed91d4e9613e9cbf5e1ca71f3bf3b25cdf1ce11e5843ff89da11b01cf0b27474847e4fd8e648244e0dc6b3b99b8089d418ec3d6d27aa68b96ef236cc10ce12fb9c2fcd2426"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x124, 0x1b, 0x0, 0x0, {{0x7}, {0x48, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x7}, @TCA_CT_PARMS={0x18, 0x1, {0x2, 0x9, 0x6, 0x8000, 0xf8d}}, @TCA_CT_LABELS_MASK={0x14, 0x8, "a347c6f48aa43e01851034300e41aae2"}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x2b}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e20}]}, {0xb5, 0x6, "77b227832b90d1ff89f7a47093e4fcd6469c1b0a38a78e003c28c0247261b6866b44c2243e65a09e57be964fc0687b627bbda1f8bb6cacd9cf613adc84e00b323e932cbec11bfdac677d727e7547301900bdc7e317fc3b634794c43c0613b919323039d6099d9f9f41e0f9da2176ba0bb6dd198d0c2f84f876aceee9a631a5585232049c053fd7bbe1393ecb0aa735b3b1d360493f2ae18bbe6abade7594754d54413afc4df70a136895bf22a05abef0e8"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x434}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040850)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3m44.189162468s ago: executing program 2 (id=29):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020206e2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000888500000073000000850000000e00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x80)

3m43.955623282s ago: executing program 2 (id=30):
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x65)
sendfile(r0, r0, 0x0, 0x80000080000000d)

3m42.133198791s ago: executing program 2 (id=36):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x204)

3m39.788708639s ago: executing program 2 (id=45):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x19, 0x9c}, [@call={0x25}], {0x95, 0x0, 0xd00}}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f)
writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad00", 0x28}], 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c000000200001fffc000000000000000200000000000001000000000800170065204e22080018"], 0x2c}, 0x1, 0x0, 0x0, 0x8044}, 0x0)

3m39.134027589s ago: executing program 2 (id=48):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58}, 0x10)

3m38.615863587s ago: executing program 32 (id=48):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58}, 0x10)

1m22.669150989s ago: executing program 4 (id=1394):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000005c0)={r1, 0x9, 0x3, 0xfff8, 0xfff, 0x99, 0x9, 0xc99b, {0x0, @in={{0x2, 0x4e24, @broadcast}}, 0xdb, 0x1, 0x8, 0x5}}, &(0x7f0000000140)=0xb0)

1m22.346405894s ago: executing program 4 (id=1397):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
wait4(0xffffffffffffffff, 0x0, 0x0, 0x0)

1m21.238083252s ago: executing program 4 (id=1406):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='.\x00', 0xa4000061)
read(r0, &(0x7f0000000140)=""/68, 0x44)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)

1m21.021187845s ago: executing program 4 (id=1408):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x104)

1m20.871197488s ago: executing program 4 (id=1410):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000340)={[{@usrquota}, {@nojournal_checksum}]}, 0x21, 0x4bd, &(0x7f00000006c0)="$eJzs3c9vVFsdAPDvvf1JKbQoCzUqiCgawkw7QENY4UZjCImRuHIBtR2apjOdpjNFWlmU/8FEElf6J7gwcWHCyr073bnBhQkq0Udf8hbzcu9MS1+Zgb7QN0M6n09ycu+5p8z3nLm55wxf6JwABtb5iNiOiNGIuB8RU+3rSbvErVbJfu7Vy8cLOy8fLyTRbN79T5K3Z9di35/JnGy/5nhE/PRHEb9I3oxb39xama9UyuvterFRXSvWN7euLFfnl8pL5dVSaW52bubG1eulIxvrueofXvxw+fbP/vynbzz/6/b3f5V1a7Ldtn8cR6k19JG9OJnhiLj9RQTrg6H2eEYPXO9wy/kApRHxpYi4kD//UzGU300A4DhrNqeiObW/DgAcd2meA0vSQjsXMBlpWii0cnhnYyKt1OqNyw9qG6uLrVzZdIykD5Yr5Zl2rnA6RpKsPpufv66XDtSvRsSZiPj12Im8XlioVRb7+cEHAAbYyQPr///HWus/AHDMjfe7AwBAz1n/AWDwWP8BYPBY/wFg8Fj/AWDwWP8BYPBY/wFgoPzkzp2sNHfa33+9+HBzY6X28Mpiub5SqG4sFBZq62uFpVptKf/Onuq7Xq9Sq63NXouNR8VGud4o1je37lVrG6uNe/n3et8rj/RkVADA25w59+zvSURs3zyRl9i3l4O1Go63tN8dAPpmqN8dAPrGbl8wuPwdH3jXfq1d/4vQ06PvC9Abl74q/w+DSv4fBpf8Pwwu+X8YXM1mYs9/ABgwcvyAf/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAz28yL0laaO8FPhlpWihEnIqI6RhJHixXyjMRcToi/jY2MpbVZ/vdaQDgPaX/SuKj9jaAFycPto4mH4/lx4j45W/v/ubRfKOxPptd/+/e9cbT9vVSzzsPABzC7jq9u47vevXy8cJu6WV/XvygtbloFnenXVotwzGcH8cj+3Ay8b+kXW9JImLoCOJvP4mIr3Qaf5LnRqbbO58ejJ/FPtXT+Oln4qd5W+uYvRdfPoK+wKB5ls0/tzo9f2mcz4+dn//xfIZ6f7vz384b81+6N/8NdZn/zh82xrW//Hi0W9uTiK8Nd4qf7MVPusS/eMj4//j6Ny90a2v+LuJSdI6/P1axUV0r1je3rixX55fKS+XVUmludm7mxtXrpWKeoy7uZqrf9O+bl093i5+Nf6JL/PzO35nsOv7vHHL8v//k/s+/9Zb43/t25/t/Nj92fv+zNfG7h4w/P/HHrtt3Z/EXu4z/Xff/8iHjP//n1uIhfxQA6IH65tbKfKVSXnfiZO9k95Peh9Kf7ifNqVZPP5T+HJ+Tfs5KQC+8fuj73RMAAAAAAAAAAAAAAKCbXvw6Ub/HCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1aQAAAP//sHnUnw==")
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file0\x00', 0x210000, &(0x7f00000000c0)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@inlinecrypt}, {@debug}, {@orlov}]}, 0xfc, 0x592, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdPup66DMZwPMtiDk7l0bf0xQXA+ig4H+j5Dm5XRdBlNOtY6cH1wL77IEEQciH+A7z4O/wH/ioEOhoyiggiVm9502Zo0adeZdPl84G7n3B8799tzv3fn5KbcAAbW8fSPXMSxiPg6iTjUtC0f2cbja/utPLwxlS5JrK5+8kcSSbausX+S/X0gq7wUEb98GXEqt7Hd6uLSbLFcLs1n9bHa3NWx6uLS6ctzxZnSTOnKxOTk2TcnJ955+61uwhjuZqfXLvz13cd3Pzj71YmVb3+6f/h2EufiYLatOY6ncLO5crz47/rpnXtix/EdaKyfJL0+AbZlKMvzNIGOxaEYyrIeeP59ERGrHQx32gHYpZKO+Q88nxrjgMbcfofmwbvGg/fXJkD12Eea48+vfTYSe+tzo/0ryWMzo3S+O7oD7adt/Pz7ndvpEpt/DrGvQx1gS24uR8SZfH7j/T/J7n/bd6b+4fHmnmxj0P7/gV66m45/Xm81/sutj3+ixfjnQIvc3Y7O+Z+7vwPNtJWO/95tOf5dv3WNDmW1F+pjvuHk0uVy6UxEvBgRJ2N4T1rf7HnO2ZV7q+22NY//0iVtvzEWzM7jfn7P48dMF2vFiBh5mrgbHixHvJxvFX+y3v9Ji/5Pfx4XumzjaOnOK+22dY7/2Vr9MeLVlv3/6IlWsvnzybH69TDWuCo2+vPW0V/btd/r+NP+3795/KNJ8/Pa6tbb+GHvP6V227Z7/Y8kn9bLjSS4XqzV5scjRpKPNq6feHRso97YP43/5InN73+trv908vVZl/HfOnKr7a790P/T3fR/Ogmu9//6hdB14d6Hn3/frv3u+v+Neulktia7/7WWXSvdnuDT/vwAAAAAAACgn+Qi4mAkucJ6OZcrFNa+33Ek9ufKlWrt1KXKwpXpqP+u7GgM5xpPug81fR9iPPs+bKM+8UR9MiIOR8Q3Q/vq9cJUpTzd6+ABAAAAAAAAAAAAAAAAAACgTxxo8/v/qd+GWh3xd9t3GQC7UP3FBnt6fRZAL3R85f9OvOkJ6Esd8x94bsl/GFzyHwaX/IfBJf9hcMl/GFzyHwaX/AcAAAAAAAAAAAAAAAAAAAAAAAAAAIAddeH8+XRZXXl4YyqtT19bXJitXDs9XarOFuYWpgpTlfmrhZlKZaZcKkxV5jr9e+VK5er4RCxcH6uVqrWx6uLSxbnKwpXaxctzxZnSxdLw/xIVAAAAAAAAAAAAAAAAAAAA7C7VxaXZYrlcmldoW3gv+uI0nmWAEZGLSNcsR8SWDs/3SxQKbQrLWa5v7ajH7xN7e3BvAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICG/wIAAP//W6Ewhg==")
inotify_init()
removexattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

1m20.496222284s ago: executing program 4 (id=1413):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000100)=0x820, 0x4)
sendto$inet(r0, &(0x7f0000000280)="12f0dda7f17f60b7c78be42301125e6cb51c467f", 0x14, 0x800, &(0x7f00000001c0)={0x2, 0x4e22, @multicast2}, 0x10)

1m20.009427711s ago: executing program 33 (id=1413):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000100)=0x820, 0x4)
sendto$inet(r0, &(0x7f0000000280)="12f0dda7f17f60b7c78be42301125e6cb51c467f", 0x14, 0x800, &(0x7f00000001c0)={0x2, 0x4e22, @multicast2}, 0x10)

1m6.914075312s ago: executing program 3 (id=1505):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
accept(r0, 0x0, 0x0)

1m6.009051055s ago: executing program 3 (id=1515):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000140)=[@ip_tos_u8={{0x11, 0x0, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x38}, 0x42090)

1m5.828196348s ago: executing program 3 (id=1517):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1d}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m5.662829841s ago: executing program 3 (id=1518):
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x526, &(0x7f00000008c0)="$eJzs3c9vI1cdAPDvTOwl201JChxKpf4QXbRbwdqbhrYRh7YIxK0SqNyXKPFG0TrrVey0m6hCWfEHICEElThx4oLEjQsS6p+AkCrROwIEQrCFAwdg0IzH28QdJ1nVP9rk85Ge/ebNj+97E3v85kdmAji3nomIVyNiLiKei4jFsjwtUxz0Uz7d+/ffWs9TXvz635NIyrKIIvvApXK2+f5bpe7e/q21dru1Uw43e9t3mt29/Wtb22ubrc3W7ZWV5RdXX1p9YfX6WNqZt+vlb/z5xz/4+Tdf/s2X3/zDjb9e/V5e6a+X4wftGp9i7cV7xWs9XxcP1CJiZ7zBZmZu0FAAAD4R8s7bZyLiC0X/fzHmit5poT406fz0awcAAACMQ/bKQvwnicgAAACAM+uViFiIJG2U1wIsRJo2Gv1reD8Xj6TtTrf3pZud3dsb+biIpainN7farevlNbVLUU/y4eUi/8Hw80PDKxHxWET8aPFiMdxY77Q3Zn3wAwAAAM6JS0P7//9a7O//AwAAAGfM0qwrAAAAAEzcqP3/ZMr1AAAAACbH+X8AAAA407712mt5ygbPv954Y2/3VueNaxut7q3G9u56Y72zc6ex2elsFvfs2z5uWfWIaHc6d74SsXu32Wt1e83u3v6N7c7u7d6NLc8PBAAAgFl57Ol33ksi4uCrF4uUu5C/zI2YwbUCcGakDzPxnyZXD2D6Rv3Mn8KFcdYDmL7arCsAzM7BrCsAzNqRW31UdAoOX7xz5JjBbydXJwAAYLyufL76/H+tvJ4fOLse6vw/cKZ8hPP/wCec8/9wftUfqgdwb4I1AWblpEd9jLx5R9X5/8org7PsxGUBAAATtVCkp9NGeS5wIdK00Yh4tPhX/3pyc6vduh4Rn46I3y/WP5UPLxdzJh4PCAAAAAAAAAAAAAAAAAAAAAAAAACnlGVJZAAAAMCZFpH+JSmf/3Vl8fLC8PGBC8m/F6N8pNebP339J3fXer2d5bz8Hw/Ke2+X5c/P4ggGAAAAnEe1Y8cO9tMH+/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAME7v339rfZCmGfdvX4uIpar4tZgv3uejHhGP/DOJ2qH5koiYG0P8g3sR8XhV/CSvViyVtRiOn0bExenEfzLLssr4l8YQH86zd/Ltz6tV3780nineq7//tTJ9VEe2fxd+dWhM+mD7Nzdi+/foKWM88e4vmyPj34t4ola9/RnET0bEf7ZqgRUr5bvf2d//UGF/4ZH9LOJK5e9PciRWs7d9p9nd27+2tb222dps3V5ZWX5x9aXVF1avN29utVvla2Ubf/jkr/83VPTfrK9of4yIv3RC+y/nmfqhwmw4TBns3bv3P9vP1ocWUcS/+mz15+/xY+Lnn4kvlr8D+fgrg/xBP3/YU7/43VOVFSvjb4xo/0l//6ujFjrkuW9//4+nnBQAmILu3v6ttXa7tTPxzNtZlk0r1ukzkZ524qK7ONU1Nt3MoHc3sRDzH5eWTjlzOZnkWp1IZhxHtgAAgI+bDzr9s64JAAAAAAAAAAAAAAAAAAAAnF/dvUgnfTux4ZgHs2kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCx/h8AAP//zJfXfQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000100)=ANY=[@ANYRES64, @ANYRES16, @ANYRES8=0x0, @ANYRES64], 0xb, 0x0, &(0x7f0000000000))

1m5.102114519s ago: executing program 3 (id=1521):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x441e, &(0x7f0000000780), 0x1, 0x43c, &(0x7f0000000280)="$eJzs28tvG0UYAPBv7SR9k1CVR9MCgYKIeCRNWkoPXEAgcQAJCQ7lGJK0CnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKJcWTkZr7ya2Y7tJ6tSh/v2kbWd2x5n5vDv2zI43gJ41kv6TROyPiD8iYrCarS8wUv3v1srS9D8rS9NJlMtv/51Uyt1cWZrOi+av25dn+iIKnydxpEm9C5evnJ8qlWYvZfnxxQsfjC9cvvL83IWpc7PnZi9Onj598sTEi6cmX+hInGlcN4c/nj96+PV3r705febae798l+TxN8TRISPtDj5VLne4uu46UJNO+rrYEDalWO2m0V/p/4NRjLWTNxivfdbVxgHbqlwulx9sfXi5DNzDkuh2C4DuyL/o0/lvvt2loceOcOPl6gQojftWtlWP9EUhK9PfML/tpJGIOLP879fpFttzHwIAoM4P6fjnuWbjv0LU3he6L1tDGYqI+yPiYESciohDEfFARKXsQxHx8Cbrb1wkWT/+KVzfUmAblI7/XsrWturHf/noL4aKWe5AJf7+5OxcafZ49p6MRv+uND/Rpo4fX/39y1bHasd/6ZbWn48Fs3Zc79tV/5qZqcWpO4m51o1PI4b7msWfrK4EJBFxOCKGt1jH3DPfHm117Pbxt9GBdabyNxFPV8//cjTEn0var0+O747S7PHx/KpY79ffrr7Vqv47ir8D0vO/t+n1vxr/UFK7Xruw+Tqu/vlFyznNVq//geSdun0fTS0uXpqIGEjeqDa6dv9kQ7nJtfJp/KPHsvgH6vv/wVh7J45ERHoRPxIRj0bEY1nbH4+IJyLiWJv4f37lyfe3Fv/uNn+1M9L4ZzZ1/tcSA9G4p3mieP6n7+sqHdpo/JGd/5OV1Gi2ZyOffxtp19auZgAAAPj/KUTE/kgKY6vpQmFsrPob/kOxt1CaX1h89uz8hxdnqs8IDEV/Ib/TNVhzP3Qim9bn+cmG/InsvvFXxT2V/Nj0fGmm28FDj9vXov+n/ip2u3XAtvO8FvQu/R96l/4PvUv/h55U+ZVfk/6/pwttAbqg2ff/J11oB3D3NfR/y37QQ8z/oXfp/9C79H/oSQt74vYPyUtIrEtEYUc04x5MxI5oRrc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjvwAAAP//qSDljg==")
mkdir(&(0x7f0000000080)='./bus\x00', 0x3)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, 0x0)

1m4.532848778s ago: executing program 3 (id=1526):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c9, &(0x7f0000000100))

1m4.128426164s ago: executing program 34 (id=1526):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c9, &(0x7f0000000100))

57.10209617s ago: executing program 5 (id=1570):
r0 = syz_io_uring_setup(0xcd, &(0x7f0000000480)={0x0, 0x3, 0x800, 0x0, 0x400015f}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_CLOSE={0x13, 0x1d})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

56.726089435s ago: executing program 5 (id=1572):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setown(r0, 0x8, 0x0)
fcntl$setlease(r0, 0x400, 0x2)

56.598067977s ago: executing program 5 (id=1573):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719aafdb323988e62b7ec84545cd63b7a7"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
bpf$PROG_BIND_MAP(0x1c, &(0x7f0000000040)={r1, 0xffffffffffffffff, 0x29}, 0xc)

56.547483728s ago: executing program 5 (id=1575):
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x526, &(0x7f00000008c0)="$eJzs3c9vI1cdAPDvTOwl201JChxKpf4QXbRbwdqbhrYRh7YIxK0SqNyXKPFG0TrrVey0m6hCWfEHICEElThx4oLEjQsS6p+AkCrROwIEQrCFAwdg0IzH28QdJ1nVP9rk85Ge/ebNj+97E3v85kdmAji3nomIVyNiLiKei4jFsjwtUxz0Uz7d+/ffWs9TXvz635NIyrKIIvvApXK2+f5bpe7e/q21dru1Uw43e9t3mt29/Wtb22ubrc3W7ZWV5RdXX1p9YfX6WNqZt+vlb/z5xz/4+Tdf/s2X3/zDjb9e/V5e6a+X4wftGp9i7cV7xWs9XxcP1CJiZ7zBZmZu0FAAAD4R8s7bZyLiC0X/fzHmit5poT406fz0awcAAACMQ/bKQvwnicgAAACAM+uViFiIJG2U1wIsRJo2Gv1reD8Xj6TtTrf3pZud3dsb+biIpainN7farevlNbVLUU/y4eUi/8Hw80PDKxHxWET8aPFiMdxY77Q3Zn3wAwAAAM6JS0P7//9a7O//AwAAAGfM0qwrAAAAAEzcqP3/ZMr1AAAAACbH+X8AAAA407712mt5ygbPv954Y2/3VueNaxut7q3G9u56Y72zc6ex2elsFvfs2z5uWfWIaHc6d74SsXu32Wt1e83u3v6N7c7u7d6NLc8PBAAAgFl57Ol33ksi4uCrF4uUu5C/zI2YwbUCcGakDzPxnyZXD2D6Rv3Mn8KFcdYDmL7arCsAzM7BrCsAzNqRW31UdAoOX7xz5JjBbydXJwAAYLyufL76/H+tvJ4fOLse6vw/cKZ8hPP/wCec8/9wftUfqgdwb4I1AWblpEd9jLx5R9X5/8org7PsxGUBAAATtVCkp9NGeS5wIdK00Yh4tPhX/3pyc6vduh4Rn46I3y/WP5UPLxdzJh4PCAAAAAAAAAAAAAAAAAAAAAAAAACnlGVJZAAAAMCZFpH+JSmf/3Vl8fLC8PGBC8m/F6N8pNebP339J3fXer2d5bz8Hw/Ke2+X5c/P4ggGAAAAnEe1Y8cO9tMH+/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAME7v339rfZCmGfdvX4uIpar4tZgv3uejHhGP/DOJ2qH5koiYG0P8g3sR8XhV/CSvViyVtRiOn0bExenEfzLLssr4l8YQH86zd/Ltz6tV3780nineq7//tTJ9VEe2fxd+dWhM+mD7Nzdi+/foKWM88e4vmyPj34t4ola9/RnET0bEf7ZqgRUr5bvf2d//UGF/4ZH9LOJK5e9PciRWs7d9p9nd27+2tb222dps3V5ZWX5x9aXVF1avN29utVvla2Ubf/jkr/83VPTfrK9of4yIv3RC+y/nmfqhwmw4TBns3bv3P9vP1ocWUcS/+mz15+/xY+Lnn4kvlr8D+fgrg/xBP3/YU7/43VOVFSvjb4xo/0l//6ujFjrkuW9//4+nnBQAmILu3v6ttXa7tTPxzNtZlk0r1ukzkZ524qK7ONU1Nt3MoHc3sRDzH5eWTjlzOZnkWp1IZhxHtgAAgI+bDzr9s64JAAAAAAAAAAAAAAAAAAAAnF/dvUgnfTux4ZgHs2kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCx/h8AAP//zJfXfQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000100)=ANY=[@ANYRES64, @ANYRES16, @ANYRES8=0x0, @ANYRES64], 0xb, 0x0, &(0x7f0000000000))

56.048892415s ago: executing program 5 (id=1578):
r0 = add_key$keyring(&(0x7f00000085c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000008540), &(0x7f0000008580)={'syz', 0x3}, 0x0, 0x0, r0)
keyctl$unlink(0x9, r1, r0)
keyctl$unlink(0x9, r1, r0)

55.522348164s ago: executing program 5 (id=1580):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x2)
connect$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r0, 0x1)

55.174521569s ago: executing program 35 (id=1580):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x2)
connect$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r0, 0x1)

6.825296407s ago: executing program 1 (id=2080):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000002700)=ANY=[], 0x1015, 0x0)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000380), 0x0, 0x0, 0x1)
lgetxattr(&(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40)=@known='trusted.overlay.upper\x00', &(0x7f0000000a80)=""/88, 0x58)

6.348097065s ago: executing program 1 (id=2083):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xfffe}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x9, '\x00', 0x5, 0x10001, 0x3, 0xe}}}}]}, 0x48}}, 0x20008154)

4.350253065s ago: executing program 1 (id=2086):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc01020301090212000100000000090401"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000008c0)={0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000080)={&(0x7f0000000040)=[{0x4, 0x5201, 0x0, 0x0}], 0x1})

2.917296626s ago: executing program 0 (id=2092):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x0, &(0x7f0000000080)})
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'})

2.66260247s ago: executing program 0 (id=2095):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x25dfdbff, {0x60, 0x0, 0x0, r2, {0x0, 0x3}, {0xffff, 0xffff}, {0x2, 0xd}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3b9aca00}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x2}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)

2.443558283s ago: executing program 0 (id=2097):
r0 = syz_io_uring_setup(0x10b, &(0x7f0000000140), &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000280))
pselect6(0x40, &(0x7f0000000040)={0xc}, 0x0, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)

2.135125528s ago: executing program 0 (id=2099):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
close(0x3)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x43000, 0x0)
ioctl$sock_qrtr_TIOCINQ(r0, 0x541b, 0x0)

1.97260478s ago: executing program 0 (id=2101):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)
getpeername$l2tp(r0, 0x0, &(0x7f0000000180))

1.858032992s ago: executing program 0 (id=2102):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x331, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x4}}}}}]}}]}}, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x90, 0x0, 0xe81, {0x6, 0x3, 0x2, 0x800000000400000, 0x81, 0x0, {0x1, 0xe, 0x80000000000, 0x80000000004, 0x400000000000, 0x4000000000006, 0x0, 0xfffffffd, 0x1, 0x4000, 0x4000000, 0x0, 0x0, 0x0, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

1.549959497s ago: executing program 1 (id=2106):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x84c00, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00')

1.549504877s ago: executing program 7 (id=2107):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$VHOST_GET_FEATURES(r0, 0x4008af25, &(0x7f00000003c0))

1.32205483s ago: executing program 7 (id=2108):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000080)={0x3, r2})

1.144304072s ago: executing program 7 (id=2109):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r0, r0, r0}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

832.068427ms ago: executing program 6 (id=2111):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xd}}, &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x4}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xa, 0x1, 'AUDIT\x00'}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}}, 0xb0}}, 0x0)

689.486969ms ago: executing program 6 (id=2112):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0)

645.37978ms ago: executing program 6 (id=2113):
syz_mount_image$hfs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000001240)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d30303030303030303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70dd240bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a"], 0x4, 0x33c, &(0x7f0000000480)="$eJzs3c9O1EAcB/DvtLtLVxArYEg8GZTEEwE8aLxADPEZPBgiwpIQVkwUEyUmomc13kxMPHLzbPQV9GJ8AT1xMJ70QjxYM9Pp7rTMtLuAWwjfT+Ja2vnzm7bTzuxmtyCiY+va3LetS9vyn6gC8AFcBTwAAVABcAajwYO19cKC/NaSQJxT7EqzuNawZQ2gc2ih/KuCAXMd/R9RFEXfC1P96kksVB5h9mCDB/Tp3qm2Bz2PbN9mbCs343YdL8YRFjvYwUMMlhkOERGVT9//PX2XGNDjd88DxvU4/Kje/xOp8c1OeXEcCq37vxf/HQm5f06pTXK+t7LebCzFUzh59L1klmgry3pORO3dXUN8Zvn9xpDLqMVOxeLVl1eajYlNVcAzzGhGshH1uoSkIYor2howBWDMMjfNkdf2fP2qDVXZhmlH/MN5NVonwB9/4LW9uvnPHcQkPokvYl6EeIOl1vivEgm5c9SRCjNdJY5/0l2iamUYp0q1sh3+aVXJWV0DPrxrt7Lu2q8BfBmLjSxFZMfvYRLnq5o7F4aQflshbt2Uu3Uq1zBQEWrWYOaabiX6Y801kq2rvlxtNiYW7zZdJ/3Bss7oxEtxQ4zhJ95jzhj/ezL1ONw9M9XLhUqpz4zc9lRUSsdxTFEd+E5XPZOU66mLX2ee4zauYPD+o43VhWazca/8haSr7DH7uQOOJz4R9eko18j/jTQI5EIVgLOcqnuTdeFvFEXWTRX04hBUVVMvv203eWN1Qehr3v6qkFfOzKZZd2IAswD0muSKsJfan7Ry9bUL7Cj7b3m01Rr7CZlE1YMOklSV2uSjr6OeUt+1Zqsg1+OTe7sK0RHUPvoYvVl2MFQGOXYQ8fzPmK9MqquOfAlz5j9RUeFGiVOOGdCQej3R2QyuVaxznNifLBTMuc5fBC5kavSQ1Pg0W2yo48Rh/FSy+48yxBy+4hbf/yciIiIiIiIiIiIiIiIiIiIiIiIiOmq6/TbC7q8TFC+ka9w+hj+8QURERERERERERERERERERERERERERES0P8bzfwFfPTGmZnv+b96TmhQ/fkJMcBDP//Vtz/99kf6tarHZbVOJKONfAAAA//9jMVzr")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r0, 0xffffffffffffffff, 0x0)

461.012643ms ago: executing program 1 (id=2114):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f00000030c0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0xf, @dev={0xfe, 0x80, '\x00', 0x17}, 0x7}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000600)="92", 0x1}], 0x1}}], 0x1, 0x20000800)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f00000008c0), 0x4)

374.062564ms ago: executing program 7 (id=2115):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000840)={0x30, r1, 0x5, 0x70bd31, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x30}, 0x1, 0x0, 0x0, 0x44840}, 0x0)

373.900434ms ago: executing program 6 (id=2116):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r0 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000300)={0x8, 0x8, 0x0, 0x1})

302.987405ms ago: executing program 7 (id=2117):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='b 75:*\tmw'], 0xa)

193.388927ms ago: executing program 7 (id=2118):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000020000040"])

163.081177ms ago: executing program 6 (id=2119):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x4)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
pwritev2(r0, &(0x7f0000000cc0)=[{&(0x7f0000000240)='_', 0x1}], 0x1, 0xfff, 0xc, 0x4)

66.112349ms ago: executing program 1 (id=2120):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x7)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)

0s ago: executing program 6 (id=2121):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000340)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x2, {0x1, 0x0, 0x3}, 0xfd}, 0x18)
sendmmsg(r0, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000c40)="0fff3fd6865a1e", 0x7}], 0x1}}], 0x1, 0x4000)

kernel console output (not intermixed with test programs):

 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.896200][    T9] usb 2-1: New USB device found, idVendor=28bd, idProduct=0075, bcdDevice= 0.00
[  210.914587][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.960227][    T9] usb 2-1: config 0 descriptor??
[  211.060791][   T36] hsr_slave_0: left promiscuous mode
[  211.073095][   T36] hsr_slave_1: left promiscuous mode
[  211.080010][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.089922][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.101351][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  211.117027][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  211.130516][   T36] bridge_slave_1: left allmulticast mode
[  211.142252][   T36] bridge_slave_1: left promiscuous mode
[  211.154477][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.173074][   T36] bridge_slave_0: left allmulticast mode
[  211.182518][   T36] bridge_slave_0: left promiscuous mode
[  211.211412][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.383409][   T36] veth1_macvtap: left promiscuous mode
[  211.394498][    T9] uclogic 0003:28BD:0075.0006: interface is invalid, ignoring
[  211.409849][   T36] veth0_macvtap: left promiscuous mode
[  211.417739][   T36] veth1_vlan: left promiscuous mode
[  211.430434][   T36] veth0_vlan: left promiscuous mode
[  211.599342][ T5847] usb 2-1: USB disconnect, device number 9
[  211.697624][   T36] bond1 (unregistering): Released all slaves
[  212.380084][   T36] team0 (unregistering): Port device team_slave_1 removed
[  212.449869][   T36] team0 (unregistering): Port device team_slave_0 removed
[  212.522578][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.605731][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.643501][ T9060] ALSA: mixer_oss: invalid OSS volume '('
[  212.733361][ T5795] Bluetooth: hci3: command tx timeout
[  213.275300][    T8] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  213.348548][   T36] bond0 (unregistering): Released all slaves
[  213.432359][ T8989] hsr_slave_0: entered promiscuous mode
[  213.440275][ T8989] hsr_slave_1: entered promiscuous mode
[  213.446837][ T8989] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.454641][ T8989] Cannot create hsr debugfs directory
[  213.485196][ T9050] vlan2: entered promiscuous mode
[  213.490417][ T9050] bridge0: entered promiscuous mode
[  213.492885][    T8] usb 2-1: Using ep0 maxpacket: 32
[  213.506180][ T9050] vlan2: entered allmulticast mode
[  213.511439][ T9050] bridge0: entered allmulticast mode
[  213.515362][    T8] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  213.526409][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.539279][    T8] usb 2-1: config 0 descriptor??
[  213.803091][    T8] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  213.842439][    T8] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  213.864123][    T8] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  213.871550][    T8] usb 2-1: media controller created
[  213.954632][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  214.018320][    T8] az6027: usb out operation failed. (-71)
[  214.043062][    T8] az6027: usb out operation failed. (-71)
[  214.048852][    T8] stb0899_attach: Driver disabled by Kconfig
[  214.074306][    T8] az6027: no front-end attached
[  214.074306][    T8] 
[  214.083343][    T8] az6027: usb out operation failed. (-71)
[  214.089115][    T8] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  214.101199][    T8] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input24
[  214.118489][    T8] dvb-usb: schedule remote query interval to 400 msecs.
[  214.127110][    T8] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  214.143920][    T8] usb 2-1: USB disconnect, device number 10
[  214.264045][    T8] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  214.459817][ T8989] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  214.471593][ T8989] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  214.483436][ T8989] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  214.495373][ T8989] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  214.715534][ T8989] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.747898][ T8989] 8021q: adding VLAN 0 to HW filter on device team0
[  214.770344][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.777570][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.797136][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.804322][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  214.819271][ T5795] Bluetooth: hci3: command tx timeout
[  215.215097][ T8989] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.302535][ T8989] veth0_vlan: entered promiscuous mode
[  215.334563][ T8989] veth1_vlan: entered promiscuous mode
[  215.409082][ T8989] veth0_macvtap: entered promiscuous mode
[  215.435928][ T8989] veth1_macvtap: entered promiscuous mode
[  215.477033][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.513163][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.526376][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.537288][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.547479][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.558536][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.570696][ T8989] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.590507][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.611247][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.630018][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.643094][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.662384][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.679695][ T9115] loop4: detected capacity change from 0 to 128
[  215.682757][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.703336][ T8989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  215.721334][ T8989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.734414][ T8989] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.764552][ T8989] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.781584][ T8989] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.791071][ T8989] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.800381][ T8989] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.944767][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  215.952646][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.036686][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.063444][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.155361][ T9127] binder: 9125:9127 ioctl 541b 0 returned -22
[  216.168836][ T9129] loop3: detected capacity change from 0 to 64
[  216.905820][   T50] Bluetooth: hci3: command tx timeout
[  217.038112][ T9154] loop4: detected capacity change from 0 to 512
[  217.046183][ T9154] EXT4-fs: Ignoring removed bh option
[  217.056687][ T9154] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  217.110132][ T9154] EXT4-fs (loop4): 1 truncate cleaned up
[  217.133391][ T9154] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.438947][ T6003] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.499609][ T9164] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.1269'.
[  218.213263][ T9194] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1279'.
[  218.430463][ T9200] loop4: detected capacity change from 0 to 2048
[  218.505419][ T9200] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  218.800300][ T9211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1289'.
[  218.800416][ T9210] loop1: detected capacity change from 0 to 512
[  218.811895][ T9211] IPVS: Error joining to the multicast group
[  218.833314][ T5873] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  218.871915][ T9210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.903160][ T9210] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.974445][   T50] Bluetooth: hci3: command tx timeout
[  218.992934][   T28] audit: type=1800 audit(1751807160.185:277): pid=9210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1288" name="file1" dev="loop1" ino=15 res=0 errno=0
[  219.043803][ T5873] usb 1-1: Using ep0 maxpacket: 8
[  219.083845][ T5873] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  219.092164][ T5873] usb 1-1: config 179 has no interface number 0
[  219.102337][   T28] audit: type=1800 audit(1751807160.225:278): pid=9210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1288" name="file2" dev="loop1" ino=16 res=0 errno=0
[  219.122913][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.122923][ T5873] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  219.122954][ T5873] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  219.122983][ T5873] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  219.123010][ T5873] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  219.123032][ T5873] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  219.123059][ T5873] usb 1-1: config 179 interface 65 has no altsetting 0
[  219.123095][ T5873] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  219.123118][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.197837][ T5873] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input25
[  219.247131][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.444568][ T5873] usb 1-1: USB disconnect, device number 7
[  219.450675][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  219.480449][ T5873] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  219.558501][ T9218] loop3: detected capacity change from 0 to 32768
[  219.581510][ T9218] 
[  219.581510][ T9218]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  219.581510][ T9218] 
[  219.655486][ T9218] ERROR: (device loop3): diWrite: ixpxd invalid
[  219.655486][ T9218] 
[  219.667731][ T9234] loop1: detected capacity change from 0 to 64
[  219.677241][ T9218] ERROR: (device loop3): txCommit: 
[  219.677241][ T9218] 
[  219.703236][ T9218] 
[  219.703236][ T9218]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  219.703236][ T9218] 
[  219.728538][ T9218] 
[  219.728538][ T9218]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  219.728538][ T9218] 
[  219.748795][ T9218] find_entry called with index = 0
[  219.756804][ T9218] read_mapping_page failed!
[  219.761479][ T9218] ERROR: (device loop3): txCommit: 
[  219.761479][ T9218] 
[  219.812762][   T12] ERROR: (device loop3): diWrite: ixpxd invalid
[  219.812762][   T12] 
[  219.828991][   T12] ERROR: (device loop3): txCommit: 
[  219.828991][   T12] 
[  219.847733][   T12] jfs_write_inode: jfs_commit_inode failed!
[  219.858193][ T8989] 
[  219.858193][ T8989]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  219.858193][ T8989] 
[  219.881072][ T9239] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1301'.
[  219.885008][ T8989] 
[  219.885008][ T8989]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  219.885008][ T8989] 
[  220.298607][ T9252] loop3: detected capacity change from 0 to 64
[  221.262983][ T5873] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  221.466046][ T5873] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  221.482320][ T5873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.493765][ T5873] usb 2-1: config 0 descriptor??
[  221.717274][ T9287] loop4: detected capacity change from 0 to 512
[  221.739291][ T9287] EXT4-fs: Ignoring removed oldalloc option
[  221.782120][ T9287] EXT4-fs (loop4): 1 truncate cleaned up
[  221.795763][ T9287] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.910027][ T6003] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.958807][ T5873] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  221.992337][ T5873] [drm] Initialized udl on minor 2
[  222.060345][ T9293] loop4: detected capacity change from 0 to 512
[  222.073629][ T9293] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  222.139539][ T9293] Quota error (device loop4): v2_read_file_info: Free block number 58381 out of range (1, 6).
[  222.153384][ T9293] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  222.188317][ T9296] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  222.220924][ T9296] Quota error (device loop4): v2_read_file_info: Free block number 58381 out of range (1, 6).
[  222.231700][ T9296] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  222.295153][ T6003] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  222.337137][ T5873] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  222.344328][ T9301] netlink: 'syz.0.1327': attribute type 12 has an invalid length.
[  222.353723][ T9301] netlink: 'syz.0.1327': attribute type 29 has an invalid length.
[  222.361566][ T9301] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1327'.
[  222.376939][ T5873] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  222.410163][ T5777] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  222.424133][ T5873] usb 2-1: USB disconnect, device number 11
[  222.463229][ T9303] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1329'.
[  222.463774][ T5777] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  222.704439][ T9310] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1331'.
[  222.719089][ T9310] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1331'.
[  222.732000][ T9309] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1331'.
[  222.753005][ T9309] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1331'.
[  222.942889][ T9307] loop4: detected capacity change from 0 to 32768
[  222.955630][ T9307] 
[  222.955630][ T9307]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  222.955630][ T9307] 
[  222.987486][ T9307] ERROR: (device loop4): diWrite: ixpxd invalid
[  222.987486][ T9307] 
[  223.013112][ T9307] ERROR: (device loop4): txCommit: 
[  223.013112][ T9307] 
[  223.044011][ T9307] 
[  223.044011][ T9307]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  223.044011][ T9307] 
[  223.079772][ T9307] 
[  223.079772][ T9307]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  223.079772][ T9307] 
[  223.099977][ T9307] find_entry called with index = 0
[  223.115396][ T9307] read_mapping_page failed!
[  223.120277][ T9307] ERROR: (device loop4): txCommit: 
[  223.120277][ T9307] 
[  223.172672][   T48] ERROR: (device loop4): diWrite: ixpxd invalid
[  223.172672][   T48] 
[  223.188817][   T48] ERROR: (device loop4): txCommit: 
[  223.188817][   T48] 
[  223.189940][ T9319] Bluetooth: hci4: Frame reassembly failed (-84)
[  223.211527][   T48] jfs_write_inode: jfs_commit_inode failed!
[  223.218061][ T6003] 
[  223.218061][ T6003]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  223.218061][ T6003] 
[  223.241407][ T6003] 
[  223.241407][ T6003]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  223.241407][ T6003] 
[  224.249081][ T9352] loop4: detected capacity change from 0 to 512
[  224.275313][ T9352] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  224.292695][ T9352] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.393317][ T6003] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  224.526461][ T9358] loop4: detected capacity change from 0 to 164
[  224.910198][ T9356] loop3: detected capacity change from 0 to 32768
[  224.969576][ T9356] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  225.119608][ T9356] XFS (loop3): Ending clean mount
[  225.127963][ T9356] XFS (loop3): Quotacheck needed: Please wait.
[  225.193343][ T9356] XFS (loop3): Quotacheck: Done.
[  225.215317][ T5795] Bluetooth: hci4: command 0xfc11 tx timeout
[  225.216592][   T50] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  225.341119][ T8989] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.194013][ T9407] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  226.214235][ T9407] macsec1: entered allmulticast mode
[  226.219878][ T9407] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  226.251373][ T9407] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  226.263044][ T9407] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  226.475339][ T9418] loop4: detected capacity change from 0 to 64
[  226.632592][ T9422] loop1: detected capacity change from 0 to 2048
[  226.651056][ T9422] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  226.811961][ T9429] netem: incorrect gi model size
[  227.058664][   T23] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  227.253068][   T23] usb 2-1: Using ep0 maxpacket: 16
[  227.275123][   T23] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.289017][   T23] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.314917][   T23] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  227.342961][   T23] usb 2-1: config 0 interface 0 has no altsetting 0
[  227.349641][   T23] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  227.372956][   T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.406275][   T23] usb 2-1: config 0 descriptor??
[  227.413977][ T9436] loop3: detected capacity change from 0 to 4096
[  227.431609][ T9436] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  227.512106][ T9436] ntfs: volume version 3.1.
[  227.842042][   T23] hid (null): global environment stack underflow
[  227.869968][   T23] hid (null): invalid report_count 107748025
[  228.082579][   T23] usb 2-1: USB disconnect, device number 12
[  228.370101][ T9456] loop4: detected capacity change from 0 to 128
[  228.426235][ T9456] VFS: Found a Xenix FS (block size = 512) on device loop4
[  228.505067][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.505067][ T9456] loop4: rw=2049, sector=2066843070, nr_sectors = 1 limit=128
[  228.542153][ T9456] Buffer I/O error on dev loop4, logical block 2066843070, lost async page write
[  228.563961][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.563961][ T9456] loop4: rw=2049, sector=8767744, nr_sectors = 1 limit=128
[  228.597295][ T9456] Buffer I/O error on dev loop4, logical block 8767744, lost async page write
[  228.622788][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.622788][ T9456] loop4: rw=2049, sector=13269809, nr_sectors = 1 limit=128
[  228.660315][ T9456] Buffer I/O error on dev loop4, logical block 13269809, lost async page write
[  228.680625][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.680625][ T9456] loop4: rw=2049, sector=1157, nr_sectors = 1 limit=128
[  228.712670][ T9456] Buffer I/O error on dev loop4, logical block 1157, lost async page write
[  228.743042][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.743042][ T9456] loop4: rw=2049, sector=3211264, nr_sectors = 1 limit=128
[  228.785133][ T9456] Buffer I/O error on dev loop4, logical block 3211264, lost async page write
[  228.816264][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.816264][ T9456] loop4: rw=2049, sector=8768635, nr_sectors = 1 limit=128
[  228.853659][ T9456] Buffer I/O error on dev loop4, logical block 8768635, lost async page write
[  228.873728][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.873728][ T9456] loop4: rw=2049, sector=13466417, nr_sectors = 1 limit=128
[  228.908077][ T9456] Buffer I/O error on dev loop4, logical block 13466417, lost async page write
[  228.932916][ T9456] syz.4.1392: attempt to access beyond end of device
[  228.932916][ T9456] loop4: rw=2049, sector=209285, nr_sectors = 1 limit=128
[  228.969098][ T9456] Buffer I/O error on dev loop4, logical block 209285, lost async page write
[  229.181560][ T6003] sysv_free_block: trying to free block not in datazone
[  229.233042][ T6003] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  231.281736][ T9485] loop1: detected capacity change from 0 to 32768
[  231.290050][ T9485] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.1405 (9485)
[  231.320637][ T9485] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  231.337441][ T9485] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  231.349571][ T9485] BTRFS info (device loop1): enabling auto defrag
[  231.361695][ T9485] BTRFS info (device loop1): doing ref verification
[  231.370884][ T9485] BTRFS info (device loop1): use no compression
[  231.386223][ T9485] BTRFS info (device loop1): force clearing of disk cache
[  231.400348][ T9485] BTRFS info (device loop1): setting nodatacow, compression disabled
[  231.473905][ T9485] BTRFS info (device loop1): disabling free space tree
[  231.507690][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.636832][ T9485] BTRFS info (device loop1): enabling ssd optimizations
[  231.644043][ T9485] BTRFS info (device loop1): auto enabling async discard
[  231.653096][ T9485] BTRFS info (device loop1): rebuilding free space tree
[  231.671125][ T9485] BTRFS info (device loop1): disabling free space tree
[  231.678302][ T9485] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  231.688169][ T9485] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  231.749055][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.896660][ T9517] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  231.896828][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.941841][ T5785] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  232.131081][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.625569][ T5795] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  232.682991][ T5795] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  232.698477][ T5795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  232.725419][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  232.741861][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  232.750067][ T5100] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  233.440348][   T28] audit: type=1326 audit(2000000000.910:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9546 comm="syz.3.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1af8e929 code=0x7ffc0000
[  233.523147][   T28] audit: type=1326 audit(2000000000.910:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9546 comm="syz.3.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1af8e929 code=0x7ffc0000
[  233.585559][   T28] audit: type=1326 audit(2000000000.910:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9546 comm="syz.3.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f9f1af8e929 code=0x7ffc0000
[  233.641644][ T9528] chnl_net:caif_netlink_parms(): no params data found
[  233.648930][   T28] audit: type=1326 audit(2000000000.910:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9546 comm="syz.3.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1af8e929 code=0x7ffc0000
[  234.112981][ T5847] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  234.153788][ T9528] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.160924][ T9528] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.213237][ T9528] bridge_slave_0: entered allmulticast mode
[  234.220621][ T9528] bridge_slave_0: entered promiscuous mode
[  234.276691][ T9528] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.284019][ T9528] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.291243][ T9528] bridge_slave_1: entered allmulticast mode
[  234.303067][ T5847] usb 2-1: Using ep0 maxpacket: 8
[  234.314507][ T5847] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  234.318681][ T9528] bridge_slave_1: entered promiscuous mode
[  234.333108][ T5847] usb 2-1: config 179 has no interface number 0
[  234.365022][ T5847] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  234.382912][ T5847] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  234.403245][ T5847] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  234.424884][ T5847] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  234.442975][ T5847] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  234.476721][ T5847] usb 2-1: config 179 interface 65 has no altsetting 0
[  234.503010][ T5847] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  234.528080][   T36] hsr_slave_0: left promiscuous mode
[  234.532450][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.542402][   T36] hsr_slave_1: left promiscuous mode
[  234.553612][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  234.561919][ T5847] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input26
[  234.571311][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  234.591700][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.609457][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  234.621915][   T36] bridge_slave_1: left allmulticast mode
[  234.638221][   T36] bridge_slave_1: left promiscuous mode
[  234.654196][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.676182][   T36] bridge_slave_0: left allmulticast mode
[  234.681894][   T36] bridge_slave_0: left promiscuous mode
[  234.698053][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.794390][   T36] veth1_macvtap: left promiscuous mode
[  234.813028][   T50] Bluetooth: hci1: command tx timeout
[  234.819932][   T36] veth0_macvtap: left promiscuous mode
[  234.835897][   T36] veth1_vlan: left promiscuous mode
[  234.841734][   T36] veth0_vlan: left promiscuous mode
[  234.868236][ T5847] usb 2-1: USB disconnect, device number 13
[  234.868301][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  234.884752][ T5847] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  235.173049][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1434'.
[  235.308514][ T9560] loop3: detected capacity change from 0 to 32768
[  235.352369][ T9560] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  235.370467][ T9560] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  235.478466][ T9569] loop1: detected capacity change from 0 to 512
[  235.497668][ T9560] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  235.500775][ T9569] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1435: casefold flag without casefold feature
[  235.519408][ T9569] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1435: couldn't read orphan inode 15 (err -117)
[  235.546377][ T9569] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.599142][ T9560] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  235.725906][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.135895][ T9577] Bluetooth: hci4: Frame reassembly failed (-84)
[  236.145265][ T1086] Bluetooth: hci4: Frame reassembly failed (-84)
[  236.363413][   T36] team0 (unregistering): Port device team_slave_1 removed
[  236.422619][   T36] team0 (unregistering): Port device team_slave_0 removed
[  236.544330][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  236.615477][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  236.902002][ T5100] Bluetooth: hci1: command tx timeout
[  237.425222][   T36] bond0 (unregistering): Released all slaves
[  237.579214][ T9528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.611355][ T9528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.728494][ T9528] team0: Port device team_slave_0 added
[  237.754632][ T9528] team0: Port device team_slave_1 added
[  237.763505][ T9584] tap0: tun_chr_ioctl cmd 1074025677
[  237.768981][ T9584] tap0: linktype set to 776
[  237.836710][ T9528] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.883722][ T9528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.926337][ T9528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.949649][ T9528] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.959681][ T9528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.001002][ T9528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.098256][ T9528] hsr_slave_0: entered promiscuous mode
[  238.114951][ T9528] hsr_slave_1: entered promiscuous mode
[  238.121118][ T9528] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.128951][ T9528] Cannot create hsr debugfs directory
[  238.168297][   T36] IPVS: stop unused estimator thread 0...
[  238.175064][ T5100] Bluetooth: hci4: command 0xfc11 tx timeout
[  238.182083][   T50] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  238.323183][    T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  238.392690][ T9594] loop3: detected capacity change from 0 to 256
[  238.410605][ T9594] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  238.475272][ T9528] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  238.486861][ T9528] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  238.499229][ T9528] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  238.525174][ T9528] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  238.544891][    T8] usb 1-1: Using ep0 maxpacket: 32
[  238.557851][    T8] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  238.580471][    T8] usb 1-1: config 0 has no interface number 0
[  238.616240][    T8] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  238.632986][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.641118][    T8] usb 1-1: Product: syz
[  238.657988][    T8] usb 1-1: Manufacturer: syz
[  238.668843][    T8] usb 1-1: SerialNumber: syz
[  238.697479][    T8] usb 1-1: config 0 descriptor??
[  238.714210][    T8] smsc95xx v2.0.0
[  238.874334][ T9528] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.919999][ T9528] 8021q: adding VLAN 0 to HW filter on device team0
[  238.944480][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.951864][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.975847][   T50] Bluetooth: hci1: command tx timeout
[  238.996188][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.003415][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.267601][ T9623] loop1: detected capacity change from 0 to 512
[  239.298206][ T9623] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.1455: corrupted in-inode xattr: invalid ea_ino
[  239.338165][    T8] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -61
[  239.356608][ T9623] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1455: couldn't read orphan inode 15 (err -117)
[  239.368799][    T8] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  239.414249][ T9623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.476130][ T9528] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.539486][    T8] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  239.561389][    T8] smsc95xx: probe of 1-1:0.67 failed with error -71
[  239.580803][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.583259][    T8] usb 1-1: USB disconnect, device number 8
[  239.705288][ T9637] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1458'.
[  240.008361][ T9528] veth0_vlan: entered promiscuous mode
[  240.022790][ T9528] veth1_vlan: entered promiscuous mode
[  240.072675][ T9528] veth0_macvtap: entered promiscuous mode
[  240.091774][ T9528] veth1_macvtap: entered promiscuous mode
[  240.144464][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.155530][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.166050][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.177461][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.190837][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.212940][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.229284][ T9528] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.239415][ T9646] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.252041][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.269353][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.280717][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.300296][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.310733][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  240.321411][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.331608][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.349140][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.363733][ T9528] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.380555][ T9646] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.393295][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.447359][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.463474][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.479094][ T9644] loop1: detected capacity change from 0 to 40427
[  240.489867][ T9528] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.500524][ T9528] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.510788][ T9528] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.528621][ T9644] F2FS-fs (loop1): Found nat_bits in checkpoint
[  240.539514][ T9528] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.580576][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.596037][ T9644] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  240.618815][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.634138][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.649488][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.687605][ T9647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1461'.
[  240.801581][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.830084][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.913529][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.922496][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.045827][ T9644] syz.1.1460 (9644): drop_caches: 2
[  241.063391][   T50] Bluetooth: hci1: command tx timeout
[  241.094957][ T9659] usb usb8: usbfs: process 9659 (syz.0.1464) did not claim interface 6 before use
[  241.324217][ T9657] loop3: detected capacity change from 0 to 32768
[  241.340595][ T9657] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1463 (9657)
[  241.379886][ T9657] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  241.413038][ T9657] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  241.426070][ T9657] BTRFS info (device loop3): doing ref verification
[  241.453307][ T9657] BTRFS info (device loop3): doing ref verification
[  241.471834][ T9657] BTRFS info (device loop3): force zlib compression, level 3
[  241.491952][ T9657] BTRFS info (device loop3): force clearing of disk cache
[  241.509737][ T9657] BTRFS info (device loop3): turning on sync discard
[  241.526841][ T9657] BTRFS info (device loop3): disabling free space tree
[  241.612055][ T9672] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  241.667632][ T9657] BTRFS info (device loop3): enabling ssd optimizations
[  241.688227][ T9657] BTRFS info (device loop3): rebuilding free space tree
[  241.767818][ T9657] BTRFS info (device loop3): disabling free space tree
[  241.789154][ T9657] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  241.803002][ T9657] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  241.815364][ T9691] loop5: detected capacity change from 0 to 8
[  241.893145][ T5847] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  241.910031][   T28] audit: type=1800 audit(2000000009.380:283): pid=9657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1463" name="file1" dev="loop3" ino=260 res=0 errno=0
[  242.002146][ T9695] loop1: detected capacity change from 0 to 512
[  242.035892][ T9695] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.050233][ T9695] ext4 filesystem being mounted at /329/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.103103][ T5847] usb 1-1: Using ep0 maxpacket: 16
[  242.115388][ T9695] fs-verity (loop1, inode 15): Unrecognized descriptor size: 0 bytes
[  242.151324][ T5847] usb 1-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice=80.f2
[  242.173328][ T5847] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.181451][ T5847] usb 1-1: Product: syz
[  242.210971][ T5847] usb 1-1: Manufacturer: syz
[  242.225649][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.231220][ T8989] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  242.236014][ T5847] usb 1-1: SerialNumber: syz
[  242.286185][ T5847] usb 1-1: config 0 descriptor??
[  242.364569][ T5847] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  242.436067][ T5847] snd-usb-audio: probe of 1-1:0.0 failed with error -2
[  242.654139][ T5847] usb 1-1: USB disconnect, device number 9
[  242.891799][ T9718] tap0: tun_chr_ioctl cmd 2147767507
[  242.945888][ T9721] loop1: detected capacity change from 0 to 256
[  242.966502][ T9721] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  243.453623][ T9737] input: syz0 as /devices/virtual/input/input27
[  243.996761][ T9725] loop5: detected capacity change from 0 to 40427
[  244.026806][ T9725] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  244.050865][ T9725] F2FS-fs (loop5): invalid crc value
[  244.063019][ T9725] F2FS-fs (loop5): Found nat_bits in checkpoint
[  244.149625][ T9740] loop3: detected capacity change from 0 to 32768
[  244.190289][ T9740] ERROR: (device loop3): jfs_readdir: DT_GETPAGE: dtree page corrupt
[  244.190289][ T9740] 
[  244.222248][ T9725] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  244.233943][ T9740] ERROR: (device loop3): remounting filesystem as read-only
[  244.393024][   T28] audit: type=1326 audit(2000000011.850:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9757 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa29278e929 code=0x7ffc0000
[  244.415333][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.438616][ T9528] syz-executor: attempt to access beyond end of device
[  244.438616][ T9528] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  244.451169][   T28] audit: type=1326 audit(2000000011.860:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9757 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa29278e929 code=0x7ffc0000
[  244.465218][ T9528] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  244.525521][   T28] audit: type=1326 audit(2000000011.860:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9757 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fa29278e929 code=0x7ffc0000
[  244.589487][   T28] audit: type=1326 audit(2000000011.860:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9757 comm="syz.0.1500" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa29278e929 code=0x0
[  245.101897][ T9770] loop1: detected capacity change from 0 to 1764
[  245.477584][ T9782] loop1: detected capacity change from 0 to 2048
[  245.494199][ T9784] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  245.499362][ T9782] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  246.071645][ T9797] loop1: detected capacity change from 0 to 512
[  246.127233][ T9797] EXT4-fs (loop1): orphan cleanup on readonly fs
[  246.179611][ T9797] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1516: bad orphan inode 13
[  246.206857][ T9800] loop3: detected capacity change from 0 to 512
[  246.232566][ T9797] ext4_test_bit(bit=12, block=18) = 1
[  246.248774][ T9800] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  246.269108][ T9797] is_bad_inode(inode)=0
[  246.285238][ T9797] NEXT_ORPHAN(inode)=2130706432
[  246.309699][ T9797] max_ino=32
[  246.317787][ T9797] i_nlink=1
[  246.322530][ T9797] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  246.322984][ T9800] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  246.392965][ T9800] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  246.424117][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.447473][ T9800] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  246.462984][ T9800] System zones: 0-2, 18-18, 34-34
[  246.498138][ T9800] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1518: iget: bad i_size value: 360287970189639680
[  246.514863][ T9800] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1518: couldn't read orphan inode 15 (err -117)
[  246.549149][ T9800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.685209][ T8989] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz-executor: path /50/file1: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  246.949767][ T9812] loop1: detected capacity change from 0 to 256
[  246.978597][ T9812] exfat: Deprecated parameter 'utf8'
[  246.991075][ T9812] exfat: Deprecated parameter 'namecase'
[  247.013347][ T9812] exfat: Deprecated parameter 'utf8'
[  247.047974][ T9812] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  247.148437][ T9812] syz.1.1524: attempt to access beyond end of device
[  247.148437][ T9812] loop1: rw=524288, sector=34359738488, nr_sectors = 8 limit=256
[  247.177278][ T8989] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.243814][ T9812] syz.1.1524: attempt to access beyond end of device
[  247.243814][ T9812] loop1: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  247.249763][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.285368][   T28] audit: type=1800 audit(2000000014.760:288): pid=9812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1524" name="file1" dev="loop1" ino=1048635 res=0 errno=0
[  247.315272][ T9808] loop5: detected capacity change from 0 to 32768
[  247.361515][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.510811][ T5847] usb 1-1: new low-speed USB device number 10 using dummy_hcd
[  247.552121][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.668605][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.730260][ T5847] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  247.752865][ T5847] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  247.780638][ T5847] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  247.801512][ T5847] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  247.814736][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  247.831860][ T5847] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  247.872579][ T5847] usb 1-1: string descriptor 0 read error: -22
[  247.883432][ T5847] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  247.913241][ T5847] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.943664][ T5847] usb 1-1: config 0 descriptor??
[  247.949681][ T9814] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  247.964206][ T5847] hub 1-1:0.0: bad descriptor, ignoring hub
[  247.979242][ T5847] hub: probe of 1-1:0.0 failed with error -5
[  247.998058][ T5847] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input28
[  248.066781][ T9825] loop1: detected capacity change from 0 to 512
[  248.117668][ T9825] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  248.184909][ T9825] EXT4-fs (loop1): 1 truncate cleaned up
[  248.200567][ T9825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.258109][    T8] usb 1-1: USB disconnect, device number 10
[  248.390622][ T5100] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  248.401889][ T5100] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  248.446265][ T5100] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  248.459136][ T5100] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  248.471250][ T5100] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  248.480692][ T5100] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  248.534206][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.441876][ T9831] chnl_net:caif_netlink_parms(): no params data found
[  249.703017][ T5848] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  249.729800][   T36] hsr_slave_0: left promiscuous mode
[  249.746987][   T36] hsr_slave_1: left promiscuous mode
[  249.759190][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  249.773115][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  249.789412][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  249.797265][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.805293][   T36] bridge_slave_1: left allmulticast mode
[  249.811061][   T36] bridge_slave_1: left promiscuous mode
[  249.823052][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.851277][   T36] bridge_slave_0: left allmulticast mode
[  249.857454][   T36] bridge_slave_0: left promiscuous mode
[  249.873108][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.903085][ T5848] usb 2-1: Using ep0 maxpacket: 32
[  249.914578][ T5848] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  249.922790][ T5848] usb 2-1: config 0 has no interface number 0
[  249.953232][ T5848] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  249.962407][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.976611][   T36] veth1_macvtap: left promiscuous mode
[  249.982462][   T36] veth0_macvtap: left promiscuous mode
[  249.988052][ T5848] usb 2-1: Product: syz
[  249.992250][ T5848] usb 2-1: Manufacturer: syz
[  249.997656][   T36] veth1_vlan: left promiscuous mode
[  250.002980][ T5848] usb 2-1: SerialNumber: syz
[  250.010770][   T36] veth0_vlan: left promiscuous mode
[  250.017615][ T5848] usb 2-1: config 0 descriptor??
[  250.027844][ T5848] smsc95xx v2.0.0
[  250.453096][ T5848] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  250.465137][ T5848] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  250.580238][ T5100] Bluetooth: hci3: command tx timeout
[  250.678333][ T5848] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  250.690708][ T5848] smsc95xx: probe of 2-1:0.67 failed with error -71
[  250.701118][ T5848] usb 2-1: USB disconnect, device number 14
[  250.852613][ T9869] ieee802154 phy1 wpan1: encryption failed: -22
[  251.074600][   T36] team0 (unregistering): Port device team_slave_1 removed
[  251.140082][   T36] team0 (unregistering): Port device team_slave_0 removed
[  251.236758][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  251.354535][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  251.390671][ T9877] loop1: detected capacity change from 0 to 64
[  252.373376][   T36] bond0 (unregistering): Released all slaves
[  252.655530][ T5100] Bluetooth: hci3: command tx timeout
[  252.670811][ T9831] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.671124][ T9891] input: syz1 as /devices/virtual/input/input29
[  252.693307][ T9831] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.732901][ T9831] bridge_slave_0: entered allmulticast mode
[  252.758618][ T9831] bridge_slave_0: entered promiscuous mode
[  252.813340][ T9831] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.822341][ T9897] mkiss: ax0: crc mode is auto.
[  252.839598][ T9831] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.860610][ T9831] bridge_slave_1: entered allmulticast mode
[  252.881370][ T9831] bridge_slave_1: entered promiscuous mode
[  253.037489][ T9831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.086196][ T9831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.245336][ T9831] team0: Port device team_slave_0 added
[  253.266788][ T9831] team0: Port device team_slave_1 added
[  253.371586][ T9831] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.388900][ T9831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.433684][ T9831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.461167][ T9831] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.470308][ T9831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.512229][ T9831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.657887][ T9831] hsr_slave_0: entered promiscuous mode
[  253.672551][ T9831] hsr_slave_1: entered promiscuous mode
[  253.679424][ T9831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  253.687486][ T9831] Cannot create hsr debugfs directory
[  253.893782][   T54] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  254.083084][   T54] usb 2-1: Using ep0 maxpacket: 8
[  254.095296][   T54] usb 2-1: config 0 has no interfaces?
[  254.101096][   T54] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  254.123159][ T9831] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  254.130927][   T54] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.142548][ T9831] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  254.161511][   T54] usb 2-1: config 0 descriptor??
[  254.167377][ T9831] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  254.190321][ T9831] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  254.381549][   T54] usb 2-1: USB disconnect, device number 15
[  254.387809][ T9831] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.419113][ T9918] loop5: detected capacity change from 0 to 32768
[  254.440978][ T9831] 8021q: adding VLAN 0 to HW filter on device team0
[  254.469082][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.476635][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.488421][ T9918] add_index: next_index = 0.  Resetting!
[  254.512250][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.519522][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.527168][ T9918] find_entry called with index >= next_index
[  254.543045][ T9918] find_entry called with index >= next_index
[  254.549079][ T9918] find_entry called with index >= next_index
[  254.583002][ T9918] find_entry called with index >= next_index
[  254.732968][ T5100] Bluetooth: hci3: command tx timeout
[  255.055083][ T9831] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.356446][ T9947] loop5: detected capacity change from 0 to 512
[  255.363676][   T54] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  255.392496][ T9947] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  255.412995][ T9947] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  255.441293][ T9947] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  255.456266][ T9947] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  255.476653][ T9947] System zones: 0-2, 18-18, 34-34
[  255.492044][ T9947] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.1575: iget: bad i_size value: 360287970189639680
[  255.537138][ T9947] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.1575: couldn't read orphan inode 15 (err -117)
[  255.539498][ T9831] veth0_vlan: entered promiscuous mode
[  255.555187][   T54] usb 2-1: Using ep0 maxpacket: 32
[  255.566407][   T54] usb 2-1: config 0 interface 0 altsetting 74 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.584129][ T9947] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.591525][ T9831] veth1_vlan: entered promiscuous mode
[  255.614016][   T54] usb 2-1: config 0 interface 0 altsetting 74 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.633337][   T54] usb 2-1: config 0 interface 0 has no altsetting 0
[  255.640285][   T54] usb 2-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  255.678064][   T54] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.699879][   T54] usb 2-1: config 0 descriptor??
[  255.726261][ T9831] veth0_macvtap: entered promiscuous mode
[  255.760207][ T9831] veth1_macvtap: entered promiscuous mode
[  255.778316][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  255.789233][ T9528] EXT4-fs error (device loop5): ext4_readdir:263: inode #2: block 3: comm syz-executor: path /28/file1: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  255.841052][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.870090][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.881173][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.896121][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.906109][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.916721][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.928855][ T9831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.026989][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.039053][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.049117][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.060457][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.071245][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  256.082648][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.094360][ T9831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.105515][ T9831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.117841][ T9831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.142263][ T9831] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.152036][ T9831] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.160905][ T9831] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.168040][   T54] petalynx 0003:18B1:0037.0008: unknown main item tag 0x0
[  256.170083][ T9831] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.183888][   T54] petalynx 0003:18B1:0037.0008: unknown main item tag 0x0
[  256.195005][   T54] petalynx 0003:18B1:0037.0008: item fetching failed at offset 2/3
[  256.205095][   T54] petalynx 0003:18B1:0037.0008: parse failed
[  256.211328][   T54] petalynx: probe of 0003:18B1:0037.0008 failed with error -22
[  256.244708][ T9528] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.356971][ T1086] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.404499][ T5846] usb 2-1: USB disconnect, device number 16
[  256.465521][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.479773][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.536519][ T1086] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.601092][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.624139][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.661740][ T1086] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.805217][ T1086] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.814910][ T5100] Bluetooth: hci3: command tx timeout
[  257.176832][   T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  257.190573][   T50] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  257.213132][   T50] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  257.232896][   T50] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  257.251042][   T50] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  257.258976][   T50] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  257.308499][ T9967] loop1: detected capacity change from 0 to 4096
[  258.362268][ T9968] chnl_net:caif_netlink_parms(): no params data found
[  258.520912][T10008] loop6: detected capacity change from 0 to 512
[  258.544481][T10008] EXT4-fs: Ignoring removed orlov option
[  258.556908][T10008] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  258.571559][T10008] EXT4-fs (loop6): orphan cleanup on readonly fs
[  258.623793][T10008] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.1599: bg 0: block 248: padding at end of block bitmap is not set
[  258.646333][T10008] Quota error (device loop6): write_blk: dquota write failed
[  258.655097][T10008] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  258.667273][T10008] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.1599: Failed to acquire dquot type 1
[  258.707095][T10008] EXT4-fs (loop6): 1 truncate cleaned up
[  258.751284][T10008] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  258.794251][ T9968] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.823021][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.843703][ T9968] bridge_slave_0: entered allmulticast mode
[  258.851076][ T9968] bridge_slave_0: entered promiscuous mode
[  258.874119][T10008] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  258.925855][T10008] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  258.944088][T10008] ext4 filesystem being remounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.984030][T10008] Quota error (device loop6): write_blk: dquota write failed
[  258.995635][ T9968] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.003172][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.010817][T10008] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota
[  259.021820][ T9968] bridge_slave_1: entered allmulticast mode
[  259.029057][T10008] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.1599: Failed to acquire dquot type 1
[  259.046680][ T9968] bridge_slave_1: entered promiscuous mode
[  259.118671][ T1086] hsr_slave_0: left promiscuous mode
[  259.126776][ T1086] hsr_slave_1: left promiscuous mode
[  259.162061][ T1086] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.180011][ T1086] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.194862][ T9831] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.215370][   T11] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-5
[  259.225936][ T1086] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.238404][   T11] EXT4-fs error (device loop6): ext4_release_dquot:6974: comm kworker/u4:0: Failed to release dquot type 1
[  259.250034][ T1086] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.271888][ T1086] bridge_slave_1: left allmulticast mode
[  259.277968][ T1086] bridge_slave_1: left promiscuous mode
[  259.291576][ T1086] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.320577][ T1086] bridge_slave_0: left allmulticast mode
[  259.328964][ T1086] bridge_slave_0: left promiscuous mode
[  259.343295][ T1086] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.374025][ T5100] Bluetooth: hci1: command tx timeout
[  259.458832][ T1086] veth1_macvtap: left promiscuous mode
[  259.464730][ T1086] veth0_macvtap: left promiscuous mode
[  259.470427][ T1086] veth1_vlan: left promiscuous mode
[  259.494416][ T1086] veth0_vlan: left promiscuous mode
[  259.940591][T10035] loop6: detected capacity change from 0 to 32768
[  259.948185][T10035] XFS: noikeep mount option is deprecated.
[  259.952640][   T23] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  260.004889][T10035] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  260.101785][T10035] XFS (loop6): Ending clean mount
[  260.116703][T10035] XFS (loop6): Quotacheck needed: Please wait.
[  260.166633][   T23] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  260.182507][   T23] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  260.204302][   T23] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  260.219023][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.236020][   T23] usb 1-1: Product: syz
[  260.240235][T10035] XFS (loop6): Quotacheck: Done.
[  260.240256][   T23] usb 1-1: Manufacturer: syz
[  260.245543][   T23] usb 1-1: SerialNumber: syz
[  260.413685][ T9831] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  260.482371][   T23] usb 1-1: 0:2 : does not exist
[  260.511101][   T23] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  260.565117][   T23] usb 1-1: USB disconnect, device number 11
[  260.598590][ T1086] team0 (unregistering): Port device team_slave_1 removed
[  260.734082][ T1086] team0 (unregistering): Port device team_slave_0 removed
[  260.840671][ T1086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.943963][ T1086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.463299][ T5100] Bluetooth: hci1: command tx timeout
[  261.587626][ T1086] bond0 (unregistering): Released all slaves
[  261.705154][ T9968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  261.754814][ T9968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  261.955162][ T9968] team0: Port device team_slave_0 added
[  261.994406][ T9968] team0: Port device team_slave_1 added
[  262.135103][ T9968] batman_adv: batadv0: Adding interface: batadv_slave_0
[  262.142143][ T9968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.232875][ T9968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  262.257352][ T9968] batman_adv: batadv0: Adding interface: batadv_slave_1
[  262.284259][ T9968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.310180][    C0] vkms_vblank_simulate: vblank timer overrun
[  262.386834][ T9968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.562578][ T9968] hsr_slave_0: entered promiscuous mode
[  262.571623][ T9968] hsr_slave_1: entered promiscuous mode
[  262.580353][ T9968] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  262.593149][ T9968] Cannot create hsr debugfs directory
[  262.607487][T10055] loop1: detected capacity change from 0 to 32768
[  262.656810][T10071] loop6: detected capacity change from 0 to 1024
[  262.661461][T10055] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  262.674498][T10071] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  262.756875][T10071] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.837775][T10055] XFS (loop1): Ending clean mount
[  262.858255][ T9831] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.862524][T10055] XFS (loop1): Quotacheck needed: Please wait.
[  262.969675][T10055] XFS (loop1): Quotacheck: Done.
[  263.166921][ T9968] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  263.186853][ T9968] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  263.198052][ T9968] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  263.218376][ T9968] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  263.240692][ T5785] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  263.495981][ T9968] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.533131][ T5100] Bluetooth: hci1: command tx timeout
[  263.589921][ T9968] 8021q: adding VLAN 0 to HW filter on device team0
[  263.658032][ T1086] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.665269][ T1086] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.676344][ T1086] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.683587][ T1086] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.760697][ T9968] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  263.800272][ T9968] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  264.249292][ T9968] 8021q: adding VLAN 0 to HW filter on device batadv0
[  264.269705][T10129] __nla_validate_parse: 13 callbacks suppressed
[  264.269720][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1639'.
[  264.896238][ T9968] veth0_vlan: entered promiscuous mode
[  264.933449][ T9968] veth1_vlan: entered promiscuous mode
[  265.004733][ T9968] veth0_macvtap: entered promiscuous mode
[  265.024666][ T9968] veth1_macvtap: entered promiscuous mode
[  265.065957][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.097330][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.113104][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.133147][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.153914][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.183228][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.219991][ T9968] batman_adv: batadv0: Interface activated: batadv_slave_0
[  265.248586][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.274296][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.301534][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.331425][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.345256][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  265.377664][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.412907][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.436510][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.456936][ T9968] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.506029][ T9968] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.525206][ T9968] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.544486][ T9968] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.563845][ T9968] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.613075][ T5100] Bluetooth: hci1: command tx timeout
[  265.844053][ T6103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.866150][ T6103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.956015][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.977043][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.019661][T10181] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1660'.
[  266.661163][T10167] loop6: detected capacity change from 0 to 40427
[  266.695140][T10167] F2FS-fs (loop6): Invalid log blocks per segment (83886089)
[  266.702777][T10167] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  266.745605][T10167] F2FS-fs (loop6): invalid crc value
[  266.784521][T10167] F2FS-fs (loop6): Found nat_bits in checkpoint
[  266.894715][T10167] F2FS-fs (loop6): Start checkpoint disabled!
[  266.970546][T10167] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  266.992951][T10167] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  267.186510][T10217] loop7: detected capacity change from 0 to 512
[  267.269434][T10217] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.313162][T10217] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  267.358244][   T36] kworker/u4:2: attempt to access beyond end of device
[  267.358244][   T36] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  267.361669][T10217] EXT4-fs error (device loop7): ext4_do_update_inode:5230: inode #2: comm syz.7.1673: corrupted inode contents
[  267.375157][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  267.393141][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  267.408865][T10217] EXT4-fs error (device loop7): ext4_dirty_inode:6106: inode #2: comm syz.7.1673: mark_inode_dirty error
[  267.436148][T10217] EXT4-fs error (device loop7): ext4_do_update_inode:5230: inode #2: comm syz.7.1673: corrupted inode contents
[  267.501381][T10229] EXT4-fs error (device loop7): ext4_do_update_inode:5230: inode #2: comm syz.7.1673: corrupted inode contents
[  267.619350][ T9968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.797915][T10238] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1682'.
[  268.234312][T10250] input: syz0 as /devices/virtual/input/input30
[  268.579899][T10262] loop6: detected capacity change from 0 to 128
[  268.615301][T10262] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  268.658133][T10262] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  268.793433][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1695'.
[  268.854479][ T9831] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  269.019596][T10281] loop7: detected capacity change from 0 to 764
[  269.069134][T10281] rock: directory entry would overflow storage
[  269.076326][T10281] rock: sig=0x4654, size=5, remaining=4
[  269.323190][T10288] syz.7.1703 uses obsolete (PF_INET,SOCK_PACKET)
[  269.776670][T10306] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1712'.
[  270.121896][T10318] loop6: detected capacity change from 0 to 1024
[  270.152428][T10318] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.188973][T10324] mkiss: ax0: crc mode is auto.
[  270.219903][T10318] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  270.245940][T10318] EXT4-fs (loop6): Remounting filesystem read-only
[  270.259160][T10318] EXT4-fs (loop6): error restoring inline_data for inode -- potential data loss! (inode 15, error -5)
[  270.311755][ T9831] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.462742][T10334] loop7: detected capacity change from 0 to 8
[  270.470409][T10334] squashfs: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÚ�€úù)Å'
[  270.939824][T10352] loop7: detected capacity change from 0 to 1024
[  270.979968][T10356] loop1: detected capacity change from 0 to 64
[  271.018450][T10352] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.173549][T10352] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  271.196399][T10364] @: renamed from vlan0 (while UP)
[  271.212535][T10352] EXT4-fs (loop7): Remounting filesystem read-only
[  271.249438][T10352] EXT4-fs (loop7): error restoring inline_data for inode -- potential data loss! (inode 15, error -5)
[  271.375916][ T9968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.417101][   T28] audit: type=1326 audit(2000000038.880:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10366 comm="syz.1.1737" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3b718e929 code=0x0
[  271.472578][   T28] audit: type=1326 audit(2000000038.930:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10366 comm="syz.1.1737" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7fe3b718e929 code=0x0
[  271.629925][T10344] loop6: detected capacity change from 0 to 40427
[  271.646969][T10344] F2FS-fs (loop6): Invalid segment/section count (31 != 24 * 1)
[  271.664649][T10344] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  271.683345][T10344] F2FS-fs (loop6): heap/no_heap options were deprecated
[  271.712956][T10344] F2FS-fs (loop6): invalid crc value
[  271.737974][T10344] F2FS-fs (loop6): Found nat_bits in checkpoint
[  271.884742][T10344] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  271.891862][T10344] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  272.112072][ T9831] syz-executor: attempt to access beyond end of device
[  272.112072][ T9831] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  272.136626][ T9831] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  272.732171][T10377] loop7: detected capacity change from 0 to 32768
[  272.842286][   T28] audit: type=1800 audit(2000000040.310:291): pid=10377 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1742" name="bus" dev="loop7" ino=4096 res=0 errno=0
[  273.023122][ T5839] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  273.237015][ T5839] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  273.268824][ T5839] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.293664][ T5839] usb 1-1: config 0 interface 0 has no altsetting 0
[  273.308907][ T5839] usb 1-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  273.330918][ T5839] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.363346][ T5839] usb 1-1: config 0 descriptor??
[  273.552922][    T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  273.743130][    T8] usb 7-1: Using ep0 maxpacket: 32
[  273.754918][    T8] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  273.778524][    T8] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  273.802889][    T8] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  273.805919][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.811232][    T8] usb 7-1: Product: syz
[  273.833588][    T8] usb 7-1: Manufacturer: syz
[  273.838339][    T8] usb 7-1: SerialNumber: syz
[  273.839768][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.855302][    T8] usb 7-1: config 0 descriptor??
[  273.861110][T10387] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  273.878811][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.888942][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.894549][    T8] hub 7-1:0.0: bad descriptor, ignoring hub
[  273.907734][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.919003][    T8] hub: probe of 7-1:0.0 failed with error -5
[  273.923041][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.942484][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.973231][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  273.980437][ T5839] hid-alps 0003:044E:120B.0009: unknown main item tag 0x0
[  274.008323][ T5839] hid-alps 0003:044E:120B.0009: item fetching failed at offset 9/11
[  274.029599][ T5839] hid-alps 0003:044E:120B.0009: parse failed
[  274.043326][ T5839] hid-alps: probe of 0003:044E:120B.0009 failed with error -22
[  274.076187][ T5839] usb 1-1: USB disconnect, device number 12
[  274.293542][ T5846] usb 7-1: USB disconnect, device number 2
[  274.350896][T10395] loop7: detected capacity change from 0 to 32768
[  274.359914][T10395] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 scanned by syz.7.1751 (10395)
[  274.399260][T10395] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  274.410662][T10395] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm
[  274.419770][T10395] BTRFS info (device loop7): enabling ssd optimizations
[  274.427181][T10395] BTRFS info (device loop7): using spread ssd allocation scheme
[  274.435096][T10395] BTRFS info (device loop7): using free space tree
[  274.479393][T10395] BTRFS info (device loop7): auto enabling async discard
[  274.643255][ T9968] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  275.355773][T10437] bridge_slave_0: invalid flags given to default FDB implementation
[  276.261154][T10475] loop6: detected capacity change from 0 to 256
[  276.378267][T10481] loop7: detected capacity change from 0 to 256
[  276.439857][T10481] FAT-fs (loop7): Directory bread(block 64) failed
[  276.446798][T10481] FAT-fs (loop7): Directory bread(block 65) failed
[  276.454784][T10481] FAT-fs (loop7): Directory bread(block 66) failed
[  276.461428][T10481] FAT-fs (loop7): Directory bread(block 67) failed
[  276.468215][T10481] FAT-fs (loop7): Directory bread(block 68) failed
[  276.482883][T10481] FAT-fs (loop7): Directory bread(block 69) failed
[  276.489535][T10481] FAT-fs (loop7): Directory bread(block 70) failed
[  276.512677][T10485] loop6: detected capacity change from 0 to 128
[  276.519507][T10481] FAT-fs (loop7): Directory bread(block 71) failed
[  276.529752][T10481] FAT-fs (loop7): Directory bread(block 72) failed
[  276.536553][T10481] FAT-fs (loop7): Directory bread(block 73) failed
[  276.556077][   T28] audit: type=1800 audit(2000000044.030:292): pid=10485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1785" name="file2" dev="loop6" ino=1048642 res=0 errno=0
[  276.568459][T10485] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  276.603986][T10485] FAT-fs (loop6): Filesystem has been set read-only
[  276.610655][T10485] syz.6.1785: attempt to access beyond end of device
[  276.610655][T10485] loop6: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  276.631147][T10485] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  276.647714][T10485] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  276.669489][T10485] syz.6.1785: attempt to access beyond end of device
[  276.669489][T10485] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  276.692414][T10485] syz.6.1785: attempt to access beyond end of device
[  276.692414][T10485] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  276.724359][T10485] syz.6.1785: attempt to access beyond end of device
[  276.724359][T10485] loop6: rw=0, sector=2072, nr_sectors = 1 limit=128
[  277.023799][T10495] sctp: [Deprecated]: syz.6.1790 (pid 10495) Use of int in max_burst socket option.
[  277.023799][T10495] Use struct sctp_assoc_value instead
[  277.125776][T10501] loop7: detected capacity change from 0 to 736
[  277.199162][T10503] loop6: detected capacity change from 0 to 512
[  277.222358][T10503] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  277.340034][T10503] EXT4-fs (loop6): 1 truncate cleaned up
[  277.359312][T10503] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.508359][ T9831] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.021747][T10532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1803'.
[  278.279231][T10541] loop6: detected capacity change from 0 to 256
[  278.300980][T10541] exfat: Deprecated parameter 'namecase'
[  278.322597][T10541] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  278.742859][T10539] loop7: detected capacity change from 0 to 32768
[  278.762302][T10539] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  278.794692][ T5777] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  278.877133][T10539] XFS (loop7): Ending clean mount
[  278.889685][T10539] XFS (loop7): Quotacheck needed: Please wait.
[  278.971418][T10539] XFS (loop7): Quotacheck: Done.
[  279.012862][ T5777] usb 7-1: Using ep0 maxpacket: 16
[  279.023024][ T5777] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  279.039952][ T5777] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.058311][ T5777] usb 7-1: config 0 descriptor??
[  279.076877][ T5777] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[  279.212512][ T9968] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  279.286070][T10564] netlink: 'syz.1.1817': attribute type 21 has an invalid length.
[  279.305318][T10564] netlink: 'syz.1.1817': attribute type 1 has an invalid length.
[  279.318886][ T5777] usb 7-1: Detected FT232B
[  279.325096][T10564] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1817'.
[  279.514177][ T5777] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  279.552175][ T5777] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  279.726603][ T5839] usb 7-1: USB disconnect, device number 3
[  279.746258][ T5839] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  279.766296][ T5839] ftdi_sio 7-1:0.0: device disconnected
[  279.783159][ T5847] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  279.827534][T10580] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1824'.
[  279.973147][ T5847] usb 1-1: Using ep0 maxpacket: 16
[  279.981268][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.997933][ T5847] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  280.008054][ T5847] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.023920][ T5847] usb 1-1: config 0 descriptor??
[  280.057058][T10590] loop1: detected capacity change from 0 to 512
[  280.066056][T10590] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  280.088500][T10590] EXT4-fs (loop1): 1 truncate cleaned up
[  280.114331][T10590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.206258][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.463660][ T5847] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  280.472882][ T5847] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  280.480146][ T5847] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  280.502926][ T5847] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  280.520268][ T5847] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0
[  280.533708][ T5847] mcp2221 0003:04D8:00DD.000A: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  280.653672][    C1] usb 1-1: input irq status -75 received
[  280.796859][T10599] loop1: detected capacity change from 0 to 32768
[  280.857011][   T28] audit: type=1800 audit(2000000048.330:293): pid=10599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1832" name="bus" dev="loop1" ino=4096 res=0 errno=0
[  280.977048][ T5847] usb 1-1: USB disconnect, device number 13
[  281.415636][T10619] netlink: 864 bytes leftover after parsing attributes in process `syz.1.1841'.
[  282.023128][ T5846] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  282.202902][ T5846] usb 2-1: Using ep0 maxpacket: 8
[  282.224727][ T5846] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  282.234481][ T5846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.250141][ T5846] pvrusb2: Hardware description: Terratec Grabster AV400
[  282.257475][ T5846] pvrusb2: **********
[  282.261490][ T5846] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  282.271658][ T5846] pvrusb2: Important functionality might not be entirely working.
[  282.279537][ T5846] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  282.291894][ T5846] pvrusb2: **********
[  282.483515][ T2319] pvrusb2: Invalid write control endpoint
[  282.601073][ T2319] pvrusb2: Invalid write control endpoint
[  282.630888][ T2319] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  282.679645][ T2319] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  282.689498][ T2319] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  282.718602][ T2319] pvrusb2: Device being rendered inoperable
[  282.726484][T10634] pvrusb2: Killing an I2C write to 0 that is too large (desired=62 limit=61)
[  282.753962][ T2319] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  282.756122][    T8] usb 2-1: USB disconnect, device number 17
[  282.772477][ T2319] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  282.793315][ T2319] pvrusb2: Attached sub-driver cx25840
[  282.798967][ T2319] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  282.820564][ T2319] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  283.423159][ T5777] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  283.642900][ T5777] usb 1-1: Using ep0 maxpacket: 8
[  283.649948][ T5777] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[  283.678180][ T5777] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  283.699387][ T5777] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.712914][ T5777] usb 1-1: Product: syz
[  283.717122][ T5777] usb 1-1: Manufacturer: syz
[  283.731908][ T5777] usb 1-1: SerialNumber: syz
[  283.747055][ T5777] usb 1-1: config 0 descriptor??
[  283.775383][ T5777] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  284.301380][T10698] loop9: detected capacity change from 0 to 8
[  284.331080][T10698]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  284.344092][T10698] loop9: partition table partially beyond EOD, truncated
[  284.351491][T10698] loop9: p1 size 81768186 extends beyond EOD, truncated
[  284.374849][ T5777] gspca_zc3xx: reg_w_i err -71
[  284.393133][ T5847] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  284.572889][ T5847] usb 8-1: Using ep0 maxpacket: 32
[  284.585456][ T5847] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  284.610506][ T5847] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  284.634557][ T5847] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  284.653940][ T5847] usb 8-1: Product: syz
[  284.658250][ T5847] usb 8-1: Manufacturer: syz
[  284.669436][ T5847] usb 8-1: SerialNumber: syz
[  284.689373][ T5847] usb 8-1: config 0 descriptor??
[  284.702078][T10691] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[  284.723253][ T5847] hub 8-1:0.0: bad descriptor, ignoring hub
[  284.730528][ T5847] hub: probe of 8-1:0.0 failed with error -5
[  284.993023][ T5777] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  284.999408][ T5777] gspca_zc3xx: probe of 1-1:0.0 failed with error -71
[  285.038561][ T5777] usb 1-1: USB disconnect, device number 14
[  285.083249][ T5847] usb 8-1: USB disconnect, device number 2
[  285.380651][T10704] loop6: detected capacity change from 0 to 32768
[  285.419672][T10704] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  285.510964][T10704] XFS (loop6): Ending clean mount
[  285.531940][T10704] XFS (loop6): Quotacheck needed: Please wait.
[  285.585275][T10704] XFS (loop6): Quotacheck: Done.
[  285.665245][T10704] XFS (loop6): User initiated shutdown received.
[  285.672717][T10704] XFS (loop6): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501).  Shutting down filesystem.
[  285.710804][T10704] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  285.846605][ T9831] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  286.049383][T10742] loop7: detected capacity change from 0 to 512
[  286.113470][T10742] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
[  286.897955][T10759] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1898'.
[  286.919143][T10750] loop6: detected capacity change from 0 to 32768
[  286.965667][T10750] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.051895][T10773] loop7: detected capacity change from 0 to 2048
[  287.072637][T10773] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  287.101404][T10750] XFS (loop6): Ending clean mount
[  287.322405][ T9831] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.590092][T10765] loop1: detected capacity change from 0 to 32768
[  287.789358][T10780] loop7: detected capacity change from 0 to 2048
[  287.811584][T10781] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  287.928319][T10781] NILFS (loop7): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  287.934134][T10783] loop6: detected capacity change from 0 to 1024
[  287.971210][T10781] NILFS error (device loop7): nilfs_bmap_propagate: broken bmap (inode number=4)
[  288.017190][T10781] Remounting filesystem read-only
[  288.045619][ T9968] NILFS (loop7): discard dirty page: offset=0, ino=5
[  288.052351][ T9968] NILFS (loop7): discard dirty block: blocknr=41, size=1024
[  288.071321][T10783] hfsplus: bad catalog entry type
[  288.076540][ T9968] NILFS (loop7): discard dirty block: blocknr=18446744073709551615, size=1024
[  288.093168][ T9968] NILFS (loop7): discard dirty block: blocknr=18446744073709551615, size=1024
[  288.102080][ T9968] NILFS (loop7): discard dirty block: blocknr=18446744073709551615, size=1024
[  288.137820][ T9968] NILFS (loop7): discard dirty page: offset=0, ino=4
[  288.146130][ T9968] NILFS (loop7): discard dirty block: blocknr=40, size=1024
[  288.154349][ T6103] hfsplus: b-tree write err: -5, ino 4
[  288.160272][ T9968] NILFS (loop7): discard dirty block: blocknr=18446744073709551615, size=1024
[  288.181857][ T9968] NILFS (loop7): discard dirty block: blocknr=18446744073709551615, size=1024
[  288.202935][ T9968] NILFS (loop7): discard dirty block: blocknr=18446744073709551615, size=1024
[  288.551895][T10805] loop6: detected capacity change from 0 to 2048
[  288.586289][T10805] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.717230][T10816] loop7: detected capacity change from 0 to 2048
[  288.739355][ T9831] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.764971][T10816] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.801402][T10816] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.865686][   T28] audit: type=1800 audit(2000000056.340:294): pid=10816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1919" name="file0" dev="loop7" ino=13 res=0 errno=0
[  288.966651][T10824] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1922'.
[  289.011247][T10824] bond_slave_0: entered promiscuous mode
[  289.017451][T10824] bond_slave_1: entered promiscuous mode
[  289.059879][T10824] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  289.083998][T10824] bond_slave_0: left promiscuous mode
[  289.089515][T10824] bond_slave_1: left promiscuous mode
[  289.158251][T10827] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1925'.
[  289.473807][T10836] netlink: 'syz.1.1929': attribute type 1 has an invalid length.
[  289.673328][T10843] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  289.683097][T10843] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  289.691836][T10843] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  289.701204][T10843] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  289.701446][T10816] fs-verity (loop7, inode 13): Error -4 building Merkle tree
[  289.753183][T10843] vxlan0: entered promiscuous mode
[  289.758441][T10843] vxlan0: entered allmulticast mode
[  289.806929][ T9968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.954353][T10851] loop6: detected capacity change from 0 to 40427
[  290.975961][T10851] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x7ffff
[  291.036023][T10851] F2FS-fs (loop6): invalid crc value
[  291.055701][T10851] F2FS-fs (loop6): Found nat_bits in checkpoint
[  291.183772][T10851] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  291.363496][ T9831] syz-executor: attempt to access beyond end of device
[  291.363496][ T9831] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.421277][ T9831] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  291.438797][T10865] vlan0: entered allmulticast mode
[  291.458370][T10865] veth1: entered allmulticast mode
[  292.071048][T10862] loop7: detected capacity change from 0 to 40427
[  292.102883][T10862] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  292.110689][T10862] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  292.178411][T10862] F2FS-fs (loop7): Found nat_bits in checkpoint
[  292.224750][T10881] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  292.253890][T10881] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  292.272898][T10881] bridge_slave_0: default FDB implementation only supports local addresses
[  292.317896][T10862] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  292.332979][T10862] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  293.127403][T10888] loop6: detected capacity change from 0 to 32768
[  293.174302][T10888] (syz.6.1949,10888,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  293.203563][T10888] (syz.6.1949,10888,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  293.219589][T10906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1958'.
[  293.275179][T10888] JBD2: Ignoring recovery information on journal
[  293.365466][T10888] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  293.683152][ T5839] usb 8-1: new low-speed USB device number 3 using dummy_hcd
[  293.727840][T10888] syz.6.1949 (10888) used greatest stack depth: 18736 bytes left
[  293.838877][ T9831] ocfs2: Unmounting device (7,6) on (node local)
[  293.904860][ T5839] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  293.925905][ T5839] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  293.963985][ T5839] usb 8-1: New USB device found, idVendor=046d, idProduct=c52f, bcdDevice= 0.00
[  293.982971][ T5839] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.005310][ T5839] usb 8-1: config 0 descriptor??
[  294.015808][ T5839] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  294.234297][ T5839] usb 8-1: USB disconnect, device number 3
[  294.303576][T10940] loop6: detected capacity change from 0 to 4096
[  294.311850][T10940] ntfs3: loop6: Different NTFS sector size (1024) and media sector size (512).
[  294.663962][T10952] loop6: detected capacity change from 0 to 2048
[  294.680143][T10952] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=3932051, location=3932051
[  294.704380][T10952] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  294.710851][T10956] netlink: 'syz.0.1978': attribute type 21 has an invalid length.
[  294.736863][T10956] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1978'.
[  294.744640][   T28] audit: type=1800 audit(2000000062.210:295): pid=10952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1977" name="bus" dev="loop6" ino=1367 res=0 errno=0
[  294.761918][T10956] netlink: 'syz.0.1978': attribute type 21 has an invalid length.
[  294.811863][T10956] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1978'.
[  295.387994][T10971] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1986'.
[  295.483510][T10961] loop6: detected capacity change from 0 to 32768
[  295.496338][T10961] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.1980 (10961)
[  295.527247][T10961] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  295.556216][T10961] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  295.568423][T10961] BTRFS info (device loop6): turning on sync discard
[  295.575497][T10961] BTRFS info (device loop6): enabling ssd optimizations
[  295.588199][T10961] BTRFS info (device loop6): using spread ssd allocation scheme
[  295.600150][T10961] BTRFS info (device loop6): doing ref verification
[  295.611809][T10961] BTRFS info (device loop6): force clearing of disk cache
[  295.632909][T10961] BTRFS info (device loop6): setting nodatacow, compression disabled
[  295.641082][T10961] BTRFS info (device loop6): doing ref verification
[  295.653309][T10961] BTRFS info (device loop6): using free space tree
[  295.729308][T10985] loop7: detected capacity change from 0 to 512
[  295.745222][T10961] BTRFS info (device loop6): rebuilding free space tree
[  295.779256][T10985] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -13
[  295.798220][T10985] EXT4-fs error (device loop7): ext4_orphan_get:1399: inode #13: comm syz.7.1988: iget: bad i_size value: 12154757448730
[  295.821030][T10985] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.1988: couldn't read orphan inode 13 (err -117)
[  295.841559][T10985] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.990363][ T9968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.057380][ T9831] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  296.460793][T11012] loop7: detected capacity change from 0 to 512
[  296.476333][T11012] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  296.517680][T11014] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2000'.
[  296.524483][T11012] EXT4-fs (loop7): 1 truncate cleaned up
[  296.534652][T11012] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.564212][T11014] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2000'.
[  296.573607][T11012] EXT4-fs error (device loop7): ext4_get_verity_descriptor_location:298: inode #15: comm syz.7.1999: verity file has no extents
[  296.615664][T11012] EXT4-fs (loop7): Remounting filesystem read-only
[  296.637174][T11012] fs-verity (loop7, inode 15): Error -117 getting verity descriptor size
[  296.731735][ T9968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.940758][T11029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2006'.
[  297.086231][T11040] loop6: detected capacity change from 0 to 256
[  297.302994][    T8] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  297.473102][ T5777] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  297.504820][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  297.525442][    T8] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  297.541315][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.553115][    T8] usb 2-1: config 0 descriptor??
[  297.683196][ T5777] usb 8-1: Using ep0 maxpacket: 16
[  297.693461][ T5777] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  297.704974][ T5777] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  297.719563][ T5777] usb 8-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[  297.728816][ T5777] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.737009][ T5873] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  297.748033][ T5777] usb 8-1: config 0 descriptor??
[  297.948653][ T5873] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  297.973749][ T5873] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.994485][ T5873] usb 7-1: config 0 descriptor??
[  298.000902][    T8] koneplus 0003:1E7D:2E22.000B: hidraw0: USB HID vff.fe Device [HID 1e7d:2e22] on usb-dummy_hcd.1-1/input0
[  298.014416][ T5873] cp210x 7-1:0.0: cp210x converter detected
[  298.196567][ T5777] logitech 0003:046D:C623.000C: item fetching failed at offset 8/69
[  298.231391][ T5777] logitech 0003:046D:C623.000C: parse failed
[  298.244328][ T5777] logitech: probe of 0003:046D:C623.000C failed with error -22
[  298.433773][ T5873] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32
[  298.466973][ T5873] usb 7-1: cp210x converter now attached to ttyUSB0
[  298.483095][ T5873] usb 8-1: USB disconnect, device number 4
[  298.494777][ T5839] usb 2-1: USB disconnect, device number 18
[  298.615030][T11056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2018'.
[  298.628964][T11056] bond_slave_0: entered promiscuous mode
[  298.634727][T11056] bond_slave_1: entered promiscuous mode
[  298.641804][T11056] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  298.651049][T11056] bond_slave_0: left promiscuous mode
[  298.656583][T11056] bond_slave_1: left promiscuous mode
[  298.701451][ T5847] usb 7-1: USB disconnect, device number 4
[  298.717155][ T5847] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  298.732523][ T5847] cp210x 7-1:0.0: device disconnected
[  299.102298][T11060] loop7: detected capacity change from 0 to 2048
[  299.122946][ T5873] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  299.134971][T11060] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.222995][ T9968] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  299.291168][ T9968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.323557][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.342206][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.354049][ T5873] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  299.382342][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.410754][ T5873] usb 1-1: config 0 descriptor??
[  299.531874][T11074] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  299.928144][T11070] loop6: detected capacity change from 0 to 40427
[  299.949014][T11070] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  299.984193][T11070] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  300.001636][T11070] F2FS-fs (loop6): Found nat_bits in checkpoint
[  300.143753][T11070] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  300.151023][T11070] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  300.259606][ T5873] hid-led: probe of 0003:0FC5:B080.000D failed with error -71
[  300.274033][ T5873] usb 1-1: USB disconnect, device number 15
[  300.981278][T11113] syzkaller1: tun_chr_ioctl cmd 2148553947
[  301.263691][T11120] cgroup: fork rejected by pids controller in /syz6
[  301.288963][T11107] loop7: detected capacity change from 0 to 32768
[  301.302856][T11107] XFS: noikeep mount option is deprecated.
[  301.368040][T11107] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  301.517689][T11107] XFS (loop7): Ending clean mount
[  301.582473][T11107] XFS (loop7): Quotacheck needed: Please wait.
[  301.657663][T11107] XFS (loop7): Quotacheck: Done.
[  301.718301][ T9968] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  302.099932][   T11] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  302.153095][   T11] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.475825][   T11] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  302.511975][   T11] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.704831][   T11] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  302.730940][   T11] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.774774][T11161] sch_fq: defrate 6 ignored.
[  302.899383][   T11] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  302.919127][   T11] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.117315][   T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  303.128756][   T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  303.163176][   T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  303.182552][   T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  303.183722][T11167] loop1: detected capacity change from 0 to 4096
[  303.225424][   T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  303.233908][   T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  303.252373][T11173] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2064'.
[  303.264206][T11173] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2064'.
[  303.523850][T11178] smc: net device bond0 applied user defined pnetid SYZ2
[  303.533080][T11178] smc: net device bond0 erased user defined pnetid SYZ2
[  304.276603][T11182] loop1: detected capacity change from 0 to 32768
[  304.294405][T11182] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.2068 (11182)
[  304.333877][T11182] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  304.353608][T11182] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  304.369243][T11170] chnl_net:caif_netlink_parms(): no params data found
[  304.392626][T11182] BTRFS info (device loop1): force clearing of disk cache
[  304.404556][T11182] BTRFS info (device loop1): enabling auto defrag
[  304.413781][T11182] BTRFS info (device loop1): max_inline at 0
[  304.420674][T11182] BTRFS info (device loop1): enabling disk space caching
[  304.428188][T11182] BTRFS info (device loop1): disk space caching is enabled
[  304.476895][T11203] loop7: detected capacity change from 0 to 128
[  304.506164][T11203] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  304.522976][T11203] ext4 filesystem being mounted at /114/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  304.593825][T11182] BTRFS info (device loop1): enabling ssd optimizations
[  304.621339][T11182] BTRFS info (device loop1): rebuilding free space tree
[  304.684425][ T9968] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  304.712066][T11182] BTRFS info (device loop1): disabling free space tree
[  304.745199][T11182] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  304.755289][T11182] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  304.906143][T11170] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.923009][T11170] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.935294][T11170] bridge_slave_0: entered allmulticast mode
[  304.951515][T11170] bridge_slave_0: entered promiscuous mode
[  304.982737][T11170] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.994670][T11170] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.001928][T11170] bridge_slave_1: entered allmulticast mode
[  305.009667][T11170] bridge_slave_1: entered promiscuous mode
[  305.038726][ T5785] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  305.092767][   T11] hsr_slave_0: left promiscuous mode
[  305.161717][   T11] hsr_slave_1: left promiscuous mode
[  305.182097][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.220479][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.232608][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.256983][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.290722][   T11] bridge_slave_1: left allmulticast mode
[  305.304066][   T50] Bluetooth: hci3: command tx timeout
[  305.307357][   T11] bridge_slave_1: left promiscuous mode
[  305.345411][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.386491][   T11] bridge_slave_0: left allmulticast mode
[  305.406886][   T11] bridge_slave_0: left promiscuous mode
[  305.412712][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.590502][   T11] veth1_macvtap: left promiscuous mode
[  305.596935][   T11] veth0_macvtap: left promiscuous mode
[  305.602734][   T11] veth1_vlan: left promiscuous mode
[  305.608407][   T11] veth0_vlan: left promiscuous mode
[  306.497758][   T11] team0 (unregistering): Port device team_slave_1 removed
[  306.552691][   T11] team0 (unregistering): Port device team_slave_0 removed
[  306.614674][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  306.679411][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  307.312057][   T11] bond0 (unregistering): Released all slaves
[  307.373137][   T50] Bluetooth: hci3: command tx timeout
[  307.455483][T11170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  307.514656][T11170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.610638][T11170] team0: Port device team_slave_0 added
[  307.645267][T11170] team0: Port device team_slave_1 added
[  307.698689][T11170] batman_adv: batadv0: Adding interface: batadv_slave_0
[  307.707052][T11170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.733518][T11170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  307.749029][T11170] batman_adv: batadv0: Adding interface: batadv_slave_1
[  307.764062][T11170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.802303][T11170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  307.813542][ T5839] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  307.860078][T11170] hsr_slave_0: entered promiscuous mode
[  307.875889][T11170] hsr_slave_1: entered promiscuous mode
[  307.885140][T11170] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  307.894264][ T5847] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  307.903985][T11170] Cannot create hsr debugfs directory
[  308.023312][ T5839] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  308.041034][ T5839] usb 2-1: config 0 has no interface number 0
[  308.050428][ T5839] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  308.061384][ T5839] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.077619][ T5839] usb 2-1: Product: syz
[  308.081874][ T5839] usb 2-1: Manufacturer: syz
[  308.089390][ T5847] usb 8-1: Using ep0 maxpacket: 32
[  308.095770][ T5839] usb 2-1: SerialNumber: syz
[  308.108498][ T5847] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  308.119127][ T5847] usb 8-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[  308.130064][ T5839] usb 2-1: config 0 descriptor??
[  308.135407][ T5847] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.149292][ T5847] usb 8-1: config 0 descriptor??
[  308.159906][ T5847] usb 8-1: bad CDC descriptors
[  308.359348][ T5839] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  308.382570][ T5847] usb 8-1: USB disconnect, device number 5
[  308.405853][ T5839] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  308.421673][ T5839] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  308.430078][ T5839] usb 2-1: media controller created
[  308.460810][T11170] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  308.465120][ T5839] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  308.483815][T11170] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  308.506858][T11170] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  308.527109][T11170] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  308.591251][T11257] smc: net device bond0 applied user defined pnetid SYZ2
[  308.600744][T11257] smc: net device bond0 erased user defined pnetid SYZ2
[  308.659185][T11170] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.695643][T11170] 8021q: adding VLAN 0 to HW filter on device team0
[  308.721827][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.729057][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.751166][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.758387][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.859295][T11261] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2091'.
[  309.086281][T11267] autofs4:pid:11267:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(0.0), cmd(0xc0189379)
[  309.115841][T11267] autofs4:pid:11267:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189379)
[  309.282040][T11170] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.458297][T11276] mac80211_hwsim hwsim18 wlan0: entered promiscuous mode
[  309.460177][   T50] Bluetooth: hci3: command tx timeout
[  309.481796][T11276] macsec1: entered promiscuous mode
[  309.501463][T11276] macsec1: entered allmulticast mode
[  309.513933][T11276] mac80211_hwsim hwsim18 wlan0: entered allmulticast mode
[  309.616821][ T5839] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  309.713367][ T5839] usb 2-1: USB disconnect, device number 19
[  309.888983][T11170] veth0_vlan: entered promiscuous mode
[  309.929346][T11170] veth1_vlan: entered promiscuous mode
[  309.979881][T11170] veth0_macvtap: entered promiscuous mode
[  310.004804][T11170] veth1_macvtap: entered promiscuous mode
[  310.046305][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.058299][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.069493][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.080305][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.090723][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.101812][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.113657][T11170] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.128942][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.139535][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.151222][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.172534][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.184234][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  310.205990][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.222600][T11170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  310.263118][T11170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.287544][T11170] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.312299][T11170] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.313215][ T5847] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  310.324129][T11170] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.339138][T11170] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.348869][T11170] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.513048][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.520916][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.553092][ T5847] usb 1-1: Using ep0 maxpacket: 16
[  310.571951][ T5847] usb 1-1: config 0 interface 0 has no altsetting 0
[  310.588228][ T6103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.604526][ T5847] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  310.614294][ T6103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.634857][ T5847] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.665169][ T5847] usb 1-1: config 0 descriptor??
[  310.913085][T11316] netlink: 'syz.6.2110': attribute type 1 has an invalid length.
[  311.039286][T11305] loop1: detected capacity change from 0 to 32768
[  311.112955][T11305] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  311.252003][T11305] (syz.1.2106,11305,1):ocfs2_rename:1284 ERROR: status = -2
[  311.263159][T11305] (syz.1.2106,11305,1):ocfs2_rename:1690 ERROR: status = -2
[  311.293170][T11325] loop6: detected capacity change from 0 to 64
[  311.364956][    T8] usb 1-1: USB disconnect, device number 16
[  311.406522][ T5785] ocfs2: Unmounting device (7,1) on (node local)
[  311.539353][   T50] Bluetooth: hci3: command tx timeout
[  311.768590][T11338] sp0: Synchronizing with TNC
[  311.798906][ T6103] 
[  311.801261][ T6103] =====================================================
[  311.808207][ T6103] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[  311.815678][ T6103] 6.6.96-syzkaller #0 Not tainted
[  311.820709][ T6103] -----------------------------------------------------
[  311.827667][ T6103] kworker/u4:8/6103 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  311.835493][ T6103] ffffffff8d7d9218 (disc_data_lock){.+.+}-{2:2}, at: sixpack_write_wakeup+0x30/0x480
[  311.845020][ T6103] 
[  311.845020][ T6103] and this task is already holding:
[  311.852379][ T6103] ffffffff971d60b8 (&port_lock_key){-.-.}-{2:2}, at: uart_write+0xfb/0x5d0
[  311.861001][ T6103] which would create a new lock dependency:
[  311.867231][ T6103]  (&port_lock_key){-.-.}-{2:2} -> (disc_data_lock){.+.+}-{2:2}
[  311.874886][ T6103] 
[  311.874886][ T6103] but this new dependency connects a HARDIRQ-irq-safe lock:
[  311.884322][ T6103]  (&port_lock_key){-.-.}-{2:2}
[  311.884340][ T6103] 
[  311.884340][ T6103] ... which became HARDIRQ-irq-safe at:
[  311.896896][ T6103]   lock_acquire+0x197/0x410
[  311.901486][ T6103]   _raw_spin_lock_irqsave+0xa8/0xf0
[  311.906781][ T6103]   serial8250_handle_irq+0x7a/0x6e0
[  311.912069][ T6103]   serial8250_default_handle_irq+0xb8/0x1a0
[  311.918055][ T6103]   serial8250_interrupt+0x9f/0x1c0
[  311.923291][ T6103]   __handle_irq_event_percpu+0x276/0x930
[  311.929035][ T6103]   handle_irq_event+0x8b/0x1e0
[  311.933999][ T6103]   handle_edge_irq+0x247/0xb30
[  311.938850][ T6103]   __common_interrupt+0x13b/0x230
[  311.943957][ T6103]   common_interrupt+0xb4/0xd0
[  311.948746][ T6103]   asm_common_interrupt+0x26/0x40
[  311.953856][ T6103]   _raw_spin_unlock_irqrestore+0xa9/0x110
[  311.959662][ T6103]   uart_write+0x45b/0x5d0
[  311.964158][ T6103]   n_tty_write+0xd27/0x11d0
[  311.968758][ T6103]   file_tty_write+0x54b/0x980
[  311.973514][ T6103]   vfs_write+0x43b/0x940
[  311.977879][ T6103]   ksys_write+0x147/0x250
[  311.982284][ T6103]   do_syscall_64+0x55/0xb0
[  311.986782][ T6103]   entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.992756][ T6103] 
[  311.992756][ T6103] to a HARDIRQ-irq-unsafe lock:
[  311.999764][ T6103]  (disc_data_lock){.+.+}-{2:2}
[  311.999785][ T6103] 
[  311.999785][ T6103] ... which became HARDIRQ-irq-unsafe at:
[  312.012490][ T6103] ...
[  312.012495][ T6103]   lock_acquire+0x197/0x410
[  312.019652][ T6103]   _raw_read_lock+0x36/0x50
[  312.024246][ T6103]   sixpack_receive_buf+0x59/0x1360
[  312.029459][ T6103]   tty_ldisc_receive_buf+0x117/0x160
[  312.034834][ T6103]   tty_port_default_receive_buf+0x6e/0xa0
[  312.040646][ T6103]   flush_to_ldisc+0x2f2/0x830
[  312.045430][ T6103]   process_scheduled_works+0xa45/0x15b0
[  312.051072][ T6103]   worker_thread+0xa55/0xfc0
[  312.055760][ T6103]   kthread+0x2fa/0x390
[  312.059916][ T6103]   ret_from_fork+0x48/0x80
[  312.064419][ T6103]   ret_from_fork_asm+0x11/0x20
[  312.069272][ T6103] 
[  312.069272][ T6103] other info that might help us debug this:
[  312.069272][ T6103] 
[  312.079504][ T6103]  Possible interrupt unsafe locking scenario:
[  312.079504][ T6103] 
[  312.087812][ T6103]        CPU0                    CPU1
[  312.093167][ T6103]        ----                    ----
[  312.098516][ T6103]   lock(disc_data_lock);
[  312.102846][ T6103]                                local_irq_disable();
[  312.109587][ T6103]                                lock(&port_lock_key);
[  312.116426][ T6103]                                lock(disc_data_lock);
[  312.123266][ T6103]   <Interrupt>
[  312.126705][ T6103]     lock(&port_lock_key);
[  312.131202][ T6103] 
[  312.131202][ T6103]  *** DEADLOCK ***
[  312.131202][ T6103] 
[  312.139346][ T6103] 6 locks held by kworker/u4:8/6103:
[  312.144628][ T6103]  #0: ffff888017871538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  312.156302][ T6103]  #1: ffffc90003527d00 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  312.167968][ T6103]  #2: ffff888020ff0ce8 (&buf->lock){+.+.}-{3:3}, at: flush_to_ldisc+0x38/0x830
[  312.177122][ T6103]  #3: ffff8880778150a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x80
[  312.186469][ T6103]  #4: ffffffff971d60b8 (&port_lock_key){-.-.}-{2:2}, at: uart_write+0xfb/0x5d0
[  312.195529][ T6103]  #5: ffff8880778150a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x80
[  312.204842][ T6103] 
[  312.204842][ T6103] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[  312.215240][ T6103] -> (&port_lock_key){-.-.}-{2:2} {
[  312.220456][ T6103]    IN-HARDIRQ-W at:
[  312.224470][ T6103]                     lock_acquire+0x197/0x410
[  312.230641][ T6103]                     _raw_spin_lock_irqsave+0xa8/0xf0
[  312.237501][ T6103]                     serial8250_handle_irq+0x7a/0x6e0
[  312.244370][ T6103]                     serial8250_default_handle_irq+0xb8/0x1a0
[  312.251930][ T6103]                     serial8250_interrupt+0x9f/0x1c0
[  312.258692][ T6103]                     __handle_irq_event_percpu+0x276/0x930
[  312.265980][ T6103]                     handle_irq_event+0x8b/0x1e0
[  312.272391][ T6103]                     handle_edge_irq+0x247/0xb30
[  312.278799][ T6103]                     __common_interrupt+0x13b/0x230
[  312.285485][ T6103]                     common_interrupt+0xb4/0xd0
[  312.291815][ T6103]                     asm_common_interrupt+0x26/0x40
[  312.298484][ T6103]                     _raw_spin_unlock_irqrestore+0xa9/0x110
[  312.305854][ T6103]                     uart_write+0x45b/0x5d0
[  312.311875][ T6103]                     n_tty_write+0xd27/0x11d0
[  312.318044][ T6103]                     file_tty_write+0x54b/0x980
[  312.324372][ T6103]                     vfs_write+0x43b/0x940
[  312.330289][ T6103]                     ksys_write+0x147/0x250
[  312.336265][ T6103]                     do_syscall_64+0x55/0xb0
[  312.342344][ T6103]                     entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.349890][ T6103]    IN-SOFTIRQ-W at:
[  312.353958][ T6103]                     lock_acquire+0x197/0x410
[  312.360112][ T6103]                     _raw_spin_lock_irqsave+0xa8/0xf0
[  312.366957][ T6103]                     serial8250_console_write+0x16d/0x17a0
[  312.374241][ T6103]                     console_flush_all+0x6cd/0xd00
[  312.380926][ T6103]                     console_unlock+0xae/0x340
[  312.387174][ T6103]                     vprintk_emit+0x477/0x600
[  312.393498][ T6103]                     dev_vprintk_emit+0x338/0x3e0
[  312.399996][ T6103]                     dev_printk_emit+0xe1/0x130
[  312.406323][ T6103]                     _dev_err+0x10b/0x160
[  312.412754][ T6103]                     __usb_hcd_giveback_urb+0x35f/0x520
[  312.419805][ T6103]                     dummy_timer+0x8a3/0x31b0
[  312.426057][ T6103]                     __hrtimer_run_queues+0x51e/0xc40
[  312.432910][ T6103]                     hrtimer_run_softirq+0x187/0x2b0
[  312.439672][ T6103]                     handle_softirqs+0x280/0x820
[  312.446079][ T6103]                     __irq_exit_rcu+0xc7/0x190
[  312.452436][ T6103]                     irq_exit_rcu+0x9/0x20
[  312.458346][ T6103]                     sysvec_apic_timer_interrupt+0xa4/0xc0
[  312.465626][ T6103]                     asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  312.473338][ T6103]                     _raw_spin_unlock_irqrestore+0xa9/0x110
[  312.480706][ T6103]                     usb_hcd_unlink_urb+0xae/0x1c0
[  312.487384][ T6103]                     usb_kill_urb+0x10d/0x2f0
[  312.493561][ T6103]                     usbtouch_close+0xb5/0x1c0
[  312.499805][ T6103]                     input_close_device+0x123/0x1d0
[  312.506490][ T6103]                     mousedev_close_device+0x90/0xd0
[  312.513262][ T6103]                     mousedev_release+0x16d/0x180
[  312.519755][ T6103]                     __fput+0x234/0x970
[  312.525378][ T6103]                     __se_sys_close+0x15f/0x220
[  312.531696][ T6103]                     do_syscall_64+0x55/0xb0
[  312.537772][ T6103]                     entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.545305][ T6103]    INITIAL USE at:
[  312.549188][ T6103]                    lock_acquire+0x197/0x410
[  312.555269][ T6103]                    _raw_spin_lock_irqsave+0xa8/0xf0
[  312.562028][ T6103]                    serial8250_do_set_termios+0x548/0x17e0
[  312.569313][ T6103]                    uart_set_options+0x3bc/0x5b0
[  312.575724][ T6103]                    serial8250_console_setup+0x2d2/0x3a0
[  312.582834][ T6103]                    univ8250_console_setup+0x3c4/0x480
[  312.589779][ T6103]                    try_enable_preferred_console+0x48a/0x600
[  312.597237][ T6103]                    register_console+0x3be/0xe60
[  312.603656][ T6103]                    univ8250_console_init+0x45/0x50
[  312.610337][ T6103]                    console_init+0x17b/0x5e0
[  312.616675][ T6103]                    start_kernel+0x2c0/0x4e0
[  312.622825][ T6103]                    x86_64_start_reservations+0x2a/0x30
[  312.629852][ T6103]                    copy_bootdata+0x0/0xe0
[  312.635783][ T6103]                    secondary_startup_64_no_verify+0x179/0x17b
[  312.643505][ T6103]  }
[  312.646177][ T6103]  ... key      at: [<ffffffff971d54c0>] port_lock_key+0x0/0x20
[  312.653811][ T6103] 
[  312.653811][ T6103] the dependencies between the lock to be acquired
[  312.653819][ T6103]  and HARDIRQ-irq-unsafe lock:
[  312.667601][ T6103] -> (disc_data_lock){.+.+}-{2:2} {
[  312.672814][ T6103]    HARDIRQ-ON-R at:
[  312.676985][ T6103]                     lock_acquire+0x197/0x410
[  312.683138][ T6103]                     _raw_read_lock+0x36/0x50
[  312.689397][ T6103]                     sixpack_receive_buf+0x59/0x1360
[  312.696339][ T6103]                     tty_ldisc_receive_buf+0x117/0x160
[  312.703270][ T6103]                     tty_port_default_receive_buf+0x6e/0xa0
[  312.710634][ T6103]                     flush_to_ldisc+0x2f2/0x830
[  312.716951][ T6103]                     process_scheduled_works+0xa45/0x15b0
[  312.724159][ T6103]                     worker_thread+0xa55/0xfc0
[  312.730390][ T6103]                     kthread+0x2fa/0x390
[  312.736100][ T6103]                     ret_from_fork+0x48/0x80
[  312.742176][ T6103]                     ret_from_fork_asm+0x11/0x20
[  312.748583][ T6103]    SOFTIRQ-ON-R at:
[  312.752642][ T6103]                     lock_acquire+0x197/0x410
[  312.758794][ T6103]                     _raw_read_lock+0x36/0x50
[  312.764951][ T6103]                     sixpack_receive_buf+0x59/0x1360
[  312.771706][ T6103]                     tty_ldisc_receive_buf+0x117/0x160
[  312.778822][ T6103]                     tty_port_default_receive_buf+0x6e/0xa0
[  312.786201][ T6103]                     flush_to_ldisc+0x2f2/0x830
[  312.792697][ T6103]                     process_scheduled_works+0xa45/0x15b0
[  312.800245][ T6103]                     worker_thread+0xa55/0xfc0
[  312.806478][ T6103]                     kthread+0x2fa/0x390
[  312.812191][ T6103]                     ret_from_fork+0x48/0x80
[  312.818263][ T6103]                     ret_from_fork_asm+0x11/0x20
[  312.824789][ T6103]    INITIAL USE at:
[  312.828690][ T6103]                    lock_acquire+0x197/0x410
[  312.834760][ T6103]                    _raw_write_lock_irq+0xa3/0xe0
[  312.841357][ T6103]                    sixpack_close+0x2c/0x2a0
[  312.847430][ T6103]                    tty_ldisc_kill+0xa3/0x1a0
[  312.853668][ T6103]                    tty_ldisc_release+0x1a4/0x200
[  312.860258][ T6103]                    tty_release_struct+0x2a/0xd0
[  312.866777][ T6103]                    tty_release+0xc79/0x1610
[  312.872866][ T6103]                    __fput+0x234/0x970
[  312.878502][ T6103]                    task_work_run+0x1ce/0x250
[  312.884659][ T6103]                    exit_to_user_mode_loop+0xe6/0x110
[  312.891507][ T6103]                    exit_to_user_mode_prepare+0xb1/0x140
[  312.898617][ T6103]                    syscall_exit_to_user_mode+0x1a/0x50
[  312.905631][ T6103]                    do_syscall_64+0x61/0xb0
[  312.911603][ T6103]                    entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.919263][ T6103]    INITIAL READ USE at:
[  312.923624][ T6103]                         lock_acquire+0x197/0x410
[  312.930118][ T6103]                         _raw_read_lock+0x36/0x50
[  312.936611][ T6103]                         sixpack_receive_buf+0x59/0x1360
[  312.943715][ T6103]                         tty_ldisc_receive_buf+0x117/0x160
[  312.951091][ T6103]                         tty_port_default_receive_buf+0x6e/0xa0
[  312.958929][ T6103]                         flush_to_ldisc+0x2f2/0x830
[  312.965602][ T6103]                         process_scheduled_works+0xa45/0x15b0
[  312.973500][ T6103]                         worker_thread+0xa55/0xfc0
[  312.980082][ T6103]                         kthread+0x2fa/0x390
[  312.986140][ T6103]                         ret_from_fork+0x48/0x80
[  312.992553][ T6103]                         ret_from_fork_asm+0x11/0x20
[  312.999322][ T6103]  }
[  313.001816][ T6103]  ... key      at: [<ffffffff8d7d9218>] disc_data_lock+0x18/0x100
[  313.009913][ T6103]  ... acquired at:
[  313.013717][ T6103]    _raw_read_lock+0x36/0x50
[  313.018400][ T6103]    sixpack_write_wakeup+0x30/0x480
[  313.023689][ T6103]    tty_wakeup+0xb8/0x100
[  313.028106][ T6103]    tty_port_default_wakeup+0xa2/0xf0
[  313.033561][ T6103]    serial8250_tx_chars+0x6bd/0x8a0
[  313.038850][ T6103]    __start_tx+0x313/0x450
[  313.043355][ T6103]    __uart_start+0x23a/0x3e0
[  313.048025][ T6103]    uart_write+0x449/0x5d0
[  313.052519][ T6103]    sixpack_receive_buf+0x424/0x1360
[  313.057887][ T6103]    tty_ldisc_receive_buf+0x117/0x160
[  313.063337][ T6103]    tty_port_default_receive_buf+0x6e/0xa0
[  313.069239][ T6103]    flush_to_ldisc+0x2f2/0x830
[  313.074194][ T6103]    process_scheduled_works+0xa45/0x15b0
[  313.079920][ T6103]    worker_thread+0xa55/0xfc0
[  313.084686][ T6103]    kthread+0x2fa/0x390
[  313.088920][ T6103]    ret_from_fork+0x48/0x80
[  313.093500][ T6103]    ret_from_fork_asm+0x11/0x20
[  313.098522][ T6103] 
[  313.100846][ T6103] 
[  313.100846][ T6103] stack backtrace:
[  313.106731][ T6103] CPU: 0 PID: 6103 Comm: kworker/u4:8 Not tainted 6.6.96-syzkaller #0
[  313.114876][ T6103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.124936][ T6103] Workqueue: events_unbound flush_to_ldisc
[  313.130864][ T6103] Call Trace:
[  313.134166][ T6103]  <TASK>
[  313.137107][ T6103]  dump_stack_lvl+0x16c/0x230
[  313.141818][ T6103]  ? load_image+0x3b0/0x3b0
[  313.146339][ T6103]  ? show_regs_print_info+0x20/0x20
[  313.151545][ T6103]  ? load_image+0x3b0/0x3b0
[  313.156052][ T6103]  ? print_shortest_lock_dependencies+0xf4/0x160
[  313.162382][ T6103]  __lock_acquire+0x678f/0x7c80
[  313.167249][ T6103]  ? verify_lock_unused+0x140/0x140
[  313.172477][ T6103]  lock_acquire+0x197/0x410
[  313.176990][ T6103]  ? sixpack_write_wakeup+0x30/0x480
[  313.182291][ T6103]  ? read_lock_is_recursive+0x20/0x20
[  313.187713][ T6103]  ? tty_port_default_wakeup+0x9a/0xf0
[  313.193459][ T6103]  ? read_lock_is_recursive+0x20/0x20
[  313.198862][ T6103]  ? ldsem_down_read_trylock+0x138/0x1a0
[  313.204500][ T6103]  ? tty_ldisc_ref+0x1c/0x80
[  313.209089][ T6103]  ? __ldsem_down_read_nested+0x820/0x820
[  313.214826][ T6103]  ? sixpack_receive_buf+0x1360/0x1360
[  313.220387][ T6103]  _raw_read_lock+0x36/0x50
[  313.224899][ T6103]  ? sixpack_write_wakeup+0x30/0x480
[  313.230184][ T6103]  sixpack_write_wakeup+0x30/0x480
[  313.235296][ T6103]  ? sixpack_receive_buf+0x1360/0x1360
[  313.240755][ T6103]  tty_wakeup+0xb8/0x100
[  313.245090][ T6103]  tty_port_default_wakeup+0xa2/0xf0
[  313.250374][ T6103]  serial8250_tx_chars+0x6bd/0x8a0
[  313.255497][ T6103]  __start_tx+0x313/0x450
[  313.259829][ T6103]  __uart_start+0x23a/0x3e0
[  313.264342][ T6103]  uart_write+0x449/0x5d0
[  313.268672][ T6103]  sixpack_receive_buf+0x424/0x1360
[  313.273877][ T6103]  ? sixpack_ioctl+0x570/0x570
[  313.278641][ T6103]  tty_ldisc_receive_buf+0x117/0x160
[  313.283927][ T6103]  tty_port_default_receive_buf+0x6e/0xa0
[  313.289643][ T6103]  flush_to_ldisc+0x2f2/0x830
[  313.294324][ T6103]  ? process_scheduled_works+0x957/0x15b0
[  313.300041][ T6103]  process_scheduled_works+0xa45/0x15b0
[  313.305599][ T6103]  ? assign_work+0x400/0x400
[  313.310187][ T6103]  ? assign_work+0x39e/0x400
[  313.314775][ T6103]  worker_thread+0xa55/0xfc0
[  313.319365][ T6103]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  313.325377][ T6103]  ? _raw_spin_unlock+0x40/0x40
[  313.330247][ T6103]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  313.336155][ T6103]  kthread+0x2fa/0x390
[  313.340225][ T6103]  ? pr_cont_work+0x560/0x560
[  313.344995][ T6103]  ? kthread_blkcg+0xd0/0xd0
[  313.349586][ T6103]  ret_from_fork+0x48/0x80
[  313.354007][ T6103]  ? kthread_blkcg+0xd0/0xd0
[  313.358594][ T6103]  ret_from_fork_asm+0x11/0x20
[  313.363373][ T6103]  </TASK>
[  317.216048][ T1286] ieee802154 phy1 wpan1: encryption failed: -22