last executing test programs:

3m50.998997749s ago: executing program 2 (id=1357):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16=0x0, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4040400}, 0x4040084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x6}, {0xa, 0xffe0}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x12000000}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x2}]}}]}, 0x44}}, 0x20044055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m50.628386795s ago: executing program 2 (id=1361):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

3m48.840993488s ago: executing program 2 (id=1364):
socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)

3m37.149238416s ago: executing program 2 (id=1384):
socket$inet(0x10, 0x3, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
getdents(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x4001, 0x3, 0x288, 0x160, 0x0, 0x148, 0x0, 0x148, 0x1f0, 0x240, 0x240, 0x1f0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88, 0x1}, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@unspec=@time={{0x38}, {0x3, 0x76, 0xb75e, 0x5a3e, 0x4, 0x20}}, @common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x0, 0xffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8)

3m35.742818297s ago: executing program 2 (id=1385):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, r3, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)

3m34.880751576s ago: executing program 2 (id=1386):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)

3m18.144030798s ago: executing program 32 (id=1386):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)

2m50.440324937s ago: executing program 5 (id=1477):
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r0 = creat(&(0x7f0000000580)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x1}}, 0x40)

2m48.165697125s ago: executing program 5 (id=1479):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x5}, 0x18)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011, 0x7, 0x0, 0x0, 0x0, 0x2}})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0)
r5 = io_uring_setup(0x2f02, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[r5], 0x1)

2m45.864964546s ago: executing program 5 (id=1484):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x1)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r0, 0x1)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)

2m45.073908944s ago: executing program 5 (id=1487):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@remote, @in6=@remote, 0x0, 0x33, 0x0, 0x0, 0xa, 0x60, 0x10, 0x0, 0x0, 0xee01}, {0x0, 0x7f, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
unshare(0x400)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000340), 0x723000, 0x0)
preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
shutdown(r1, 0x1)
connect$bt_rfcomm(r1, &(0x7f0000005dc0)={0x1f, @any, 0x11}, 0xa)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000080)={@local}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000140001"], 0x30}, 0x1, 0x0, 0x0, 0x20044090}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x30000004}, 0x0)
close(0x4)

2m44.759918245s ago: executing program 5 (id=1489):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4814)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m44.486135995s ago: executing program 5 (id=1491):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)

2m28.63007732s ago: executing program 33 (id=1491):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)

1m21.663018989s ago: executing program 0 (id=1670):
mknodat(0xffffffffffffff9c, &(0x7f0000001cc0)='./file0\x00', 0x2, 0x80e2e8)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x34808521, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x8)
io_setup(0x202, &(0x7f0000000200)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r2, 0x0, 0x0, 0x3000000000000000}])

1m19.733792013s ago: executing program 6 (id=1673):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x5}, 0x18)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011, 0x7, 0x0, 0x0, 0x0, 0x2}})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)

1m17.838519044s ago: executing program 0 (id=1675):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, r4, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r4, 0x7}}, 0x48)

1m17.833497843s ago: executing program 6 (id=1676):
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe800000"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

1m17.127053538s ago: executing program 6 (id=1678):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20002)
r2 = fcntl$dupfd(r1, 0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r3}, &(0x7f0000000080), &(0x7f0000000280)=r4}, 0x20)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r4, r6, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0x7a, &(0x7f0000000580)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "bc4a06", 0x44, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0xd000000}}}, {0x8, 0x22eb, 0x200002, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x1}, 0x2, {0x3, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
ioctl$SG_IO(r2, 0x2279, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f00000002c0)=@other={'trylock', ' ', 'mem'}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r8, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800a2", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = mq_open(0x0, 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
mq_timedsend(r9, 0x0, 0x0, 0x5, 0x0)
ioctl$BTRFS_IOC_SCRUB(r7, 0xc400941b, &(0x7f0000000a00)={0x0, 0x7, 0x0, 0x1})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r9, &(0x7f00000003c0)=""/169, 0xa9, 0x200000000a9b, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX, @ANYRES8, @ANYRESHEX], 0x5, 0x25d, &(0x7f0000000f40)="$eJzs2s9rnEUcB+Dvm6a0pqQbf9uCOOhBvbw0OXtokBTEBUEboQrSt+aNLnndDXmXwIrYnBQ89ezJs3j0IAjSo5dc/As86CmXHHsQX0k2adMY0WKzG/R5Ljsw82HmnZkd5jBbr9z6aGV5MpaLfkxkWUxcjo24k8VMTMS+jXj5xWs/PvvWtXden2+3F95M6cr81dm5lNL5535495Nvnr/dP/f2t+e/PxObM+9tbc/9svnU5oWt369+2KlTp07dXj8V6Uav1y9uVGVa6tQreUq3qrKoy9Tp1uXaffXLVW91dZCK7tL01OpaWdep6A7SSjlI/V7qrw1S8UHR6aY8z9P0VPBvLH59p2liuzl9PZqmeeSrOHc7pn+OVmSPpuzxy9mT17OnN7IL203TGvdQORbW///twKF+NqL6fH1xfXH4O6yfX45OVFHGpWjFb7GzTfYMy1deay9cSrtm4rPq5l7+5vriqd38F/v52WjFzNH52WE+3Z8/E1MH+5/77rF44s/5X0+1F+aOzJ+Nl144kM+jFT+9H72oYil2svf6/3Q2pVffaB/KX9xtBwDwX5Onu468v+X5X9UP8w9wPzx0v5qMi5Pj/XYi6sHHK0VVlWsjKezsqX/QuDeC8WR7E/D3jZ+ZGNn8jKfw5ckYxjEVhudY3F3vh9zFQ/0Tnd7bkPsH4zinbgyHESN3b9HHPRIAAAAAAAAAAAAexKFHf63jeHI47m8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOtj8CAAD//13bww4=")
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x6c}}, 0x4000)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2, 0x190, 0x1, 0x2, 0xdd9f83, 0x3, 0x9, 0x1, 0x8, 0x8, 0x722, 0x15, 0xb, 0x80000002, 0x3f, 0xb763599953cb0919, {0xf56, 0x6fd8e84b}, 0x3, 0xed}})
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000000)={0x5, [0x8000, 0xfffa, 0x4a6, 0x8, 0x9, 0x7fff, 0x88a, 0x2, 0x400, 0x0, 0x400, 0x4, 0x1, 0x1, 0x1, 0xc, 0xf, 0xc, 0x1, 0x30c7, 0x6, 0x40, 0x7, 0x8, 0x1ff, 0x3, 0x12, 0xf, 0x3, 0x6, 0x2, 0x1, 0x40, 0xfc82, 0xf66, 0x0, 0x3, 0xc400, 0x1, 0x1000, 0xa, 0x29eb, 0x2, 0x400, 0xfff8, 0x9, 0x9, 0x1000], 0x5})

1m16.709397075s ago: executing program 0 (id=1679):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, 0x0, 0x0)
r2 = accept(r0, 0x0, 0x0)
shutdown(r1, 0x1)
shutdown(r2, 0x1)

1m16.134760986s ago: executing program 0 (id=1682):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
splice(r0, 0x0, r1, 0x0, 0x7c1c, 0x8)
socket$inet(0x2, 0xa, 0x7ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socket$inet6_tcp(0xa, 0x1, 0x0)
landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a3000000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xac800000}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)

1m12.797804053s ago: executing program 6 (id=1686):
mknodat(0xffffffffffffff9c, &(0x7f0000001cc0)='./file0\x00', 0x2, 0x80e2e8)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x34808521, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x8)
io_setup(0x202, &(0x7f0000000200)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r2, 0x0, 0x0, 0x3000000000000000}])

1m12.445692735s ago: executing program 0 (id=1687):
socket$inet(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/mdstat\x00', 0x1800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18)
getdents(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x4001, 0x3, 0x288, 0x160, 0x0, 0x148, 0x0, 0x148, 0x1f0, 0x240, 0x240, 0x1f0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88, 0x1}, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@unspec=@time={{0x38}, {0x3, 0x76, 0xb75e, 0x5a3e, 0x4, 0x20}}, @common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x0, 0xffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8)

1m9.84192723s ago: executing program 0 (id=1693):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, r4, 0x0, 0x2, 0x4}}, 0x20)

1m9.593231595s ago: executing program 6 (id=1695):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x181100)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0x2, 0x1, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f00000000c0)={<r9=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_FLINK(r8, 0xc008640a, &(0x7f0000000300)={r9})
syz_open_dev$dri(0x0, 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x1, 0xffff, 0xa, 0x1ff, 0x1})

1m7.333277882s ago: executing program 6 (id=1697):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20002)
r2 = fcntl$dupfd(r1, 0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r3}, &(0x7f0000000080), &(0x7f0000000280)=r4}, 0x20)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r4, r6, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0x7a, &(0x7f0000000580)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "bc4a06", 0x44, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0xd000000}}}, {0x8, 0x22eb, 0x200002, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x1}, 0x2, {0x3, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
ioctl$SG_IO(r2, 0x2279, 0x0)
r8 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0)
write$vga_arbiter(r8, &(0x7f00000002c0)=@other={'trylock', ' ', 'mem'}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800a2", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = mq_open(0x0, 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
mq_timedsend(r9, 0x0, 0x0, 0x5, 0x0)
ioctl$BTRFS_IOC_SCRUB(r7, 0xc400941b, &(0x7f0000000a00)={0x0, 0x7, 0x0, 0x1})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r9, &(0x7f00000003c0)=""/169, 0xa9, 0x200000000a9b, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX, @ANYRES8, @ANYRESHEX], 0x5, 0x25d, &(0x7f0000000f40)="$eJzs2s9rnEUcB+Dvm6a0pqQbf9uCOOhBvbw0OXtokBTEBUEboQrSt+aNLnndDXmXwIrYnBQ89ezJs3j0IAjSo5dc/As86CmXHHsQX0k2adMY0WKzG/R5Ljsw82HmnZkd5jBbr9z6aGV5MpaLfkxkWUxcjo24k8VMTMS+jXj5xWs/PvvWtXden2+3F95M6cr81dm5lNL5535495Nvnr/dP/f2t+e/PxObM+9tbc/9svnU5oWt369+2KlTp07dXj8V6Uav1y9uVGVa6tQreUq3qrKoy9Tp1uXaffXLVW91dZCK7tL01OpaWdep6A7SSjlI/V7qrw1S8UHR6aY8z9P0VPBvLH59p2liuzl9PZqmeeSrOHc7pn+OVmSPpuzxy9mT17OnN7IL203TGvdQORbW///twKF+NqL6fH1xfXH4O6yfX45OVFHGpWjFb7GzTfYMy1deay9cSrtm4rPq5l7+5vriqd38F/v52WjFzNH52WE+3Z8/E1MH+5/77rF44s/5X0+1F+aOzJ+Nl144kM+jFT+9H72oYil2svf6/3Q2pVffaB/KX9xtBwDwX5Onu468v+X5X9UP8w9wPzx0v5qMi5Pj/XYi6sHHK0VVlWsjKezsqX/QuDeC8WR7E/D3jZ+ZGNn8jKfw5ckYxjEVhudY3F3vh9zFQ/0Tnd7bkPsH4zinbgyHESN3b9HHPRIAAAAAAAAAAAAexKFHf63jeHI47m8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOtj8CAAD//13bww4=")
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x6c}}, 0x4000)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2, 0x190, 0x1, 0x2, 0xdd9f83, 0x3, 0x9, 0x1, 0x8, 0x8, 0x722, 0x15, 0xb, 0x80000002, 0x3f, 0xb763599953cb0919, {0xf56, 0x6fd8e84b}, 0x3, 0xed}})
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000000)={0x5, [0x8000, 0xfffa, 0x4a6, 0x8, 0x9, 0x7fff, 0x88a, 0x2, 0x400, 0x0, 0x400, 0x4, 0x1, 0x1, 0x1, 0xc, 0xf, 0xc, 0x1, 0x30c7, 0x6, 0x40, 0x7, 0x8, 0x1ff, 0x3, 0x12, 0xf, 0x3, 0x6, 0x2, 0x1, 0x40, 0xfc82, 0xf66, 0x0, 0x3, 0xc400, 0x1, 0x1000, 0xa, 0x29eb, 0x2, 0x400, 0xfff8, 0x9, 0x9, 0x1000], 0x5})

54.588126277s ago: executing program 34 (id=1693):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, r4, 0x0, 0x2, 0x4}}, 0x20)

51.796157906s ago: executing program 35 (id=1697):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20002)
r2 = fcntl$dupfd(r1, 0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r3}, &(0x7f0000000080), &(0x7f0000000280)=r4}, 0x20)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r4, r6, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0x7a, &(0x7f0000000580)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "bc4a06", 0x44, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0xd000000}}}, {0x8, 0x22eb, 0x200002, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x1}, 0x2, {0x3, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
ioctl$SG_IO(r2, 0x2279, 0x0)
r8 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0)
write$vga_arbiter(r8, &(0x7f00000002c0)=@other={'trylock', ' ', 'mem'}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800a2", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = mq_open(0x0, 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9})
mq_timedsend(r9, 0x0, 0x0, 0x5, 0x0)
ioctl$BTRFS_IOC_SCRUB(r7, 0xc400941b, &(0x7f0000000a00)={0x0, 0x7, 0x0, 0x1})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r9, &(0x7f00000003c0)=""/169, 0xa9, 0x200000000a9b, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX, @ANYRES8, @ANYRESHEX], 0x5, 0x25d, &(0x7f0000000f40)="$eJzs2s9rnEUcB+Dvm6a0pqQbf9uCOOhBvbw0OXtokBTEBUEboQrSt+aNLnndDXmXwIrYnBQ89ezJs3j0IAjSo5dc/As86CmXHHsQX0k2adMY0WKzG/R5Ljsw82HmnZkd5jBbr9z6aGV5MpaLfkxkWUxcjo24k8VMTMS+jXj5xWs/PvvWtXden2+3F95M6cr81dm5lNL5535495Nvnr/dP/f2t+e/PxObM+9tbc/9svnU5oWt369+2KlTp07dXj8V6Uav1y9uVGVa6tQreUq3qrKoy9Tp1uXaffXLVW91dZCK7tL01OpaWdep6A7SSjlI/V7qrw1S8UHR6aY8z9P0VPBvLH59p2liuzl9PZqmeeSrOHc7pn+OVmSPpuzxy9mT17OnN7IL203TGvdQORbW///twKF+NqL6fH1xfXH4O6yfX45OVFHGpWjFb7GzTfYMy1deay9cSrtm4rPq5l7+5vriqd38F/v52WjFzNH52WE+3Z8/E1MH+5/77rF44s/5X0+1F+aOzJ+Nl144kM+jFT+9H72oYil2svf6/3Q2pVffaB/KX9xtBwDwX5Onu468v+X5X9UP8w9wPzx0v5qMi5Pj/XYi6sHHK0VVlWsjKezsqX/QuDeC8WR7E/D3jZ+ZGNn8jKfw5ckYxjEVhudY3F3vh9zFQ/0Tnd7bkPsH4zinbgyHESN3b9HHPRIAAAAAAAAAAAAexKFHf63jeHI47m8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOtj8CAAD//13bww4=")
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x6c}}, 0x4000)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2, 0x190, 0x1, 0x2, 0xdd9f83, 0x3, 0x9, 0x1, 0x8, 0x8, 0x722, 0x15, 0xb, 0x80000002, 0x3f, 0xb763599953cb0919, {0xf56, 0x6fd8e84b}, 0x3, 0xed}})
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000000)={0x5, [0x8000, 0xfffa, 0x4a6, 0x8, 0x9, 0x7fff, 0x88a, 0x2, 0x400, 0x0, 0x400, 0x4, 0x1, 0x1, 0x1, 0xc, 0xf, 0xc, 0x1, 0x30c7, 0x6, 0x40, 0x7, 0x8, 0x1ff, 0x3, 0x12, 0xf, 0x3, 0x6, 0x2, 0x1, 0x40, 0xfc82, 0xf66, 0x0, 0x3, 0xc400, 0x1, 0x1000, 0xa, 0x29eb, 0x2, 0x400, 0xfff8, 0x9, 0x9, 0x1000], 0x5})

11.157245872s ago: executing program 4 (id=1787):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x5}, 0x18)
syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)

9.316333312s ago: executing program 4 (id=1791):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000000000008d}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x2a0601, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x1042, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
read$FUSE(r2, &(0x7f00000061c0)={0x2020}, 0x2020)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000140)={0x1d, 0x0, 0x3, {0x2, 0xff, 0x1}, 0xfe}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)=')\x80', 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0), 0x18)

7.241646667s ago: executing program 1 (id=1793):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r2, 0x1, 0x7}, 0x14)

7.133982711s ago: executing program 4 (id=1795):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4814)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r5, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

6.912274195s ago: executing program 3 (id=1796):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
splice(r0, 0x0, r1, 0x0, 0x7c1c, 0x8)
socket$inet(0x2, 0xa, 0x7ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x20}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xac800000}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mq_notify(0xffffffffffffffff, 0x0)

5.83371146s ago: executing program 1 (id=1797):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r3, 0x8b2a, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
r4 = semget$private(0x0, 0x4000000009, 0x0)
semop(r4, 0x0, 0x0)
semop(r4, &(0x7f0000000900)=[{0x2, 0x7f, 0x1800}], 0x1)
semop(r4, &(0x7f0000001400)=[{0x0, 0x200}], 0x1)

5.570163067s ago: executing program 4 (id=1798):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000000000008d}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x2a0601, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x1042, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
read$FUSE(r2, &(0x7f00000061c0)={0x2020}, 0x2020)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000140)={0x1d, r4, 0x3, {0x2, 0xff, 0x1}, 0xfe}, 0x18)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)=')\x80', 0x0)

4.461571605s ago: executing program 1 (id=1799):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002140)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=','])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000200), 0x0, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000004200)="9c7229b3b13ab2edd8ae742153edbde2f2b8580a32318f0e1c0ba0e4830ecd079784690876773e01b68af1b951109b96bc4828e91b62b25578a41a42d456d0ea18599c96460b0e49923f4cf4d70098f8cb469ca8f0e4ecaed1c9047ff044a5f836ad8e1ca353b7444b2cd6283680720472d70610a8d34f7be697a2998b3cfcfbc7200c7a2730c500fb967d434022701b2ef32e4842ffcad78da81fb58dc80e000d2912ce8767e673873193e8b3eee5adc0bc16bf5508a6d1944330a840695932d346300cc4aa91406c021a6c3e428642f2ef1fe24e4563bb788d602fb107d994db1586f4df75811468731cbca31878d1e08641be1317a36e0bacd07a885baee68a78bbe7b980967de4662af4fbc3dda307ec10d5c54a704db53c934883caa2e839ecf0dbc92ad09cb09324879200e68ab8a39f2c3742bf294a6c0f485b1e1f5da8d5459525da76782467bfa74a070f3cbad2961bcdbf1234fa2abfa94eae333f9ec62287832cd5fd71af91a96f4224f5bf7fae5048d5f9b112e756a833e75330487ed5c645cb0e334688abbea680e9d04ba96d73c004fba018c676c92a4dedf581848c2cd130de468b76f0b357d312246e0daa073ae9b477bab55da376a2b383c740b78041e564c954d9c61c4a8c85d3979cc12d8289276d75f902c5bbe4df0e0be90880b4d05f70f07c3027d9227b5d7cdb9780e0cf91a853ff9d8793b1b02323b4336e64f725cb5414edc4a3b849f875ff69de1d67f28cbd036c7804760a6039894b777561c0455a7eff99d9cc462ededae8e34ef61c48b24efcf15f607982ec7b7c30cf9875a10bf05f103e88a77cc3f328b10756966a324621bbe3df7aacaee486475680aceae36e4b12970b9025f7f7d155b8133bf108119414b83d49bb7a288725c886d6af3c03a1a8b8cf7e10797067f129f82186d760ca7f14776a0229e840b47fce4d8ddf65bb4dc9c245b83c1d2d7c10bddfb00f8ff5e1f8fdcc48d1fd2a4e5bf22dffa491de9423e8a6265bce515f5490614a61f672525847884df3a317e85d478a2204f33d43e72b000d0139324b7f7fa8ed181031beefe72289878fa91ee7c74318dae7e85176785f71df3a7388760bc8ba0f84bd2e2dfdea1c3ea60c2d88afa85e8ed86faabb8bb9fc50596b99bdd91d39d2baaeb0a0b360224465cfc759cf0a85bcce0ba009d8325a082e398f477206804ddb6ae76ced6f32f47fdbe2319dd37ad05d3b1d7fc1828198bfba4c92c7cd612776b6cfdd39f4ca12e8d29a8089afeb852d9927159ec7025f1a55be6787b0211c4b4cfcc7d82c26e5bf068dcca07045ee9708158724b325d5c0040d73910347b89f0e09fcfd02e37f5fa5b1a9e6bb5060a13964241cf38bc8804e722454a33fe7fb3a117b7719eea43194972b62c3a7d30cb419d24218d3f76117d7ec58e8a2e87bbc6890d42181918d66037c5ec5336309c48991020c91963296e4089c3ffece388a5ff32afb26b197bbb46edbd41c94d5a007bab3d082b9ffd38eb6af1d1d58909d2b8e9a99c4e658d91f6a1c490db503e287d31b11dcfddbe5b097ea775d855a569e51b9fc560e3b9c9e876d3e5a953b9f0e9fb5e5e5325d5df94a2429917d3cd53f938922bc0ae43630ae520d28df260f909b2368d2a5fbcc20919dd1613a811ef9878f21b47ddb4a2457dc28bb117b5c8a856e54f01a0d700de3620aa38c0f52ebf402d0620a5b075b8d1f7ce7b504b2a6158d23fadb50b55dc4e4d8c461f5b6f1a16dd86db44fa516f8fa04df4388a3f3e0fa87925f0b22be8f4ce89b089e8cc9903d4541bc371596a63ae6c808a4c8862bd58d5e9ebf0977c15b0fd4c258ebbc865e4bde8ec081f1d6359ce38facccae479a5057f403f70f45d02636120727f94f4300c425d0e830d640d2211195d485578ea79bfe18a4589e1209621ee6c2d26ff5a4986ba7facd77db0352456eabcc16b02bdb9081c413a94f284dde5269cc0b8ad2248b3e8ae5a8f282b769ede690ca4c867216757ef309cb8bdfe28ed7b044fc45ac3775c225ef9b228e30452228d1bae92ae2b76b91975d5d76967c62c878f5a1496ff5f0a2abb7dddb00c72dd2ad77836922c4a899225b81a45d6cd48fe0095735e2adea35e673d05df1fb1ccb9069703787090e0d9da91c212b8f856acb0d216c516598ee5fff92d63210b314ed44631a02c0458828aa819e6716adc5842db90cbe4370b25e7dab6f76fcbd0fd87aea135edc33a5467a7483dfcabd48256189f488899a23710878f942c720fa3c6717f8253ca8d489bee3bb9dcefd645978103928641c20b764466c6ce26f54d47b873bcb028c026ab7d9d28acfcd9ff612d7dc734b3633ee7e6bbc237f5a2480dc0c8c235ecd4195c610da480718752b64116ccbef95e91053d840e3c515aacb55d943881d255a1067f9a8e886e374e2cd10f7667f55f2ffd5b7f2b1368a027e5edad4a6cdee3ac6d4485a17d606c15ccf348e4e58f456ec2f8361ca6dfd70b248dcfd30aece7cd3b8d50adf10f4a45ab21dee13d12d66e9c6642d9c871a0bd920fd3b7ac2737c5169a21fe685fca816bea76d760a1bd3a8a49137a219bdc252a727955c73a1349736410d652ced5f7db1e79e6303f22ca04b5ab80c82bd9d42acf3e800aa47296f5aa48098cf90b13782a9d3303bd34e0f6f86eb5f6654283ae7d7aef932dcdd7bc63908c5579ff6b2205915fc4cf46337069b697e577d153a4669cbe06a5a7b0414b47ec34b79aa6781a1315c0b8ea38168e821701c8c6f04d3ff0f846f4834fb19b5f727a59785a070ee45ea82ea9d3514ba3e169453fa240da9a0792b92ff42272296451a03968c5182661331b3972d498cb248fe67d10de2414a04cc4cfe21780f66efa21d416cf8f51472f3d4be17f64606500138c55e44dcffa57f63c4c3473cfbaaff5093007b696d316a651e332e44a3e61458a91f9a27c9321fa43d2f2949efa477a89dcca9dc094247a988a86794320881f87ec8eee86fa7721090d5bc6c854792ec89ab6318454e9899a6290231d7914ce37df59a9cab9375c3fbf8910ded020d2bd856f4f395f26ae53a5a2736af04826778709c33b7f230f13bddac8a7a333c9fa276c33af1547a8dcc847c0ef745e345b6127e79c76e04e01862652485ef6e81e6e7140d2874a08fff98418621da96f96c0027acb948768454540fe7440de333490cfbea1cecb05e817daee34616a03e837399dda6c4e072495d3d24d5b9607492351f4f0d3999b55d51fab9f22c054ce996463b7d31984ee525109e2f8d34751b936e3b427efa72629a7a3aee313501cff1db4f103a1fa52cf37b895c79edd5b578532875222775906db38b135ca1e75be5a8a60db811c37c417e727343fd265330e5dcfc41d5d8fa563aea090d629dc5aaa89f9207c115ea10cc21185c8df4f93b9d0813b5af496ca089c9b006bfcf7d807d894f08939f7c719c359bdcf2e1e429583b97bbe55c9187376497fcf1dae24e69ab3b9c9ca4fd2729fca6c6d6947d38bb51a9024153ef87e85084eb4496bccdbfc3065a517e0bc5d14a4b79798dac8d5a3da9063cd9bc5bf078659b8bf86e9076c7ca87472c6296322ca7918f4aa60414cb3ab25384f4b1465e95f246cf7865342fd47c81cdb17607f1e098c38aed5a858b25ff1c3584f9df4fb4c3e02e9a283c0fb56d11fab489bc10800934cc8e2074416242eeb7d275802ed15ae0bfe398ba9d2c426f2596097c1a7ab67ae25353dbbc19018ccfda728785c2757cc284970de5817ba49a9b42933594095df59e411316d0fd6cdf4818556f082cb536139463663a325aec7896e9786d27af5c9b265d87cc96b11c47e405cf3e1dd471a9d311c7e309cc75324ef3bdac29e97a854567aff9d33643ce0058008df2aa538a17d567e51fc63d4b8095d65391161decb0c054b570408bd933fb814fcee0f1fd49c01130d9f778b668e66aaca13b2d6e31cb681b451414b0dfa429728ad6465c247edb393e926be659d6cb4d03732db78d735ca3740c8166f3fd29cb7792308a14073fd49c84718a93e0245c98f7293b961259fc65cc9277626d03262048b83f28fe1a0643b437150f9a55e731ce72f402e7c7d7c6f8cc7791c36f467f0364799a8f58edb14f71f5eb10b712f6eb9756f3d34f637cee0634167c8267c90a2de779902451f0a299d3c3a1b1e8f5016aaf66bcd98861a7ea5a2b21fdd50e0e0a4244cd6a3fde592e5dc65679123b4328a28faf0e09b8e2c6cc6c38fdca0fc7af252de5f9b6bbe820539a21715c1be7a48f271fe81d946832ddd54945dc1261939d6a3a105c490fbdfc7569975d42b0c51a558458cd153689ffeecd7d679e7b1d7cd8dd0605b8e9123bd9dc4bf0481f537e187628de7b9282f2cfaa5ab7919a2ffb765079b7f5f31847383d49a245043ebde452b145117541cc7a0c46c0e79165b9b25ddce143912f29a98f1494b66beebd54f338cc5ac8a9e95b6e2f472e0047d82931bb445994a9437e83a3070a09f0bffe25b4580ae7d36bd53ac57af22586bf930288bd7476a390f126fc8b9c95994e5bbbf3663fa7740e53f1720bc8b4e4026904e91bf7863ef4d6459bb350f1625d1d00e66cccad34a0e54b18ee8efec8bfaf743089ad537e0860a2cc06280565f03843b5f6239b3139a9092a9d1151fa38f38e591b7781e1c9c74eb76d8b6ffcbafaf107a60e6557a10145a8b432b35a982c1d6762998b69d7f3ab79a651190062e387d7da3bfbb71294d96a3e9a9caa6b53805b48a4b8de0388a5fdebcdae87e0bcca06eaf780cd4c43ba8d17833602887ef6828b3c892ca9b2e5b9e8fb150096851b7922f657420ecdd3019f6bfcc8133b302c775fc5ae03bf26bb33bb5cb8d44b86d53051dafa9c40a74e1b9a3a9405c73efa51dc7b71674cf9975e711c611cd2edffee8907ed06fdf44d1dd354d5c14c76c2371b76bc84a9a9d9a4da3ba9e7e931dbaf14c4fed0b7458c1bb6b46bfcec76ee98bc3da220b19c5d0fda2655bb93fed8ac78b4879485e20a961155ecdf815d95a698bc6ef4db5af21f9f7b0061f5cc16bbc262db0deac523c67c95b241886531e5003cc31ef77b57e3f75a55e9483a2620446058d50ff175896d003e2e48dd3e92c35c4f5234053685253f2bd28b3c9defb0d795b34dcd81104c614bf11acc2750fab57d43b5da18cfc84951580cd7c498c1c6891a77304d57641891d9748b20310b08931cea19c34abebf7ae089640ea809e2b87dad19dd4dcdeb572e25c53eca23692133da8a4a9420d9f8795778830bc61d48ec7392ba7ff0d6d5137aaece427fb830979511880388c21129b585431cffc45f17f2d9f108a42113d218a4763443bd077c535b4d9624a7746922a1cef87f90a9775b7716503560e5e8be1bbb4d231b4479ba826ea62caba4489a74c3d44d0dcbc2e64d66bad4837d6a65dee80e410156b153867873b7def3d0416fd1fd9235dda869106ae6e2bf1a045e78c4d473c269b878dcf79e8ed3f17772fed3622df495f85b5ea348d620771e60e457157092a05d01043b0d7f491b45e3227335b551567f885d8e4a8322e27e7574395d242a9d7cc6f1d69e70647b75604b655b2dc31a28f655585ee6692ace60e5acb360e8e54022aa05abfb55cb13f92caf364bf1b564ed67a2cdca2261776fda03c094f3c7fbd22c7bb595f06d5a2ef3d1c49ac1c7fe6a97b0f4ff50d54d5ae2fda2e2aec81f3eae0dad645cf65f59eed5c70e3e5a4824a176e8d0b9ac3ba81cf2ab74f1f7f571f3d6886c967cb7d5bd0945551121416d079f41fa016cf0be5dacdf4b0a92756bc0f240f57e6b679b418dfcd33fd10ef7dfa12f2822dbe04630078d3b35568f45c71f440c377bad0337253c88fb56ef9b827309f37ab272d407a46c1f9ce970524d7e42c4d7826ceb77a01a774b9f8a2225cab7a3318aa4ab1407747279704efadf4186a5d80c2ab89c947ebe7c00ad6d3c7a449eae93c3529fde28b77c164f2e2cda7e9d123bb50afed45d8af69b320ea4ba520c4746e6df207ca9ebc8346b3e05376a161c7a6e4e3373c5861d0e3e2b1f83dfce27c9e2e64f25dccc2eddb2182de16fb37a315fb1688a07849a2c75391cfbda98bb8b1c2497b9f931307134d26e3696c1c93203b42b27b9c9bcde6b882b73c65e42aaf766a30089fe85a8b652f60b27040c2b22760179aba4ab22844f5dc996620951840c1175d0b9dabc24694575c6d69d8cfe821529871ee4adb1065c1855a4f22039c9bf844957cc74117109299fb497c24de798dbf27aeb5ed0beb90853c64241e84ad386e11ccefdf3119b9882969701cc137c129aaa5021da5e64c62346bfdd6aa27c7007412735798a65da08178f2505c126010c1c4d7471add175b19e15319c9a621445ef2a539d374ab23a9c288d2a08535632fb4147bcc8cd50ba8cf89af0e2889197f0249ad43002bdf444499c2a2e4bab52a0e756d307708cc8d8dd4992445d1ceaef6adb4f203fc8f72f64cf8448d4cd04eae7945f9c743c00b92240a2deb8ebbcad91b7b09703e108b7cc9dd9ea37689a4ac584134e03ea0b77d959850473a45b5a6cca61335c0a2df35968aa72e1d9840e1422e0c6df2d468082d8341a75c19d7815da1fa5dde484eb21aaf5f7d205d95a780ee219104b24a0218881aa937726fc0c61ca90b0f9fed131a9dd29d8d05921eddcf4d2b2cac1a4727748fd1a0a4dcf00df67a27ea8d35bc26de1a2c8b9f9029816d1fcfd6fce83ca02fa0d669321a805bec7bf2b14398820821c143a7c8c918fb575c20101556c27cc383e10c7c8ab6c8f419b0a54f5939823538c76064f14f1d10811aa465ca2d70defc90c7362ceb6368400e2ee29da1493549019baa6e08a9ceaf3db91d53f764aaea4c47eb8cc1e52d365d4de521d34908fd6517d71dabbd0e3d01be2af2f80ae8328101435c828789c4130729d86a8390aee8e7b29f686e2037e2f37a3e97f758c422bda0ab48048f44ffc76ee0fb2868d60422f8a5a5680624b18a343c696181199f75b035f032f61d825374f30cb43ff83233f1cd11e91b02759475c0723b5b6ee9fa88a34de12453a4879a15e3170f95e26a128327db2e5c3bad34cc57bfc36a1261110c577a987db259c23664617e992e9580e0c06d57d80c87eda7bca09ccf09a1c985b8e82c6115b8398ed6ef4dfb550aa7118cd46eda5622e9bb57103c5d0fd7e47774a6b5c6eebb25eecc8ddcf16cb188fb04328e45675938d3f0cb12eb6a55ea9d03427d334a6152efdcca05302fbf679f913da1ba1b58e6a4bb724731768e96e95749000e58d0f26f8ccabdcced362b51c1ffc7f0ccdf84b7bcf3a7d670a786a93d2d5024346266607b803be610f2fc4f149dfe5688bfd3011505565454bfedc1c120718662c205a0f646f03490192a6c9e3167d64c330af2989504773287f99889c80c50c32873bb570ce2897c824b79e56bed925678ef92437668b6f1fc41a3e0c9c57c3a73ebf6e7071f309a6006b89d459c39826493c45efc7c27d0a10541b6ed0662d7ac6500c25a732a5c0f33e8637835478dc1c280b64b6f1fabf9e7a72f834e86c4e35895d2353a68e89f680e08e1c6759ddb93528eec2ea35a9edc0956e0ae80f6aaf1baec128c5683331f03886aaead536fc8255c905df63c9c4a2e589547625f5ab22036e0ab1e91eb7fe60677da1aa2ceab2fe06bb75e94236316c53a4fc62fbf7d35f0f23cb9622b059f430bcc9ddd41b65dd5267a882dfc8fbe2431c45b947de1b64a2e02bb7c3bdd897ecf5d73449db50dbbee797135d365bcf418057add761b65862943ed6ee5175206aa0fef443d570bb2bfd105372d2d938e74b0ed69c569eacabc4c6cd9ea91e71bf6fe87066ea055586810beb65aa606eb83531e8cf767a0889ee4be5bc26e273ac1ef8c075d6ce73c1db96d24e4a271c997dbe9cf27d7a597b5e14179ce8d0f824ddf7a23f9bfa055a5af4cc9f9abcf78916f78df601207b3fd854d48db7fac76beb8bb18e452be6b78e195f85cc8c7fba4cbb4558cfe9f049a9ba300e3bdc6f2c77fad8539161930734daaf67652f49cbc4eb8c5d8ad67adbd5d24001d2e7759537fa72f58836df113dd971f5cb818e1c04f16ff30318327ea569a37959c20fbd5fbdfa48b22ad28816f793a132534d27ecdb654370d41c879bb66b7613537acbc18d24a622dd8593e0fc494f58e548f56de3441aaadc28bee95e208337c32218ccb499d4cd68ef01100911cb7ac63178d7d61491c1fa6ac489ca0c7d0b7344853699f5197ea00458d161736556ae7ef3722b2a47b18c3e41e9735ef605e87eda73a3252beba2b2bf06cd33dbb726dc947ca19fe1fe096a764d639bcd0b2390504dae1dd732460f4302555ee4e1d26898d1190577de51508de933d953c353c4020fc5976181da4ea73aa47ace88add4a314e3480dddef85e6adc264a6e845bd65321dc84693b2c53cc60a7b2ec267557f7e4764211136f707d6a50da3e504073806d9276c7658e2385d0933671b3f4b643384b3a66ab699dd3aff154b9f92bbcac897074ff56fdbd8fc84f9a2a780a71ec823881b7982eca95e761ef9a84d1605bf4bb86080882e90676c3de87f1a073f5d86fb78ef310bcf2dc7cdcfa411b227500b1ff0e19db9525c9c2843d8dab5c4dce47056cfd7039897a750c5db76191ff1666f00b86cb73b523de530cf3ed0cae94a407cc9974d7686d36cddfa28e64c7dec078ae7538fec8139c8452d79dcc682367d94513bd0fe8ee81285c6557f8690928fdb4552132c23bb81247bdfed42c1acb715dcdb55acbb5241639e80d1b29bb623e308e249dfdb7a61fe62e0cfd35cc013ca670ff29d919a98332889d3410a2fd6aa4cf7ed8521362ad93064bf54f44c32f75566a28cf28e176e448b6bc25e0cd84507febdcdb8e9677b7be95d7fb655f49125704ab0aa3c86cb891c15df193b19105158932983d06ce97b376a1af62f3ebb79b306d4f90be696aa8ed767fd57ceada2c2ba21c7c168ff22f1399f02b54f90c5fe245508c7123c9753a67751008a9334556ae394e0f6a8ab236c860236811adce12ba09972c01cf4f2569c7e821e0de5b9995d80979fe6a32ba0bd22917dc984511818b78eb6d3b971fe1360784ffc345593a15f024d69334548f1b2bbda41688494fc9f82b1870dfaba60e6e6d7a3b78e9b5c7aef2df88a7b154e533a9822ec7359974276486d22f3311d817a9746117652f4f3f07e7a069022a45b10a6b4fb9d85d7b9fb89ee2df467ce1a8cadb4d1a30ddc316d5ca01c192e7fa6a719b5348ce56b901d8f50c1384e909d7e9c8744eaad11bb266b4933df9c94267e5d2a46496069cf907351ee837071f41e9bb5145ceb64dd2d7301d5f6f20aecb1fe39633c9ff421dd0d0891ddbc0236090445ffa0d720d9016ababc3e716f9bd91c041520fec85ab2da9ff6c1282bd1bb9602a20b71920cd75a3f36fc31b32379fb0d3ff088c6254d6644f85652f0c942815f663ea374b5dfd28fae6f36dbf7d0cf1fd338ed2b48b0c728e04d643a5821bb92ad1fbfe63a84b381c5ddc4a3aa2763a13a0404212fe6cd282070c7923a5bc47f757c5fdbd00abc75e6ffb9b453ff0ee882e174e1dc067545cf8617b236ebecec070ec9a8923a1f04cd1a37287ad1a18a8f2650c92e72d0fb21eeccc936c98b22987e6bc0e6f21bf230910caa50b049049637883eac535a93d30621a7c3fd28aa2134ce819ffa6aa3b6add864bd2615f01bb6e8def2f59bb78d41b95116c4f60637210a58de885988f1ee5c72582a9b2ab54a50825d60cdf3d7d21e8aaab4e96e5ca8498199c69c55d660db1f5a10760fb5a9df6b9df26d05ce0e642f0bf2279ed0f91250878e4c893531f555a618d2465e8a93ac3cc81c69e255e687dc826403753d1b820b3f58724c4cd46670d93c9874d9c05958faa1a7731b7a4226c935485ad36285b8cfcc7153c12de924b82449d08e95176a87de75e7e512192ca3fc433d1582d4e32a6fa98a1878c96e102c54709b0b692b44c12dfe877a1e0f527559182a83cab95c6b5a76373c2004ceeb7895f215ae372e5f3ee561ae8e25e7f75a7ae92c7b2e2bcd6023f5ab7cb76ab22347a70b877c29e897981e7cf2f06adbe69329921a4c4e96b8d1bbc05ff9307a2b921c8d9a756ed81ac03f7ef9f1f5b2e015625b0ca8c8a901d27466450807df30b7bd1218120c188ad946d2d03df5c58a6ba10dbd9810f443fbc11850e00a2b8bda70ee332d9596de66f2342c5eaa5dd1e735aa6daea683d8a854c48161f886792374067535e6de4f337478a52107dbdea3e56ccc30b33ad8a4a5cf9dbc21d77439e39a87d21f13c4c7a6b1f62ba6178a8874024af63c168de41dc10aeafbc3d07b2b40cb84aa524ff6ee52d0eb2aa3da73308245eedec6870ac32a254573f3af5d1d4bb2b186848bca3eca767cc94d61f4f5cde5b8f3a4463e9f16028e33cf793befcb0982a4709ce63ba8e268a457b932114f9ec29c2eb5b1d047f7c392f56a0de3f2c18c1c4ab7a69e85f729845213a9fedd738d916009abcdeaceaa3af949179ea1075f035b7d07f31b2a4231b20164863fb2137cafcf38b1ab8ff753e6e1405480ffb334c88184b4132f14d71063ace4c8cdbc871d88cdc3658c56fad5121b38b707ce7b9a5aabc6df6f364b66e3226df69f3cd13cb4b00f94d3b698169188835109bf9eb808e608d4db90e4bfa76e4b3322151fa849f6bdfb570efeed75141b203f1313a6f8e2cba59d8d4eff390e97ad4c0add1d9f9cca55c3aa28c217b43389da408f8539a3850550ef7bbc4d83c0a204827df8d84df827ee2ea0131eef890c376c97698b2c50b942a68a770d8fbec3ae33f14dfab45f0416f394f8c8553d7a7ae384c92d3c2cee574938eb0d9490aeab1ef777c0efe2bf8ac515fde805beac15a1ecd0466b5a5b0fb6a2947333431ad0332c637f72b370d394f454faa86f0dbcdcfb1348eeb4a39cfad23a7a0ad36ecc4e49ec9a3d45130c608f02a37f397f3e3b95a1dec84bbc568109daeb75774460cf787c6ccf110be877157b1ea1358608ac545c15fb82e0d1c97b2282329540ea1ab4e1b4caff58b5e5bb6f9a175d7f61b7acfe0f3b2ae95a026ccfd4abbf89cee696eb4f4ca74d079614c822ad140ce332e82d5014147076ca850666fd2000b98e7a672adf7223c272c6eff5311e4875249542bf7ffeef5394462b9b92f2d4037483244ea9ed5ba33e6a5af339d0894859864143e9072ff041966f6cf8d7826859a90bd4f0675234ca3ce8492be0435f32a38342feb9583b531376f1ded3a4650945330ee5815ce943861cd063fe4c9c74a3c94aba1b95d877ebae860bf70ed0580ab0c51835ab672eef3c485efc95fbe998019238c33c3d91b3a2aba15dad0cd09b9e4dabb21a67917a52f289167fa3632bf58460ea3b4e192916e0a4e0e799845c2395c7a612d725af5c63d7b295f31ee3366668dd2f6d8cf51e1c7fe02a3be8d434cbd2a1b74055d87feb0c63c6574a80f197162c168352fdf7ea90a3b449b46f9ddd60a8e7260fe1178fea4f2ac05747834e33b4", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0x0, 0xaba3, {0x45}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.456814577s ago: executing program 3 (id=1800):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

3.147828124s ago: executing program 3 (id=1801):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x8010, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, 0x0, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, 0xffffffffffffffff, 0x7}}, 0x48)

2.483930904s ago: executing program 4 (id=1802):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040)={0x4, 0x1000, 0x2000}, 0x10)
syz_clone(0x5400, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000580)=0xe)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x248}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$inet6(r3, &(0x7f0000007bc0)=[{{0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000180)="a9cff3", 0x3}, {&(0x7f0000000340)="547be47b1a5c6dda9dac1662", 0xc}], 0x2}}], 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
syz_mount_image$jfs(&(0x7f00000000c0), &(0x7f0000000440)='./file0\x00', 0x2800080, &(0x7f0000000480)=ANY=[], 0x1, 0x632a, &(0x7f0000013cc0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmDxn4eZzxdZ+0knll7Ph/JmfntM+t9Jt+d3VnPzD4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Djc0VEXPlVuuFExOdiGDGIWKrqlYhYWjmRlx9FxAux2RzPR8R4IaLIjc9GvB4RHx+PuP/gzmp10/k99uP7f/nnH35y7Ef/+PP4zP/+emv4xm7L3b792//+7e7jry8AAAD0UVmWZZE+5p9Mn+8HXXcKAGhFfv8vk3y7eu7q9Tnrj1qtVqsPYV1XTne3XkTEev0+1T6Dw/EAcMisxyddd4EOyb/XRhFxrOtOAHOt6LoDHIj7D+6sFinfov5+sLLVns8F2ZH/erF9fcdu01ma55i09fzaiGE8t0t/llrqwzzJ+Q+a+V/Zap+k5Q46/7bslv9k69Kn3sn5D5v5Nxyd/AdT8++rnP9oX/kP5Q8AAAAAAHMs//3/RMfHfxeefFX25FHHf1da6gMAAAAAAAAAPG1POv7ftsL4fwAAADCvqs/qld8df3hb/Vz/Sey8/XIR8UxjeaBn0sUyy133AwAAAAAAAAAAAAD6ZLR1Du/lImIcEc8sL5dlWf3UNev9etL7H3Z9X3/os65f5AEAYMvHxxvX8hcRixFxOX3X33h5ebksF5eWy+VyaSHvz04WFsul2ufaPK1uW5jsYYd4NCmrX7ZYu1/drM/Ls9qbv696rEk53EPH2tFh4AAQEVvvRve9Ix0xZflsdL2Xw+Fg+z96bP/sRdfPUwAAAODglWVZFunrvE+mY/6DrjsFALQiv/83jwuoj14dNfPQH7VarVa3X9eV092tFxGxXr9Ptc9gOH4AOGTW45Ouu0CH5N9ro4h4oetOAHOt6LoDHIj7D+6sFinfov5+kMZ3z+eC7Mh/vdi8X77/tOkszXNM2np+bcQwntulP8+31Id5kvMfNPO/stU+ScsddP5t2S3/aj1PdNCfruX8h838G45O/oOp+fdVzn+0r/yH8gcAAAAAgDmW//5/Yq6O/04ed3VmetTx35UDe1QAAAAAAAAAOFj3H9xZzde95uP/X5iynOs/j6acfyH/Xsr5Dxr5f7Wx3LA2f+/th/n/58Gd1T/e+vfn83Sv+S/kmSI9s4r0jCjSIxWjNH2StfusjfFwUj3SuBgMR+mcn3L8blyL67EWZ3csO0j/Hw/bz+1or3o63mwvh1vt53e0j7bb8/0v7GgfpzOdyqXcfjpW4+dxPd7ZbK/aFmas/+KM9nJGe85/+NS2/719G6ztfz7k/Ee1nyr/5dReNKaVex8NPrPd16fTHueta1/8zdmDX52ZNmK4vW511fq91EF/Nv9Pjk3ilzfXbpy+ffXWrRvnIk123Ho+0uQpy/mP08/26//LW+35db++vd77aLLv/OfFRox2zf/l2ny1vq+03Lcu5Pwn6Sfn/05qn7797yP/wZ9aW5dZ8q7Gbvm/2naHAAAAAAAAAAAAAAAAYIayLDcvEX0rIi6m63+6ujYTAGhXfv8vk3x7W/Ww5cdTqw95XcxZf1qtPy3nqz9q9WGs68rp3qwXEfH3+n2qfYZfT/tlAMA8+zQi/tV1J+iM/Hssf99fNT3VdWeAVt384MOfXr1+fe3Gza57AgAAAAAAAAA8rjz+50pt/OdTZVk2R3HeMf7r27HypOO/jvLM9gCjuwxUPdz/Oj3KxmAyHNSGG38xdhv/e7w996jxv0czHm88o30yo31hRvvijPapF3rU5PxfrI13fioiTjaGX3/s8V/nzKPGf26Oed8HOf+Xas/nKv+vNJar51/+/jDnP9iR/5lb7//izM0PPnzt2vtX31t7b+1nF86dO3vh4sVLly6deffa9bWzW/922OODlfPPY187D7Rfcv45c/n3S87/S6mWf7/k/L+cavn3S84/7+/Jv19y/vmzj/z7Jef/Sqrl3y85/6+lWv79kvN/NdXy75ec/9dTLf9+yfm/lmr590vO/3Sq5d8vOf8zqd5j/ksH3S/akfPPR7hs//2S889nNsi/X3L+51Mt/37J+V9Itfz7Jef/eqrl3y85/2+kWv79kvO/mGr590vO/5upln+/5PwvpVr+/ZLz/1aq5d8vOf9vp1r+/ZLzfyPV8u+XnP93Ui3/fsn5fzfV8u+XnP/3Ui3/fsn5v5lq+ffLw+//N2PGjJk80/UrEwAAAAAAAAAAAADQ1MbpxF2vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5DrLO4Cf2S9vnJAYCKmTmrBxTAjJJru2E3/Qppjw2fBVEkKhH9iud22WOrbx2iXQqHYUKJEwKq1oGy7aAkJtbiqiigtaAcoFalWpErQX9AZRoXIRVQEFpEptBdlq5rzvuzOz87HrnV2fOef3k+zHO3PmnPeceefMPrv+zwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGa3vHH+U7Usy2q1Wn7Dtiy7pl6vmtrWuOV1V3Z8AAAAwPr9vPH3C9elGw6t4kFNy/zTzd/+6tLS0lL2/tE/Hf/c0lK6YyrLxrdkWeO+6JkffKDWvEzwRDZZG2n6eqTP5kf73D/W5/7xPvdP9Ll/S5/7J/vcv+IArHBVVksr29X457b8kGbXZ+ON+3Z1eNQTtS0j9WOXHpvVGo9ZGj+eLWQns/lstmX5fNlaY/mv31Lf1tuyuK2Rpm3tqM+Qnzx2LI6hFo7xrpZtLa8z+tEbsqmf/uSxY3997vkbO9W+h6Flffk4b99ZH+cnwi35WGvZlnRM4jhHmsa5o8NzMtoyzlrjcfV/t4/zhVWOc3R5mJuq/TmfzEYa//5O4ziN1bIOx2lHuO1/bs2y7OLysNuXWbGtbCTb2nLLyPLzM5nPyPo66lPpZdlY73m6VGuZp7esYp7W69yu1nna/pqIz/8t4XFjXcbQ/DT96PGJpuf9Z0uXM0+j+l53e620z8FBv1aKMgfjvPhOY6ef7DgHd4X9f+y27nOw49zpMAfTfjfNwZ395uDIxGhjzOlJqDUeszwHd7csP9rYUq1Rn7ut9xycOffImZnFj338roVHjp6YPzF/au/u3bN79+07cODAzPGFk/Oz+d+XebSLb2s2kl4DO8Oxi6+B17Qt2zxVl744seL8e7mvw8ker8NtbcsO+nU41r5ztc15Qa6c0/lr4731gz55aSTr8hprPD93rP91mPa76XU41vQ67Pie0uF1OLaK12F9mTN3rO57lrGmP53G0P29YH1zcFvTHGz/fqR9Dg76+5GizMHJMC++d0f394IdYbxPTq/1+5HRFXMw7W4499RvSd/vTx5olE7z8qb6HVdPZOcX58/e/ejRc+fO7s5C2RQvb5or7fN1a9M+ZSvm68ia5+uhhZufvKnD7dvCsZq8q/7XZNfnqr7MPXf3fq4a726dj2fLrXuyUAYsHM+lLZt0PDu9m9eP50SWff5bjz/4jcc+/8aux7Peb35iZv3fi6e+tOn8O97l/Bv7/hfz7aVVPTE6Ppa/fkfT0RlvOR+3PlVjjXNXrbHtF2ZWdz4eD382+3x8fY/z8fa2ZQd9Ph5v37l4Pq71+2nH+rQ/n5Nhnpyc7X0+ri+zfc9a5+RYz/PxraHWwvF/begUUl/UNHe6zdu0rbGx8bBfY3ELrfN0b8vy46E3q2/r6T2XN09vvzVf12jau2WbNU+n2pYd9DxNP/vqNk9r/X76dnnan8/JMC+u39t7ntaXefae9Z87r4r/bDp3TvSbg+OjE/Uxj6dJ2DjfZ0tXxTl4d3YsO52dzOYa90405lOtsa3pe1c3ByfCn80+V27vMQdvb1t20HMwvY91m3u1sZU7PwDtz+dkmBdP3dt7DtaXedP+wX7venu4JS3T9L1r+8/Xuv3M66a2w7RRc2UsjPNb+3v/bLa+zMkDa+0zex+nO8MtV3c4Tu2v326vqblsc47T9jDO5w90P0718dSX+dzBVc6nQ1mWXfjI/Y2f94bfr/zd+e9+teX3Lp1+p3PhI/f/+CXH/3Et4wdg+L2Yl635e13Tb6ZW8/t/AAAAYCjEvn8k1ET/DwAAAKUR+/74v8IT/T8AAACURuz7x0JNKtL/b3/T8wsvXshSMn8piPenw/BAvlzMuM6Gr6eWltVvv//L8//9DxdWt+2RLMt+9sDvd1x++wNxXLmpMM5n3tx6+wpfvWtV2z7y8IW03eb8+hfC+uP+rHYadIrgzmZZ9vXrPtPYztQHLjXqsw8cadQHLz75RH2ZFw7mX8fHP/fyfPm/COHfQ8ePtjz+uXAcfhjq7Ns7H4/4uK9ceu2O/e9b3l58XG3ntY3dfuqD+Xrj5+R89ol8+Xicu43/G59++iv15R99defxXxjpPP6nw3q/HOr/vjJfvvk5qH8dH/fJMP64vfi4u7/0zY7jf+ZT+fJn3pIvdyTUuP3bw9e73vL8QvPxerR2tGW/srfmy8Xtz373jxr3x/XF9bePf/LwpZbj0T4/nv23fD0zbcvH2+N2or9v2359Pc3zM27/6T880nKc+23/mQefe2V9ve3bv7NtuTMfuaOx/eX1tX5i019+8jMdtxfHc+hvz7Tsz6H3hNdx2P5THwzzMdz/f8/k62v/dIUj72k9/8Tlv7DtQsv+RG/7ab79Z15/olG3TF619eprXnLtxVfVj12WfWdLvr5+2z/xV6dbxv/FG/LjEe+PGf327XcTt3/2o9OnTi+eX5hLR/Wx6xqfnfOOfDxxvNeFc2v714dPn/vQ/Nmp2anZLJsq70foXbYvhfrjvFzsvfTSijPoHQ+H5/OmP//61tv+9dPx9n9/b377pbfn71uvCct9Nty+LTx/a9v+Sk/dckPj9V17NoxwaeXnBa/Hjl3/dWBVC4b9b/++IM73M6/4UOM41O9rvG/E1/U6x//9uXw9XwvHdSl8MvPOG5a317x8/GyESw/lr/d1H79wmovP69+E5/udP8zXH8cV9/f74fuYb25vPd/F+fG1CyPt6298isfFcD7JLub3x6Xi8b70wg0dhxc/hyS7eGPj6z9J67lxTbvZzeLHFmdOLpw6/+jMufnFczOLH/v44UdOnz917nDjszwPf7jf45fPT1sb56e5+X33ZI2z1em8bLArPf4zDx+b2z9729z88aPnj597+Mz82RPHFhePzc8t3nb0+PH5j/Z7/MLcfbv3HNy7f8/0iYW5+w4cPLj34PTCqdP1YeSD6mPf7O9Onzp7uPGQxfvuObj73nvvmZ1+5PTc/H37Z2enz/d7fOO9abr+6N+bPjt/8ui5hUfmpxcXPj5/3+6D+/bt6ftpgI+cOb44NXP2/KmZ84vzZ2fyfZk617i5/t7X7/GU0+J/5N/PtqvlH8SXvfvOfenzWeu+/HjXVeWLtH2A6PPhs2j++aVnDqzm69j3j4eaVKT/BwAAgCqIff9EqIn+HwAAAEoj9v1bQk30/wAAAFAase+fDDWpSP9fuvz/9gvN65vstpj8v/x/8/GS/69Y/v+houX/8/OF/P9grDd/L/8fyP/L/8v/X6H8/9Vrzv8vhTck+X+KqGj5/9j3X5Vllez/AQAAoApi37811ET/DwAAAKUR+/6rQ030/wAAAFAase+/JtSkIv3/avP/Y8OZ/+9K/l/+v/l4yf/L/3favvz/cJL/703+vw/5/5msWvn/i4Mcv+v/y/+zUtHy/7Hvf0moSUX6fwAAAKiC2PdfG2qi/wcAAIDSiH3/daEm+n8AAAAojdj3bws1qUj/X/Lr/3cl/y//33y85P/l/zttX/5/OBUl/59d5vbl/+X/r3T+3/X/5f/l/xmkouX/Y9//0lCTivT/AAAAUAWx739ZqIn+HwAAAIpn7PIeFvv+l4earOj/L3MDAAAAwBUX+/7rs7YgeEV+/1++/P81q9q2/P8w5f+3pPvk/+X/s0Lm/0cz+f/iKEr+3/X/L2/88v/y/8M8fvl/+X9WKlr+v9H3Z5PZK0JNKtL/AwAAQBXEvv+GUBP9PwAAAJRG7Pt/IdRE/w8AAAClEfv+7aEmFen/y5f/d/3/bMjy/+NtY3f9/+XHyf/nip//d/3/IpH/703+vw/5f/l/+X/5fwaqaPn/2PffGGpSkf4fAAAAqiD2/TeFmuj/AQAAoDRi3/+LoSb6fwAAACiN2PfvCDWpSP8v/1/w/H9MjpY4/9//+v/y//L/8v/y/6sn/9+b/H8f8v/y//L/8v8MVNHy/7Hvf2WoSUX6fwAAAKiC2PffHGqi/wcAAIDSiH3/q0JN9P8AAABQGrHvnwo1qUj/L/9f8Px/noOfKPP1/+X/5f/l/+X/B0n+vzf5/z7Cae5HWZbJ/8v/y//L/7N+Rcv/x77/llCTivT/AAAAUAWx798ZaqL/BwAAgNKIff+toSb6fwAAACiN2PfvCjWpSP8v/z8U+f9M/l/+X/6/PPn/P746/3ouy5YuyP8PnPx/b/L/fbj+v/y//L/8PwNVtPx/7PtfHWpSkf4fAAAAqiD2/beFmuj/AQAAoDRi3/+aUBP9PwAAAJRG7PtvDzWpSP8v/y//X7D8/0jz44qT/6/V5P8z+X/X/x8K8v+9yf/3If8v/y//L//PQBUt/x/7/teGmlSk/wcAAIAqiH3/HaEm+n8AAAAojdj33xlqov8HAACA0oh9/3SoSUX6f/l/+f+C5f9d/1/+X/5f/n9d5P97k//vQ/5f/l/+X/6fgSpa/j/2/XeFmlSk/wcAAIAqiH3/3aEm+n8AAAAojdj3z4Sa6P8BAACgNGLfPxtqUpH+X/5f/l/+X/5/Tfn/Vy2vV/4/J/9fLPL/vcn/9yH/L/9/xfP/4/L/lErR8v+x798dapIav4nL2EsAAACgSGLfvyfUpCK//wcAAIAqiH3/3lAT/T8AAACURuz77wk1qUj/L/8v/y//L//v+v+dty//P5zk/3sbfP4/7qL8v/y//L/r/8v/s1LR8v+x77831KQi/T8AAABUQez794Wa6P8BAACgNGLfvz/URP8PAAAApRH7/gOhJhXp/+X/5f/l/+X/5f87b1/+fzjJ//fm+v99FC////rmh29m/r++Lfl/+X/5f9buoT9o/qpo+f/Y9x8MNalI/w8AAABVEPv+14Wa6P8BAACgNGLf/0uhJr37/y0bOyoAAABgkGLf/8uhJhX5/b/8v/y//L/8v/x/5+3L/w8n+f/e5P/7KF7+v4Xr/xd7/PL/8v+sVLT8f+z77ws1qUj/DwAAAEOu/VdIHcW+/1dCTfT/AAAAUBqx7399qIn+HwAAAEoj9v2HQg06xblLSf5f/n848/+T8v/y/6XL/0/E9cr/r4v8f2/y/31sRP5/smX98v8b6EqPX/5f/p+Vipb/j33/G0JN/P4fAAAASiP2/feHmuj/AQAAoDRi3//GUBP9PwAAAJRG7PvfFGpSkf5f/l/+fzjz/67/n8n/ly7/7/r/gyH/35v8fx+u/y//v3H5/77vFPL/lFHR8v+x739zqElF+n8AAACogtj3vyXURP8PAAAApRH7/reGmuj/AQAAoDRi3/+2UJOK9P/y//L/VzL/n7so/y//37Ah+f+L9QMt/18l8v+9yf/3If8v/+/6//L/DFTR8v+x7//VUJOK9P8AAABQBbHvfyDURP8PAAAApRH7/reHmuj/AQAAoDRi3/+OUJOK9P/y//L/rv8v/1/q/L/r/1eO/H9vQ5b///m14Xb5/5z8f7HHv9b8/1jb1xuS//9Bt/z/0pb2x8v/sxGKlv+Pff87Q00q0v8DAABAFcS+/12hJvp/AAAAKI3Y97871KSp/x/of7wDAAAANl3s+38t1KQiv/+X/6+PYzm9LP8v/9+4Qf5f/l/+f2jJ//c2ZPl/1/9vI/9f7PG7/r/8PysVLf8f+/73hJpUpP8HAACAKoh9/4OhJvp/AAAAKI3Y9z8UaqL/BwAAgNKIff97Q00q0v/L/7v+v/y//L/8f+fty/8PJ/n/3uT/+5D/l/8vWv7/P+X/GW5Fy//Hvv/hUJOK9P8AAABQBbHvf1+oif4fAAAASiP2/b8eaqL/BwAAgNKIff/7Q00q0v/L/w9L/n9qSPP/j8v/b2D+/+Zr8+Xk/+X/WSb/35v8fx/y//L/Rcv/u/4/Q65o+f/Y938g1GT1/f/kqpcEAAAANtBY13ti3/8boSYV+f0/AAAAVEHs+38z1ET/DwAAAKUR+/7fCjWpSP8v/z8s+X/X/8/k/13/v21/5P/l/zvZvPx/PPPI/8v/Fyv/v21NO9zqSufn1+tKj7+6+f/8nVH+n06Klv+Pff9vh5pUpP8HAACAKoh9/wdDTfT/AAAAMBQ6/Z/sdrHvPxxqov8HAACA0oh9/5FQk4r0//L/8v9ry//HIyL/v+H5/z/b+S/f+/a7juyW/5f/l/9fk029/n/9xe/6//L/Bcv/r8eVzs9v1vhrXS4NJv/v+v8MXtHy/7HvPxpqUpH+HwAAAKog9v2/E2qi/wcAAIDSiH3/sVAT/T8AAACURuz750JNKtL/y//L/7v+f0Hz/0N8/f94POT/Ww0s/x9PuvL/HW1q/v99yzlx+f+15v8nOt4q/y//P8zjl/+X/2elouX/Y98/H2pSkf4fAAAAqiD0/SPH87p8h/4fAAAASiP2/SdCTfT/AAAAUBqx7/9QqElF+n/5f/l/+X/5f9f/77z9Xvn/2tiq8v8tu+L6/5tD/r+34uT/O5P/l/8f5vHL/8v/s1LR8v+x718INalI/w8AAABVEPv+D4ea6P8BAAD4f/bu5Emycq3jeBZ001WBC3dG6MYIl/4JLGSte1240I0RhgOooDjTOI8oKs6K4izgAIKIivMETijOoKKXO4/cicu9N/oGVc/zdFXlyZNVTWbnOe/7+Sx47JKqTDuapn90fz00I3f/l8Yt9j8AAAA0I3f/l8Utnex//b/+X/+v/9f/D7/+ZJ//r/8fpf8fp/9fQ/+v/9f/6//ZqKn1/7n7vzxu6WT/AwAAQA9y998Wt9j/AAAA0Izc/bfHLfY/AAAANCN3/1fELZ3sf/2//r/Z/v+z9P+rXl//r/9vmf5/nP5/Df2//l//r/9no6bW/+fu/8q4pZP9DwAAAD3I3f9VcYv9DwAAAM3I3X9H3GL/AwAAQDNy998Zt3Sy/0/1/3uLPvv/zHj1/y31/57/v/L19f9voP+/Uf8/dde3/7/n9Z/59P/6f/1/0P+fqf+/tOrz9f+0aGr9f+7+r45bOtn/AAAA0IPc/V8Tt9j/AAAA0Izc/XfFLfY/AAAANCN3/9fGLZ3s/809///g8OMz7f+L/l//f/gB/b/+f1X/f+Hqt/X/0+T5/+N66v/veP7m21554tOePM/r6//1/57/r/9ns6bW/+fu/7q4pZP9DwAAAD3I3f/1cYv9DwAAAM3I3f8NcYv9DwAAAM3I3f+NcUsn+39z/f+sn/9f9P/6/8MP6P/1/6v6/8/1/P+p0/+P66n/v5bX1//r//X/+n82a9f9f37h/Hbu/m+KWzrZ/wAAANCD3P3fHLfY/wAAANCM3P13xy32PwAAADQjd//luKWT/a//337//3H9v/4/rv5f/6//3z79/zj9/xr6f/2//l//z0btuv8//e3c/ffELZ3sfwAAAOhB7v5viVvsfwAAAGhG7v5vjVvsfwAAAGhG7v5vi1s62f/6f8//1//r//X/w6+v/58n/f84/f8a+v8z9fMXV3z+F9x+50X9/wz7//iFlP6fbThn///ayE/b19r/Xzr+7dz93x63dLL/AQAAoAe5+78jbrH/AQAAoBm5+78zbrH/AQAAoBm5+78rbulk/+v/9f/6f/3/Nff/yz/0Dun/h+n/rw/9/7jJ9P97FwY/rP+fR/+/iuf/z7T/D/p/tmFqz//P3f/dcUsn+x8AAAB6kLv/e+KWkf1/7v+YDwAAAOxU7v7vjVv8/j8AAADMXlZnufu/L27pZP/r//X/+n/9v+f/D7/+WP//5LH3p/+fFv3/uMn0/yvo//X/c37/+n/9P8um1v/n7v/+uKWT/Q8AAAA9yN1/b9xi/wMAAEAzcvf/QNxi/wMAAEAzcvf/YNzSyf4f7v+v/u/1/2ej/z/5/vX/wz8+NtX/51fU/4/2/7d6/n+f9P/jrn//f0n/f/Lr6/+3aNfvv/H+/2Dd5+v/GTK1/j93/31xSyf7HwAAAHqQu/+H4hb7HwAAAJqRu/+H4xb7HwAAAJqRu/9H4pZO9v+On/9/z02r3pf+/5D+X//v+f/TfP7/4rr3/xf0/2ek/x/n+f9r6P/1//p/z/9no6bW/+fuvz9u6WT/AwAAQA/uf3VxuPt/dLGw/wEAAGCOjv/ZgdN/oDTk7v+xuMX+BwAAgGbk7v/xuKWT/b/j/n9bz/+/uO619f/6/+PfX/p//f/Q60+r//f8/7PS/4/T/6+h/99GP3+hsf7/gVWfP4X+/279PxNzov9/+urHd9X/5+7/ibilk/0PAAAAPcjd/5Nxi/0PAAAAzcjd/1Nxi/0PAAAAzcjd/9NxSyf7f+v9/8Hq195i/7+W/l//f/z7S/+v/x96ff3/POn/x+n/19D/e/6/5//r/9moE/3/Mbvq/3P3/0zc0sn+BwAAgB7k7v/ZuMX+BwAAgGbk7n8gbrH/AQAAoBm5+38ubulk/zf6/P+19P/6/+PfX/p//f/Q6+v/50n/P07/v/RTzEn6f/2//n99/7/inyL9P0Om1v/n7v/5uKWT/Q8AAAA9yN3/YNxi/wMAAEAzcvf/Qtxi/wMAAEAzcvf/YtzSyf7X/2+3/8+P6//1/4vz9P/xCfr/I/p//f95zK3/P/3PzzX383tD/yZatqL/f/aLL3/OyY+02/+P0/930P8fbO39d9P/r6D/Z8gk+v8rV391mbv/l+KWTvY/AAAA9CB3/y/HLfY/AAAANCN3/6/ELfY/AAAANCN3/6/GLefc/5+80Xd1/ej/Pf9f/z/B/j/o/4/o//X/5zG3/v80z//X/+v/5/v+9f/6f5ZNov8/9u3c/b8Wt/j9fwAAAGhG7v5fj1vsfwAAAGhG7v6H4hb7HwAAAJqRu//huKWT/a//1//r//X/Lff/Bzvo//cXw/T/14f+f5z+fw39v/5f/6//Z6Om1v/n7n8kbulk/wMAAEAPcvf/Rtxi/wMAAEAzcvf/Ztxi/wMAAMCcZDo2KHf/b8Utnex//b/+X/+v/2+5//f8//7MtP+vnwbn2v/fOKf+/9GRNzDU/1+5pP9vuf8/2Nz71//r/1k2tf4/d/9vxy2d7H8AAADoQe7+R+MW+x8AAACakbv/sbjF/gcAAIBm5O7/nbilk/2v/9f/6//1//r/4dfX/8/TTPv/Mtf+3/P/9f+Lufb/G3z/+n/9P8um1v/n7n88bulk/wMAAEAPcvc/EbfY/wAAANCM3P2/G7fY/wAAANCM3P1Pxi2d7H/9v/5f/6//1/8Pv77+f5621/8vdtf/v3zDeb/MSvr/NfT/+n/9v/6fjZpa/5+7//filk72PwAAAPQgd/9TcYv9DwAAAM3I3f/7cYv9DwAAAM3I3f8HcUsn+1//r/+fZ/9/3/7Q+9f/6/8X+v/uef7/OP3/Gvp//b/+X//PRk2t/8/d/4dxSyf7HwAAAHqQu//puMX+BwAAgGbk7v+juMX+BwAAgGbk7v/juKWT/a//1/+f7P8Xi3n0/57/v9D/t9D/7y/0/xun/x93tv7/Vv3/xPv/hw6Ovq3/P+P7v2HRUP9/sPLz9f9M0dT6/9z9fxK3dLL/AQAAoAe5+/80brH/AQAAoAFHf3Ymd/+fxS32PwAAAEzZhfP8zbn7/zxu6WT/z7//v3TqE/X/i8Xihbuaf/6//n+h/2+h/6/vVf3/5uyy///UY19n3v2/5/9Pvf/3/P9pvn/P/9f/s2xq/X/u/r+IWzrZ/wAAANCD3P1/GbfY/wAAANCM3P1/FbfY/wAAANCM3P1/Hbd0sv/n3/+f/kT9/+INPf9f/3/4Af2//l//P1ue/z9O/7+G/n9tP7+34tc9C/2//l//z4Cp9f+5+/8mbulk/wMAAEAPcvc/E7fY/wAAANCM3P3Pxi32PwAAADQjd//fxi2d7H/9v/5f/z/P/n9f/6//1/8Pmkr/f8stn/2c/l//32L/P0b/r//X/3Pa1Pr/3P1/F7d0sv8BAACgB7n7/z5usf8BAACgGbn7/yFusf8BAACgGbn7/zFu6WT/L/f/FxdHheqRof4/GjX9/zH6/5PvX/8//OPD8//1//r/7ZtK/+/5/9f2/vX/+v85v/9z9f+fvvz5+n9aNLX+P3f/c3FLJ/sfAAAAepC7/5/iFvsfAAAAmpG7/5/jFvsfAAAAmpG7//m4pZP97/n/+n/9v/5f/z/8+vr/edL/jxvr/0+U6vp//b/+v9/n/9+o/2dzptb/5+7/l7jlcPh9xidd4/+ZAAAAwITk7v/XuKWT3/8HAACAHuTu/7e4xf4HAACAZuTu//e4pZP9r//X/+v/9f/6/+HX1//Pk/5/nOf/r9FP/78/9MFd9/Nv1K7ffzP9v+f/s0FT6/9z9/9H3NLJ/gcAAIAe5O7/z7jF/gcAAIBm5O7/r7jF/gcAAIBm5O5/IW7pZP/r//X/7ff/X6j/P/X6+n/9f8v0//lv9GH6/zX66f8H7bqfn/v71//r/1k2tf4/d/+LcUsn+x8AAAB6kLv/v+MW+x8AAACakbv/f+IW+x8AAACakbv/f+OWTva//r+v/n9v0WP/7/n/+n/9f0/m0/8/eGHoo57/r//X/8/3/ev/9f8sm1r/n7v/pb0LXe5/AAAAmKvP+8wveXHpgzcN/70vHf51f/F/cYv9DwAAAM3I3f//cYv9DwAAAM3I3f+muKWT/a//76v/7/P5//p//b/+vyfz6f+H6f/1//r/+b5//b/+n2VT6/9z978ctxwbfoP/D3oAAACA2cjd/+a4pZPf/wcAAIAe5O5/S9yytP+vnPFPtQMAAABTk7v/rXFLJ7//r/+feP+/2FL/H3+f/v+I/l//P/T6+v95aq3/v7SYVP9/ZU//r/8fof/X/+v/OW1q/X/u/qceX3S5/wEAAKBRJ/6LwtsO/7q/eHvcYv8DAABAM3L3vyNusf8BAACgGbn73xm3dLL/9f8T7/+v6fn/B/U/ef7/6f7/6Md5N/3/vfuDr6//1/+3rLX+3/P/jz6u/z+i/5/2+9f/6/9Zdo7+//AX6tvu/3P3vytu6WT/AwAAQA9y9787brH/AQAAoBm5+98Tt9j/AAAA0Izc/e+NWzrZ//r/HfT/911aLLba/5/h+f/d9v+e/99W//8pN19+5vO/6LFH9P9cdT37//yxoP/X/++g/384fvzp/yf0/vX/+n+WTe35/7n73xe3dLL/AQAAoAe5+1+JW+x/AAAAaEbu/vfHLfY/AAAANCN3/wfilk72v/6/xef/z7P/z+/rHfT/l+fX/2dT3Hv/7/n/+v9lnv8/Tv+/xnz6/8Nve/7/tN6//l//z7Kp9f+5+z8Yt3Sy/wEAAKAHufs/FLfk/t8793+6BwAAACYmd/+H4xa//w8AAADNyN3/atzSyf7X/+v/p9L/J8//v/p5nv9/RP+v/z+PFvv/G877RUbo/9fQ/+v/9f/6fzZqav1/7v6PxC2d7H8AAADoQe7+1+IW+x8AAACakbv/o3GL/Q8AAADNyN3/sbilk/2v/9f/6//1//r/4dfX/89Ti/3/eb/GGP3/625a/Qb0//p//b/+n42aWv+fu/8TAQAA//+WI0uy")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x28180ff, 0x0, 0xfc, 0x0, &(0x7f0000000400))
unlinkat(0xffffffffffffff9c, &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x200)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000480)={0x6, @win={{0xd681, 0xfffffffa, 0x7, 0xb}, 0x0, 0x7, &(0x7f0000000300)={{0x40, 0x200, 0x4, 0x1fb6}, &(0x7f00000002c0)={{0xb579, 0x0, 0x845, 0x7}, &(0x7f0000000240)={{0x3ff, 0x80000000, 0x9}}}}, 0x6, &(0x7f0000000340)="adc8fc2af216335bbe3c2dc80937bcea9cb54728616f277517e6bd2bedd4ae998e2f10d9d349947c95e4c6c24647430798de9bbbda7966aa482cc0971114e74dfe6f9bfd46c9c58ff89851611472c05cfcbe9213c58a302ed14cf1cfbf8ffe9be0ea1c37d8e6cb7383c608edf686dae748c601a7cdf1385ee5192f7879dd06adf0efc117d639a84b24c8f33499d10dfa5bbc0acaf13e6eddca1e31ff9e0670170613e00361af844783e4352504a80c0ce372b8b1e9dc0fe964e3f3f8fcf82ffa859beafbc8f405170c3642a3aae94b2659b198357a9cf0347ac1122e83645ec7cf0d93d2775a9d5e1edfdaa77ab2d555c80701e330ae6f", 0x1}})
ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f0000000200)=0x9)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00')
read$FUSE(r6, &(0x7f0000002080)={0x2020}, 0x54)
socket$nl_generic(0x10, 0x3, 0x10)

2.394412344s ago: executing program 1 (id=1803):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd952", 0x142}], 0x1}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000a00)="449f6aed247d197178d7f0a82e1deae14825b22ab6c0ec1ca0c27cd21d8a48637cb781581aac75a2f848f285c99133f0435497bf6ae25625c64f82ecc0a7bb7b", 0x40}, {&(0x7f0000000cc0)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c3fedaec3144d1ee66a0eb0750363e346cb9556a649fb246dd788930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbd9e52fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e349359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0491121eec3e05eacbe7835e79e76881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc13300317b7fed115fb9818b20b877a39157101dbd8e23bc9ed32efed96c410a103d35336f", 0x1e3}], 0x2}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)="a7040f7dff0a4fed838b52a29c46952dfe5aff84e281448c520c4b0808bdb32447fc2ba20baa8cc06a99ae", 0x2b}, {&(0x7f00000002c0)="d0f28c036a8b6293adbae6a1f4a98928a2efe08e665dac369f8749c5c15e9819ef3627a4cf2264401c991774440846e7b4146eca22035546a286d4571d16423012a6cc000f8a5fb3c2555ef48a1e7dc5a9c834f7dfdb9487e74566a7a9e2262d739ba78f19916bd9efee8442b70298a91798f9186dcd1a9e63316e7d18", 0x7d}, {&(0x7f0000000380)="ba78a730565fdeecaa98beb39bb0a1e4a46f0808ce0b5b03542d54303591031ad9f9073b1dff296b9df9eca8a08c6bf80659214737633acdcd8a7f2cfbeeaf58ac4f24a24f362b8356f278b8bd35ea4252eaa3cd4d77c9732606a6ef391938556550996483853a6837696da7", 0x6c}, {&(0x7f0000000400)="59233b75f9898a5e3d65e9a97a89e9e8e1e6bf764de774e88c9c89a1e91fc07edeb783ef957ba5e2bc45ca7d4f548d3047668babc1aa77359561ad300aa22747c2c20e931f550338780b4ea9c94cebf4782a806c6597cd580c33aa71e2da2e50bdfa67", 0x63}, {&(0x7f0000000880)="e11b12d8e463a0b8dd59326154501ecf0819f23ca714d4a23e3be62be279e7e5959106799deb35c7f7fd59d5f8dc617c2a3ed0d80cf9b3d58f951db2fcef39ac57214bcd4508c2e7bde56498", 0x4c}], 0x5}}], 0x3, 0x54004)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x10008095, 0x0, 0x0)

2.293875975s ago: executing program 3 (id=1804):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
gettid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001680)=ANY=[@ANYBLOB="600000000206030000000000000000000a00000011000300686173683a69702c706f727400000000050001000700000005000500020000000900020073797a300000000005000400000000201400078008000840000000780800064000000000cd841217ab0362269e2cd08305772bdbd8666d376156f0a7c0df958aa1ccef7f49555a5cfe704b6d5146527170eea3114d11be305fc3d9c2a4f0dc1ad464a236dc1705f7803c7322bdf0a122397bbdea24f9c7c58168a90732909199ddc512758c580a4f061025d80d2231808300115f76e90bba5f3e217592ad254e1ac88670ecf455899538ed8f5ad972bc850b0631a638fd69999790cbc2b3b3dde2a8f7f4c03b1a57d44b4061c606773759456fbd4d41217e80475e05de94c8fde380d1c2ec6878aa9b0318449f59e60d2d92f6401b48dfeed19bd7e7a64ad5edc4e463dd9bfd00122f4b3470d482e41d"], 0x60}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0)
sendto$inet(r5, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T4(r7, 0x103, 0x6, 0x0, &(0x7f0000000200))
preadv2(r7, 0x0, 0x0, 0x0, 0x8, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, 0x0, 0x0)

1.845555555s ago: executing program 1 (id=1805):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000002c0)=[{0x6, 0x1, 0xe, 0x7ffffffe}]})
shutdown(r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)

977.028961ms ago: executing program 3 (id=1806):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r2, 0x1, 0x7}, 0x14)

304.078337ms ago: executing program 1 (id=1807):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x8000f28, 0x0)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
read$FUSE(r4, &(0x7f0000002500)={0x2020}, 0x2020)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8, 0x0, 0x7}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x6)
setgroups(0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0xf9, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00', 0x0, 0x5, 0x0, 0x0, 0x0})

238.441774ms ago: executing program 3 (id=1808):
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000780)={'mangle\x00', 0x0, [0x9f, 0xfffffffe, 0x1, 0x40, 0x9]}, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1d7a47d12d051d42c08a0ffc2b98884cedf860649ce7a621660dea22ffe3561b1603c513e9eb077d51e8654a05f86d7fad6db69407b9d655b590"], 0x2c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff08021100"], 0x6f4}}, 0x0)

0s ago: executing program 4 (id=1809):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4814)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r5, @ANYBLOB="080026009409"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

kernel console output (not intermixed with test programs):

ected capacity change from 0 to 32768
[  378.288814][ T9331] BTRFS info: device /dev/loop1 (7:1) using temp-fsid ed9a71d0-7e0f-4b7d-b3c7-63a39f4acfc3
[  378.298954][ T9331] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.888 (9331)
[  378.315755][ T9331] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  378.325952][ T9331] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  378.335461][ T9331] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  378.406523][ T5834] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  378.677307][ T9331] BTRFS info (device loop1): rebuilding free space tree
[  378.751761][ T9331] BTRFS info (device loop1): disabling free space tree
[  378.758856][ T9331] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  378.769107][ T9331] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  378.811178][ T9331] BTRFS info (device loop1): enabling ssd optimizations
[  378.818248][ T9331] BTRFS info (device loop1): disabling tree log
[  378.824522][ T9331] BTRFS info (device loop1): enabling disk space caching
[  378.831681][ T9331] BTRFS info (device loop1): force clearing of disk cache
[  378.839823][ T9331] BTRFS info (device loop1): force lzo compression, level 1
[  378.847407][ T9331] BTRFS info (device loop1): max_inline set to 1
[  378.927688][ T9343] loop3: detected capacity change from 0 to 40427
[  378.937045][ T9343] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  378.946209][ T9343] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  378.973129][ T9343] F2FS-fs (loop3): invalid crc value
[  379.079473][ T9343] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  379.098366][ T9343] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  379.105432][ T9343] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  379.193019][ T9313] loop4: detected capacity change from 0 to 40427
[  379.242976][ T9313] F2FS-fs (loop4): invalid crc value
[  379.318675][ T9355] netlink: 4 bytes leftover after parsing attributes in process `syz.5.892'.
[  379.331037][ T5830] BTRFS info (device loop1): last unmount of filesystem ed9a71d0-7e0f-4b7d-b3c7-63a39f4acfc3
[  379.637150][ T9355] syz_tun (unregistering): left allmulticast mode
[  379.800327][ T9313] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  379.894698][ T9313] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  380.135045][ T9370] warning: `syz.0.896' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  380.329862][ T5833] syz-executor: attempt to access beyond end of device
[  380.329862][ T5833] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  380.427420][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  380.427477][ T5833] Tainted: [L]=SOFTLOCKUP
[  380.427490][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  380.427512][ T5833] Call Trace:
[  380.427524][ T5833]  <TASK>
[  380.427537][ T5833]  dump_stack_lvl+0x16c/0x1f0
[  380.427603][ T5833]  f2fs_handle_critical_error+0x624/0x9f0
[  380.427648][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.427693][ T5833]  ? f2fs_build_fault_attr+0x53/0x1f0
[  380.427764][ T5833]  f2fs_write_end_io+0x958/0xcf0
[  380.427814][ T5833]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  380.427866][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.427921][ T5833]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  380.427964][ T5833]  bio_endio+0x751/0x8a0
[  380.428024][ T5833]  submit_bio_noacct+0x306/0x1f40
[  380.428083][ T5833]  __submit_merged_bio+0x33c/0x710
[  380.428134][ T5833]  __submit_merged_write_cond+0x315/0x3f0
[  380.428193][ T5833]  f2fs_write_cache_pages+0x2075/0x2570
[  380.428278][ T5833]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  380.428337][ T5833]  ? __lock_acquire+0x436/0x2890
[  380.428401][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.428444][ T5833]  ? __lock_acquire+0x436/0x2890
[  380.428532][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.428618][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.428660][ T5833]  ? rcu_is_watching+0x12/0xc0
[  380.428694][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.428736][ T5833]  ? mod_memcg_lruvec_state+0x381/0x5f0
[  380.428801][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.428853][ T5833]  f2fs_write_data_pages+0x5ac/0x1080
[  380.428918][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  380.428983][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.429031][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.429074][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  380.429131][ T5833]  do_writepages+0x27a/0x600
[  380.429179][ T5833]  ? __pfx_do_writepages+0x10/0x10
[  380.429218][ T5833]  ? do_raw_spin_unlock+0x172/0x230
[  380.429269][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.429312][ T5833]  ? _raw_spin_unlock+0x28/0x50
[  380.429371][ T5833]  filemap_writeback+0x225/0x2d0
[  380.429424][ T5833]  ? __pfx_filemap_writeback+0x10/0x10
[  380.429528][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.429571][ T5833]  ? find_held_lock+0x2b/0x80
[  380.429629][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.429687][ T5833]  f2fs_sync_dirty_inodes+0x2a9/0x960
[  380.429764][ T5833]  block_operations+0x2b0/0xff0
[  380.429835][ T5833]  ? __pfx_block_operations+0x10/0x10
[  380.429951][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.429997][ T5833]  ? ktime_get+0x200/0x310
[  380.430038][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.430080][ T5833]  ? lockdep_hardirqs_on+0x7c/0x110
[  380.430140][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.430182][ T5833]  ? rcu_is_watching+0x12/0xc0
[  380.430223][ T5833]  f2fs_write_checkpoint+0x326/0x52f0
[  380.430289][ T5833]  ? f2fs_stop_gc_thread+0x79/0xd0
[  380.430352][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.430401][ T5833]  ? rcu_is_watching+0x12/0xc0
[  380.430433][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.430477][ T5833]  ? kthread_stop+0x272/0x5d0
[  380.430525][ T5833]  kill_f2fs_super+0x3d0/0x480
[  380.430581][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  380.430654][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.430716][ T5833]  deactivate_locked_super+0xc1/0x1a0
[  380.430756][ T5833]  deactivate_super+0xde/0x100
[  380.430797][ T5833]  cleanup_mnt+0x225/0x450
[  380.430844][ T5833]  task_work_run+0x150/0x240
[  380.430894][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  380.430959][ T5833]  exit_to_user_mode_loop+0xfb/0x540
[  380.431011][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  380.431062][ T5833]  do_syscall_64+0x4ee/0xf80
[  380.431100][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.431136][ T5833] RIP: 0033:0x7f47ca190a77
[  380.431165][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  380.431201][ T5833] RSP: 002b:00007ffca73b8938 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  380.431235][ T5833] RAX: 0000000000000000 RBX: 00007f47ca213d7d RCX: 00007f47ca190a77
[  380.431258][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca73b89f0
[  380.431281][ T5833] RBP: 00007ffca73b89f0 R08: 0000000000000000 R09: 0000000000000000
[  380.431304][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca73b9a80
[  380.431328][ T5833] R13: 00007f47ca213d7d R14: 000000000005cc6c R15: 00007ffca73b9ac0
[  380.431387][ T5833]  </TASK>
[  380.431401][ T5833] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  380.667805][ T9374] loop1: detected capacity change from 0 to 32768
[  380.781572][ T9372] loop2: detected capacity change from 0 to 4096
[  380.864033][ T9374] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.898 (9374)
[  380.879068][ T9372] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  380.942179][ T9374] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  380.953226][ T9374] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  381.133785][ T9374] BTRFS info (device loop1): enabling ssd optimizations
[  381.140840][ T9374] BTRFS info (device loop1): turning on async discard
[  381.147701][ T9374] BTRFS info (device loop1): enabling free space tree
[  381.450799][ T5830] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  381.722062][ T9399] loop0: detected capacity change from 0 to 1024
[  381.918110][ T9399] hfsplus: bad catalog entry type
[  382.110558][ T9404] loop2: detected capacity change from 0 to 32768
[  382.119576][ T9404] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.906 (9404)
[  382.194988][ T9404] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  382.205341][ T9404] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  382.214346][ T9404] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  382.406664][ T1300] hfsplus: b-tree write err: -5, ino 4
[  382.437272][ T9404] BTRFS info (device loop2): rebuilding free space tree
[  382.536639][ T9404] BTRFS info (device loop2): disabling free space tree
[  382.543599][ T9404] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  382.556003][ T9404] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  382.598388][ T9404] BTRFS info (device loop2): enabling ssd optimizations
[  382.605385][ T9404] BTRFS info (device loop2): disabling tree log
[  382.611744][ T9404] BTRFS info (device loop2): enabling disk space caching
[  382.618903][ T9404] BTRFS info (device loop2): force clearing of disk cache
[  382.626088][ T9404] BTRFS info (device loop2): force lzo compression, level 1
[  382.634132][ T9404] BTRFS info (device loop2): max_inline set to 1
[  382.968300][ T9433] loop4: detected capacity change from 0 to 8
[  383.038295][ T5835] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  383.976544][ T9433] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  384.097603][ T5850] udevd[5850]: incorrect cramfs checksum on /dev/loop4
[  384.153924][ T9433] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  384.267795][ T9433] evm: overlay not supported
[  384.472132][ T6004] udevd[6004]: incorrect cramfs checksum on /dev/loop4
[  385.697781][ T5847] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  385.726913][ T5144] Bluetooth: hci6: sending frame failed (-49)
[  385.735529][   T52] Bluetooth: hci6: Opcode 0x1003 failed: -49
[  386.429305][ T9475] netlink: 20 bytes leftover after parsing attributes in process `syz.0.923'.
[  386.549201][ T9479] fuse: Unknown parameter 'group_i00000000000000000000'
[  387.815829][ T9498] loop3: detected capacity change from 0 to 256
[  388.185422][ T9497] loop1: detected capacity change from 0 to 40427
[  388.193162][ T9497] F2FS-fs: heap/no_heap options were deprecated
[  388.199592][ T9497] F2FS-fs: heap/no_heap options were deprecated
[  388.232091][ T9501] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  388.243079][ T9497] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(1) blocks(1024)
[  388.251602][ T9497] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  388.267776][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  388.274310][ T9497] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288)
[  388.283735][ T9497] F2FS-fs (loop1): FLUSH_MERGE not compatible with readonly mode
[  388.426153][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  388.511538][ T9498] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012064, chksum : 0xb4f3aa4f, utbl_chksum : 0xe619d30d)
[  388.912605][ T9494] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  389.022018][ T9494] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  389.094758][ T9494] tmpfs: Bad value for 'mpol'
[  389.726290][ T9512] loop0: detected capacity change from 0 to 32768
[  389.750241][ T9512] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  389.799409][ T9512] XFS (loop0): Ending clean mount
[  389.831149][ T9512] XFS (loop0): Quotacheck needed: Please wait.
[  389.871314][ T9512] XFS (loop0): Quotacheck: Done.
[  390.005305][ T5831] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  390.176419][ T9534] fuse: Unknown parameter 'group_i00000000000000000000'
[  390.847823][ T9543] loop3: detected capacity change from 0 to 40427
[  390.971210][ T9543] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  390.979060][ T9543] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  391.290187][ T9543] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  391.366537][ T9540] netlink: 20 bytes leftover after parsing attributes in process `syz.1.946'.
[  391.454974][ T9543] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  391.465444][ T9543] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  391.477808][ T9540] netlink: 20 bytes leftover after parsing attributes in process `syz.1.946'.
[  392.492808][ T9563] loop1: detected capacity change from 0 to 8
[  392.500090][ T9563] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  392.517774][ T9563] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  392.645923][ T5998] udevd[5998]: incorrect cramfs checksum on /dev/loop1
[  393.712173][ T9588] loop4: detected capacity change from 0 to 128
[  393.766086][ T9590] fuse: Unknown parameter 'group_id00000000000000000000'
[  393.782558][ T9588] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  393.847437][ T9588] ext4 filesystem being mounted at /157/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  394.080714][ T5833] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  394.375593][ T9602] loop0: detected capacity change from 0 to 512
[  394.561563][ T9598] loop5: detected capacity change from 0 to 40427
[  394.580899][ T9598] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  394.589206][ T9598] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  394.752670][ T9598] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  394.783634][ T9598] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  394.790765][ T9598] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  395.865791][ T9625] loop1: detected capacity change from 0 to 1024
[  396.076689][ T6111] hfsplus: b-tree write err: -5, ino 4
[  396.211767][ T9628] fuse: Unknown parameter 'group_id00000000000000000000'
[  396.477761][ T9611] loop2: detected capacity change from 0 to 32768
[  396.572005][ T9611] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.969 (9611)
[  396.837227][ T9611] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  396.871576][ T9611] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  397.294156][ T9638] loop3: detected capacity change from 0 to 32768
[  397.328585][ T9638] 
[  397.328585][ T9638]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.328585][ T9638] 
[  397.375513][ T9636] 
[  397.375513][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.375513][ T9636] 
[  397.404901][ T9611] BTRFS info (device loop2): rebuilding free space tree
[  397.409108][ T9636] 
[  397.409108][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.409108][ T9636] 
[  397.473845][ T9611] BTRFS info (device loop2): setting nodatasum
[  397.487315][ T9611] BTRFS info (device loop2): enabling free space tree
[  397.509239][ T9611] BTRFS info (device loop2): force clearing of disk cache
[  397.517329][ T9636] 
[  397.517329][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.517329][ T9636] 
[  397.527114][ T9618] loop0: detected capacity change from 0 to 65536
[  397.596285][ T9636] 
[  397.596285][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.596285][ T9636] 
[  397.627983][   T31] audit: type=1800 audit(1768263767.188:26): pid=9611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.969" name="file1" dev="loop2" ino=260 res=0 errno=0
[  397.700288][ T9618] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  397.706164][ T9636] 
[  397.706164][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.706164][ T9636] 
[  397.741118][ T9636] 
[  397.741118][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.741118][ T9636] 
[  397.797204][  T112] 
[  397.797204][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.797204][  T112] 
[  397.817579][ T9636] 
[  397.817579][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.817579][ T9636] 
[  397.831955][ T9618] XFS (loop0): Ending clean mount
[  397.890100][ T9636] 
[  397.890100][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.890100][ T9636] 
[  397.916460][ T9618] XFS (loop0): Quotacheck needed: Please wait.
[  397.922607][ T5835] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  397.958271][ T9636] 
[  397.958271][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.958271][ T9636] 
[  397.989300][ T9618] XFS (loop0): Quotacheck: Done.
[  397.994524][ T9636] 
[  397.994524][ T9636]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  397.994524][ T9636] 
[  398.032296][  T113] 
[  398.032296][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.032296][  T113] 
[  398.075911][ T9638] 
[  398.075911][ T9638]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.075911][ T9638] 
[  398.086774][ T9638] 
[  398.086774][ T9638]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.086774][ T9638] 
[  398.098028][ T9638] 
[  398.098028][ T9638]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.098028][ T9638] 
[  398.111224][ T9638] 
[  398.111224][ T9638]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.111224][ T9638] 
[  398.124332][  T113] 
[  398.124332][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.124332][  T113] 
[  398.289809][ T5831] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  398.365255][ T3466] 
[  398.365255][ T3466]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.365255][ T3466] 
[  398.403140][ T3466] 
[  398.403140][ T3466]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.403140][ T3466] 
[  398.464371][ T5832] 
[  398.464371][ T5832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.464371][ T5832] 
[  398.483312][  T113] 
[  398.483312][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.483312][  T113] 
[  398.548824][ T5832] 
[  398.548824][ T5832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  398.548824][ T5832] 
[  398.953723][ T9649] loop1: detected capacity change from 0 to 32768
[  399.072936][ T9649] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.982 (9649)
[  399.406237][ T9675] input: syz1 as /devices/virtual/input/input20
[  399.593890][ T9649] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  399.984703][ T9649] BTRFS info (device loop1): using blake2b (blake2b-256-lib) checksum algorithm
[  400.172550][ T9649] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  400.172976][ T9649] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  400.197801][ T9649] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  400.256654][ T9649] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  400.704127][ T9691] loop4: detected capacity change from 0 to 40427
[  400.710861][ T9690] loop3: detected capacity change from 0 to 40427
[  400.728800][ T9690] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(1)
[  400.728984][ T9691] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  400.736508][ T9690] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  400.754190][ T9691] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  400.763722][ T9690] F2FS-fs (loop3): invalid crc value
[  400.870158][ T9691] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  400.894558][ T9691] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  400.901716][ T9691] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  400.940879][ T9649] BTRFS error (device loop1): open_ctree failed: -12
[  400.964477][ T9690] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  400.974252][ T9690] F2FS-fs (loop3): Start checkpoint disabled!
[  401.003677][ T9690] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  401.027511][ T9690] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  401.034607][ T9690] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  401.371503][ T6084] kworker/u8:16: attempt to access beyond end of device
[  401.371503][ T6084] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  401.451114][ T6084] CPU: 1 UID: 0 PID: 6084 Comm: kworker/u8:16 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  401.451171][ T6084] Tainted: [L]=SOFTLOCKUP
[  401.451185][ T6084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  401.451209][ T6084] Workqueue: writeback wb_workfn (flush-7:3)
[  401.451261][ T6084] Call Trace:
[  401.451273][ T6084]  <TASK>
[  401.451287][ T6084]  dump_stack_lvl+0x16c/0x1f0
[  401.451351][ T6084]  f2fs_handle_critical_error+0x624/0x9f0
[  401.451403][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.451448][ T6084]  ? f2fs_build_fault_attr+0x53/0x1f0
[  401.451522][ T6084]  f2fs_write_end_io+0x958/0xcf0
[  401.451572][ T6084]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  401.451625][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.451680][ T6084]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  401.451725][ T6084]  bio_endio+0x751/0x8a0
[  401.451787][ T6084]  submit_bio_noacct+0x306/0x1f40
[  401.451845][ T6084]  __submit_merged_bio+0x33c/0x710
[  401.451897][ T6084]  __submit_merged_write_cond+0x315/0x3f0
[  401.451957][ T6084]  f2fs_write_cache_pages+0x2075/0x2570
[  401.452042][ T6084]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  401.452098][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452142][ T6084]  ? update_load_avg+0x233/0x2220
[  401.452187][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452239][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452282][ T6084]  ? set_next_entity+0x11a/0x9d0
[  401.452376][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452424][ T6084]  ? find_held_lock+0x2b/0x80
[  401.452535][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452587][ T6084]  f2fs_write_data_pages+0x5ac/0x1080
[  401.452652][ T6084]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  401.452719][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452762][ T6084]  ? __lock_acquire+0x436/0x2890
[  401.452803][ T6084]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  401.452859][ T6084]  do_writepages+0x27a/0x600
[  401.452907][ T6084]  ? __pfx_do_writepages+0x10/0x10
[  401.452951][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.452993][ T6084]  ? reacquire_held_locks+0xcd/0x1f0
[  401.453042][ T6084]  __writeback_single_inode+0x168/0x14a0
[  401.453086][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453133][ T6084]  ? __pfx___writeback_single_inode+0x10/0x10
[  401.453172][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453215][ T6084]  ? do_raw_spin_unlock+0x172/0x230
[  401.453266][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453317][ T6084]  writeback_sb_inodes+0x72e/0x1ce0
[  401.453378][ T6084]  ? do_raw_spin_lock+0x12c/0x2b0
[  401.453436][ T6084]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  401.453473][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453515][ T6084]  ? find_held_lock+0x2b/0x80
[  401.453644][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453687][ T6084]  ? rcu_is_watching+0x12/0xc0
[  401.453721][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453765][ T6084]  ? queue_io+0x3f6/0x4f0
[  401.453831][ T6084]  wb_writeback+0x419/0xae0
[  401.453882][ T6084]  ? __pfx_wb_writeback+0x10/0x10
[  401.453919][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.453977][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454020][ T6084]  ? mark_held_locks+0x49/0x80
[  401.454072][ T6084]  wb_workfn+0x14d/0xbb0
[  401.454118][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454161][ T6084]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  401.454224][ T6084]  ? __pfx_wb_workfn+0x10/0x10
[  401.454270][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454319][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454369][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454419][ T6084]  ? rcu_is_watching+0x12/0xc0
[  401.454462][ T6084]  process_one_work+0x9ba/0x1b20
[  401.454533][ T6084]  ? __pfx_process_one_work+0x10/0x10
[  401.454583][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454641][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454683][ T6084]  ? assign_work+0x1a0/0x250
[  401.454736][ T6084]  worker_thread+0x6c8/0xf10
[  401.454796][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454843][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454886][ T6084]  ? __kthread_parkme+0x19e/0x250
[  401.454921][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.454968][ T6084]  ? __pfx_worker_thread+0x10/0x10
[  401.455018][ T6084]  kthread+0x3c5/0x780
[  401.455063][ T6084]  ? __pfx_kthread+0x10/0x10
[  401.455111][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.455154][ T6084]  ? rcu_is_watching+0x12/0xc0
[  401.455189][ T6084]  ? __pfx_kthread+0x10/0x10
[  401.455236][ T6084]  ret_from_fork+0x983/0xb10
[  401.455280][ T6084]  ? __pfx_ret_from_fork+0x10/0x10
[  401.455325][ T6084]  ? srso_alias_return_thunk+0x5/0xfbef5
[  401.455368][ T6084]  ? __switch_to+0x7af/0x10d0
[  401.455423][ T6084]  ? __pfx_kthread+0x10/0x10
[  401.455470][ T6084]  ret_from_fork_asm+0x1a/0x30
[  401.455556][ T6084]  </TASK>
[  401.455569][ T6084] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  401.789410][ T9705] loop2: detected capacity change from 0 to 32768
[  401.976236][ T9705] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.990 (9705)
[  402.083034][ T9705] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  402.094255][ T9705] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  402.387216][ T9705] BTRFS info (device loop2): enabling ssd optimizations
[  402.395913][ T9705] BTRFS info (device loop2): turning on async discard
[  402.408136][ T9705] BTRFS info (device loop2): enabling free space tree
[  402.426108][ T6600] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  402.474678][   T31] audit: type=1800 audit(1768263772.028:27): pid=9705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.990" name="file1" dev="loop2" ino=260 res=0 errno=0
[  402.671246][ T6600] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  402.713698][ T6600] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  402.751386][ T6600] usb 1-1: Product: syz
[  402.764550][ T6600] usb 1-1: Manufacturer: syz
[  402.782638][ T6600] usb 1-1: SerialNumber: syz
[  402.830612][ T6600] usb 1-1: config 0 descriptor??
[  402.852831][ T5835] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  403.319679][    C1] raw-gadget.0 gadget.0: ignoring, device is not running
[  403.327269][ T6600] usb 1-1: Firmware version (0.0) predates our first public release.
[  403.335460][ T6600] usb 1-1: Please update to version 0.2 or newer
[  403.422521][ T9743] fuse: Unknown parameter 'group_id00000000000000000000'
[  403.517966][ T6600] usb 1-1: USB disconnect, device number 12
[  403.977448][ T9748] loop1: detected capacity change from 0 to 40427
[  404.056336][ T9748] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  404.064143][ T9748] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  404.706059][ T9748] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  404.878562][ T9748] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  404.885679][ T9748] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  404.916331][ T9761] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1004'.
[  404.972146][ T9748] syz.1.1001: attempt to access beyond end of device
[  404.972146][ T9748] loop1: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  404.997250][ T9748] syz.1.1001: attempt to access beyond end of device
[  404.997250][ T9748] loop1: rw=0, sector=45160, nr_sectors = 8 limit=40427
[  405.035465][ T9765] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1004'.
[  405.208417][ T9768] loop0: detected capacity change from 0 to 1024
[  405.237364][ T9768] EXT4-fs: inline encryption not supported
[  405.400592][ T9768] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.809160][ T9779] loop3: detected capacity change from 0 to 8
[  405.886553][ T9779] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  405.962161][ T5850] udevd[5850]: incorrect cramfs checksum on /dev/loop3
[  405.990551][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.427071][ T7350] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  407.366058][ T7350] usb 5-1: Using ep0 maxpacket: 8
[  407.433324][ T7350] usb 5-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  407.483009][ T7350] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.483056][ T7350] usb 5-1: Product: syz
[  407.483083][ T7350] usb 5-1: Manufacturer: syz
[  407.483109][ T7350] usb 5-1: SerialNumber: syz
[  407.515827][ T7350] usb 5-1: config 0 descriptor??
[  407.620649][ T9803] input: syz1 as /devices/virtual/input/input21
[  408.253637][ T7350] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  408.773576][ T9807] loop2: detected capacity change from 0 to 32768
[  408.775133][ T9809] loop0: detected capacity change from 0 to 40427
[  408.789781][ T9809] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  408.789822][ T9809] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  408.793425][ T9807] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1022 (9807)
[  408.805290][ T9807] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  408.805385][ T9807] BTRFS info (device loop2): using blake2b (blake2b-256-lib) checksum algorithm
[  408.916776][ T9809] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  408.918672][ T9809] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  408.918709][ T9809] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  409.044673][ T9809] syz.0.1020: attempt to access beyond end of device
[  409.044673][ T9809] loop0: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  409.074123][ T9809] syz.0.1020: attempt to access beyond end of device
[  409.074123][ T9809] loop0: rw=0, sector=45160, nr_sectors = 8 limit=40427
[  409.095375][ T9807] BTRFS info (device loop2): enabling ssd optimizations
[  409.102701][ T9807] BTRFS info (device loop2): turning on async discard
[  409.109598][ T9807] BTRFS info (device loop2): enabling free space tree
[  409.116565][ T9807] BTRFS info (device loop2): use zstd compression, level 3
[  409.586571][ T9821] loop5: detected capacity change from 0 to 32768
[  409.600184][ T9821] 
[  409.600184][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.600184][ T9821] 
[  409.672355][ T9821] 
[  409.672355][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.672355][ T9821] 
[  409.682998][ T9821] 
[  409.682998][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.682998][ T9821] 
[  409.694197][ T9821] 
[  409.694197][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.694197][ T9821] 
[  409.704776][ T9821] 
[  409.704776][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.704776][ T9821] 
[  409.715471][ T9821] 
[  409.715471][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.715471][ T9821] 
[  409.726106][ T9821] 
[  409.726106][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.726106][ T9821] 
[  409.739203][  T113] 
[  409.739203][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.739203][  T113] 
[  409.753676][ T9821] 
[  409.753676][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.753676][ T9821] 
[  409.759832][ T5835] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  409.766091][ T9821] 
[  409.766091][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.766091][ T9821] 
[  409.785634][ T9821] 
[  409.785634][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.785634][ T9821] 
[  409.796161][ T9821] 
[  409.796161][ T9821]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.796161][ T9821] 
[  409.810159][  T113] 
[  409.810159][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.810159][  T113] 
[  409.828759][ T9823] 
[  409.828759][ T9823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.828759][ T9823] 
[  409.853891][ T9823] 
[  409.853891][ T9823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.853891][ T9823] 
[  409.918304][ T9823] 
[  409.918304][ T9823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  409.918304][ T9823] 
[  410.034774][ T9823] 
[  410.034774][ T9823]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.034774][ T9823] 
[  410.096862][  T112] 
[  410.096862][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.096862][  T112] 
[  410.427792][ T7350] gspca_sonixj: reg_r err -71
[  410.479005][ T7350] sonixj 5-1:0.0: probe with driver sonixj failed with error -71
[  410.503486][ T7350] usb 5-1: USB disconnect, device number 8
[  410.516617][ T7372] 
[  410.516617][ T7372]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.516617][ T7372] 
[  410.537802][ T9845] netlink: 'syz.1.1028': attribute type 10 has an invalid length.
[  410.549639][ T7372] 
[  410.549639][ T7372]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.549639][ T7372] 
[  410.612573][ T9845] 8021q: adding VLAN 0 to HW filter on device team0
[  410.620804][  T113] 
[  410.620804][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.620804][  T113] 
[  410.622740][ T9845] bond0: (slave team0): Enslaving as an active interface with an up link
[  410.648160][ T5834] 
[  410.648160][ T5834]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.648160][ T5834] 
[  410.679438][ T5834] 
[  410.679438][ T5834]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  410.679438][ T5834] 
[  411.077678][ T9850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1032'.
[  411.236287][ T9850] syz_tun (unregistering): left allmulticast mode
[  411.391779][ T9858] loop5: detected capacity change from 0 to 8
[  411.424846][ T9858] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  411.452828][ T6004] udevd[6004]: incorrect cramfs checksum on /dev/loop5
[  411.537965][ T9860] loop1: detected capacity change from 0 to 256
[  411.643450][ T9860] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  411.966025][ T6188] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  412.156056][ T6188] usb 1-1: Using ep0 maxpacket: 32
[  412.194932][ T6188] usb 1-1: config 0 has an invalid interface number: 172 but max is 0
[  412.236039][ T6188] usb 1-1: config 0 has no interface number 0
[  412.242228][ T6188] usb 1-1: config 0 interface 172 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  412.288668][ T6188] usb 1-1: config 0 interface 172 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  412.321380][ T6188] usb 1-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[  412.346351][ T6188] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.354387][ T6188] usb 1-1: Product: syz
[  412.494104][ T6188] usb 1-1: Manufacturer: syz
[  412.500102][ T6188] usb 1-1: SerialNumber: syz
[  412.509480][ T6188] usb 1-1: config 0 descriptor??
[  412.541364][ T6188] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[  413.551349][ T9876] loop2: detected capacity change from 0 to 32768
[  413.560732][ T9876] gfs2: statfs_percent mount option requires a numeric argument between 0 and 100
[  414.178711][ T9865] loop4: detected capacity change from 0 to 32768
[  414.187757][ T9865] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1036 (9865)
[  414.212234][ T6188] input: gspca_pac7302 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input22
[  414.305289][ T9865] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  414.356054][ T9865] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  414.458727][ T6188] usb 1-1: USB disconnect, device number 13
[  414.653512][ T9894] loop2: detected capacity change from 0 to 512
[  414.850325][ T9865] BTRFS error (device loop4): open_ctree failed: -4
[  414.951330][ T9894] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.1044: bg 0: block 248: padding at end of block bitmap is not set
[  415.066693][ T9894] Quota error (device loop2): write_blk: dquota write failed
[  415.100631][ T9894] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  415.130313][ T9894] EXT4-fs error (device loop2): ext4_acquire_dquot:6984: comm syz.2.1044: Failed to acquire dquot type 1
[  415.183766][ T9894] EXT4-fs (loop2): 1 truncate cleaned up
[  415.230382][ T9894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.295633][ T9894] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.412191][ T9908] vlan2: entered allmulticast mode
[  415.505503][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.680488][ T9907] loop4: detected capacity change from 0 to 128
[  416.598782][ T9922] loop4: detected capacity change from 0 to 32768
[  416.619701][ T9922] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1050 (9922)
[  416.656209][ T9922] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  416.666437][ T9922] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  416.718242][ T9933] process 'syz.3.1055' launched '/dev/fd/3' with NULL argv: empty string added
[  416.765545][ T9933] syz_tun: entered allmulticast mode
[  416.802535][ T9922] BTRFS info (device loop4): enabling ssd optimizations
[  416.803521][ T9939] loop5: detected capacity change from 0 to 1024
[  416.809626][ T9922] BTRFS info (device loop4): turning on async discard
[  416.809659][ T9922] BTRFS info (device loop4): enabling free space tree
[  416.817745][ T9933] syz_tun: left allmulticast mode
[  416.920335][ T5833] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  417.143737][ T1300] hfsplus: b-tree write err: -5, ino 4
[  418.750513][ T9919] loop0: detected capacity change from 0 to 32768
[  418.778530][ T9962] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1062'.
[  418.806185][ T9919] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1051 (9919)
[  418.846645][ T9962] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1062'.
[  418.891973][ T9919] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  418.916920][ T9919] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  419.188698][ T9919] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  419.189062][ T9919] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  419.477540][ T9980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1064'.
[  419.496741][ T9980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1064'.
[  419.987041][ T9919] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  420.189797][ T9919] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  420.234044][ T9919] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  420.507004][ T9919] BTRFS error (device loop0): open_ctree failed: -12
[  420.728421][ T9996] loop3: detected capacity change from 0 to 1024
[  420.951743][ T1136] hfsplus: b-tree write err: -5, ino 4
[  421.076624][ T9956] loop5: detected capacity change from 0 to 32768
[  421.287309][T10007] loop1: detected capacity change from 0 to 512
[  421.355856][T10007] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  421.435192][T10007] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.1071: bad orphan inode 16
[  421.471647][T10009] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1075'.
[  421.541543][T10007] ext4_test_bit(bit=15, block=4) = 0
[  421.565928][T10009] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1075'.
[  421.594204][T10007] EXT4-fs (loop1): 1 orphan inode deleted
[  421.645372][T10007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.814851][T10003] EXT4-fs (loop1): shut down requested (1)
[  422.136145][ T6188] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  422.265744][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.362843][ T6188] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  422.396431][ T6188] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.440592][ T6188] usb 6-1: Product: syz
[  422.444786][ T6188] usb 6-1: Manufacturer: syz
[  422.482575][ T6188] usb 6-1: SerialNumber: syz
[  422.541804][ T6188] usb 6-1: config 0 descriptor??
[  423.289114][T10033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1080'.
[  423.298362][T10033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1080'.
[  424.020306][ T6188] usb 6-1: Firmware version (0.0) predates our first public release.
[  424.056728][ T6188] usb 6-1: Please update to version 0.2 or newer
[  425.142190][ T6188] usb 6-1: USB disconnect, device number 6
[  425.307962][T10044] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1086'.
[  425.859942][T10053] loop0: detected capacity change from 0 to 512
[  426.136086][ T5908] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  426.286083][ T5908] usb 6-1: Using ep0 maxpacket: 8
[  426.303087][ T5908] usb 6-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  426.390120][T10061] loop2: detected capacity change from 0 to 1024
[  426.450651][T10061] EXT4-fs: Ignoring removed bh option
[  426.566576][ T5908] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.575330][ T5908] usb 6-1: Product: syz
[  426.579932][ T5908] usb 6-1: Manufacturer: syz
[  426.584615][ T5908] usb 6-1: SerialNumber: syz
[  426.596414][T10061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.611378][T10037] loop4: detected capacity change from 0 to 32768
[  426.627148][ T5908] usb 6-1: config 0 descriptor??
[  426.668517][T10037] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1084 (10037)
[  427.209925][ T5908] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  427.290391][   T31] audit: type=1800 audit(1768263796.818:28): pid=10061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1095" name="file1" dev="loop2" ino=15 res=0 errno=0
[  427.338805][T10037] BTRFS error (device loop4): open_ctree failed: -4
[  427.364475][T10061] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  428.510949][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.696664][ T5934] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  428.866043][ T5934] usb 5-1: Using ep0 maxpacket: 16
[  428.906090][ T5934] usb 5-1: config 8 has an invalid interface number: 98 but max is 0
[  428.914910][ T5934] usb 5-1: config 8 has no interface number 0
[  428.955645][ T5934] usb 5-1: New USB device found, idVendor=0729, idProduct=1284, bcdDevice=fe.b7
[  428.966100][ T5908] gspca_sonixj: i2c_w8 err -71
[  428.993932][ T5934] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.003883][ T5934] usb 5-1: Product: syz
[  429.026006][ T5934] usb 5-1: Manufacturer: syz
[  429.030646][ T5934] usb 5-1: SerialNumber: syz
[  429.039907][ T5908] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[  429.357367][T10089] loop1: detected capacity change from 0 to 32768
[  429.366646][T10089] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1103 (10089)
[  429.384305][T10089] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  429.394576][T10089] BTRFS info (device loop1): using blake2b (blake2b-256-lib) checksum algorithm
[  429.441198][ T5908] usb 6-1: USB disconnect, device number 7
[  429.584823][T10089] BTRFS info (device loop1): enabling ssd optimizations
[  429.592172][T10089] BTRFS info (device loop1): turning on async discard
[  429.599197][T10089] BTRFS info (device loop1): enabling free space tree
[  429.606061][T10089] BTRFS info (device loop1): use zstd compression, level 3
[  429.653676][ T5934] usb 5-1: USB disconnect, device number 9
[  429.972693][ T5830] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  430.698735][T10113] input: syz1 as /devices/virtual/input/input23
[  431.319356][T10132] loop3: detected capacity change from 0 to 256
[  431.356330][T10129] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  431.376978][T10129] overlayfs: failed to set xattr on upper
[  431.396759][T10129] overlayfs: ...falling back to redirect_dir=nofollow.
[  431.416290][T10129] overlayfs: ...falling back to index=off.
[  431.416706][T10132] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  431.422144][T10129] overlayfs: ...falling back to uuid=null.
[  433.627408][T10123] loop2: detected capacity change from 0 to 32768
[  435.127678][T10169] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1125'.
[  435.719800][T10179] input: syz1 as /devices/virtual/input/input24
[  436.375558][T10182] fuse: Invalid rootmode
[  436.409693][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1130'.
[  436.432743][ T5934] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  436.590028][T10185] loop4: detected capacity change from 0 to 512
[  436.641216][ T6111] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  436.648218][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1130'.
[  436.666807][ T5934] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[  436.685698][ T6111] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  436.702773][ T5934] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  436.735159][ T6111] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  436.756474][ T5934] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  436.782216][ T6111] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  436.818335][ T5934] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  436.836521][T10185] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1131'.
[  436.865986][ T5934] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  436.886076][T10185] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1131'.
[  436.928663][ T5934] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  436.961666][ T5934] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.035851][ T5934] usb 6-1: config 0 descriptor??
[  437.059116][T10185] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1131'.
[  437.066172][ T1156] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  437.080480][T10177] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  437.090115][T10185] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1131'.
[  437.157599][ T1156] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  437.217856][ T1156] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  437.272348][ T1156] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  439.349481][ T5934] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd
[  439.378417][ T5934] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  439.797933][T10177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  439.872319][T10177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.036420][ T6188] usb 6-1: USB disconnect, device number 8
[  440.043588][T10213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1140'.
[  440.549409][T10216] loop0: detected capacity change from 0 to 40427
[  440.558058][T10216] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x1f52010)
[  440.567048][T10216] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  440.581702][T10216] F2FS-fs (loop0): invalid crc value
[  440.689654][T10224] input: syz1 as /devices/virtual/input/input26
[  441.234270][T10216] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  441.305317][T10216] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  441.312478][T10216] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  441.329986][T10216] syz.0.1142: attempt to access beyond end of device
[  441.329986][T10216] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  442.812595][T10239] fuse: Invalid rootmode
[  443.150520][T10244] fuse: Unknown parameter 'group_id00000000000000000000'
[  443.187043][T10246] loop4: detected capacity change from 0 to 512
[  443.246806][T10246] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  443.299694][T10246] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  443.339653][T10246] EXT4-fs (loop4): orphan cleanup on readonly fs
[  443.384715][T10246] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.1151: iget: bad i_size value: 12154761577498
[  443.632579][T10246] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1151: couldn't read orphan inode 13 (err -117)
[  443.979358][T10246] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  444.214129][T10246] EXT4-fs warning (device loop4): dx_probe:859: inode #2: comm syz.4.1151: dx entry: limit 65535 != root limit 120
[  444.227974][T10246] EXT4-fs warning (device loop4): dx_probe:933: inode #2: comm syz.4.1151: Corrupt directory, running e2fsck is recommended
[  444.245133][T10246] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1151'.
[  444.724635][T10246] EXT4-fs warning (device loop4): dx_probe:859: inode #2: comm syz.4.1151: dx entry: limit 65535 != root limit 120
[  444.762685][T10246] EXT4-fs warning (device loop4): dx_probe:933: inode #2: comm syz.4.1151: Corrupt directory, running e2fsck is recommended
[  444.904911][T10275] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1159'.
[  444.980778][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.433294][T10287] fuse: Invalid rootmode
[  445.667109][T10295] fuse: Unknown parameter 'group_id00000000000000000000'
[  448.259291][T10331] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1181'.
[  448.496312][T10336] fuse: Unknown parameter 'group_id00000000000000000000'
[  448.505692][T10337] fuse: Bad value for 'rootmode'
[  448.917593][   T31] audit: type=1800 audit(1768263818.478:29): pid=10349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1190" name="SYSV798dd826" dev="tmpfs" ino=0 res=0 errno=0
[  449.650995][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  449.667739][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  449.803747][T10365] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1196'.
[  449.967059][T10368] fuse: Bad value for 'user_id'
[  449.971976][T10368] fuse: Bad value for 'user_id'
[  450.057165][T10373] fuse: Bad value for 'rootmode'
[  450.194236][T10371] loop3: detected capacity change from 0 to 128
[  451.559849][T10351] loop5: detected capacity change from 0 to 40427
[  451.674973][T10396] loop1: detected capacity change from 0 to 8
[  451.687844][T10351] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  451.695599][T10351] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  451.718109][T10396] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  451.777314][T10396] overlayfs: failed to resolve './file1': -2
[  452.715810][ T6004] udevd[6004]: incorrect cramfs checksum on /dev/loop1
[  452.830245][T10351] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  452.899326][T10351] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  452.943045][T10351] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  452.948685][T10411] fuse: Bad value for 'rootmode'
[  453.323277][T10415] loop1: detected capacity change from 0 to 128
[  455.465875][T10441] No source specified
[  455.685818][ T5916] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  455.866343][ T5916] usb 1-1: Using ep0 maxpacket: 32
[  455.906459][ T5916] usb 1-1: config 0 has no interfaces?
[  455.934046][T10453] fuse: Unknown parameter 'user_i00000000000000000000'
[  455.956355][ T5916] usb 1-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  456.000563][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.023742][ T5916] usb 1-1: Product: syz
[  456.028516][ T5916] usb 1-1: Manufacturer: syz
[  456.033138][ T5916] usb 1-1: SerialNumber: syz
[  456.067196][T10456] fuse: Unknown parameter 'use00000000000000000000'
[  456.084378][ T5916] usb 1-1: config 0 descriptor??
[  456.187000][T10460] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1231'.
[  456.434315][T10464] loop2: detected capacity change from 0 to 128
[  456.493170][ T5916] usb 1-1: USB disconnect, device number 14
[  457.381607][T10437] loop1: detected capacity change from 0 to 32768
[  457.464490][T10437] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1222 (10437)
[  457.530396][T10437] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  457.571097][T10437] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  457.863226][T10437] BTRFS info (device loop1): enabling ssd optimizations
[  457.907551][T10437] BTRFS info (device loop1): turning on async discard
[  457.963222][T10437] BTRFS info (device loop1): enabling free space tree
[  458.158750][ T5830] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  458.438833][T10514] fuse: Unknown parameter 'use00000000000000000000'
[  458.477712][T10516] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1246'.
[  458.800558][T10518] loop0: detected capacity change from 0 to 512
[  458.930868][T10518] EXT4-fs error (device loop0): ext4_validate_block_bitmap:440: comm syz.0.1247: bg 0: block 248: padding at end of block bitmap is not set
[  459.004373][T10518] Quota error (device loop0): write_blk: dquota write failed
[  459.050987][T10518] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  459.064070][T10528] loop3: detected capacity change from 0 to 128
[  459.101688][T10518] EXT4-fs error (device loop0): ext4_acquire_dquot:6984: comm syz.0.1247: Failed to acquire dquot type 1
[  459.169671][T10518] EXT4-fs (loop0): 1 truncate cleaned up
[  459.194850][T10518] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  459.197712][T10534] fuse: Unknown parameter 'user_i00000000000000000000'
[  459.269293][T10518] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  459.394439][T10506] loop2: detected capacity change from 0 to 32768
[  459.438092][T10506] BTRFS warning: excessive commit interval 2147483648, use with care
[  459.480560][T10506] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1240 (10506)
[  459.508317][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.570352][T10506] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  459.616295][T10506] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  459.854126][ T7746] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  459.869426][T10562] fuse: Unknown parameter 'use00000000000000000000'
[  459.924189][T10506] BTRFS error (device loop2): failed to load root extent
[  459.958233][T10506] BTRFS warning (device loop2): try to load backup roots slot 1
[  460.026303][ T1300] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  460.076189][T10506] BTRFS warning (device loop2): couldn't read tree root
[  460.106084][T10506] BTRFS warning (device loop2): try to load backup roots slot 2
[  460.114092][ T1300] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  460.166078][T10506] BTRFS warning (device loop2): couldn't read tree root
[  460.195995][T10506] BTRFS warning (device loop2): try to load backup roots slot 3
[  460.331146][T10506] BTRFS info (device loop2): rebuilding free space tree
[  460.383429][T10506] BTRFS info (device loop2): checking UUID tree
[  460.431242][T10506] BTRFS info (device loop2): enabling ssd optimizations
[  460.463913][T10506] BTRFS info (device loop2): using spread ssd allocation scheme
[  460.495397][T10506] BTRFS info (device loop2): disabling tree log
[  460.528517][T10506] BTRFS info (device loop2): turning on flush-on-commit
[  460.536599][T10506] BTRFS info (device loop2): turning on async discard
[  460.543406][T10506] BTRFS info (device loop2): enabling free space tree
[  460.580672][T10506] BTRFS info (device loop2): force clearing of disk cache
[  460.619445][T10506] BTRFS info (device loop2): enabling auto defrag
[  460.646437][T10506] BTRFS info (device loop2): trying to use backup root at mount time
[  460.924582][ T5835] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  460.973482][T10540] loop4: detected capacity change from 0 to 32768
[  461.002983][T10540] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1256 (10540)
[  461.059291][T10582] fuse: Unknown parameter 'user_i00000000000000000000'
[  461.120007][T10540] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  461.166611][T10540] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  461.497682][T10568] loop3: detected capacity change from 0 to 32768
[  461.579814][T10540] BTRFS info (device loop4): enabling ssd optimizations
[  461.601021][T10568] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1262 (10568)
[  461.648994][T10540] BTRFS info (device loop4): turning on async discard
[  461.683420][T10540] BTRFS info (device loop4): enabling free space tree
[  461.719273][T10568] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  461.762427][T10568] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  461.810904][   T31] audit: type=1800 audit(1768263831.368:30): pid=10540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1256" name="file1" dev="loop4" ino=260 res=0 errno=0
[  462.131218][T10568] BTRFS info (device loop3): enabling ssd optimizations
[  462.166089][T10568] BTRFS info (device loop3): turning on async discard
[  462.185082][T10568] BTRFS info (device loop3): enabling free space tree
[  462.277528][ T5833] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  463.048505][T10636] fuse: Unknown parameter 'user_i00000000000000000000'
[  463.241445][ T5832] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  464.101486][T10650] fuse: Unknown parameter 'user_id00000000000000000000'
[  464.579471][T10658] fuse: Bad value for 'fd'
[  464.746055][   T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  464.912946][T10664] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1289'.
[  464.926365][   T24] usb 6-1: Using ep0 maxpacket: 16
[  464.956335][   T24] usb 6-1: config 0 has an invalid interface number: 163 but max is 0
[  464.985903][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  465.017395][   T24] usb 6-1: config 0 has no interface number 0
[  465.023580][   T24] usb 6-1: config 0 interface 163 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  465.072095][T10639] loop2: detected capacity change from 0 to 32768
[  465.085413][   T24] usb 6-1: config 0 interface 163 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  465.143527][   T24] usb 6-1: config 0 interface 163 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  465.167928][T10639] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1279 (10639)
[  465.207101][   T24] usb 6-1: config 0 interface 163 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 12
[  465.265514][   T24] usb 6-1: New USB device found, idVendor=0586, idProduct=0102, bcdDevice=39.b6
[  465.282986][T10639] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  465.307359][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.332077][   T24] usb 6-1: Product: syz
[  465.350595][   T24] usb 6-1: Manufacturer: syz
[  465.365788][T10639] BTRFS info (device loop2): using blake2b (blake2b-256-lib) checksum algorithm
[  465.388048][   T24] usb 6-1: SerialNumber: syz
[  465.411596][   T24] usb 6-1: config 0 descriptor??
[  465.448955][   T24] HFC-S_USB 6-1:0.163: probe with driver HFC-S_USB failed with error -5
[  465.660238][T10639] BTRFS info (device loop2): enabling ssd optimizations
[  465.675597][T10639] BTRFS info (device loop2): turning on async discard
[  465.701041][T10639] BTRFS info (device loop2): enabling free space tree
[  465.733355][T10639] BTRFS info (device loop2): use zstd compression, level 3
[  465.817142][T10688] fuse: Unknown parameter 'user_i00000000000000000000'
[  466.061689][ T5835] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  466.666472][T10698] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1296'.
[  467.374089][T10668] loop1: detected capacity change from 0 to 32768
[  467.382149][T10662] loop0: detected capacity change from 0 to 32768
[  469.800674][ T8097] usb 6-1: USB disconnect, device number 9
[  470.107377][T10709] fuse: Bad value for 'fd'
[  470.366678][T10718] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1303'.
[  470.519322][T10720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1304'.
[  470.588709][T10720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1304'.
[  470.720015][T10720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1304'.
[  470.756071][ T3726] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  470.795652][T10720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1304'.
[  470.806287][ T3726] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  470.830232][ T3726] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  470.859404][ T3726] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  472.151405][T10751] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1314'.
[  472.426818][T10757] fuse: Bad value for 'fd'
[  472.905716][T10726] loop3: detected capacity change from 0 to 32768
[  472.920266][T10767] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1321'.
[  472.939459][T10726] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1307 (10726)
[  473.013746][T10726] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  473.044367][T10766] loop5: detected capacity change from 0 to 128
[  473.050504][T10726] BTRFS info (device loop3): using blake2b (blake2b-256-lib) checksum algorithm
[  473.262924][T10726] BTRFS info (device loop3): enabling ssd optimizations
[  473.327104][T10726] BTRFS info (device loop3): turning on async discard
[  473.333932][T10726] BTRFS info (device loop3): enabling free space tree
[  473.341530][T10741] loop2: detected capacity change from 0 to 32768
[  473.396012][T10726] BTRFS info (device loop3): use zstd compression, level 3
[  473.409481][T10741] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1313 (10741)
[  473.482087][T10741] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  473.564567][T10741] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  473.715136][ T5832] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  473.885252][T10741] BTRFS info (device loop2): enabling ssd optimizations
[  473.950274][T10741] BTRFS info (device loop2): turning on async discard
[  474.011869][T10741] BTRFS info (device loop2): enabling free space tree
[  474.254490][T10820] fuse: Invalid rootmode
[  474.536120][ T5835] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  474.682848][T10830] fuse: Bad value for 'fd'
[  474.698806][T10837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1333'.
[  475.040837][T10843] loop1: detected capacity change from 0 to 8
[  475.087465][T10843] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  475.174353][ T5850] udevd[5850]: incorrect cramfs checksum on /dev/loop1
[  475.191352][T10843] overlayfs: missing 'lowerdir'
[  476.092370][ T5850] udevd[5850]: incorrect cramfs checksum on /dev/loop1
[  476.647293][T10868] fuse: Invalid rootmode
[  477.116741][T10879] fuse: Bad value for 'fd'
[  477.703420][T10893] loop3: detected capacity change from 0 to 8
[  477.728351][T10893] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  477.789003][T10893] overlayfs: missing 'lowerdir'
[  477.794805][ T5850] udevd[5850]: incorrect cramfs checksum on /dev/loop3
[  478.954337][ T5850] udevd[5850]: incorrect cramfs checksum on /dev/loop3
[  479.690582][T10908] loop4: detected capacity change from 0 to 256
[  479.744957][T10908] vfat: Bad value for 'uid'
[  479.776048][T10908] vfat: Bad value for 'uid'
[  481.074263][T10917] loop3: detected capacity change from 0 to 256
[  481.592445][T10917] vfat: Bad value for 'uid'
[  481.612986][T10917] vfat: Bad value for 'uid'
[  485.348421][T10946] No such timeout policy "syz1"
[  489.124119][T10968] No such timeout policy "syz1"
[  490.503122][T10978] No such timeout policy "syz1"
[  491.963516][T10987] No such timeout policy "syz1"
[  495.343106][T11002] fuse: Unknown parameter '0x0000000000000003'
[  495.351251][T11004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1390'.
[  495.455143][T11004] vlan2: entered allmulticast mode
[  496.056076][ T6188] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  496.146222][ T8097] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  496.237340][ T6188] usb 4-1: Using ep0 maxpacket: 32
[  496.255362][ T6188] usb 4-1: config 0 has no interfaces?
[  496.273259][ T6188] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  496.294440][ T6188] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.314067][ T6188] usb 4-1: Product: syz
[  496.324218][ T6188] usb 4-1: Manufacturer: syz
[  496.335990][ T8097] usb 1-1: Using ep0 maxpacket: 16
[  496.341648][ T6188] usb 4-1: SerialNumber: syz
[  496.354157][ T8097] usb 1-1: config 0 has an invalid interface number: 163 but max is 0
[  496.367262][ T6188] usb 4-1: config 0 descriptor??
[  496.381277][ T8097] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  496.415975][ T8097] usb 1-1: config 0 has no interface number 0
[  496.437672][ T8097] usb 1-1: config 0 interface 163 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  496.464396][ T8097] usb 1-1: config 0 interface 163 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  496.494076][ T8097] usb 1-1: config 0 interface 163 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  496.516984][ T8097] usb 1-1: config 0 interface 163 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 12
[  496.521888][T11014] fuse: Unknown parameter '0x0000000000000004'
[  496.551028][ T8097] usb 1-1: New USB device found, idVendor=0586, idProduct=0102, bcdDevice=39.b6
[  496.566180][ T8097] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.582697][ T6188] usb 4-1: USB disconnect, device number 8
[  496.635140][ T8097] usb 1-1: Product: syz
[  496.680880][ T8097] usb 1-1: Manufacturer: syz
[  496.728459][ T8097] usb 1-1: SerialNumber: syz
[  496.901584][ T8097] usb 1-1: config 0 descriptor??
[  497.044863][ T8097] HFC-S_USB 1-1:0.163: probe with driver HFC-S_USB failed with error -5
[  497.408704][T11021] loop5: detected capacity change from 0 to 256
[  497.434529][T11021] vfat: Bad value for 'uid'
[  497.442939][T11021] vfat: Bad value for 'uid'
[  500.179375][ T8097] usb 1-1: USB disconnect, device number 15
[  500.839578][T11034] No such timeout policy "syz1"
[  502.553800][T11041] No such timeout policy "syz1"
[  505.698080][T11062] fuse: Unknown parameter 'fd0x0000000000000004'
[  505.709783][T11063] No such timeout policy "syz1"
[  506.942925][T11074] loop0: detected capacity change from 0 to 256
[  506.969392][T11074] vfat: Bad value for 'uid'
[  506.998091][T11074] vfat: Bad value for 'uid'
[  510.609177][T11092] fuse: Unknown parameter '0x0000000000000003'
[  511.176979][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  511.191285][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  514.960405][T11113] fuse: Unknown parameter 'fd0x0000000000000004'
[  516.389144][   T52] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  516.399802][   T52] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  516.412950][   T52] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  516.421390][   T52] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  516.429292][   T52] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  518.696387][   T52] Bluetooth: hci6: command tx timeout
[  518.975386][T11145] fuse: Unknown parameter '0x0000000000000003'
[  520.702719][T11165] No such timeout policy "syz1"
[  521.456043][ T5839] Bluetooth: hci6: command tx timeout
[  522.214783][T11123] chnl_net:caif_netlink_parms(): no params data found
[  524.212617][   T52] Bluetooth: hci6: command tx timeout
[  525.323097][T11123] bridge0: port 1(bridge_slave_0) entered blocking state
[  525.422455][T11204] No such timeout policy "syz1"
[  526.076103][T11123] bridge0: port 1(bridge_slave_0) entered disabled state
[  526.083450][T11123] bridge_slave_0: entered allmulticast mode
[  526.128211][T11123] bridge_slave_0: entered promiscuous mode
[  526.199657][T11123] bridge0: port 2(bridge_slave_1) entered blocking state
[  526.263341][T11123] bridge0: port 2(bridge_slave_1) entered disabled state
[  526.288981][   T52] Bluetooth: hci6: command tx timeout
[  526.325424][T11123] bridge_slave_1: entered allmulticast mode
[  526.388767][T11123] bridge_slave_1: entered promiscuous mode
[  527.486095][   T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  528.265978][   T24] usb 4-1: Using ep0 maxpacket: 32
[  528.282777][   T24] usb 4-1: config 0 has no interfaces?
[  528.302629][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  528.329107][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.416298][T11123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  528.419086][   T24] usb 4-1: Product: syz
[  528.446250][   T24] usb 4-1: Manufacturer: syz
[  528.451150][   T24] usb 4-1: SerialNumber: syz
[  528.829987][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1455'.
[  528.856253][T11223] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1455'.
[  528.860010][   T24] usb 4-1: config 0 descriptor??
[  528.879039][T11123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  529.099104][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1455'.
[  529.126482][T11223] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1455'.
[  529.171707][ T6295] usb 4-1: USB disconnect, device number 9
[  529.208610][ T1136] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  529.249022][   T60] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  529.303151][T11123] team0: Port device team_slave_0 added
[  529.676475][   T60] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  529.708509][   T60] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  529.741471][T11123] team0: Port device team_slave_1 added
[  530.048605][T11123] batman_adv: batadv0: Adding interface: batadv_slave_0
[  530.092971][T11123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  530.380587][T11123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  530.395095][T11123] batman_adv: batadv0: Adding interface: batadv_slave_1
[  530.403096][T11123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  530.429445][T11123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  531.564203][T11123] hsr_slave_0: entered promiscuous mode
[  531.656227][T11123] hsr_slave_1: entered promiscuous mode
[  531.727002][T11123] debugfs: 'hsr0' already exists in 'hsr'
[  531.738527][T11123] Cannot create hsr debugfs directory
[  534.058704][T11266] vlan2: entered allmulticast mode
[  539.260399][T11123] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  539.586279][T11307] No such timeout policy "syz1"
[  540.636965][T11123] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  540.918103][T11123] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  541.147886][T11123] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  542.106088][ T7350] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  542.616496][ T7350] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  542.674627][ T7350] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.166198][ T7350] usb 4-1: Product: syz
[  543.170430][ T7350] usb 4-1: Manufacturer: syz
[  543.196461][ T7350] usb 4-1: SerialNumber: syz
[  543.219866][ T7350] usb 4-1: config 0 descriptor??
[  543.423619][T11123] 8021q: adding VLAN 0 to HW filter on device bond0
[  543.529846][T11123] 8021q: adding VLAN 0 to HW filter on device team0
[  543.587581][ T1156] bridge0: port 1(bridge_slave_0) entered blocking state
[  543.594795][ T1156] bridge0: port 1(bridge_slave_0) entered forwarding state
[  543.664414][ T7350] usb 4-1: Firmware: major: 171, minor: 20, hardware type: UNKNOWN (107)
[  543.689332][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  543.696601][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  543.866508][ T7350] usb 4-1: failed to fetch extended address, random address set
[  543.888756][ T7350] usb 4-1: atusb_probe: initialization failed, error = -524
[  543.900661][ T7350] atusb 4-1:0.0: probe with driver atusb failed with error -524
[  543.947348][ T7350] usb 4-1: USB disconnect, device number 10
[  545.779700][T11123] 8021q: adding VLAN 0 to HW filter on device batadv0
[  546.075064][T11378] No such timeout policy "syz1"
[  550.631839][T11123] veth0_vlan: entered promiscuous mode
[  551.204511][T11123] veth1_vlan: entered promiscuous mode
[  551.420756][T11123] veth0_macvtap: entered promiscuous mode
[  551.440735][T11123] veth1_macvtap: entered promiscuous mode
[  552.829517][T11123] batman_adv: batadv0: Interface activated: batadv_slave_0
[  553.001657][T11123] batman_adv: batadv0: Interface activated: batadv_slave_1
[  553.095110][T11425] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1501'.
[  553.143788][ T6111] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  553.302987][ T6111] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  553.371595][ T6111] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  553.439138][ T6111] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  553.644117][ T1300] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  553.687651][ T1300] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  553.784600][ T3726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  553.801075][ T3726] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.255570][T11462] loop4: detected capacity change from 0 to 256
[  558.283757][T11462] vfat: Bad value for 'uid'
[  558.408372][T11462] vfat: Bad value for 'uid'
[  560.137182][T11481] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1519'.
[  560.572894][T11488] loop6: detected capacity change from 0 to 256
[  560.612919][T11488] vfat: Bad value for 'uid'
[  560.635970][T11488] vfat: Bad value for 'uid'
[  560.674498][ T5839] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  560.720046][ T5839] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  560.734731][ T5839] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  560.744847][ T5839] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  560.782263][ T5839] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  562.871061][ T5839] Bluetooth: hci5: command tx timeout
[  564.936129][ T5839] Bluetooth: hci5: command tx timeout
[  566.582296][T11489] chnl_net:caif_netlink_parms(): no params data found
[  566.813444][T11547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1536'.
[  566.856109][ T5908] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  566.897743][T11550] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1537'.
[  567.007730][ T5839] Bluetooth: hci5: command tx timeout
[  567.039202][ T5908] usb 5-1: Using ep0 maxpacket: 32
[  567.042519][ T3726] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  567.060635][ T3726] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  567.065533][ T5908] usb 5-1: config 0 has no interfaces?
[  567.111856][ T5908] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  567.157105][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.216057][ T5908] usb 5-1: Product: syz
[  567.220265][ T5908] usb 5-1: Manufacturer: syz
[  567.238783][ T5908] usb 5-1: SerialNumber: syz
[  567.288449][ T5908] usb 5-1: config 0 descriptor??
[  567.413029][T11531] loop6: detected capacity change from 0 to 32768
[  567.469483][T11531] 
[  567.469483][T11531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  567.469483][T11531] 
[  567.734735][ T3726] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  568.697097][ T3726] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.750247][ T5976] usb 5-1: USB disconnect, device number 10
[  569.086277][ T5839] Bluetooth: hci5: command tx timeout
[  569.141197][T11123] 
[  569.141197][T11123]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  569.141197][T11123] 
[  569.234889][T11123] 
[  569.234889][T11123]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  569.234889][T11123] 
[  569.477310][ T3726] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  569.498741][ T3726] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.837294][T11489] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.875040][T11489] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.958214][T11489] bridge_slave_0: entered allmulticast mode
[  570.005356][T11489] bridge_slave_0: entered promiscuous mode
[  570.515636][T11489] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.559852][T11489] bridge0: port 2(bridge_slave_1) entered disabled state
[  570.618428][T11489] bridge_slave_1: entered allmulticast mode
[  570.920106][T11489] bridge_slave_1: entered promiscuous mode
[  572.319311][ T3726] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  572.530189][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  572.536696][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  572.613213][ T3726] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.323473][T11489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  573.945387][T11489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  575.365221][T11620] loop1: detected capacity change from 0 to 32768
[  575.378426][T11625] No such timeout policy "syz1"
[  576.191023][T11620] 
[  576.191023][T11620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.191023][T11620] 
[  576.766953][ T8097] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  576.840506][T11489] team0: Port device team_slave_0 added
[  576.887695][T11615] 
[  576.887695][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.887695][T11615] 
[  576.921361][T11489] team0: Port device team_slave_1 added
[  576.948933][T11615] 
[  576.948933][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.948933][T11615] 
[  576.966721][ T8097] usb 5-1: Using ep0 maxpacket: 32
[  576.991972][T11615] 
[  576.991972][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  576.991972][T11615] 
[  577.009293][ T8097] usb 5-1: config 0 has no interfaces?
[  577.020925][T11615] 
[  577.020925][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  577.020925][T11615] 
[  577.057941][T11615] 
[  577.057941][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  577.057941][T11615] 
[  577.094220][ T8097] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  577.216573][ T8097] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.257388][T11615] 
[  577.257388][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  577.257388][T11615] 
[  577.282129][T11639] loop6: detected capacity change from 0 to 256
[  577.288021][ T8097] usb 5-1: Product: syz
[  577.295799][T11639] vfat: Bad value for 'uid'
[  577.300648][T11639] vfat: Bad value for 'uid'
[  577.316132][ T8097] usb 5-1: Manufacturer: syz
[  577.320747][ T8097] usb 5-1: SerialNumber: syz
[  577.337884][  T113] 
[  577.337884][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  577.337884][  T113] 
[  577.626941][T11615] 
[  577.626941][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  577.626941][T11615] 
[  577.643380][ T8097] usb 5-1: config 0 descriptor??
[  578.223603][T11615] 
[  578.223603][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.223603][T11615] 
[  578.421691][T11615] 
[  578.421691][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.421691][T11615] 
[  578.906134][T11615] 
[  578.906134][T11615]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.906134][T11615] 
[  578.959738][  T112] 
[  578.959738][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.959738][  T112] 
[  578.970691][T11620] 
[  578.970691][T11620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.970691][T11620] 
[  578.981289][T11620] 
[  578.981289][T11620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.981289][T11620] 
[  578.991927][T11620] 
[  578.991927][T11620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  578.991927][T11620] 
[  579.002544][T11620] 
[  579.002544][T11620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  579.002544][T11620] 
[  580.013249][ T8097] usb 5-1: can't set config #0, error -71
[  580.022530][  T112] 
[  580.022530][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  580.022530][  T112] 
[  580.217561][ T8097] usb 5-1: USB disconnect, device number 11
[  580.373032][ T3726] bridge_slave_1: left allmulticast mode
[  580.385962][ T3726] bridge_slave_1: left promiscuous mode
[  580.405370][ T3726] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.743292][ T1097] 
[  580.743292][ T1097]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  580.743292][ T1097] 
[  580.744190][ T3726] bridge_slave_0: left allmulticast mode
[  581.636222][ T3726] bridge_slave_0: left promiscuous mode
[  581.642030][ T3726] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.717579][ T1097] 
[  581.717579][ T1097]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  581.717579][ T1097] 
[  581.731784][ T5830] 
[  581.731784][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  581.731784][ T5830] 
[  581.743569][  T113] 
[  581.743569][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  581.743569][  T113] 
[  581.777728][ T5830] 
[  581.777728][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  581.777728][ T5830] 
[  583.592689][T11676] overlayfs: missing 'lowerdir'
[  593.730681][T11732] loop0: detected capacity change from 0 to 256
[  593.757602][T11732] vfat: Bad value for 'uid'
[  593.765933][T11732] vfat: Bad value for 'uid'
[  594.262378][T11738] No such timeout policy "syz1"
[  596.678697][ T3726] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  596.801395][ T3726] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  597.342822][ T3726] bond0 (unregistering): (slave team0): Releasing backup interface
[  597.523071][ T3726] bond0 (unregistering): Released all slaves
[  598.011165][T11489] batman_adv: batadv0: Adding interface: batadv_slave_0
[  598.053262][T11489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  598.923080][T11489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  598.951979][T11489] batman_adv: batadv0: Adding interface: batadv_slave_1
[  598.986261][T11489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  599.117525][T11489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  601.075637][T11776] loop6: detected capacity change from 0 to 256
[  601.117167][T11776] vfat: Bad value for 'uid'
[  601.121749][T11776] vfat: Bad value for 'uid'
[  601.445446][T11489] hsr_slave_0: entered promiscuous mode
[  601.456939][ T5934] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  601.461431][T11489] hsr_slave_1: entered promiscuous mode
[  601.696022][ T5934] usb 5-1: Using ep0 maxpacket: 32
[  602.367459][T11489] debugfs: 'hsr0' already exists in 'hsr'
[  602.373277][T11489] Cannot create hsr debugfs directory
[  602.737043][ T5934] usb 5-1: config 0 has no interfaces?
[  603.160751][ T5934] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  603.171005][ T5934] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.179433][ T5934] usb 5-1: Product: syz
[  603.183613][ T5934] usb 5-1: Manufacturer: syz
[  603.192297][ T5934] usb 5-1: SerialNumber: syz
[  603.201086][ T5934] usb 5-1: config 0 descriptor??
[  604.082257][ T6463] usb 5-1: USB disconnect, device number 12
[  605.416112][ T3726] hsr_slave_0: left promiscuous mode
[  606.195254][ T3726] hsr_slave_1: left promiscuous mode
[  606.274986][ T3726] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  606.304379][ T3726] batman_adv: batadv0: Removing interface: batadv_slave_0
[  606.358789][ T3726] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  606.380908][ T3726] batman_adv: batadv0: Removing interface: batadv_slave_1
[  606.438074][T11815] fuse: Unknown parameter 'fd0x0000000000000004'
[  607.630647][ T3726] veth1_macvtap: left promiscuous mode
[  607.658759][ T3726] veth0_macvtap: left promiscuous mode
[  607.664527][ T3726] veth1_vlan: left promiscuous mode
[  607.676376][ T3726] veth0_vlan: left promiscuous mode
[  610.887598][ T5916] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  610.899867][T11861] loop6: detected capacity change from 0 to 256
[  610.915451][T11861] vfat: Bad value for 'uid'
[  610.950353][T11861] vfat: Bad value for 'uid'
[  610.998088][ T8097] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  611.036775][ T5916] usb 5-1: device descriptor read/64, error -71
[  611.166099][ T8097] usb 1-1: Using ep0 maxpacket: 32
[  611.183928][ T8097] usb 1-1: config 0 has no interfaces?
[  611.201991][ T8097] usb 1-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  611.222189][ T8097] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  611.245256][ T8097] usb 1-1: Product: syz
[  611.261834][ T8097] usb 1-1: Manufacturer: syz
[  611.267847][ T8097] usb 1-1: SerialNumber: syz
[  611.276354][ T5916] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  611.311688][ T8097] usb 1-1: config 0 descriptor??
[  611.426039][ T5916] usb 5-1: device descriptor read/64, error -71
[  611.464060][T11864] fuse: Unknown parameter 'fd0x0000000000000004'
[  611.537385][ T8097] usb 1-1: USB disconnect, device number 16
[  611.552792][ T5916] usb usb5-port1: attempt power cycle
[  611.657474][ T3726] team0 (unregistering): Port device team_slave_1 removed
[  611.705527][ T3726] team0 (unregistering): Port device team_slave_0 removed
[  611.906021][ T5916] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  611.926767][ T5916] usb 5-1: device descriptor read/8, error -71
[  613.625976][ T5916] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  613.736030][ T5916] usb 5-1: device descriptor read/8, error -71
[  613.931433][ T5916] usb usb5-port1: unable to enumerate USB device
[  614.678199][T11894] loop0: detected capacity change from 0 to 128
[  614.726241][T11894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1634'.
[  615.864270][T11911] loop3: detected capacity change from 0 to 256
[  615.883340][T11911] vfat: Bad value for 'uid'
[  615.901737][T11912] fuse: Unknown parameter 'fd0x0000000000000004'
[  615.926777][T11911] vfat: Bad value for 'uid'
[  616.303439][T11489] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  616.464761][T11489] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  616.483673][T11919] No such timeout policy "syz1"
[  616.698238][ T6295] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  617.576015][ T6295] usb 7-1: Using ep0 maxpacket: 32
[  617.593720][ T6295] usb 7-1: config 0 has no interfaces?
[  617.610604][ T6295] usb 7-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  617.622619][T11489] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  617.650202][T11489] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  617.706048][T11900] loop4: detected capacity change from 0 to 40427
[  617.717432][ T6295] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.725445][ T6295] usb 7-1: Product: syz
[  617.805466][ T6295] usb 7-1: Manufacturer: syz
[  617.832686][T11900] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x1f52010)
[  617.852977][ T6295] usb 7-1: SerialNumber: syz
[  617.876189][T11900] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  617.926723][T11900] F2FS-fs (loop4): invalid crc value
[  617.935428][ T6295] usb 7-1: config 0 descriptor??
[  617.976512][T11900] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-4)
[  618.216996][ T6463] usb 7-1: USB disconnect, device number 2
[  618.331934][T11489] 8021q: adding VLAN 0 to HW filter on device bond0
[  618.447557][T11489] 8021q: adding VLAN 0 to HW filter on device team0
[  618.484346][ T6762] bridge0: port 1(bridge_slave_0) entered blocking state
[  618.491551][ T6762] bridge0: port 1(bridge_slave_0) entered forwarding state
[  618.580937][ T8397] bridge0: port 2(bridge_slave_1) entered blocking state
[  618.588154][ T8397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  618.608411][ T6463] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  618.766196][ T6463] usb 5-1: device descriptor read/64, error -71
[  619.026280][ T6463] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  619.337630][ T6463] usb 5-1: device descriptor read/64, error -71
[  619.537023][ T6463] usb usb5-port1: attempt power cycle
[  619.764923][T11963] loop6: detected capacity change from 0 to 128
[  619.925950][ T6463] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  619.972966][ T6463] usb 5-1: device descriptor read/8, error -71
[  620.226050][ T6463] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  620.296857][ T6463] usb 5-1: device descriptor read/8, error -71
[  621.304983][ T6463] usb usb5-port1: unable to enumerate USB device
[  622.410617][T11991] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1657'.
[  622.675206][T11993] No such timeout policy "syz1"
[  622.827880][   T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  622.839932][   T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  622.848133][   T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  622.864161][   T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  622.872173][   T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  624.952258][   T52] Bluetooth: hci3: command tx timeout
[  625.507495][T12028] loop4: detected capacity change from 0 to 128
[  625.791417][T12001] loop3: detected capacity change from 0 to 40427
[  625.850582][T12001] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x1f52010)
[  625.906065][T12001] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  626.008472][T12001] F2FS-fs (loop3): invalid crc value
[  627.006385][   T52] Bluetooth: hci3: command tx timeout
[  628.410273][T12001] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  628.585673][T12060] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1671'.
[  628.597140][T11996] chnl_net:caif_netlink_parms(): no params data found
[  628.916529][ T8097] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  629.086874][   T52] Bluetooth: hci3: command tx timeout
[  629.189337][ T8097] usb 2-1: device descriptor read/64, error -71
[  630.453753][ T8097] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  630.585952][ T8097] usb 2-1: device descriptor read/64, error -71
[  630.696400][ T8097] usb usb2-port1: attempt power cycle
[  630.829938][T12070] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1676'.
[  631.087336][ T8097] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  631.166225][   T52] Bluetooth: hci3: command tx timeout
[  631.387621][ T8097] usb 2-1: device descriptor read/8, error -71
[  631.745165][ T8097] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  631.911992][ T8097] usb 2-1: device descriptor read/8, error -71
[  631.963093][T12092] loop6: detected capacity change from 0 to 128
[  632.031731][T11996] bridge0: port 1(bridge_slave_0) entered blocking state
[  632.056522][ T8097] usb usb2-port1: unable to enumerate USB device
[  632.066071][T11996] bridge0: port 1(bridge_slave_0) entered disabled state
[  632.095674][T11996] bridge_slave_0: entered allmulticast mode
[  632.186334][T11996] bridge_slave_0: entered promiscuous mode
[  632.234296][T11996] bridge0: port 2(bridge_slave_1) entered blocking state
[  632.268620][T11996] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.316336][T11996] bridge_slave_1: entered allmulticast mode
[  632.324448][T11996] bridge_slave_1: entered promiscuous mode
[  634.537249][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  634.543598][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  635.711408][T11996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  636.038970][T11996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  636.057082][T12123] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1684'.
[  636.135210][T12124] No such timeout policy "syz1"
[  637.214548][T12132] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1689'.
[  637.293686][T12134] No such timeout policy "syz1"
[  637.354469][T11996] team0: Port device team_slave_0 added
[  637.379647][T11996] team0: Port device team_slave_1 added
[  637.618615][ T6111] bridge_slave_1: left allmulticast mode
[  637.688332][ T6111] bridge_slave_1: left promiscuous mode
[  638.645239][ T6111] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.907417][ T6111] bridge_slave_0: left allmulticast mode
[  638.949610][ T6111] bridge_slave_0: left promiscuous mode
[  638.955423][ T6111] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.126395][ T5915] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  639.975982][ T5915] usb 4-1: device descriptor read/64, error -71
[  641.165978][   T52] Bluetooth: hci6: command 0x0406 tx timeout
[  641.175942][ T5915] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  641.370497][ T5915] usb 4-1: device descriptor read/64, error -71
[  641.510665][ T5915] usb usb4-port1: attempt power cycle
[  641.616144][T12173] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1698'.
[  641.901409][ T5915] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  642.029277][T12172] loop6: detected capacity change from 0 to 128
[  642.791762][ T5915] usb 4-1: device descriptor read/8, error -71
[  646.240546][T12199] No such timeout policy "syz1"
[  648.503420][ T6111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  648.515525][ T6111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  648.539841][ T6111] bond0 (unregistering): Released all slaves
[  648.556959][T11996] batman_adv: batadv0: Adding interface: batadv_slave_0
[  648.565311][T11996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  648.696069][T11996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  648.811299][T11996] batman_adv: batadv0: Adding interface: batadv_slave_1
[  648.906939][T11996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  648.939742][T11996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  649.146461][   T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  649.903985][   T24] usb 5-1: device descriptor read/64, error -71
[  650.197429][ T6111] hsr_slave_0: left promiscuous mode
[  650.207046][ T6111] hsr_slave_1: left promiscuous mode
[  650.213234][ T6111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  650.443506][   T24] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  650.508419][ T6111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  651.776567][   T24] usb 5-1: device descriptor read/64, error -71
[  651.926298][T12231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1713'.
[  652.106725][   T24] usb usb5-port1: attempt power cycle
[  653.797014][ T6111] team0 (unregistering): Port device team_slave_1 removed
[  654.265151][ T6111] team0 (unregistering): Port device team_slave_0 removed
[  655.356995][   T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  655.371575][   T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  655.383461][   T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  655.399536][   T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  655.410069][   T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  657.513654][ T5839] Bluetooth: hci5: command tx timeout
[  658.206572][   T52] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  658.261106][   T52] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  658.295695][   T52] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  658.307202][   T52] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  658.347491][   T52] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  659.576674][ T5839] Bluetooth: hci5: command tx timeout
[  660.171686][ T5901] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  660.417406][T12278] No such timeout policy "syz1"
[  660.492332][ T5839] Bluetooth: hci7: command tx timeout
[  661.008418][ T5901] usb 4-1: device descriptor read/64, error -71
[  661.256840][ T5901] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  661.301796][T11996] hsr_slave_0: entered promiscuous mode
[  661.328061][T11996] hsr_slave_1: entered promiscuous mode
[  661.334608][T11996] debugfs: 'hsr0' already exists in 'hsr'
[  661.342506][T11996] Cannot create hsr debugfs directory
[  661.633278][ T5901] usb 4-1: device descriptor read/64, error -71
[  661.663065][ T5839] Bluetooth: hci5: command tx timeout
[  662.333657][ T5901] usb usb4-port1: attempt power cycle
[  662.606306][ T5839] Bluetooth: hci7: command tx timeout
[  662.975941][ T5901] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  663.089543][ T5901] usb 4-1: device descriptor read/8, error -71
[  664.536905][ T5839] Bluetooth: hci5: command tx timeout
[  664.691719][   T52] Bluetooth: hci7: command tx timeout
[  666.810804][ T5839] Bluetooth: hci7: command tx timeout
[  668.359447][T12329] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1738'.
[  671.785371][ T6111] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.006101][ T8097] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  672.116018][ T5901] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  672.229809][ T8097] usb 4-1: Using ep0 maxpacket: 8
[  672.253544][ T8097] usb 4-1: no configurations
[  672.269461][ T8097] usb 4-1: can't read configurations, error -22
[  672.288355][ T5901] usb 2-1: Using ep0 maxpacket: 32
[  672.475702][ T5901] usb 2-1: config 0 has no interfaces?
[  672.495143][ T5901] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  672.523340][ T5901] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.547521][ T5901] usb 2-1: Product: syz
[  672.551718][ T5901] usb 2-1: Manufacturer: syz
[  672.566237][ T5901] usb 2-1: SerialNumber: syz
[  672.596450][ T5901] usb 2-1: config 0 descriptor??
[  672.606062][ T8097] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  672.654319][ T6111] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.742495][T12263] chnl_net:caif_netlink_parms(): no params data found
[  672.795926][ T8097] usb 4-1: Using ep0 maxpacket: 8
[  672.804465][ T8097] usb 4-1: no configurations
[  672.809621][ T8097] usb 4-1: can't read configurations, error -22
[  672.820037][ T8097] usb usb4-port1: attempt power cycle
[  672.861020][ T5901] usb 2-1: USB disconnect, device number 11
[  672.957836][ T6111] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  672.974459][T12252] chnl_net:caif_netlink_parms(): no params data found
[  673.866016][ T8097] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  673.896674][ T8097] usb 4-1: Using ep0 maxpacket: 8
[  673.904214][ T8097] usb 4-1: no configurations
[  673.914653][ T8097] usb 4-1: can't read configurations, error -22
[  674.059482][ T8097] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  674.086725][ T8097] usb 4-1: Using ep0 maxpacket: 8
[  674.096189][ T8097] usb 4-1: no configurations
[  674.100885][ T8097] usb 4-1: can't read configurations, error -22
[  674.113610][ T8097] usb usb4-port1: unable to enumerate USB device
[  677.386930][ T6111] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.187162][T12263] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.216178][T12263] bridge0: port 1(bridge_slave_0) entered disabled state
[  678.223430][T12263] bridge_slave_0: entered allmulticast mode
[  678.233998][T12263] bridge_slave_0: entered promiscuous mode
[  678.252312][T12263] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.270213][T12263] bridge0: port 2(bridge_slave_1) entered disabled state
[  678.286276][T12263] bridge_slave_1: entered allmulticast mode
[  678.294765][T12263] bridge_slave_1: entered promiscuous mode
[  679.476266][ T6011] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  679.521762][T12263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  679.541468][T12252] bridge0: port 1(bridge_slave_0) entered blocking state
[  679.571332][T12252] bridge0: port 1(bridge_slave_0) entered disabled state
[  679.618572][T12252] bridge_slave_0: entered allmulticast mode
[  679.655895][ T6011] usb 5-1: Using ep0 maxpacket: 32
[  679.730840][T12252] bridge_slave_0: entered promiscuous mode
[  679.895659][T12252] bridge0: port 2(bridge_slave_1) entered blocking state
[  679.972656][T12252] bridge0: port 2(bridge_slave_1) entered disabled state
[  680.060070][T12252] bridge_slave_1: entered allmulticast mode
[  680.163049][T12252] bridge_slave_1: entered promiscuous mode
[  680.448235][ T6011] usb 5-1: config 0 has no interfaces?
[  680.466120][ T6011] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  680.475191][ T6011] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.504150][ T6011] usb 5-1: Product: syz
[  680.508488][ T6011] usb 5-1: Manufacturer: syz
[  680.515095][ T6011] usb 5-1: SerialNumber: syz
[  680.536604][ T6011] usb 5-1: config 0 descriptor??
[  680.547331][T12263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  680.749784][ T6011] usb 5-1: USB disconnect, device number 24
[  680.767043][T12252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  680.880350][T12252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  680.902269][T12399] loop1: detected capacity change from 0 to 32768
[  680.929513][T12399] 
[  680.929513][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  680.929513][T12399] 
[  680.995470][T12399] 
[  680.995470][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  680.995470][T12399] 
[  681.062354][T12399] 
[  681.062354][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.062354][T12399] 
[  681.104201][T12399] 
[  681.104201][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.104201][T12399] 
[  681.174807][T12399] 
[  681.174807][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.174807][T12399] 
[  681.216506][T12399] 
[  681.216506][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.216506][T12399] 
[  681.280844][T12399] 
[  681.280844][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.280844][T12399] 
[  681.449946][  T113] 
[  681.449946][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.449946][  T113] 
[  681.579197][T12399] 
[  681.579197][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.579197][T12399] 
[  681.688144][T12399] 
[  681.688144][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.688144][T12399] 
[  681.804867][T12399] 
[  681.804867][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.804867][T12399] 
[  681.909177][T12399] 
[  681.909177][T12399]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  681.909177][T12399] 
[  682.162623][  T113] 
[  682.162623][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  682.162623][  T113] 
[  682.252726][T12402] 
[  682.252726][T12402]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  682.252726][T12402] 
[  682.344201][T12402] 
[  682.344201][T12402]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  682.344201][T12402] 
[  682.450132][T12402] 
[  682.450132][T12402]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  682.450132][T12402] 
[  682.544157][T12402] 
[  682.544157][T12402]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  682.544157][T12402] 
[  682.661771][  T112] 
[  682.661771][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  682.661771][  T112] 
[  683.606549][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  683.616789][   T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  683.624690][   T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  683.633520][   T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  683.641089][   T60] 
[  683.641089][   T60]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  683.641089][   T60] 
[  683.642791][   T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  683.671779][   T60] 
[  683.671779][   T60]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  683.671779][   T60] 
[  683.709216][ T5830] 
[  683.709216][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  683.709216][ T5830] 
[  683.744593][  T112] 
[  683.744593][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  683.744593][  T112] 
[  683.821424][ T5830] 
[  683.821424][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  683.821424][ T5830] 
[  683.825732][T12429] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1762'.
[  683.856997][T12263] team0: Port device team_slave_0 added
[  684.030771][T12252] team0: Port device team_slave_0 added
[  684.229650][ T6111] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.958050][T12263] team0: Port device team_slave_1 added
[  685.013404][T12252] team0: Port device team_slave_1 added
[  685.281468][T12442] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1761'.
[  685.415989][ T6111] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.555015][T12263] batman_adv: batadv0: Adding interface: batadv_slave_0
[  685.740998][   T52] Bluetooth: hci1: command tx timeout
[  686.255906][T12263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  686.337375][T12263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  686.390874][T12252] batman_adv: batadv0: Adding interface: batadv_slave_0
[  686.424440][T12252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  686.453161][T12252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  686.467362][T12252] batman_adv: batadv0: Adding interface: batadv_slave_1
[  686.474399][T12252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  686.500568][T12252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  686.547260][T12263] batman_adv: batadv0: Adding interface: batadv_slave_1
[  686.595423][T12263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  686.689102][T12263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  687.246169][   T10] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  687.342631][ T6111] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  687.486326][   T10] usb 2-1: Using ep0 maxpacket: 32
[  687.619475][   T10] usb 2-1: config 0 has no interfaces?
[  687.684590][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  687.707506][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.715621][   T10] usb 2-1: Product: syz
[  687.760556][   T10] usb 2-1: Manufacturer: syz
[  687.765208][   T10] usb 2-1: SerialNumber: syz
[  687.776684][   T10] usb 2-1: config 0 descriptor??
[  687.806136][   T52] Bluetooth: hci1: command tx timeout
[  687.993014][   T10] usb 2-1: USB disconnect, device number 12
[  689.150492][ T6111] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  689.222724][T12263] hsr_slave_0: entered promiscuous mode
[  689.239463][T12263] hsr_slave_1: entered promiscuous mode
[  689.267208][T12263] debugfs: 'hsr0' already exists in 'hsr'
[  689.272989][T12263] Cannot create hsr debugfs directory
[  689.294188][T12252] hsr_slave_0: entered promiscuous mode
[  689.308193][T12252] hsr_slave_1: entered promiscuous mode
[  689.335177][T12252] debugfs: 'hsr0' already exists in 'hsr'
[  689.344161][T12252] Cannot create hsr debugfs directory
[  689.886199][   T52] Bluetooth: hci1: command tx timeout
[  689.900052][T12463] loop1: detected capacity change from 0 to 32768
[  689.951038][T12463] 
[  689.951038][T12463]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  689.951038][T12463] 
[  690.049550][T12461] 
[  690.049550][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.049550][T12461] 
[  690.098045][T12461] 
[  690.098045][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.098045][T12461] 
[  690.108727][T12461] 
[  690.108727][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.108727][T12461] 
[  690.119559][T12461] 
[  690.119559][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.119559][T12461] 
[  690.138470][T12461] 
[  690.138470][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.138470][T12461] 
[  690.166203][T12461] 
[  690.166203][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.166203][T12461] 
[  690.243201][T12476] No such timeout policy "syz1"
[  690.579802][  T113] 
[  690.579802][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.579802][  T113] 
[  690.949799][T12461] 
[  690.949799][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.949799][T12461] 
[  691.001095][T12461] 
[  691.001095][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.001095][T12461] 
[  691.039671][T12461] 
[  691.039671][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.039671][T12461] 
[  691.090920][T12461] 
[  691.090920][T12461]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.090920][T12461] 
[  691.177932][  T112] 
[  691.177932][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.177932][  T112] 
[  691.245358][T12463] 
[  691.245358][T12463]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.245358][T12463] 
[  691.266451][T12463] 
[  691.266451][T12463]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.266451][T12463] 
[  691.307299][T12463] 
[  691.307299][T12463]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.307299][T12463] 
[  691.528422][T12463] 
[  691.528422][T12463]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.528422][T12463] 
[  691.794259][  T113] 
[  691.794259][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  691.794259][  T113] 
[  691.974042][   T52] Bluetooth: hci1: command tx timeout
[  692.806933][ T6300] 
[  692.806933][ T6300]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  692.806933][ T6300] 
[  692.846657][ T6111] bridge_slave_1: left allmulticast mode
[  692.852359][ T6111] bridge_slave_1: left promiscuous mode
[  692.868651][ T6300] 
[  692.868651][ T6300]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  692.868651][ T6300] 
[  692.886219][ T6111] bridge0: port 2(bridge_slave_1) entered disabled state
[  692.903909][  T112] 
[  692.903909][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  692.903909][  T112] 
[  692.915377][ T5830] 
[  692.915377][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  692.915377][ T5830] 
[  692.939358][ T5830] 
[  692.939358][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  692.939358][ T5830] 
[  692.952149][ T6111] bridge_slave_0: left allmulticast mode
[  692.962116][ T6111] bridge_slave_0: left promiscuous mode
[  692.969483][ T6111] bridge0: port 1(bridge_slave_0) entered disabled state
[  693.249748][ T6111] bridge_slave_1: left allmulticast mode
[  693.255453][ T6111] bridge_slave_1: left promiscuous mode
[  693.306487][ T6111] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.538319][ T6111] bridge_slave_0: left promiscuous mode
[  693.669304][ T6111] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.126679][   T30] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  694.306437][   T30] usb 4-1: Using ep0 maxpacket: 32
[  694.416038][   T30] usb 4-1: config 0 has no interfaces?
[  695.450783][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  695.467981][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  695.627819][   T30] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  695.650268][   T30] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  695.658976][   T30] usb 4-1: Product: syz
[  695.663172][   T30] usb 4-1: Manufacturer: syz
[  695.668842][   T30] usb 4-1: SerialNumber: syz
[  695.682497][   T30] usb 4-1: config 0 descriptor??
[  695.908823][   T30] usb 4-1: USB disconnect, device number 23
[  696.391843][ T6111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  696.405604][ T6111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  696.418861][ T6111] bond0 (unregistering): Released all slaves
[  699.288963][T12534] loop1: detected capacity change from 0 to 32768
[  699.302911][T12534] 
[  699.302911][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.302911][T12534] 
[  699.339680][T12534] 
[  699.339680][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.339680][T12534] 
[  699.352612][T12534] 
[  699.352612][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.352612][T12534] 
[  699.363154][T12534] 
[  699.363154][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.363154][T12534] 
[  699.374107][T12534] 
[  699.374107][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.374107][T12534] 
[  699.384807][T12534] 
[  699.384807][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.384807][T12534] 
[  699.395340][T12534] 
[  699.395340][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.395340][T12534] 
[  699.422941][  T113] 
[  699.422941][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  699.422941][  T113] 
[  700.649355][T12534] 
[  700.649355][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  700.649355][T12534] 
[  700.662078][T12534] 
[  700.662078][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  700.662078][T12534] 
[  700.672714][T12534] 
[  700.672714][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  700.672714][T12534] 
[  700.684744][T12534] 
[  700.684744][T12534]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  700.684744][T12534] 
[  700.763178][  T113] 
[  700.763178][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  700.763178][  T113] 
[  700.914878][T12542] 
[  700.914878][T12542]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  700.914878][T12542] 
[  701.053516][T12542] 
[  701.053516][T12542]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.053516][T12542] 
[  701.093243][T12542] 
[  701.093243][T12542]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.093243][T12542] 
[  701.118990][T12542] 
[  701.118990][T12542]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.118990][T12542] 
[  701.147797][  T113] 
[  701.147797][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.147797][  T113] 
[  701.251724][ T6394] 
[  701.251724][ T6394]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.251724][ T6394] 
[  701.306941][ T6394] 
[  701.306941][ T6394]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.306941][ T6394] 
[  701.354064][  T112] 
[  701.354064][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.354064][  T112] 
[  701.368450][ T5830] 
[  701.368450][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.368450][ T5830] 
[  701.396241][ T5830] 
[  701.396241][ T5830]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  701.396241][ T5830] 
[  701.596545][T12553] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1795'.
[  701.735701][ T6111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  701.857170][ T6111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  701.944209][ T6111] bond0 (unregistering): Released all slaves
[  702.201981][T12560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1793'.
[  702.632624][T12426] chnl_net:caif_netlink_parms(): no params data found
[  706.574411][T12590] loop4: detected capacity change from 0 to 32768
[  706.588832][T12590] 
[  706.588832][T12590]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  706.588832][T12590] 
[  706.886259][T12263] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  707.378762][T12586] 
[  707.378762][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  707.378762][T12586] 
[  707.421107][T12586] 
[  707.421107][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  707.421107][T12586] 
[  707.748116][T12426] bridge0: port 1(bridge_slave_0) entered blocking state
[  707.761936][T12586] 
[  707.761936][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  707.761936][T12586] 
[  707.810185][T12426] bridge0: port 1(bridge_slave_0) entered disabled state
[  707.831771][T12586] 
[  707.831771][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  707.831771][T12586] 
[  707.874521][T12426] bridge_slave_0: entered allmulticast mode
[  707.959001][T12586] 
[  707.959001][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  707.959001][T12586] 
[  707.964641][T12426] bridge_slave_0: entered promiscuous mode
[  707.990995][T12586] 
[  707.990995][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  707.990995][T12586] 
[  708.032250][T12263] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  708.041744][  T112] 
[  708.041744][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.041744][  T112] 
[  708.048616][T12600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1806'.
[  708.079752][T12426] bridge0: port 2(bridge_slave_1) entered blocking state
[  708.085992][T12586] 
[  708.085992][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.085992][T12586] 
[  708.087293][T12426] bridge0: port 2(bridge_slave_1) entered disabled state
[  708.114828][T12426] bridge_slave_1: entered allmulticast mode
[  708.119206][T12586] 
[  708.119206][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.119206][T12586] 
[  708.135028][T12586] 
[  708.135028][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.135028][T12586] 
[  708.199740][T12426] bridge_slave_1: entered promiscuous mode
[  708.207223][T12586] 
[  708.207223][T12586]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.207223][T12586] 
[  708.261765][  T112] 
[  708.261765][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.261765][  T112] 
[  708.282538][T12590] 
[  708.282538][T12590]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.282538][T12590] 
[  708.294064][T12590] 
[  708.294064][T12590]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.294064][T12590] 
[  708.304809][T12590] 
[  708.304809][T12590]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.304809][T12590] 
[  708.316882][T12590] 
[  708.316882][T12590]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.316882][T12590] 
[  708.330525][  T112] 
[  708.330525][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.330525][  T112] 
[  708.431944][T12263] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  708.452147][T12263] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  708.479029][   T37] 
[  708.479029][   T37]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.479029][   T37] 
[  708.521616][   T37] 
[  708.521616][   T37]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.521616][   T37] 
[  708.580839][ T5833] 
[  708.580839][ T5833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.580839][ T5833] 
[  708.623609][ T5833] 
[  708.623609][ T5833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  708.623609][ T5833] 
[  708.642297][  T113] ==================================================================
[  708.650479][  T113] BUG: KASAN: slab-use-after-free in __mutex_lock+0x1a24/0x1ca0
[  708.658560][  T113] Read of size 8 at addr ffff888034f1a108 by task jfsCommit/113
[  708.666250][  T113] 
[  708.668579][  T113] CPU: 0 UID: 0 PID: 113 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  708.668629][  T113] Tainted: [L]=SOFTLOCKUP
[  708.668641][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  708.668663][  T113] Call Trace:
[  708.668674][  T113]  <TASK>
[  708.668686][  T113]  dump_stack_lvl+0x116/0x1f0
[  708.668745][  T113]  print_report+0xcd/0x630
[  708.668791][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.668835][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.668881][  T113]  ? __phys_addr+0xe8/0x180
[  708.668920][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  708.668956][  T113]  kasan_report+0xe0/0x110
[  708.669002][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  708.669047][  T113]  __mutex_lock+0x1a24/0x1ca0
[  708.669085][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.669133][  T113]  ? jfs_syncpt+0x2a/0xa0
[  708.669187][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  708.669231][  T113]  ? do_raw_spin_lock+0x12c/0x2b0
[  708.669286][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.669327][  T113]  ? find_held_lock+0x2b/0x80
[  708.669382][  T113]  ? jfs_syncpt+0x2a/0xa0
[  708.669422][  T113]  jfs_syncpt+0x2a/0xa0
[  708.669465][  T113]  txEnd+0x30a/0x5a0
[  708.669511][  T113]  jfs_lazycommit+0x783/0xb30
[  708.669564][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  708.669614][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  708.669670][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  708.669724][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.669773][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.669814][  T113]  ? __kthread_parkme+0x19e/0x250
[  708.669847][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  708.669896][  T113]  kthread+0x3c5/0x780
[  708.669935][  T113]  ? __pfx_kthread+0x10/0x10
[  708.669976][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.670016][  T113]  ? rcu_is_watching+0x12/0xc0
[  708.670048][  T113]  ? __pfx_kthread+0x10/0x10
[  708.670088][  T113]  ret_from_fork+0x983/0xb10
[  708.670126][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  708.670165][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.670206][  T113]  ? __switch_to+0x7af/0x10d0
[  708.670250][  T113]  ? __pfx_kthread+0x10/0x10
[  708.670290][  T113]  ret_from_fork_asm+0x1a/0x30
[  708.670354][  T113]  </TASK>
[  708.670365][  T113] 
[  708.887675][  T113] Allocated by task 12590:
[  708.892171][  T113]  kasan_save_stack+0x33/0x60
[  708.896856][  T113]  kasan_save_track+0x14/0x30
[  708.901540][  T113]  __kasan_kmalloc+0xaa/0xb0
[  708.906178][  T113]  lmLogOpen+0x571/0x13c0
[  708.910526][  T113]  jfs_mount_rw+0x2e9/0x6f0
[  708.915043][  T113]  jfs_fill_super+0xc46/0x1040
[  708.919956][  T113]  get_tree_bdev_flags+0x38c/0x620
[  708.925170][  T113]  vfs_get_tree+0x8e/0x330
[  708.929611][  T113]  path_mount+0x7bf/0x23a0
[  708.934044][  T113]  __x64_sys_mount+0x293/0x310
[  708.938829][  T113]  do_syscall_64+0xcd/0xf80
[  708.943348][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.949249][  T113] 
[  708.951561][  T113] Freed by task 5833:
[  708.955531][  T113]  kasan_save_stack+0x33/0x60
[  708.960212][  T113]  kasan_save_track+0x14/0x30
[  708.964902][  T113]  kasan_save_free_info+0x3b/0x60
[  708.969951][  T113]  __kasan_slab_free+0x5f/0x80
[  708.974726][  T113]  kfree+0x2f8/0x6e0
[  708.978647][  T113]  lmLogClose+0x585/0x710
[  708.982994][  T113]  jfs_umount+0x2f0/0x440
[  708.987337][  T113]  jfs_put_super+0x88/0x1d0
[  708.991867][  T113]  generic_shutdown_super+0x156/0x390
[  708.997275][  T113]  kill_block_super+0x3b/0x90
[  709.002325][  T113]  deactivate_locked_super+0xc1/0x1a0
[  709.007701][  T113]  deactivate_super+0xde/0x100
[  709.012476][  T113]  cleanup_mnt+0x225/0x450
[  709.016904][  T113]  task_work_run+0x150/0x240
[  709.021510][  T113]  exit_to_user_mode_loop+0xfb/0x540
[  709.026986][  T113]  do_syscall_64+0x4ee/0xf80
[  709.031580][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.037480][  T113] 
[  709.039804][  T113] The buggy address belongs to the object at ffff888034f1a000
[  709.039804][  T113]  which belongs to the cache kmalloc-1k of size 1024
[  709.053855][  T113] The buggy address is located 264 bytes inside of
[  709.053855][  T113]  freed 1024-byte region [ffff888034f1a000, ffff888034f1a400)
[  709.067741][  T113] 
[  709.070061][  T113] The buggy address belongs to the physical page:
[  709.076459][  T113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34f18
[  709.085219][  T113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  709.093726][  T113] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  709.101284][  T113] page_type: f5(slab)
[  709.105356][  T113] raw: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  709.114033][  T113] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  709.122622][  T113] head: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  709.131297][  T113] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  709.140095][  T113] head: 00fff00000000003 ffffea0000d3c601 00000000ffffffff 00000000ffffffff
[  709.148777][  T113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  709.157539][  T113] page dumped because: kasan: bad access detected
[  709.163947][  T113] page_owner tracks the page as allocated
[  709.169653][  T113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 141891849365, free_ts 140458201050
[  709.188863][  T113]  post_alloc_hook+0x1af/0x220
[  709.193655][  T113]  get_page_from_freelist+0xd0b/0x31a0
[  709.199147][  T113]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  709.205155][  T113]  alloc_pages_mpol+0x1fb/0x550
[  709.210101][  T113]  new_slab+0x2c3/0x430
[  709.214279][  T113]  ___slab_alloc+0xe18/0x1c90
[  709.218981][  T113]  __slab_alloc.constprop.0+0x63/0x110
[  709.224464][  T113]  __kmalloc_noprof+0x4fc/0x910
[  709.229338][  T113]  ieee802_11_parse_elems_full+0x1db/0x3780
[  709.235266][  T113]  ieee80211_inform_bss+0x15a/0x1150
[  709.240688][  T113]  cfg80211_inform_single_bss_data+0x8e9/0x1d30
[  709.246975][  T113]  cfg80211_inform_bss_data+0x22b/0x3be0
[  709.252647][  T113]  cfg80211_inform_bss_frame_data+0x26f/0x720
[  709.258915][  T113]  ieee80211_bss_info_update+0x310/0xab0
[  709.264565][  T113]  ieee80211_ibss_rx_queued_mgmt+0x1927/0x2fc0
[  709.270732][  T113]  ieee80211_iface_work+0xe28/0x1350
[  709.276040][  T113] page last free pid 5194 tgid 5194 stack trace:
[  709.282357][  T113]  __free_frozen_pages+0x7df/0x1170
[  709.287573][  T113]  __put_partials+0x130/0x170
[  709.292273][  T113]  qlist_free_all+0x4c/0xf0
[  709.296867][  T113]  kasan_quarantine_reduce+0x195/0x1e0
[  709.302338][  T113]  __kasan_slab_alloc+0x69/0x90
[  709.307196][  T113]  kmem_cache_alloc_noprof+0x25e/0x770
[  709.312679][  T113]  getname_flags.part.0+0x4c/0x550
[  709.317848][  T113]  getname_flags+0x93/0xf0
[  709.322274][  T113]  do_sys_openat2+0xb9/0x290
[  709.326887][  T113]  __x64_sys_openat+0x174/0x210
[  709.331890][  T113]  do_syscall_64+0xcd/0xf80
[  709.336394][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.342295][  T113] 
[  709.344625][  T113] Memory state around the buggy address:
[  709.350254][  T113]  ffff888034f1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.358314][  T113]  ffff888034f1a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.366376][  T113] >ffff888034f1a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.374429][  T113]                       ^
[  709.379183][  T113]  ffff888034f1a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.387243][  T113]  ffff888034f1a200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  709.395300][  T113] ==================================================================
[  709.404542][  T113] Disabling lock debugging due to kernel taint
[  709.411802][  T113] ==================================================================
[  709.419882][  T113] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0
[  709.427718][  T113] Read of size 4 at addr ffff888034f1a0c4 by task jfsCommit/113
[  709.435353][  T113] 
[  709.437853][  T113] CPU: 0 UID: 0 PID: 113 Comm: jfsCommit Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[  709.437905][  T113] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[  709.437919][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  709.437940][  T113] Call Trace:
[  709.437951][  T113]  <TASK>
[  709.437963][  T113]  dump_stack_lvl+0x116/0x1f0
[  709.438023][  T113]  print_report+0xcd/0x630
[  709.438060][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.438101][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.438141][  T113]  ? __phys_addr+0xe8/0x180
[  709.438175][  T113]  ? do_raw_spin_lock+0x26f/0x2b0
[  709.438221][  T113]  kasan_report+0xe0/0x110
[  709.438260][  T113]  ? do_raw_spin_lock+0x26f/0x2b0
[  709.438312][  T113]  do_raw_spin_lock+0x26f/0x2b0
[  709.438358][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.438399][  T113]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  709.438445][  T113]  ? lock_acquire+0x2cd/0x330
[  709.438484][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  709.438521][  T113]  _raw_spin_lock_irqsave+0x42/0x60
[  709.438570][  T113]  ? __mutex_lock+0xca5/0x1ca0
[  709.438602][  T113]  __mutex_lock+0xca5/0x1ca0
[  709.438636][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.438677][  T113]  ? jfs_syncpt+0x2a/0xa0
[  709.438722][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  709.438764][  T113]  ? do_raw_spin_lock+0x12c/0x2b0
[  709.438814][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.438854][  T113]  ? find_held_lock+0x2b/0x80
[  709.438909][  T113]  ? jfs_syncpt+0x2a/0xa0
[  709.438949][  T113]  jfs_syncpt+0x2a/0xa0
[  709.438991][  T113]  txEnd+0x30a/0x5a0
[  709.439037][  T113]  jfs_lazycommit+0x783/0xb30
[  709.439089][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  709.439138][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  709.439194][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  709.439248][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.439289][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.439329][  T113]  ? __kthread_parkme+0x19e/0x250
[  709.439362][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  709.439410][  T113]  kthread+0x3c5/0x780
[  709.439449][  T113]  ? __pfx_kthread+0x10/0x10
[  709.439489][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.439529][  T113]  ? rcu_is_watching+0x12/0xc0
[  709.439560][  T113]  ? __pfx_kthread+0x10/0x10
[  709.439600][  T113]  ret_from_fork+0x983/0xb10
[  709.439637][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  709.439676][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.439716][  T113]  ? __switch_to+0x7af/0x10d0
[  709.439764][  T113]  ? __pfx_kthread+0x10/0x10
[  709.439803][  T113]  ret_from_fork_asm+0x1a/0x30
[  709.439865][  T113]  </TASK>
[  709.439876][  T113] 
[  709.694656][  T113] Allocated by task 12590:
[  709.699066][  T113]  kasan_save_stack+0x33/0x60
[  709.703752][  T113]  kasan_save_track+0x14/0x30
[  709.708480][  T113]  __kasan_kmalloc+0xaa/0xb0
[  709.713074][  T113]  lmLogOpen+0x571/0x13c0
[  709.717413][  T113]  jfs_mount_rw+0x2e9/0x6f0
[  709.721923][  T113]  jfs_fill_super+0xc46/0x1040
[  709.726684][  T113]  get_tree_bdev_flags+0x38c/0x620
[  709.731811][  T113]  vfs_get_tree+0x8e/0x330
[  709.736248][  T113]  path_mount+0x7bf/0x23a0
[  709.740681][  T113]  __x64_sys_mount+0x293/0x310
[  709.745462][  T113]  do_syscall_64+0xcd/0xf80
[  709.749967][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.755873][  T113] 
[  709.758186][  T113] Freed by task 5833:
[  709.762154][  T113]  kasan_save_stack+0x33/0x60
[  709.766835][  T113]  kasan_save_track+0x14/0x30
[  709.771516][  T113]  kasan_save_free_info+0x3b/0x60
[  709.776558][  T113]  __kasan_slab_free+0x5f/0x80
[  709.781326][  T113]  kfree+0x2f8/0x6e0
[  709.785231][  T113]  lmLogClose+0x585/0x710
[  709.789578][  T113]  jfs_umount+0x2f0/0x440
[  709.793918][  T113]  jfs_put_super+0x88/0x1d0
[  709.798450][  T113]  generic_shutdown_super+0x156/0x390
[  709.803848][  T113]  kill_block_super+0x3b/0x90
[  709.808546][  T113]  deactivate_locked_super+0xc1/0x1a0
[  709.813929][  T113]  deactivate_super+0xde/0x100
[  709.818715][  T113]  cleanup_mnt+0x225/0x450
[  709.823166][  T113]  task_work_run+0x150/0x240
[  709.827777][  T113]  exit_to_user_mode_loop+0xfb/0x540
[  709.833085][  T113]  do_syscall_64+0x4ee/0xf80
[  709.837683][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.843586][  T113] 
[  709.845903][  T113] The buggy address belongs to the object at ffff888034f1a000
[  709.845903][  T113]  which belongs to the cache kmalloc-1k of size 1024
[  709.859958][  T113] The buggy address is located 196 bytes inside of
[  709.859958][  T113]  freed 1024-byte region [ffff888034f1a000, ffff888034f1a400)
[  709.873849][  T113] 
[  709.876163][  T113] The buggy address belongs to the physical page:
[  709.882581][  T113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34f18
[  709.891342][  T113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  709.899843][  T113] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  709.907390][  T113] page_type: f5(slab)
[  709.911376][  T113] raw: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  709.919966][  T113] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  709.928559][  T113] head: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  709.937674][  T113] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  709.946350][  T113] head: 00fff00000000003 ffffea0000d3c601 00000000ffffffff 00000000ffffffff
[  709.955032][  T113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  709.963727][  T113] page dumped because: kasan: bad access detected
[  709.970224][  T113] page_owner tracks the page as allocated
[  709.975927][  T113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 141891849365, free_ts 140458201050
[  709.995053][  T113]  post_alloc_hook+0x1af/0x220
[  709.999848][  T113]  get_page_from_freelist+0xd0b/0x31a0
[  710.005332][  T113]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  710.011338][  T113]  alloc_pages_mpol+0x1fb/0x550
[  710.016204][  T113]  new_slab+0x2c3/0x430
[  710.020394][  T113]  ___slab_alloc+0xe18/0x1c90
[  710.025139][  T113]  __slab_alloc.constprop.0+0x63/0x110
[  710.030622][  T113]  __kmalloc_noprof+0x4fc/0x910
[  710.035493][  T113]  ieee802_11_parse_elems_full+0x1db/0x3780
[  710.041498][  T113]  ieee80211_inform_bss+0x15a/0x1150
[  710.046869][  T113]  cfg80211_inform_single_bss_data+0x8e9/0x1d30
[  710.053233][  T113]  cfg80211_inform_bss_data+0x22b/0x3be0
[  710.058889][  T113]  cfg80211_inform_bss_frame_data+0x26f/0x720
[  710.064993][  T113]  ieee80211_bss_info_update+0x310/0xab0
[  710.070643][  T113]  ieee80211_ibss_rx_queued_mgmt+0x1927/0x2fc0
[  710.076814][  T113]  ieee80211_iface_work+0xe28/0x1350
[  710.082120][  T113] page last free pid 5194 tgid 5194 stack trace:
[  710.088438][  T113]  __free_frozen_pages+0x7df/0x1170
[  710.093654][  T113]  __put_partials+0x130/0x170
[  710.098347][  T113]  qlist_free_all+0x4c/0xf0
[  710.102853][  T113]  kasan_quarantine_reduce+0x195/0x1e0
[  710.108320][  T113]  __kasan_slab_alloc+0x69/0x90
[  710.113181][  T113]  kmem_cache_alloc_noprof+0x25e/0x770
[  710.118661][  T113]  getname_flags.part.0+0x4c/0x550
[  710.123803][  T113]  getname_flags+0x93/0xf0
[  710.128227][  T113]  do_sys_openat2+0xb9/0x290
[  710.132833][  T113]  __x64_sys_openat+0x174/0x210
[  710.137893][  T113]  do_syscall_64+0xcd/0xf80
[  710.142500][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.148425][  T113] 
[  710.150743][  T113] Memory state around the buggy address:
[  710.156370][  T113]  ffff888034f19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  710.164430][  T113]  ffff888034f1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.172490][  T113] >ffff888034f1a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.180547][  T113]                                            ^
[  710.186742][  T113]  ffff888034f1a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.194838][  T113]  ffff888034f1a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.202909][  T113] ==================================================================
[  710.210971][  T113] ==================================================================
[  710.219031][  T113] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x27f/0x2b0
[  710.227125][  T113] Read of size 8 at addr ffff888034f1a0d0 by task jfsCommit/113
[  710.234766][  T113] 
[  710.237096][  T113] CPU: 0 UID: 0 PID: 113 Comm: jfsCommit Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[  710.237149][  T113] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[  710.237163][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  710.237184][  T113] Call Trace:
[  710.237197][  T113]  <TASK>
[  710.237209][  T113]  dump_stack_lvl+0x116/0x1f0
[  710.237268][  T113]  print_report+0xcd/0x630
[  710.237306][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.237348][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.237388][  T113]  ? __phys_addr+0xe8/0x180
[  710.237421][  T113]  ? do_raw_spin_lock+0x27f/0x2b0
[  710.237474][  T113]  kasan_report+0xe0/0x110
[  710.237513][  T113]  ? do_raw_spin_lock+0x27f/0x2b0
[  710.237565][  T113]  do_raw_spin_lock+0x27f/0x2b0
[  710.237611][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.237653][  T113]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  710.237700][  T113]  ? lock_acquire+0x2cd/0x330
[  710.237739][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  710.237783][  T113]  _raw_spin_lock_irqsave+0x42/0x60
[  710.237837][  T113]  ? __mutex_lock+0xca5/0x1ca0
[  710.237869][  T113]  __mutex_lock+0xca5/0x1ca0
[  710.237904][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.237945][  T113]  ? jfs_syncpt+0x2a/0xa0
[  710.237992][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  710.238029][  T113]  ? do_raw_spin_lock+0x12c/0x2b0
[  710.238079][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.238120][  T113]  ? find_held_lock+0x2b/0x80
[  710.238175][  T113]  ? jfs_syncpt+0x2a/0xa0
[  710.238215][  T113]  jfs_syncpt+0x2a/0xa0
[  710.238258][  T113]  txEnd+0x30a/0x5a0
[  710.238303][  T113]  jfs_lazycommit+0x783/0xb30
[  710.238356][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  710.238407][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  710.238462][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  710.238517][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.238559][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.238599][  T113]  ? __kthread_parkme+0x19e/0x250
[  710.238632][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  710.238680][  T113]  kthread+0x3c5/0x780
[  710.238720][  T113]  ? __pfx_kthread+0x10/0x10
[  710.238764][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.238804][  T113]  ? rcu_is_watching+0x12/0xc0
[  710.238836][  T113]  ? __pfx_kthread+0x10/0x10
[  710.238876][  T113]  ret_from_fork+0x983/0xb10
[  710.238915][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  710.238953][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.238993][  T113]  ? __switch_to+0x7af/0x10d0
[  710.239038][  T113]  ? __pfx_kthread+0x10/0x10
[  710.239078][  T113]  ret_from_fork_asm+0x1a/0x30
[  710.239140][  T113]  </TASK>
[  710.239151][  T113] 
[  710.493937][  T113] Allocated by task 12590:
[  710.498349][  T113]  kasan_save_stack+0x33/0x60
[  710.503037][  T113]  kasan_save_track+0x14/0x30
[  710.507723][  T113]  __kasan_kmalloc+0xaa/0xb0
[  710.512328][  T113]  lmLogOpen+0x571/0x13c0
[  710.516676][  T113]  jfs_mount_rw+0x2e9/0x6f0
[  710.521314][  T113]  jfs_fill_super+0xc46/0x1040
[  710.526080][  T113]  get_tree_bdev_flags+0x38c/0x620
[  710.531198][  T113]  vfs_get_tree+0x8e/0x330
[  710.535638][  T113]  path_mount+0x7bf/0x23a0
[  710.540076][  T113]  __x64_sys_mount+0x293/0x310
[  710.544865][  T113]  do_syscall_64+0xcd/0xf80
[  710.549455][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.555371][  T113] 
[  710.557690][  T113] Freed by task 5833:
[  710.561663][  T113]  kasan_save_stack+0x33/0x60
[  710.566345][  T113]  kasan_save_track+0x14/0x30
[  710.571028][  T113]  kasan_save_free_info+0x3b/0x60
[  710.576070][  T113]  __kasan_slab_free+0x5f/0x80
[  710.580836][  T113]  kfree+0x2f8/0x6e0
[  710.584743][  T113]  lmLogClose+0x585/0x710
[  710.589090][  T113]  jfs_umount+0x2f0/0x440
[  710.593429][  T113]  jfs_put_super+0x88/0x1d0
[  710.597956][  T113]  generic_shutdown_super+0x156/0x390
[  710.603352][  T113]  kill_block_super+0x3b/0x90
[  710.608048][  T113]  deactivate_locked_super+0xc1/0x1a0
[  710.613421][  T113]  deactivate_super+0xde/0x100
[  710.618186][  T113]  cleanup_mnt+0x225/0x450
[  710.622621][  T113]  task_work_run+0x150/0x240
[  710.627220][  T113]  exit_to_user_mode_loop+0xfb/0x540
[  710.632524][  T113]  do_syscall_64+0x4ee/0xf80
[  710.637115][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.643017][  T113] 
[  710.645335][  T113] The buggy address belongs to the object at ffff888034f1a000
[  710.645335][  T113]  which belongs to the cache kmalloc-1k of size 1024
[  710.659388][  T113] The buggy address is located 208 bytes inside of
[  710.659388][  T113]  freed 1024-byte region [ffff888034f1a000, ffff888034f1a400)
[  710.673289][  T113] 
[  710.675609][  T113] The buggy address belongs to the physical page:
[  710.682012][  T113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34f18
[  710.690778][  T113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  710.699369][  T113] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  710.706916][  T113] page_type: f5(slab)
[  710.710900][  T113] raw: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  710.719486][  T113] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  710.728076][  T113] head: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  710.736754][  T113] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  710.745607][  T113] head: 00fff00000000003 ffffea0000d3c601 00000000ffffffff 00000000ffffffff
[  710.754281][  T113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  710.763032][  T113] page dumped because: kasan: bad access detected
[  710.769435][  T113] page_owner tracks the page as allocated
[  710.775140][  T113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 141891849365, free_ts 140458201050
[  710.794269][  T113]  post_alloc_hook+0x1af/0x220
[  710.799069][  T113]  get_page_from_freelist+0xd0b/0x31a0
[  710.804558][  T113]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  710.810479][  T113]  alloc_pages_mpol+0x1fb/0x550
[  710.815346][  T113]  new_slab+0x2c3/0x430
[  710.819521][  T113]  ___slab_alloc+0xe18/0x1c90
[  710.824222][  T113]  __slab_alloc.constprop.0+0x63/0x110
[  710.829702][  T113]  __kmalloc_noprof+0x4fc/0x910
[  710.834581][  T113]  ieee802_11_parse_elems_full+0x1db/0x3780
[  710.840503][  T113]  ieee80211_inform_bss+0x15a/0x1150
[  710.845844][  T113]  cfg80211_inform_single_bss_data+0x8e9/0x1d30
[  710.852117][  T113]  cfg80211_inform_bss_data+0x22b/0x3be0
[  710.857775][  T113]  cfg80211_inform_bss_frame_data+0x26f/0x720
[  710.863869][  T113]  ieee80211_bss_info_update+0x310/0xab0
[  710.869514][  T113]  ieee80211_ibss_rx_queued_mgmt+0x1927/0x2fc0
[  710.875683][  T113]  ieee80211_iface_work+0xe28/0x1350
[  710.880987][  T113] page last free pid 5194 tgid 5194 stack trace:
[  710.887310][  T113]  __free_frozen_pages+0x7df/0x1170
[  710.892528][  T113]  __put_partials+0x130/0x170
[  710.897229][  T113]  qlist_free_all+0x4c/0xf0
[  710.901736][  T113]  kasan_quarantine_reduce+0x195/0x1e0
[  710.907200][  T113]  __kasan_slab_alloc+0x69/0x90
[  710.912056][  T113]  kmem_cache_alloc_noprof+0x25e/0x770
[  710.917534][  T113]  getname_flags.part.0+0x4c/0x550
[  710.922670][  T113]  getname_flags+0x93/0xf0
[  710.927094][  T113]  do_sys_openat2+0xb9/0x290
[  710.931706][  T113]  __x64_sys_openat+0x174/0x210
[  710.936578][  T113]  do_syscall_64+0xcd/0xf80
[  710.941083][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.946982][  T113] 
[  710.949306][  T113] Memory state around the buggy address:
[  710.954929][  T113]  ffff888034f19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  710.962994][  T113]  ffff888034f1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.971059][  T113] >ffff888034f1a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.979117][  T113]                                                  ^
[  710.985797][  T113]  ffff888034f1a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  710.993864][  T113]  ffff888034f1a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  711.002011][  T113] ==================================================================
[  711.010063][  T113] ==================================================================
[  711.018122][  T113] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x265/0x2b0
[  711.025953][  T113] Read of size 4 at addr ffff888034f1a0c8 by task jfsCommit/113
[  711.033595][  T113] 
[  711.035925][  T113] CPU: 0 UID: 0 PID: 113 Comm: jfsCommit Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[  711.035977][  T113] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[  711.035991][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  711.036020][  T113] Call Trace:
[  711.036031][  T113]  <TASK>
[  711.036043][  T113]  dump_stack_lvl+0x116/0x1f0
[  711.036102][  T113]  print_report+0xcd/0x630
[  711.036141][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.036182][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.036223][  T113]  ? __phys_addr+0xe8/0x180
[  711.036256][  T113]  ? do_raw_spin_lock+0x265/0x2b0
[  711.036303][  T113]  kasan_report+0xe0/0x110
[  711.036343][  T113]  ? do_raw_spin_lock+0x265/0x2b0
[  711.036395][  T113]  do_raw_spin_lock+0x265/0x2b0
[  711.036441][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.036483][  T113]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  711.036530][  T113]  ? lock_acquire+0x2cd/0x330
[  711.036570][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  711.036607][  T113]  _raw_spin_lock_irqsave+0x42/0x60
[  711.036657][  T113]  ? __mutex_lock+0xca5/0x1ca0
[  711.036690][  T113]  __mutex_lock+0xca5/0x1ca0
[  711.036724][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.036766][  T113]  ? jfs_syncpt+0x2a/0xa0
[  711.036813][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  711.036850][  T113]  ? do_raw_spin_lock+0x12c/0x2b0
[  711.036901][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.036942][  T113]  ? find_held_lock+0x2b/0x80
[  711.036997][  T113]  ? jfs_syncpt+0x2a/0xa0
[  711.037042][  T113]  jfs_syncpt+0x2a/0xa0
[  711.037085][  T113]  txEnd+0x30a/0x5a0
[  711.037130][  T113]  jfs_lazycommit+0x783/0xb30
[  711.037184][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  711.037234][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  711.037290][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  711.037345][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.037387][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.037427][  T113]  ? __kthread_parkme+0x19e/0x250
[  711.037460][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  711.037508][  T113]  kthread+0x3c5/0x780
[  711.037547][  T113]  ? __pfx_kthread+0x10/0x10
[  711.037588][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.037628][  T113]  ? rcu_is_watching+0x12/0xc0
[  711.037660][  T113]  ? __pfx_kthread+0x10/0x10
[  711.037700][  T113]  ret_from_fork+0x983/0xb10
[  711.037739][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  711.037778][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.037818][  T113]  ? __switch_to+0x7af/0x10d0
[  711.037862][  T113]  ? __pfx_kthread+0x10/0x10
[  711.037903][  T113]  ret_from_fork_asm+0x1a/0x30
[  711.037966][  T113]  </TASK>
[  711.037977][  T113] 
[  711.291970][  T113] Allocated by task 12590:
[  711.296381][  T113]  kasan_save_stack+0x33/0x60
[  711.301157][  T113]  kasan_save_track+0x14/0x30
[  711.305841][  T113]  __kasan_kmalloc+0xaa/0xb0
[  711.310441][  T113]  lmLogOpen+0x571/0x13c0
[  711.314783][  T113]  jfs_mount_rw+0x2e9/0x6f0
[  711.319294][  T113]  jfs_fill_super+0xc46/0x1040
[  711.324059][  T113]  get_tree_bdev_flags+0x38c/0x620
[  711.329178][  T113]  vfs_get_tree+0x8e/0x330
[  711.333632][  T113]  path_mount+0x7bf/0x23a0
[  711.338074][  T113]  __x64_sys_mount+0x293/0x310
[  711.342862][  T113]  do_syscall_64+0xcd/0xf80
[  711.347369][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.353270][  T113] 
[  711.355683][  T113] Freed by task 5833:
[  711.359653][  T113]  kasan_save_stack+0x33/0x60
[  711.364337][  T113]  kasan_save_track+0x14/0x30
[  711.369021][  T113]  kasan_save_free_info+0x3b/0x60
[  711.374065][  T113]  __kasan_slab_free+0x5f/0x80
[  711.378836][  T113]  kfree+0x2f8/0x6e0
[  711.382748][  T113]  lmLogClose+0x585/0x710
[  711.387093][  T113]  jfs_umount+0x2f0/0x440
[  711.391435][  T113]  jfs_put_super+0x88/0x1d0
[  711.396046][  T113]  generic_shutdown_super+0x156/0x390
[  711.401454][  T113]  kill_block_super+0x3b/0x90
[  711.406250][  T113]  deactivate_locked_super+0xc1/0x1a0
[  711.411719][  T113]  deactivate_super+0xde/0x100
[  711.416490][  T113]  cleanup_mnt+0x225/0x450
[  711.420920][  T113]  task_work_run+0x150/0x240
[  711.425524][  T113]  exit_to_user_mode_loop+0xfb/0x540
[  711.430832][  T113]  do_syscall_64+0x4ee/0xf80
[  711.435424][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.441501][  T113] 
[  711.443818][  T113] The buggy address belongs to the object at ffff888034f1a000
[  711.443818][  T113]  which belongs to the cache kmalloc-1k of size 1024
[  711.457874][  T113] The buggy address is located 200 bytes inside of
[  711.457874][  T113]  freed 1024-byte region [ffff888034f1a000, ffff888034f1a400)
[  711.471860][  T113] 
[  711.474201][  T113] The buggy address belongs to the physical page:
[  711.480643][  T113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34f18
[  711.489413][  T113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  711.497917][  T113] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  711.505469][  T113] page_type: f5(slab)
[  711.509454][  T113] raw: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  711.518068][  T113] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  711.526673][  T113] head: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  711.535346][  T113] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  711.544031][  T113] head: 00fff00000000003 ffffea0000d3c601 00000000ffffffff 00000000ffffffff
[  711.552717][  T113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  711.561386][  T113] page dumped because: kasan: bad access detected
[  711.567790][  T113] page_owner tracks the page as allocated
[  711.573493][  T113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 141891849365, free_ts 140458201050
[  711.592798][  T113]  post_alloc_hook+0x1af/0x220
[  711.597678][  T113]  get_page_from_freelist+0xd0b/0x31a0
[  711.603162][  T113]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  711.609083][  T113]  alloc_pages_mpol+0x1fb/0x550
[  711.614051][  T113]  new_slab+0x2c3/0x430
[  711.618224][  T113]  ___slab_alloc+0xe18/0x1c90
[  711.622923][  T113]  __slab_alloc.constprop.0+0x63/0x110
[  711.628401][  T113]  __kmalloc_noprof+0x4fc/0x910
[  711.633266][  T113]  ieee802_11_parse_elems_full+0x1db/0x3780
[  711.639179][  T113]  ieee80211_inform_bss+0x15a/0x1150
[  711.644478][  T113]  cfg80211_inform_single_bss_data+0x8e9/0x1d30
[  711.650832][  T113]  cfg80211_inform_bss_data+0x22b/0x3be0
[  711.656502][  T113]  cfg80211_inform_bss_frame_data+0x26f/0x720
[  711.662597][  T113]  ieee80211_bss_info_update+0x310/0xab0
[  711.668242][  T113]  ieee80211_ibss_rx_queued_mgmt+0x1927/0x2fc0
[  711.674412][  T113]  ieee80211_iface_work+0xe28/0x1350
[  711.679714][  T113] page last free pid 5194 tgid 5194 stack trace:
[  711.686035][  T113]  __free_frozen_pages+0x7df/0x1170
[  711.691262][  T113]  __put_partials+0x130/0x170
[  711.695965][  T113]  qlist_free_all+0x4c/0xf0
[  711.700479][  T113]  kasan_quarantine_reduce+0x195/0x1e0
[  711.705967][  T113]  __kasan_slab_alloc+0x69/0x90
[  711.710829][  T113]  kmem_cache_alloc_noprof+0x25e/0x770
[  711.716316][  T113]  getname_flags.part.0+0x4c/0x550
[  711.721453][  T113]  getname_flags+0x93/0xf0
[  711.725888][  T113]  do_sys_openat2+0xb9/0x290
[  711.730510][  T113]  __x64_sys_openat+0x174/0x210
[  711.735381][  T113]  do_syscall_64+0xcd/0xf80
[  711.739890][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.745802][  T113] 
[  711.748134][  T113] Memory state around the buggy address:
[  711.753764][  T113]  ffff888034f19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  711.761829][  T113]  ffff888034f1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  711.769893][  T113] >ffff888034f1a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  711.777948][  T113]                                               ^
[  711.784463][  T113]  ffff888034f1a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  711.792526][  T113]  ffff888034f1a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  711.800580][  T113] ==================================================================
[  711.808632][  T113] ==================================================================
[  711.816695][  T113] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x11d/0x2b0
[  711.824618][  T113] Write of size 4 at addr ffff888034f1a0c0 by task jfsCommit/113
[  711.832336][  T113] 
[  711.834667][  T113] CPU: 0 UID: 0 PID: 113 Comm: jfsCommit Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[  711.834719][  T113] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[  711.834733][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  711.834761][  T113] Call Trace:
[  711.834774][  T113]  <TASK>
[  711.834788][  T113]  dump_stack_lvl+0x116/0x1f0
[  711.834847][  T113]  print_report+0xcd/0x630
[  711.834886][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.834927][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.834968][  T113]  ? __phys_addr+0xe8/0x180
[  711.835000][  T113]  ? do_raw_spin_lock+0x11d/0x2b0
[  711.835048][  T113]  kasan_report+0xe0/0x110
[  711.835086][  T113]  ? do_raw_spin_lock+0x11d/0x2b0
[  711.835138][  T113]  kasan_check_range+0x100/0x1b0
[  711.835184][  T113]  do_raw_spin_lock+0x11d/0x2b0
[  711.835230][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.835272][  T113]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  711.835318][  T113]  ? lock_acquire+0x2cd/0x330
[  711.835357][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  711.835394][  T113]  _raw_spin_lock_irqsave+0x42/0x60
[  711.835444][  T113]  ? __mutex_lock+0xca5/0x1ca0
[  711.835476][  T113]  __mutex_lock+0xca5/0x1ca0
[  711.835511][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.835552][  T113]  ? jfs_syncpt+0x2a/0xa0
[  711.835598][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  711.835635][  T113]  ? do_raw_spin_lock+0x12c/0x2b0
[  711.835685][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.835726][  T113]  ? find_held_lock+0x2b/0x80
[  711.835785][  T113]  ? jfs_syncpt+0x2a/0xa0
[  711.835827][  T113]  jfs_syncpt+0x2a/0xa0
[  711.835873][  T113]  txEnd+0x30a/0x5a0
[  711.835919][  T113]  jfs_lazycommit+0x783/0xb30
[  711.835972][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  711.836022][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  711.836077][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  711.836133][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.836175][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.836215][  T113]  ? __kthread_parkme+0x19e/0x250
[  711.836248][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  711.836297][  T113]  kthread+0x3c5/0x780
[  711.836336][  T113]  ? __pfx_kthread+0x10/0x10
[  711.836377][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.836417][  T113]  ? rcu_is_watching+0x12/0xc0
[  711.836448][  T113]  ? __pfx_kthread+0x10/0x10
[  711.836489][  T113]  ret_from_fork+0x983/0xb10
[  711.836527][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  711.836565][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  711.836606][  T113]  ? __switch_to+0x7af/0x10d0
[  711.836651][  T113]  ? __pfx_kthread+0x10/0x10
[  711.836691][  T113]  ret_from_fork_asm+0x1a/0x30
[  711.836760][  T113]  </TASK>
[  711.836771][  T113] 
[  712.095564][  T113] Allocated by task 12590:
[  712.099971][  T113]  kasan_save_stack+0x33/0x60
[  712.104655][  T113]  kasan_save_track+0x14/0x30
[  712.109367][  T113]  __kasan_kmalloc+0xaa/0xb0
[  712.113961][  T113]  lmLogOpen+0x571/0x13c0
[  712.118307][  T113]  jfs_mount_rw+0x2e9/0x6f0
[  712.122820][  T113]  jfs_fill_super+0xc46/0x1040
[  712.127587][  T113]  get_tree_bdev_flags+0x38c/0x620
[  712.132708][  T113]  vfs_get_tree+0x8e/0x330
[  712.137154][  T113]  path_mount+0x7bf/0x23a0
[  712.141589][  T113]  __x64_sys_mount+0x293/0x310
[  712.146376][  T113]  do_syscall_64+0xcd/0xf80
[  712.150885][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.156789][  T113] 
[  712.159101][  T113] Freed by task 5833:
[  712.163070][  T113]  kasan_save_stack+0x33/0x60
[  712.167758][  T113]  kasan_save_track+0x14/0x30
[  712.172441][  T113]  kasan_save_free_info+0x3b/0x60
[  712.177484][  T113]  __kasan_slab_free+0x5f/0x80
[  712.182257][  T113]  kfree+0x2f8/0x6e0
[  712.186176][  T113]  lmLogClose+0x585/0x710
[  712.190519][  T113]  jfs_umount+0x2f0/0x440
[  712.194856][  T113]  jfs_put_super+0x88/0x1d0
[  712.199391][  T113]  generic_shutdown_super+0x156/0x390
[  712.204793][  T113]  kill_block_super+0x3b/0x90
[  712.209498][  T113]  deactivate_locked_super+0xc1/0x1a0
[  712.214879][  T113]  deactivate_super+0xde/0x100
[  712.219687][  T113]  cleanup_mnt+0x225/0x450
[  712.224118][  T113]  task_work_run+0x150/0x240
[  712.228719][  T113]  exit_to_user_mode_loop+0xfb/0x540
[  712.234028][  T113]  do_syscall_64+0x4ee/0xf80
[  712.238621][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.244521][  T113] 
[  712.246839][  T113] The buggy address belongs to the object at ffff888034f1a000
[  712.246839][  T113]  which belongs to the cache kmalloc-1k of size 1024
[  712.260902][  T113] The buggy address is located 192 bytes inside of
[  712.260902][  T113]  freed 1024-byte region [ffff888034f1a000, ffff888034f1a400)
[  712.274967][  T113] 
[  712.277282][  T113] The buggy address belongs to the physical page:
[  712.283684][  T113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34f18
[  712.292443][  T113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  712.300946][  T113] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  712.308493][  T113] page_type: f5(slab)
[  712.312477][  T113] raw: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  712.321067][  T113] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  712.329657][  T113] head: 00fff00000000040 ffff88813ff26dc0 ffffea0000d30c00 dead000000000002
[  712.338333][  T113] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  712.347008][  T113] head: 00fff00000000003 ffffea0000d3c601 00000000ffffffff 00000000ffffffff
[  712.355684][  T113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  712.364347][  T113] page dumped because: kasan: bad access detected
[  712.370753][  T113] page_owner tracks the page as allocated
[  712.376465][  T113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 141891849365, free_ts 140458201050
[  712.395849][  T113]  post_alloc_hook+0x1af/0x220
[  712.400643][  T113]  get_page_from_freelist+0xd0b/0x31a0
[  712.406136][  T113]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  712.412060][  T113]  alloc_pages_mpol+0x1fb/0x550
[  712.416919][  T113]  new_slab+0x2c3/0x430
[  712.421089][  T113]  ___slab_alloc+0xe18/0x1c90
[  712.425782][  T113]  __slab_alloc.constprop.0+0x63/0x110
[  712.431261][  T113]  __kmalloc_noprof+0x4fc/0x910
[  712.436137][  T113]  ieee802_11_parse_elems_full+0x1db/0x3780
[  712.442049][  T113]  ieee80211_inform_bss+0x15a/0x1150
[  712.447353][  T113]  cfg80211_inform_single_bss_data+0x8e9/0x1d30
[  712.453622][  T113]  cfg80211_inform_bss_data+0x22b/0x3be0
[  712.459284][  T113]  cfg80211_inform_bss_frame_data+0x26f/0x720
[  712.465387][  T113]  ieee80211_bss_info_update+0x310/0xab0
[  712.471043][  T113]  ieee80211_ibss_rx_queued_mgmt+0x1927/0x2fc0
[  712.477215][  T113]  ieee80211_iface_work+0xe28/0x1350
[  712.482517][  T113] page last free pid 5194 tgid 5194 stack trace:
[  712.488921][  T113]  __free_frozen_pages+0x7df/0x1170
[  712.494146][  T113]  __put_partials+0x130/0x170
[  712.498846][  T113]  qlist_free_all+0x4c/0xf0
[  712.503357][  T113]  kasan_quarantine_reduce+0x195/0x1e0
[  712.508822][  T113]  __kasan_slab_alloc+0x69/0x90
[  712.513699][  T113]  kmem_cache_alloc_noprof+0x25e/0x770
[  712.519182][  T113]  getname_flags.part.0+0x4c/0x550
[  712.524317][  T113]  getname_flags+0x93/0xf0
[  712.528741][  T113]  do_sys_openat2+0xb9/0x290
[  712.533352][  T113]  __x64_sys_openat+0x174/0x210
[  712.538224][  T113]  do_syscall_64+0xcd/0xf80
[  712.542731][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.548631][  T113] 
[  712.551032][  T113] Memory state around the buggy address:
[  712.556656][  T113]  ffff888034f19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  712.564719][  T113]  ffff888034f1a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  712.572784][  T113] >ffff888034f1a080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  712.580848][  T113]                                            ^
[  712.586996][  T113]  ffff888034f1a100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  712.595060][  T113]  ffff888034f1a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  712.603112][  T113] ==================================================================
[  712.611165][  T113] Kernel panic - not syncing: kasan.fault=panic_on_write set ...
[  712.618887][  T113] CPU: 0 UID: 0 PID: 113 Comm: jfsCommit Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[  712.629586][  T113] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[  712.635121][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  712.645173][  T113] Call Trace:
[  712.648449][  T113]  <TASK>
[  712.651375][  T113]  dump_stack_lvl+0x3d/0x1f0
[  712.656268][  T113]  vpanic+0x640/0x6f0
[  712.660264][  T113]  panic+0xca/0xd0
[  712.663997][  T113]  ? __pfx_panic+0x10/0x10
[  712.668522][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.674175][  T113]  ? rcu_is_watching+0x12/0xc0
[  712.678967][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.684627][  T113]  ? lock_release+0x201/0x2d0
[  712.689317][  T113]  ? print_report+0x2bd/0x630
[  712.694022][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.699675][  T113]  end_report+0x13f/0x160
[  712.704023][  T113]  kasan_report+0xee/0x110
[  712.708457][  T113]  ? do_raw_spin_lock+0x11d/0x2b0
[  712.713516][  T113]  kasan_check_range+0x100/0x1b0
[  712.718652][  T113]  do_raw_spin_lock+0x11d/0x2b0
[  712.723529][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.729266][  T113]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  712.734658][  T113]  ? lock_acquire+0x2cd/0x330
[  712.739348][  T113]  ? __mutex_lock+0x1a24/0x1ca0
[  712.744213][  T113]  _raw_spin_lock_irqsave+0x42/0x60
[  712.749439][  T113]  ? __mutex_lock+0xca5/0x1ca0
[  712.754209][  T113]  __mutex_lock+0xca5/0x1ca0
[  712.758810][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.764552][  T113]  ? jfs_syncpt+0x2a/0xa0
[  712.768991][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  712.774038][  T113]  ? do_raw_spin_lock+0x12c/0x2b0
[  712.779085][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.784731][  T113]  ? find_held_lock+0x2b/0x80
[  712.789446][  T113]  ? jfs_syncpt+0x2a/0xa0
[  712.793791][  T113]  jfs_syncpt+0x2a/0xa0
[  712.797966][  T113]  txEnd+0x30a/0x5a0
[  712.801891][  T113]  jfs_lazycommit+0x783/0xb30
[  712.806595][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  712.811906][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  712.817743][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  712.822978][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.828637][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.834284][  T113]  ? __kthread_parkme+0x19e/0x250
[  712.839317][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  712.844541][  T113]  kthread+0x3c5/0x780
[  712.848630][  T113]  ? __pfx_kthread+0x10/0x10
[  712.853238][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.858893][  T113]  ? rcu_is_watching+0x12/0xc0
[  712.863670][  T113]  ? __pfx_kthread+0x10/0x10
[  712.868282][  T113]  ret_from_fork+0x983/0xb10
[  712.872890][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  712.878021][  T113]  ? srso_alias_return_thunk+0x5/0xfbef5
[  712.883685][  T113]  ? __switch_to+0x7af/0x10d0
[  712.888383][  T113]  ? __pfx_kthread+0x10/0x10
[  712.892993][  T113]  ret_from_fork_asm+0x1a/0x30
[  712.897802][  T113]  </TASK>
[  712.901172][  T113] Kernel Offset: disabled
[  712.905491][  T113] Rebooting in 86400 seconds..