last executing test programs:

4.489242422s ago: executing program 2 (id=489):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000400)={0x2, {0x1, 0x1, 0x6, 0x101}, {0x3, 0x5, 0x80000001, 0x1}, {0x1, 0xaba6}})

4.488550785s ago: executing program 2 (id=491):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103d02, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x15)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000240)="f70c", 0x2}], 0x1)

4.396113434s ago: executing program 2 (id=493):
mq_open(&(0x7f0000000180)='*\x00', 0x40, 0x18, &(0x7f0000000200)={0x8, 0x0, 0x2, 0x10001})

4.395886614s ago: executing program 2 (id=494):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa0835c, &(0x7f0000000340)={[{@nojournal_checksum}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@dioread_nolock}, {@usrjquota}, {@oldalloc}, {@sysvgroups}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

4.271054835s ago: executing program 2 (id=495):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000440)='./file0\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES64], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="00d77fbe9e57a434f929f74bee0c10f9cecfc3ead3b77b247312d0ad8ba2674f257f47c684e0aec5cb3009a5028bd4f70eef4b274a5c38fec4079e5f43b598a9e97e460422eae305e57ae786347345f1de885fa6957858a8b0377854b8190607303abd6aee330a8caac51797b7a15b53acc98e0d526b12f36eb277aead8d55f85523364369522d5f49efa95367a99d00d2c3049e41e7d9ffffffd7a5af9bb021ff2474356bb2c975e3e8f87f1064a983db4d47057c94053fbf53a474536fe59f83bfc1843bd6449160b0c4842dbbeef31ac9bd265bf70f693c8c0c0b783b82271433a5d3d3bcd4c7f801004830262a3c414bfbe76d431c2001567510239dd2f2bbc049000000000000000000000092675a0b4430360148a763030694149b66a254a61956fb1b6bcd6cfc49f4f84694e73ed9c4b4d6b47fc89f36d8e5fd41d863a5bdb87562aa6e346b0b210786e0ae945cf920870ccd9657e2d7639d2d2bc46706950fc40406f22ac773d5043bddfe88faba3a973a67a0a8c64c95ba285267c76a7a31636f1e09ea085c771b3aae335b25fcb6b11358349c0f04abad13df1d0a2f732b059707f13b539692c4fc930ccae68178bd95cfea76185a8146ff55219ed65edb3f89f2fd4112fa45eaaee3ad02b5f2ff9c85453a6af8f4a408bc729aec69f33404b61ad21da92b8c813ca3de184e899a596543ca6d9be9f93840870ccda17746cd6461ad770ab337102b891bcd84c1596a60db767d62f38f12b17636d1478ccb6dc3bf80474432a6123cdaf8a02bc6ac95c722c79aae41084a61bdc51f288b399f989893d302e48efd6bde23391c1867f9ae6c744f28ebe7027e1bc4e07a606691ccb47fe3ef3aa065b459734209ebacefaab29152ff79d6ed6b9bc9c638eab2c1a712053b50b19f6d1211483da44776df821c1f071af464fbc301e8282fd80dd61a80920b738a1c99fb4352a73c9e411b038d31ccf463a2d7edc5c339744e0f5052f275809bdba24f2a82b9f49101ed541031052095536b30"], 0x1, 0xf01, &(0x7f0000001e00)="$eJzs3U9oHNf9APA3q3+2pVirJL9flKSx1aSpE7eVXdmH9FQHTAshhFx6T3CsxFRJTZ0eEmIs9+RCDykhl5QeUpJbwT0UmlAooVDonxx67im0l5bigiGXGqwtkt9brZ413dVImtVqPx/46unNG833O16xnjfafRuAodVY+3r69GwRwrsfv3P221dWfr267Wh7j7m1r0XsNUMIYx39IjveZ3HD7ZtvnVttV7K2CAtrX9N4eO5G+2cnQwjLYS58Eprh6PHm59dGnl388L1Pj12++Mwru3T6AAAwVK7/aemvT/7jj1+duXX9yJkw0d6ers+bsT8Zr/tPxuv7dN3fCBv7RUd0Gs/2G4nRyPYbyfYbzfKMluQby44zVrLfeJd8Ix3bNjtPAAAAGESNOMdthqIx3zHPbYZGY37+zrx/1WfT48X8axeWFi/1sVgAAACgks+vrL3oVgghhBBiiONWq9Xqdw1CCCHE7kZrut93IAAAAIBhk9YdaK8PllvOVxbYnvbRmr3lv/F0Y/Ofhx1Q9++//IOV/4OrnnEAAKhuv15NpvNK19FpHYN8HcGR7Oe2ev3fyI4zusU6y9YVHJT1BsvqzP9d96qy+rf6OPZLWf35eph7VVn9+Tqde1VZ/RM111FVWf0Haq6jqrL6D9ZcR1Vl9R+quY6qyuqfrLmOqsrqn6q5jqrK6r+n5jqqKqv/cM11VFVW/6C8rLas/mbNdVRVVv9MzXVUVVb/vTXXUVVZ/ffVXEdVZfXfX3Md/fJIbNO/w5FsvHP+nM/pBmWOBwAAAMPuP31b/++bfV/7YNhi7W/Ce6AOIYTY9Vg1twfqEEIIsUnEFcj6XofYwbi6B2oQPcSVft58AAAAAPaE9L6A9K73VpTGR7qMj3YZH+syPt5lfKLLOAAAABDCb64tPvh2sf4+/+2uh5fWjUrrL211HaN8PcKt5t/uumfbzT8o65YBAAAwXIpvfbJy/Oz7r8/cun7kTMfsdyXOd9M6oKPx3sBHsZ9eFzCV9Ys0hz6zMU+jZL/8/sA9Zcd7fpsnCgAAAEMszd+boWjMd8y7m6HRmJ9fn4/PhrFi8cLS+ZOxnz6f5Q/TYxOr279ec90AAABA79bn+5vP/9Pn+M6G8WL+tQtLi5fu9Kfa28canfcFpte3F533BZrZ9oWS7adiP31+5yvTB9e2z5/73tJLO33yAAAAMCQuvfHmd19cWjr/fd/4xje+aX/T72cmAABgp33493f+/INTU7+98/7/9fXv0vv/52K/Gdf2+0vcIb1OIL0P4K7367+wMc902X4XN+7XzPYbiTGR1X2g4zihY73B9HMzG/oj6/s2Nx5nvCTfZJZvKsuXr1Mwmu2fzu9wtj1fnzDtN51tz9dhHM1yFFn+RwMAAACUO/H6qxdPXHrjza9dePXFl8+/fP61UycXvrHw1MLC6YUTa6/rP9H56n4AAABgEK2/6LfflQAAAAAAAAAAAAAAAAAAAMDwquPjxPp9jgAAADDs/n0lhLAshBBC1Bdrn3G6B+oQQgghxODHhOuKnqPVyj9pHgAAAGB33b751rnYXt10h+ViR/O1j9YM4UDH9pVYx+8f/9njq5G233h64/2SQztaDcOu4/f/3KY77PDvv/yDlf+Dqzubv/2c17zTpOe98ue/xsYDnKmW98s/+ecTnfkfGu0xf37+z1fLfyzLfyz0lr/1fpb/hWr5n8jyH+ox/13nf7Fa/idj/tlUz2O95t/4+E/ENp3HwR7zH8/O/6XQa/7s/Js9Jsx8JeYHgGHU6HcBuyRdJaTr6MnYT+cbLzdD/uqHrV7/N7LjjG678o3HTddBD8R+ul6ayvImW61/MjvePRXrzA3Kq0rK6t+px3G3ldU/VnMdVZXVP15zHVWV1T9Rcx1VldV/oOY6qiqrv9d5aL+V1T8o95XL6p+suY6qyuqfqrmOqsrq3+r/4/1SVv/hmuuoqqz+6ZrrqKqs/oq31WpXVv9MzXVUVVb/vTXXUVVZ/ffVXEdVZfXff/emQbkk2pKHY1s2H07zz+k4lvrNrD+xyb/lfr23AAAAAIPmX9b/E0IIIYQQQggh9n20Wv2+A0E/7e67mQHYqzz/DzeP/3Dz+A83jz//S3oNf5H1k5Eu46Ndxse6jI9n4/nv60SX8fuy47aiNH5/l/H/6zJ+uMv4A13GZ7uMP9hl/KEu4w93GQcAAGA4/H9szQ8BAABg/7r8i49+/KtjL9ycuXX9yJkwfte68ydjfyL+bf1a7Ofr3idj8W/+P4z9n8f2d7H9W7a/158AAADA7kufE+Pv/wAAALB/pc8pNf8HAACA/Wsmtub/AAAAsH/dG1vzfwAAANjHigObb45tui/waGx7XdcPANj7vhDbR2J7JLZHY/vF2KbrgMdi+6Wa6gMAds5Pv/Ojp94u1tf7P5WN347bU3uX5Tt3CorGxpX8D8b2UGwf77Ge/PMAes2fHO4xz27ln95mfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg/2isfT19erYI4d2P3zk7ffnsy6vbjrb3mFv7WsReM4Qw1v65NLre/2Xc8fbNt86ttiuxbcW2CAuhCEV7PDx3o51pMoSwHObCJ6EZjh5vfn5t5NnFD9/79Njli8+8sov/BAAAALDv/TcAAP//vcAp6A==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)
getsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x89, 0x0, 0x0)

4.162016885s ago: executing program 0 (id=497):
fdatasync(0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$media(&(0x7f00000001c0), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f0000000700)={0x0, 0x0, 0x0, &(0x7f0000000480), 0x6, 0x0, &(0x7f0000032680)=[{}, {}, {}, {}, {}, {}], 0x0, 0x0, &(0x7f0000000280), 0x1, 0x0, &(0x7f00000006c0)=[{}]})

3.880858606s ago: executing program 2 (id=498):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0x4004743d, 0x110c230000)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101282, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x0)
fstat(r0, &(0x7f0000002900))

3.617215171s ago: executing program 32 (id=498):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0x4004743d, 0x110c230000)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101282, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x0)
fstat(r0, &(0x7f0000002900))

3.569684128s ago: executing program 0 (id=500):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e15010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

1.469487349s ago: executing program 1 (id=501):
r0 = syz_open_dev$radio(&(0x7f0000000280), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000002c0)={0x0, 0x1, 0x0, 0x0, 0x0, 0xfa004, 0x8})

1.469254186s ago: executing program 1 (id=502):
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="120100004b41460860163209ea80010203010902120001000000000904"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000100)={&(0x7f0000000080)=[{0x63, 0x4000, 0x0, 0x0}, {0x8, 0x4051, 0x0, 0x0}], 0x2})

448.509699ms ago: executing program 0 (id=503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000020000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

311.978041ms ago: executing program 0 (id=504):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1a00000004000000000000000100000000800000", @ANYRES32=0x1, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000004"], 0x50)

311.768766ms ago: executing program 0 (id=505):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r1, &(0x7f0000000780)=[{&(0x7f00000007c0)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000bb000000000000003ec6991778401acb6c0101ff0000000309", 0x48}], 0x1)

199.335445ms ago: executing program 1 (id=506):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x3})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x102000000)

138.943299ms ago: executing program 1 (id=507):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_trace_dev_match', 0x180, 0x4)
read(r0, &(0x7f0000000340)=""/210, 0xd2)

80.77016ms ago: executing program 1 (id=508):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="82", 0x1}, {&(0x7f0000000140)="84", 0x1}], 0x2}}], 0x1, 0x4400c800)
sendto$inet6(r0, &(0x7f0000000300), 0x70, 0x3b00, 0x0, 0xfffffffffffffdfd)

337.84µs ago: executing program 1 (id=509):
r0 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)

0s ago: executing program 0 (id=510):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000004c0)=""/4095, 0xfff}, {&(0x7f00000003c0)=""/242, 0xf2}], 0x2}}], 0x1, 0x2000, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x810)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x4000084)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:12677' (ED25519) to the list of known hosts.
syzkaller login: [   57.428686][ T5774] cgroup: Unknown subsys name 'net'
[   57.539431][ T5774] cgroup: Unknown subsys name 'cpuset'
[   57.543862][ T5774] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.619038][ T5774] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   64.630799][ T5236] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   64.635870][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   64.639065][ T5854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   64.642252][ T5854] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   64.645979][ T5854] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   64.649110][ T5854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   64.652656][ T5858] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   64.656511][ T5858] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   64.659913][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   64.664500][ T5236] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   64.673009][ T5236] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   64.696588][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   64.701417][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   64.705786][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   64.710981][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   64.984002][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   65.028513][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   65.043466][ T5851] chnl_net:caif_netlink_parms(): no params data found
[   65.132341][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.136134][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.139466][ T5850] bridge_slave_0: entered allmulticast mode
[   65.143170][ T5850] bridge_slave_0: entered promiscuous mode
[   65.148895][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.151744][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.154606][ T5850] bridge_slave_1: entered allmulticast mode
[   65.161361][ T5850] bridge_slave_1: entered promiscuous mode
[   65.252752][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.260808][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.282514][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.285238][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.288263][ T5846] bridge_slave_0: entered allmulticast mode
[   65.291247][ T5846] bridge_slave_0: entered promiscuous mode
[   65.321767][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.325027][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.329035][ T5851] bridge_slave_0: entered allmulticast mode
[   65.333184][ T5851] bridge_slave_0: entered promiscuous mode
[   65.338853][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.341741][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.344717][ T5851] bridge_slave_1: entered allmulticast mode
[   65.349187][ T5851] bridge_slave_1: entered promiscuous mode
[   65.353189][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.357126][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.360082][ T5846] bridge_slave_1: entered allmulticast mode
[   65.363634][ T5846] bridge_slave_1: entered promiscuous mode
[   65.369564][ T5850] team0: Port device team_slave_0 added
[   65.400361][ T5850] team0: Port device team_slave_1 added
[   65.457064][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.463132][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.469720][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.472741][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.483274][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.491027][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.495096][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.498270][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.508844][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.514958][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.572357][ T5851] team0: Port device team_slave_0 added
[   65.590380][ T5851] team0: Port device team_slave_1 added
[   65.595677][ T5846] team0: Port device team_slave_0 added
[   65.599991][ T5846] team0: Port device team_slave_1 added
[   65.650483][ T5850] hsr_slave_0: entered promiscuous mode
[   65.653005][ T5850] hsr_slave_1: entered promiscuous mode
[   65.664699][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.667157][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.675290][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.681399][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.683722][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.692584][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.698289][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.700640][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.709339][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.721154][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.723562][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.732525][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.819156][ T5851] hsr_slave_0: entered promiscuous mode
[   65.821652][ T5851] hsr_slave_1: entered promiscuous mode
[   65.823993][ T5851] debugfs: 'hsr0' already exists in 'hsr'
[   65.827428][ T5851] Cannot create hsr debugfs directory
[   65.841318][ T5846] hsr_slave_0: entered promiscuous mode
[   65.844051][ T5846] hsr_slave_1: entered promiscuous mode
[   65.846918][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[   65.849253][ T5846] Cannot create hsr debugfs directory
[   66.121405][ T5850] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.130822][ T5850] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.138083][ T5850] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.143643][ T5850] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.213344][ T5851] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   66.223459][ T5851] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   66.230299][ T5851] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   66.245256][ T5851] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.314173][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   66.322320][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   66.335005][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   66.342758][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   66.407255][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.465777][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   66.475353][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.487752][ T4581] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.490875][ T4581] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.508081][ T4581] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.510614][ T4581] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.533183][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   66.564575][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.567529][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.592348][ T4581] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.595303][ T4581] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.643987][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.681263][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   66.707444][ T5849] Bluetooth: hci0: command tx timeout
[   66.708308][ T5857] Bluetooth: hci2: command tx timeout
[   66.725633][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.728778][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.740888][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.743730][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.789044][ T5849] Bluetooth: hci1: command tx timeout
[   66.919177][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.968867][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.004817][ T5850] veth0_vlan: entered promiscuous mode
[   67.018130][ T5850] veth1_vlan: entered promiscuous mode
[   67.081556][ T5850] veth0_macvtap: entered promiscuous mode
[   67.105678][ T5850] veth1_macvtap: entered promiscuous mode
[   67.113245][ T5851] veth0_vlan: entered promiscuous mode
[   67.130020][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.140849][ T5851] veth1_vlan: entered promiscuous mode
[   67.159661][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.180741][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.209804][   T14] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.220567][   T14] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.234826][   T14] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.241367][   T14] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.257105][ T5846] veth0_vlan: entered promiscuous mode
[   67.265785][ T5851] veth0_macvtap: entered promiscuous mode
[   67.285309][ T5851] veth1_macvtap: entered promiscuous mode
[   67.311678][ T5846] veth1_vlan: entered promiscuous mode
[   67.373143][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.382842][ T3010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.388350][ T3010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.402532][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.433133][ T5846] veth0_macvtap: entered promiscuous mode
[   67.443758][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.450076][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.454646][ T3010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.465397][ T3010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.468643][ T5846] veth1_macvtap: entered promiscuous mode
[   67.473149][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.479781][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.533957][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.555512][ T5850] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   67.555702][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.601151][ T5878] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.618388][ T5878] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.623094][ T5878] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.633219][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.644254][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.650472][ T5878] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.713365][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.723219][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.780233][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.792698][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.855422][ T3010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.867135][ T3010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.504722][ T5932] netlink: 'syz.2.8': attribute type 11 has an invalid length.
[   68.674379][ T5935] loop1: detected capacity change from 0 to 164
[   68.794374][ T5849] Bluetooth: hci0: command tx timeout
[   68.796346][ T5857] Bluetooth: hci2: command tx timeout
[   68.866298][ T5857] Bluetooth: hci1: command tx timeout
[   69.583868][ T5949] loop2: detected capacity change from 0 to 40427
[   69.650592][ T5951] bridge0: port 3(syz_tun) entered blocking state
[   69.653081][ T5951] bridge0: port 3(syz_tun) entered disabled state
[   69.658302][ T5951] syz_tun: entered allmulticast mode
[   69.674268][ T5951] syz_tun: entered promiscuous mode
[   69.679984][ T5951] bridge0: port 3(syz_tun) entered blocking state
[   69.683083][ T5951] bridge0: port 3(syz_tun) entered forwarding state
[   69.711947][ T5951] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:1)
[   69.801792][ T5949] F2FS-fs (loop2): invalid crc value
[   70.028009][ T5955] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.17'.
[   70.035571][ T5949] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   70.042809][ T5949] F2FS-fs (loop2): Start checkpoint disabled!
[   70.054487][ T5949] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   70.605403][ T5969] loop0: detected capacity change from 0 to 32768
[   70.608444][ T5969] XFS: ikeep mount option is deprecated.
[   70.658793][ T5969] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   70.677710][ T4454] kworker/u10:5: attempt to access beyond end of device
[   70.677710][ T4454] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427
[   70.683246][ T5954] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   70.710176][ T5956] kworker/u10:7: attempt to access beyond end of device
[   70.710176][ T5956] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   70.721785][ T5969] XFS (loop0): Ending clean mount
[   70.726582][ T5969] XFS (loop0): Quotacheck needed: Please wait.
[   70.726899][ T5956] CPU: 0 UID: 0 PID: 5956 Comm: kworker/u10:7 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[   70.726914][ T5956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   70.726921][ T5956] Workqueue: writeback wb_workfn (flush-7:2)
[   70.726940][ T5956] Call Trace:
[   70.726954][ T5956]  <TASK>
[   70.726965][ T5956]  dump_stack_lvl+0x189/0x250
[   70.726979][ T5956]  ? __pfx_dump_stack_lvl+0x10/0x10
[   70.726988][ T5956]  ? __pfx_queue_work_on+0x10/0x10
[   70.726998][ T5956]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   70.727010][ T5956]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.727024][ T5956]  f2fs_handle_critical_error+0x37c/0x540
[   70.727039][ T5956]  f2fs_write_end_io+0x886/0xb60
[   70.727062][ T5956]  __submit_merged_bio+0x27a/0x6a0
[   70.727077][ T5956]  __submit_merged_write_cond+0x255/0x530
[   70.727090][ T5956]  f2fs_write_data_pages+0x261d/0x3000
[   70.727116][ T5956]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   70.727132][ T5956]  ? finish_task_switch+0x18b/0x950
[   70.727154][ T5956]  ? trace_sched_exit_tp+0x36/0x110
[   70.727164][ T5956]  ? __schedule+0x17ae/0x4cc0
[   70.727175][ T5956]  ? __bfs+0x154/0x2a0
[   70.727195][ T5956]  ? folio_try_get+0x1c/0x340
[   70.727214][ T5956]  ? __lock_acquire+0xab9/0xd20
[   70.727232][ T5956]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   70.727248][ T5956]  do_writepages+0x32e/0x550
[   70.727266][ T5956]  ? reacquire_held_locks+0x127/0x1d0
[   70.727278][ T5956]  ? writeback_sb_inodes+0x384/0x1010
[   70.727300][ T5956]  __writeback_single_inode+0x145/0xff0
[   70.727312][ T5956]  ? do_raw_spin_unlock+0x4d/0x240
[   70.727329][ T5956]  writeback_sb_inodes+0x6c7/0x1010
[   70.727363][ T5956]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   70.727407][ T5956]  ? rcu_is_watching+0x15/0xb0
[   70.727429][ T5956]  wb_writeback+0x43b/0xaf0
[   70.727453][ T5956]  ? queue_io+0x3c1/0x590
[   70.727469][ T5956]  ? __pfx_wb_writeback+0x10/0x10
[   70.727528][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[   70.727549][ T5956]  wb_workfn+0x409/0xef0
[   70.727567][ T5956]  ? __pfx_wb_workfn+0x10/0x10
[   70.727579][ T5956]  ? __lock_acquire+0xab9/0xd20
[   70.727595][ T5956]  ? process_scheduled_works+0x9ef/0x17b0
[   70.727606][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[   70.727614][ T5956]  ? process_scheduled_works+0x9ef/0x17b0
[   70.727621][ T5956]  ? process_scheduled_works+0x9ef/0x17b0
[   70.727629][ T5956]  process_scheduled_works+0xae1/0x17b0
[   70.727651][ T5956]  ? __pfx_process_scheduled_works+0x10/0x10
[   70.727666][ T5956]  worker_thread+0x8a0/0xda0
[   70.727676][ T5956]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   70.727689][ T5956]  ? __kthread_parkme+0x7b/0x200
[   70.727702][ T5956]  kthread+0x711/0x8a0
[   70.727712][ T5956]  ? __pfx_worker_thread+0x10/0x10
[   70.727720][ T5956]  ? __pfx_kthread+0x10/0x10
[   70.727729][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[   70.727738][ T5956]  ? lockdep_hardirqs_on+0x9c/0x150
[   70.727747][ T5956]  ? __pfx_kthread+0x10/0x10
[   70.727757][ T5956]  ret_from_fork+0x3fc/0x770
[   70.727767][ T5956]  ? __pfx_ret_from_fork+0x10/0x10
[   70.727777][ T5956]  ? __switch_to_asm+0x39/0x70
[   70.727788][ T5956]  ? __switch_to_asm+0x33/0x70
[   70.727796][ T5956]  ? __pfx_kthread+0x10/0x10
[   70.727807][ T5956]  ret_from_fork_asm+0x1a/0x30
[   70.727830][ T5956]  </TASK>
[   70.727837][ T5956] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   70.748639][ T5969] XFS (loop0): Quotacheck: Done.
[   70.866581][ T5849] Bluetooth: hci2: command tx timeout
[   70.868521][ T5857] Bluetooth: hci0: command tx timeout
[   70.880287][ T5850] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   70.947299][ T5857] Bluetooth: hci1: command tx timeout
[   70.973822][ T5954] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   70.996194][ T5954] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.006770][ T5954] usb 2-1: Product: syz
[   71.008608][ T5954] usb 2-1: Manufacturer: syz
[   71.010517][ T5954] usb 2-1: SerialNumber: syz
[   71.040914][ T5954] usb 2-1: config 0 descriptor??
[   71.260219][ T1152] usb 2-1: USB disconnect, device number 2
[   71.561512][ T5994] loop0: detected capacity change from 0 to 4096
[   71.588391][ T5995] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   71.700178][ T5997] netlink: 8 bytes leftover after parsing attributes in process `syz.0.30'.
[   71.707385][ T5997] netlink: 312 bytes leftover after parsing attributes in process `syz.0.30'.
[   71.964663][ T6001] loop0: detected capacity change from 0 to 32768
[   71.969715][ T6001] =======================================================
[   71.969715][ T6001] WARNING: The mand mount option has been deprecated and
[   71.969715][ T6001]          and is ignored by this kernel. Remove the mand
[   71.969715][ T6001]          option from the mount to silence this warning.
[   71.969715][ T6001] =======================================================
[   72.170010][ T6001] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=gzip,norecovery,nojournal_transaction_names,no_data_io
[   72.170032][ T6001]   allowing incompatible features above 0.0: (unknown version)
[   72.170041][ T6001]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   72.203125][ T6001] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[   72.218720][ T6001] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   72.222219][ T6001] bcachefs (loop0): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete
[   72.222219][ T6001] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive
[   72.222219][ T6001]   running recovery passes: check_extents_to_backpointers,check_inodes
[   72.312197][ T6001] bcachefs (loop0): btree node read error: no device to read from
[   72.312237][ T6001]  at freespace level 0/0
[   72.312246][ T6001]   u64s 11 type 255 SPOS_MAX len 0 ver 65535: 
[   72.312255][ T6001]   flagging btree freespace lost data
[   72.312263][ T6001]   running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[   72.312272][ T6001]   running recovery pass check_allocations (8), currently at recovery_pass_empty (0)
[   72.312282][ T6001]   running recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[   72.312291][ T6001]   running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[   72.312302][ T6001]   running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0)
[   72.402205][ T6001] bcachefs (loop0): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[   72.593085][ T6001] bcachefs (loop0): check_topology... done
[   72.687122][ T6001] bcachefs (loop0): accounting_read... done
[   72.747703][ T6001] bcachefs (loop0): alloc_read... done
[   72.753793][ T6001] bcachefs (loop0): snapshots_read... done
[   72.761915][ T6001] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[   72.770931][ T6001] bcachefs (loop0): done starting filesystem
[   72.837796][ T6001] bcachefs (loop0): inode 536870912:4294967295 has wrong backpointer:
[   72.837828][ T6001]   got       4330382808765833931:0
[   72.837837][ T6001]   should be 4096:4330382808765833931, fixing
[   72.895575][ T5850] bcachefs (loop0): shutting down
[   72.940583][ T5850] bcachefs (loop0): shutdown complete
[   72.947733][ T5849] Bluetooth: hci2: command tx timeout
[   72.951207][ T5857] Bluetooth: hci0: command tx timeout
[   73.026773][ T5857] Bluetooth: hci1: command tx timeout
[   73.432885][ T6032] loop2: detected capacity change from 0 to 32768
[   73.451370][ T6032] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   73.472898][ T6032] XFS (loop2): Ending clean mount
[   73.478341][ T6032] XFS (loop2): Quotacheck needed: Please wait.
[   73.497066][ T6032] XFS (loop2): Quotacheck: Done.
[   73.531454][ T5851] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   73.582708][ T6039] loop1: detected capacity change from 0 to 32768
[   73.658829][ T6039] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[   73.727829][   T33] audit: type=1800 audit(1755520504.074:2): pid=6039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.44" name="file1" dev="loop1" ino=17059 res=0 errno=0
[   73.837927][ T5846] ocfs2: Unmounting device (7,1) on (node local)
[   74.342021][ T6061] loop1: detected capacity change from 0 to 32768
[   74.359178][ T6061] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.50 (6061)
[   74.408082][ T6061] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   74.411984][ T6061] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[   74.415341][ T6061] BTRFS info (device loop1): using free-space-tree
[   74.512791][ T6061] BTRFS info (device loop1): rebuilding free space tree
[   74.603792][ T6061] BTRFS info (device loop1): checking UUID tree
[   74.638110][   T33] audit: type=1800 audit(1755520504.984:3): pid=6061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.50" name="file2" dev="loop1" ino=261 res=0 errno=0
[   74.725649][ T5846] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   74.831608][ T6070] loop0: detected capacity change from 0 to 40427
[   74.843097][ T6070] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   74.853966][ T6070] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   74.882994][ T6070] F2FS-fs (loop0): invalid crc value
[   74.965980][ T6070] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   74.981912][ T6070] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   74.985376][ T6070] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   75.164488][ T6089] loop1: detected capacity change from 0 to 32768
[   75.308266][ T6089] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc32c,noacl,usrquota,grpquota,nojournal_transaction_names,allocator_stuck_timeout=256
[   75.308289][ T6089]   allowing incompatible features above 0.0: (unknown version)
[   75.308299][ T6089]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   75.336201][ T6089] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[   75.339279][ T6089] bcachefs (loop1): initializing new filesystem
[   75.353181][ T6089] bcachefs (loop1): going read-write
[   75.378024][ T6089] bcachefs (loop1): marking superblocks
[   75.414980][ T6089] bcachefs (loop1): initializing freespace
[   75.428782][ T6089] bcachefs (loop1): done initializing freespace
[   75.440463][ T6113] loop0: detected capacity change from 0 to 128
[   75.447424][ T6089] bcachefs (loop1): reading snapshots table
[   75.450027][ T6089] bcachefs (loop1): reading snapshots done
[   75.486686][ T6089] bcachefs (loop1): done starting filesystem
[   75.510875][ T6089] syz.1.53 (6089) used greatest stack depth: 16984 bytes left
[   75.538236][ T5846] bcachefs (loop1): shutting down
[   75.539864][ T5846] bcachefs (loop1): going read-only
[   75.541935][ T5846] bcachefs (loop1): finished waiting for writes to stop
[   75.551980][ T5846] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[   75.677248][ T5846] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   75.684669][ T5846] bcachefs (loop1): clean shutdown complete, journal seq 4
[   75.690654][ T5846] bcachefs (loop1): marking filesystem clean
[   75.744598][ T5846] bcachefs (loop1): shutdown complete
[   75.972995][ T6125] netlink: 12 bytes leftover after parsing attributes in process `syz.0.62'.
[   76.560557][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   76.563440][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   77.163871][ T6130] loop2: detected capacity change from 0 to 32768
[   77.168890][ T6130] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section members_v1: device 0: too many buckets (got 16981954538416098692, max 2147483583)
[   77.168890][ T6130] members_v1 (size 152):
[   77.168890][ T6130] Device:                        0
[   77.168890][ T6130]   Label:                       invalid label 98
[   77.168890][ T6130]   UUID:                        88000000-0000-0000-7af6-772b00de4159
[   77.168890][ T6130]   Size:                        0
[   77.168890][ T6130]   read errors:                 0
[   77.168890][ T6130]   write errors:                0
[   77.168890][ T6130]   checksum errors:             0
[   77.168890][ T6130]   seqread iops:                1611530240
[   77.168890][ T6130]   seqwrite iops:               0
[   77.168890][ T6130]   randread iops:               0
[   77.168890][ T6130]   randwrite iops:              0
[   77.168890][ T6130]   Bucket size:                 0
[   77.168890][ T6130]   First bucket:                128
[   77.168890][ T6130]   Buckets:                     16981954538416098692
[   77.168890][ T6130]   Last mount:                  34376515584
[   77.168890][ T6130]   Last superblock write:       0
[   77.168890][ T6130]   State:                       spare
[   77.168890][ T6130]   Data allowed:                free,sb,journal
[   77.168890][ T6130]   Has data:                    journal,btree,user
[   77.168890][ T6130]   Btree allocated bitmap blocksize:1
[   77.168890][ T6130]   Btree allocated bitmap:      00000000000000000
[   77.169078][ T6130] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[   77.356479][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   77.460610][ T6138] loop2: detected capacity change from 0 to 1024
[   77.501696][ T6138] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[   77.504764][ T6138] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[   77.509061][   T24] usb 2-1: Using ep0 maxpacket: 8
[   77.514786][   T24] usb 2-1: config 0 has an invalid interface number: 38 but max is 0
[   77.518496][   T24] usb 2-1: config 0 has no interface number 0
[   77.521103][   T24] usb 2-1: config 0 interface 38 has no altsetting 0
[   77.527220][   T24] usb 2-1: New USB device found, idVendor=04e6, idProduct=0009, bcdDevice= 2.00
[   77.531073][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.535523][   T24] usb 2-1: Product: syz
[   77.538784][   T24] usb 2-1: Manufacturer: syz
[   77.540765][   T24] usb 2-1: SerialNumber: syz
[   77.541127][ T1095] hfsplus: b-tree write err: -5, ino 4
[   77.547062][   T24] usb 2-1: config 0 descriptor??
[   77.557109][   T24] usb-storage 2-1:0.38: USB Mass Storage device detected
[   77.762375][ T5915] usb 2-1: USB disconnect, device number 3
[   77.976351][   T11] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   78.129072][   T11] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[   78.133282][   T11] usb 3-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[   78.137188][   T11] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.146755][   T11] usb 3-1: config 0 descriptor??
[   78.150905][ T6148] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   78.304134][ T6150] loop1: detected capacity change from 0 to 512
[   78.342839][ T6150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.349037][ T6150] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.362127][   T11] usbhid 3-1:0.0: can't add hid device: -71
[   78.364716][   T11] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   78.370189][   T11] usb 3-1: USB disconnect, device number 2
[   78.388687][ T6150] EXT4-fs: Ignoring removed orlov option
[   78.390732][ T6150] EXT4-fs: can't change dax mount option while remounting
[   78.409658][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.176248][ T1152] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   79.336226][ T1152] usb 3-1: Using ep0 maxpacket: 16
[   79.340616][ T1152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.344339][ T1152] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[   79.352854][ T1152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.362076][ T1152] usb 3-1: config 0 descriptor??
[   79.424014][ T6164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.77'.
[   79.792591][ T1152] hid-multitouch 0003:1FD2:6007.0001: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0
[   79.889714][ T6166] loop0: detected capacity change from 0 to 32768
[   79.904253][ T6166] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.78 (6166)
[   79.927332][ T6166] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   79.931344][ T6166] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[   79.935272][ T6166] BTRFS info (device loop0): disk space caching is enabled
[   79.940131][ T6166] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   79.985274][   T11] usb 3-1: USB disconnect, device number 3
[   80.014335][ T6166] BTRFS info (device loop0): rebuilding free space tree
[   80.027546][ T6166] BTRFS info (device loop0): disabling free space tree
[   80.031071][ T6166] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   80.034075][ T6166] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   80.098958][ T6166] BTRFS info (device loop0): balance: start -slimit=8
[   80.101667][ T6166] BTRFS info (device loop0): balance: ended with status: 0
[   80.121070][ T5850] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   80.572088][ T6199] loop2: detected capacity change from 0 to 512
[   80.609293][ T6199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.614401][ T6199] ext4 filesystem being mounted at /30/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.634404][ T6199] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.85: corrupted xattr block 33: overlapping e_value 
[   80.645578][   T33] audit: type=1800 audit(1755520510.984:4): pid=6199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.85" name="file1" dev="loop2" ino=15 res=0 errno=0
[   80.667221][ T6191] loop0: detected capacity change from 0 to 32768
[   80.681442][ T6191] (syz.0.82,6191,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   80.697703][ T6191] (syz.0.82,6191,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[   80.705607][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.732493][ T6191] JBD2: Ignoring recovery information on journal
[   80.783133][ T6191] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   80.904022][ T5850] ocfs2: Unmounting device (7,0) on (node local)
[   80.942293][ T6209] sctp: [Deprecated]: syz.2.87 (pid 6209) Use of struct sctp_assoc_value in delayed_ack socket option.
[   80.942293][ T6209] Use struct sctp_sack_info instead
[   81.633334][ T6215] loop1: detected capacity change from 0 to 256
[   82.205594][ T6229] loop2: detected capacity change from 0 to 1024
[   82.230442][ T6229] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   82.234641][ T6229] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.406410][ T6233] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   82.646220][ T1152] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   83.104351][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   83.236414][ T1152] usb 1-1: Using ep0 maxpacket: 8
[   83.241213][ T1152] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.245734][ T1152] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.250222][ T1152] usb 1-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   83.266752][ T1152] usb 1-1: config 0 interface 0 has no altsetting 0
[   83.269454][ T1152] usb 1-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[   83.273833][ T1152] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.280122][ T1152] usb 1-1: config 0 descriptor??
[   83.286599][ T5915] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[   83.460411][ T5915] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[   83.463654][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   83.476139][ T5915] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   83.481117][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   83.487754][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[   83.497063][ T5915] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[   83.500102][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   83.504504][ T5915] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   83.509656][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   83.514414][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[   83.521566][ T5915] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[   83.524809][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   83.531001][ T5915] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   83.535846][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   83.540585][ T5915] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[   83.550701][ T5915] usb 2-1: string descriptor 0 read error: -22
[   83.553329][ T5915] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   83.558143][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.577152][ T5915] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[   83.618039][ T5900] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   83.703831][ T1152] elecom 0003:056E:011C.0002: item fetching failed at offset 3/5
[   83.708194][ T1152] elecom 0003:056E:011C.0002: probe with driver elecom failed with error -22
[   83.766618][ T5900] usb 3-1: Using ep0 maxpacket: 32
[   83.771334][ T5900] usb 3-1: config 0 has an invalid interface number: 151 but max is 0
[   83.772029][ T1152] usb 2-1: USB disconnect, device number 4
[   83.777354][ T5900] usb 3-1: config 0 has no interface number 0
[   83.782845][ T5900] usb 3-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[   83.787397][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.790549][ T5900] usb 3-1: Product: syz
[   83.792381][ T5900] usb 3-1: Manufacturer: syz
[   83.794463][ T5900] usb 3-1: SerialNumber: syz
[   83.798967][ T5900] usb 3-1: config 0 descriptor??
[   83.909584][ T5954] usb 1-1: USB disconnect, device number 2
[   84.008399][ T5900] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[   84.030556][ T5900] usb 3-1: USB disconnect, device number 4
[   84.069810][ T6248] udevd[6248]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   84.369556][ T6253] syz.1.104 uses obsolete (PF_INET,SOCK_PACKET)
[   84.485806][ T6257] loop0: detected capacity change from 0 to 1024
[   84.503691][ T6257] hfsplus: bad catalog folder thread
[   84.560565][ T6259] binder: 6258:6259 ioctl c018620c 200000000040 returned -22
[   84.873519][ T6275] loop1: detected capacity change from 0 to 4096
[   84.972333][ T6279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.117'.
[   84.990216][ T6279] team1: entered promiscuous mode
[   84.992127][ T6279] team1: entered allmulticast mode
[   84.994279][ T6279] Zero length message leads to an empty skb
[   85.006199][ T1152] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   85.158898][ T1152] usb 3-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   85.164157][ T1152] usb 3-1: config 0 interface 0 has no altsetting 0
[   85.167126][ T1152] usb 3-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00
[   85.170680][ T1152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.179188][ T1152] usb 3-1: config 0 descriptor??
[   85.599597][ T1152] cypress 0003:04B4:0001.0003: unknown main item tag 0x0
[   85.609474][ T1152] cypress 0003:04B4:0001.0003: item fetching failed at offset 3/5
[   85.618549][ T1152] cypress 0003:04B4:0001.0003: parse failed
[   85.624852][ T1152] cypress 0003:04B4:0001.0003: probe with driver cypress failed with error -22
[   85.724729][ T6286] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.120'.
[   85.804652][ T5900] usb 3-1: USB disconnect, device number 5
[   85.902242][ T6291] loop1: detected capacity change from 0 to 256
[   85.906531][ T6291] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   85.932157][ T6291] FAT-fs (loop1): Directory bread(block 64) failed
[   85.934847][ T6291] FAT-fs (loop1): Directory bread(block 65) failed
[   85.938271][ T6291] FAT-fs (loop1): Directory bread(block 66) failed
[   85.941012][ T6291] FAT-fs (loop1): Directory bread(block 67) failed
[   85.943855][ T6291] FAT-fs (loop1): Directory bread(block 68) failed
[   85.946668][ T6291] FAT-fs (loop1): Directory bread(block 69) failed
[   85.950973][ T6291] FAT-fs (loop1): Directory bread(block 70) failed
[   85.953678][ T6291] FAT-fs (loop1): Directory bread(block 71) failed
[   85.956657][ T6291] FAT-fs (loop1): Directory bread(block 72) failed
[   85.959298][ T6291] FAT-fs (loop1): Directory bread(block 73) failed
[   86.076215][ T5915] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   86.226289][ T5915] usb 1-1: Using ep0 maxpacket: 32
[   86.233188][ T5915] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[   86.237003][ T5915] usb 1-1: config 0 has no interface number 0
[   86.239742][ T5915] usb 1-1: config 0 interface 12 has no altsetting 0
[   86.244294][ T5915] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[   86.249488][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.253857][ T5915] usb 1-1: Product: syz
[   86.255494][ T5915] usb 1-1: Manufacturer: syz
[   86.257808][ T5915] usb 1-1: SerialNumber: syz
[   86.261548][ T5915] usb 1-1: config 0 descriptor??
[   86.818527][  T793] cfg80211: failed to load regulatory.db
[   86.855673][ T6305] loop1: detected capacity change from 0 to 64
[   86.923640][ T5915] f81534 1-1:0.12: f81534_set_register: reg: 1003 data: e0 failed: -71
[   86.926984][ T5915] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[   86.929965][ T5915] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[   86.951107][ T5915] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[   86.970814][ T5915] usb 1-1: USB disconnect, device number 3
[   87.233093][ T6316] loop2: detected capacity change from 0 to 1024
[   87.270867][ T6316] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   87.285272][ T6316] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[   87.295868][ T6316] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[   87.305865][ T6316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   87.370674][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.804055][ T6334] netlink: 44 bytes leftover after parsing attributes in process `syz.0.141'.
[   87.808225][ T6334] netlink: 43 bytes leftover after parsing attributes in process `syz.0.141'.
[   87.814327][ T6334] netlink: 'syz.0.141': attribute type 5 has an invalid length.
[   87.818907][ T6334] netlink: 43 bytes leftover after parsing attributes in process `syz.0.141'.
[   87.923228][ T6336] warning: `syz.2.142' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   88.476557][ T6346] loop2: detected capacity change from 0 to 4096
[   88.838134][ T5915] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   88.876286][ T5916] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   88.989133][ T5915] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[   88.992391][ T5915] usb 1-1: config 0 has no interface number 0
[   88.994778][ T5915] usb 1-1: New USB device found, idVendor=05ac, idProduct=0259, bcdDevice=f0.b2
[   89.000059][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.005214][ T5915] usb 1-1: config 0 descriptor??
[   89.023195][ T5915] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.105/input/input4
[   89.036622][ T5916] usb 3-1: Using ep0 maxpacket: 32
[   89.043529][ T5916] usb 3-1: config 0 has an invalid interface number: 155 but max is 0
[   89.047352][ T5916] usb 3-1: config 0 has no interface number 0
[   89.054160][ T5916] usb 3-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice=a7.4c
[   89.058119][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.061448][ T5916] usb 3-1: Product: syz
[   89.063123][ T5916] usb 3-1: Manufacturer: syz
[   89.065037][ T5916] usb 3-1: SerialNumber: syz
[   89.072988][ T5916] usb 3-1: config 0 descriptor??
[   89.222502][ T5281] bcm5974 1-1:0.105: could not read from device
[   89.230922][ T5281] bcm5974 1-1:0.105: could not read from device
[   89.235625][ T5915] usb 1-1: USB disconnect, device number 4
[   89.240456][ T5281] bcm5974 1-1:0.105: could not read from device
[   89.247869][ T5281] bcm5974 1-1:0.105: could not read from device
[   89.278266][ T5855] udevd[5855]: Error opening device "/dev/input/event3": No such file or directory
[   89.282358][ T5855] udevd[5855]: Unable to EVIOCGABS device "/dev/input/event3"
[   89.285606][ T5855] udevd[5855]: Unable to EVIOCGABS device "/dev/input/event3"
[   89.289573][ T5855] udevd[5855]: Unable to EVIOCGABS device "/dev/input/event3"
[   89.292675][ T5855] udevd[5855]: Unable to EVIOCGABS device "/dev/input/event3"
[   89.297299][ T5916] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.155/input/input5
[   89.308397][ T5281] bcm5974 3-1:0.155: could not read from device
[   89.317717][ T5281] bcm5974 3-1:0.155: could not read from device
[   89.328712][ T5916] usb 3-1: USB disconnect, device number 6
[   89.331841][ T5281] bcm5974 3-1:0.155: could not read from device
[   89.788792][ T6360] process 'syz.1.153' launched '/dev/fd/8' with NULL argv: empty string added
[   90.485222][ T6378] loop1: detected capacity change from 0 to 1024
[   90.494850][ T6372] loop2: detected capacity change from 0 to 32768
[   90.513085][ T6378] EXT4-fs: Ignoring removed nobh option
[   90.514955][ T6378] EXT4-fs: Ignoring removed bh option
[   90.540576][ T6372] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   90.569157][   T33] audit: type=1800 audit(1755520520.914:5): pid=6372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.159" name="file1" dev="loop2" ino=17059 res=0 errno=0
[   90.583743][ T6378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.697959][ T5851] ocfs2: Unmounting device (7,2) on (node local)
[   90.930286][ T6387] overlayfs: conflicting lowerdir path
[   91.937399][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.598489][ T6392] netlink: 6 bytes leftover after parsing attributes in process `syz.1.164'.
[   92.611759][ T6392] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   92.812070][ T6394] io-wq is not configured for unbound workers
[   93.609808][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.174'.
[   93.697525][ T6421] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.175'.
[   94.260352][ T6435] netlink: 11 bytes leftover after parsing attributes in process `syz.2.180'.
[   94.316604][  T793] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   94.349401][ T6438] netlink: 84 bytes leftover after parsing attributes in process `syz.0.181'.
[   94.380983][ T6441] loop2: detected capacity change from 0 to 2048
[   94.413471][ T6441] UDF-fs: error (device loop2): udf_read_inode: (ino 1312) failed !bh
[   94.420692][ T6441] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[   94.427153][ T6441] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[   94.432067][ T6441] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   94.443123][ T6441] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   94.469997][ T6441] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[   94.475791][ T6441] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   94.485389][  T793] usb 2-1: Using ep0 maxpacket: 32
[   94.490660][ T6441] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[   94.495635][  T793] usb 2-1: unable to get BOS descriptor or descriptor too short
[   94.502041][  T793] usb 2-1: config 5 has an invalid interface number: 114 but max is 0
[   94.509137][  T793] usb 2-1: config 5 has no interface number 0
[   94.511931][  T793] usb 2-1: config 5 interface 114 has no altsetting 0
[   94.531232][  T793] usb 2-1: New USB device found, idVendor=1b3d, idProduct=9316, bcdDevice=28.00
[   94.536786][  T793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.539983][  T793] usb 2-1: Product: syz
[   94.541757][  T793] usb 2-1: Manufacturer: syz
[   94.543746][  T793] usb 2-1: SerialNumber: syz
[   94.790560][  T793] ftdi_sio 2-1:5.114: FTDI USB Serial Device converter detected
[   94.795246][  T793] usb 2-1: Detected FT2233HP
[   94.817169][  T793] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[   94.821055][  T793] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[   94.833292][  T793] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   94.860462][  T793] usb 2-1: USB disconnect, device number 5
[   94.883825][  T793] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   94.893828][  T793] ftdi_sio 2-1:5.114: device disconnected
[   94.983936][ T5915] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   94.997767][ T5915] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   95.039732][ T6453] loop2: detected capacity change from 0 to 40427
[   95.057301][ T6453] F2FS-fs (loop2): build fault injection rate: 771
[   95.067708][ T6453] F2FS-fs (loop2): invalid crc value
[   95.128837][ T6453] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.134006][ T6453] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   95.185300][ T5851] syz-executor: attempt to access beyond end of device
[   95.185300][ T5851] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   95.193114][ T5851] CPU: 1 UID: 0 PID: 5851 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[   95.193137][ T5851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   95.193147][ T5851] Call Trace:
[   95.193155][ T5851]  <TASK>
[   95.193162][ T5851]  dump_stack_lvl+0x189/0x250
[   95.193181][ T5851]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.193191][ T5851]  ? __pfx_queue_work_on+0x10/0x10
[   95.193214][ T5851]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   95.193227][ T5851]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.193243][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[   95.193259][ T5851]  f2fs_write_end_io+0x886/0xb60
[   95.193278][ T5851]  __submit_merged_bio+0x27a/0x6a0
[   95.193293][ T5851]  __submit_merged_write_cond+0x255/0x530
[   95.193307][ T5851]  f2fs_write_data_pages+0x261d/0x3000
[   95.193338][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.193375][ T5851]  ? __lock_acquire+0xab9/0xd20
[   95.193390][ T5851]  ? css_rstat_updated+0x23a/0x4f0
[   95.193405][ T5851]  ? rcu_read_lock_sched_held+0x89/0x100
[   95.193418][ T5851]  ? __lock_acquire+0xab9/0xd20
[   95.193438][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.193449][ T5851]  do_writepages+0x32e/0x550
[   95.193468][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[   95.193481][ T5851]  filemap_fdatawrite+0x199/0x240
[   95.193493][ T5851]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   95.193528][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[   95.193556][ T5851]  f2fs_sync_dirty_inodes+0x31f/0x830
[   95.193572][ T5851]  f2fs_write_checkpoint+0x95a/0x1df0
[   95.193593][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   95.193623][ T5851]  ? f2fs_stop_gc_thread+0x7f/0xb0
[   95.193631][ T5851]  ? kfree+0x18e/0x440
[   95.193642][ T5851]  ? kill_f2fs_super+0x298/0x6c0
[   95.193687][ T5851]  kill_f2fs_super+0x2c3/0x6c0
[   95.193699][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[   95.193706][ T5851]  ? radix_tree_delete_item+0x2b6/0x400
[   95.193721][ T5851]  ? shrinker_free+0x2ce/0x3e0
[   95.193732][ T5851]  deactivate_locked_super+0xbc/0x130
[   95.193744][ T5851]  cleanup_mnt+0x425/0x4c0
[   95.193753][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.193766][ T5851]  task_work_run+0x1d4/0x260
[   95.193779][ T5851]  ? __pfx_task_work_run+0x10/0x10
[   95.193788][ T5851]  ? __x64_sys_umount+0x122/0x160
[   95.193801][ T5851]  ? exit_to_user_mode_loop+0x40/0x110
[   95.193814][ T5851]  exit_to_user_mode_loop+0xec/0x110
[   95.193825][ T5851]  do_syscall_64+0x2bd/0x3b0
[   95.193846][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.193855][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.193863][ T5851]  ? exc_page_fault+0x9f/0xf0
[   95.193874][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.193882][ T5851] RIP: 0033:0x7fad9858ff17
[   95.193892][ T5851] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   95.193898][ T5851] RSP: 002b:00007ffe724eb768 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   95.193908][ T5851] RAX: 0000000000000000 RBX: 00007fad98611c05 RCX: 00007fad9858ff17
[   95.193913][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe724eb820
[   95.193918][ T5851] RBP: 00007ffe724eb820 R08: 0000000000000000 R09: 0000000000000000
[   95.193923][ T5851] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe724ec8b0
[   95.193928][ T5851] R13: 00007fad98611c05 R14: 0000000000017333 R15: 00007ffe724ec8f0
[   95.193942][ T5851]  </TASK>
[   95.193946][ T5851] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   95.680382][ T6469] loop0: detected capacity change from 0 to 40427
[   95.685429][ T6469] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   95.689216][ T6469] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   95.696628][ T6469] F2FS-fs (loop0): invalid crc value
[   95.788990][ T6469] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.795206][ T6469] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   95.797167][ T6486] loop2: detected capacity change from 0 to 256
[   95.798435][ T6469] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   95.837032][ T6486] FAT-fs (loop2): Directory bread(block 64) failed
[   95.839790][ T6486] FAT-fs (loop2): Directory bread(block 65) failed
[   95.855350][ T6486] FAT-fs (loop2): Directory bread(block 66) failed
[   95.859105][ T6486] FAT-fs (loop2): Directory bread(block 67) failed
[   95.862178][ T6486] FAT-fs (loop2): Directory bread(block 68) failed
[   95.864951][ T6486] FAT-fs (loop2): Directory bread(block 69) failed
[   95.868078][ T6486] FAT-fs (loop2): Directory bread(block 70) failed
[   95.870865][ T6486] FAT-fs (loop2): Directory bread(block 71) failed
[   95.874455][ T6486] FAT-fs (loop2): Directory bread(block 72) failed
[   95.877669][   T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   95.878447][ T6486] FAT-fs (loop2): Directory bread(block 73) failed
[   95.891280][ T6469] F2FS-fs (loop0): Stopped filesystem due to reason: 0
[   96.046174][   T24] usb 2-1: Using ep0 maxpacket: 16
[   96.055928][   T24] usb 2-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[   96.062204][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   96.081265][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   96.085059][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.096823][   T24] usb 2-1: Product: syz
[   96.098341][   T24] usb 2-1: Manufacturer: syz
[   96.100848][   T24] usb 2-1: SerialNumber: syz
[   96.314422][   T24] usb 2-1: 0:2 : does not exist
[   96.354011][   T24] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[   96.355663][ T6500] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   96.435770][   T24] usb 2-1: USB disconnect, device number 6
[   96.625808][ T5859] udevd[5859]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   97.382655][   T24] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[   97.606327][ T6515] 9pnet_fd: Insufficient options for proto=fd
[   97.692477][   T24] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[   97.790825][   T24] usb 2-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[   97.813344][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.834332][   T24] usb 2-1: Product: syz
[   97.851610][   T24] usb 2-1: Manufacturer: syz
[   97.948681][   T24] usb 2-1: SerialNumber: syz
[   97.982345][   T24] usb 2-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[   98.197524][   T24] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[   98.214907][   T24] usb 2-1: USB disconnect, device number 7
[   98.964426][ T6542] hfsplus: unable to find HFS+ superblock
[   99.131148][ T6540] loop1: detected capacity change from 0 to 40427
[   99.134292][ T6540] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   99.136951][ T6540] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   99.142154][ T6540] F2FS-fs (loop1): invalid crc value
[   99.191101][ T6540] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   99.198567][ T6540] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   99.201448][ T6540] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   99.560956][ T6555] loop2: detected capacity change from 0 to 8192
[   99.618472][ T5859]  loop2: p1 < > p2 < p5 > p4
[   99.627049][ T5859] loop2: p4 size 16776960 extends beyond EOD, truncated
[   99.646706][ T5859] loop2: p5 size 16776960 extends beyond EOD, truncated
[   99.674465][ T6555]  loop2: p1 < > p2 < p5 > p4
[   99.690382][ T6555] loop2: p4 size 16776960 extends beyond EOD, truncated
[   99.694664][ T6555] loop2: p5 size 16776960 extends beyond EOD, truncated
[   99.802225][ T5859] udevd[5859]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   99.823273][ T5847] udevd[5847]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   99.833318][ T6249] udevd[6249]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[   99.841687][ T6248] udevd[6248]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   99.887626][ T6248] udevd[6248]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   99.912245][ T6249] udevd[6249]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[   99.918668][ T5847] udevd[5847]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   99.925764][ T5859] udevd[5859]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   99.979182][ T6565] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.745813][ T6593] loop1: detected capacity change from 0 to 64
[  100.879249][ T6598] netlink: 'syz.1.243': attribute type 11 has an invalid length.
[  101.120906][ T6606] IPVS: set_ctl: invalid protocol: 8 0.0.0.0:20003
[  101.153508][ T6600] loop2: detected capacity change from 0 to 32768
[  101.163265][ T6600] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.244 (6600)
[  101.201633][ T6600] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  101.216863][ T6600] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  101.220525][ T6600] BTRFS info (device loop2): using free-space-tree
[  101.443634][ T5851] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  101.738779][ T6639] loop1: detected capacity change from 0 to 764
[  101.747184][ T6639] rock: directory entry would overflow storage
[  101.764655][ T6639] rock: sig=0x4654, size=5, remaining=4
[  101.899660][ T6644] loop0: detected capacity change from 0 to 1024
[  102.093947][ T6646] loop1: detected capacity change from 0 to 32768
[  102.096330][   T24] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  102.103485][ T6646] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.257 (6646)
[  102.248490][   T24] usb 3-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  102.253666][   T24] usb 3-1: config 1 interface 0 has no altsetting 0
[  102.264718][   T24] usb 3-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice= 0.40
[  102.268953][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.272447][   T24] usb 3-1: Product: syz
[  102.274350][   T24] usb 3-1: Manufacturer: syz
[  102.278916][   T24] usb 3-1: SerialNumber: syz
[  102.504397][   T24] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input6
[  102.513446][ T5281] bcm5974 3-1:1.0: could not read from device
[  102.520260][ T5281] bcm5974 3-1:1.0: could not read from device
[  102.531365][   T24] usb 3-1: USB disconnect, device number 7
[  102.597603][ T6648] loop0: detected capacity change from 0 to 131072
[  102.600734][ T6648] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  102.603363][ T6648] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  102.629764][ T6646] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  102.643749][ T6646] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  102.646966][ T6646] BTRFS info (device loop1): using free-space-tree
[  102.650453][ T6648] F2FS-fs (loop0): invalid crc value
[  102.699714][ T6648] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  102.703757][ T6648] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  102.706332][ T6648] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  102.890210][ T5846] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.334410][ T6689] loop1: detected capacity change from 0 to 256
[  103.346687][ T6689] exfat: Deprecated parameter 'namecase'
[  103.348883][ T6689] exfat: Deprecated parameter 'namecase'
[  103.378101][ T6689] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  103.442410][ T6691] CIFS: VFS: Malformed UNC in devname
[  103.998817][ T6706] loop1: detected capacity change from 0 to 8
[  104.004793][ T6706] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  104.466400][ T5915] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  104.637260][ T5915] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  104.645250][ T5915] usb 1-1: config 0 has no interface number 0
[  104.648779][ T5915] usb 1-1: config 0 interface 255 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  104.654186][ T5915] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  104.664047][ T5915] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0xA has an invalid bInterval 255, changing to 11
[  104.669597][ T5915] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0xA has invalid maxpacket 59391, setting to 1024
[  104.700210][ T5915] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  104.708724][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.712417][ T5915] usb 1-1: Product: syz
[  104.714473][ T5915] usb 1-1: Manufacturer: syz
[  104.717634][ T5915] usb 1-1: SerialNumber: syz
[  104.723130][ T5915] usb 1-1: config 0 descriptor??
[  104.732325][ T6708] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  104.955434][ T5857] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  105.693911][ T6731] loop2: detected capacity change from 0 to 2048
[  105.701959][ T6731] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  107.645070][ T6747] loop0: detected capacity change from 0 to 262144
[  107.648478][ T6747] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.295 (6747)
[  107.661596][ T6747] BTRFS info (device loop0): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  107.665200][ T6747] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  107.668521][ T6747] BTRFS info (device loop0): using free-space-tree
[  107.677397][ T6753] loop2: detected capacity change from 0 to 32768
[  107.680407][ T6753] XFS: ikeep mount option is deprecated.
[  107.698371][ T6753] XFS: ikeep mount option is deprecated.
[  107.706774][ T6753] XFS: noikeep mount option is deprecated.
[  107.867548][ T6753] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  108.293556][ T6753] XFS (loop2): Ending clean mount
[  108.307693][ T6762] loop1: detected capacity change from 0 to 32768
[  108.976358][ T5851] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  109.923435][ T5850] BTRFS info (device loop0): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  111.674145][ T6817] loop1: detected capacity change from 0 to 32768
[  111.885231][ T6826] loop0: detected capacity change from 0 to 8
[  111.921681][ T6826] unable to read id index table
[  112.519455][ T6831] loop0: detected capacity change from 0 to 512
[  112.547125][ T6831] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  112.595221][ T6831] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  112.637335][ T6831] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.723617][ T6831] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  112.760103][ T6831] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  112.786561][ T6831] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.315: Failed to acquire dquot type 0
[  112.978500][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  113.009889][ T6840] nvme_fabrics: missing parameter 'transport=%s'
[  113.012254][ T6840] nvme_fabrics: missing parameter 'nqn=%s'
[  113.325705][ T6848] loop1: detected capacity change from 0 to 256
[  113.402428][ T6848] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d)
[  114.010343][ T6858] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  114.012841][ T6858] IPv6: NLM_F_CREATE should be set when creating new route
[  114.664529][ T6875] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  114.680631][ T1152] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  114.715251][ T6869] loop0: detected capacity change from 0 to 32768
[  114.801902][ T6869] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  114.801917][ T6869]   allowing incompatible features above 0.0: (unknown version)
[  114.801922][ T6869]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  114.835344][ T6869] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  114.839080][ T1152] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  114.842383][ T1152] usb 3-1: config 0 has no interface number 0
[  114.845059][ T1152] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  114.854662][ T6869] bcachefs (loop0): initializing new filesystem
[  114.865214][ T6869] bcachefs (loop0): going read-write
[  114.870904][ T1152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.879465][ T1152] usb 3-1: config 0 descriptor??
[  114.888453][ T1152] cp210x 3-1:0.1: cp210x converter detected
[  114.904809][ T6869] bcachefs (loop0): marking superblocks
[  114.982949][ T6869] bcachefs (loop0): initializing freespace
[  115.005598][ T6869] bcachefs (loop0): done initializing freespace
[  115.021273][ T6869] bcachefs (loop0): reading snapshots table
[  115.023952][ T6869] bcachefs (loop0): reading snapshots done
[  115.047311][ T6869] bcachefs (loop0): done starting filesystem
[  115.655012][ T1152] cp210x 3-1:0.1: failed to get vendor val 0x000e size 3: -32
[  115.849901][ T6869] syz.0.328 (6869) used greatest stack depth: 16248 bytes left
[  115.898367][ T1152] usb 3-1: cp210x converter now attached to ttyUSB0
[  115.899811][ T5850] bcachefs (loop0): shutting down
[  115.903168][ T5850] bcachefs (loop0): going read-only
[  115.918251][ T5850] bcachefs (loop0): finished waiting for writes to stop
[  115.946555][ T5850] bcachefs (loop0): flushing journal and stopping allocators, journal seq 14
[  115.969168][ T5850] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 15
[  115.979002][ T6905] loop1: detected capacity change from 0 to 2048
[  115.981990][ T5850] bcachefs (loop0): clean shutdown complete, journal seq 16
[  115.985160][ T5850] bcachefs (loop0): marking filesystem clean
[  116.022173][ T5850] bcachefs (loop0): shutdown complete
[  116.028520][ T6905] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.085929][  T793] usb 3-1: USB disconnect, device number 8
[  116.095464][  T793] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  116.095642][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.108201][  T793] cp210x 3-1:0.1: device disconnected
[  116.457578][ T6909] loop1: detected capacity change from 0 to 32768
[  116.832907][ T6919] loop1: detected capacity change from 0 to 1024
[  116.843327][ T6919] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  116.945895][  T793] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  117.005477][ T6923] loop1: detected capacity change from 0 to 764
[  117.048461][ T6923] rock: directory entry would overflow storage
[  117.051134][ T6923] rock: sig=0x4f50, size=4, remaining=3
[  117.053369][ T6923] iso9660: Corrupted directory entry in block 6 of inode 1792
[  117.116651][  T793] usb 3-1: Using ep0 maxpacket: 16
[  117.126914][  T793] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  117.133347][  T793] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  117.138945][  T793] usb 3-1: Product: syz
[  117.140777][  T793] usb 3-1: Manufacturer: syz
[  117.142306][  T793] usb 3-1: SerialNumber: syz
[  117.161558][  T793] usb 3-1: config 0 descriptor??
[  117.393154][  T793] usb 3-1: USB disconnect, device number 9
[  117.416827][ T5900] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  117.543013][ T6933] loop0: detected capacity change from 0 to 64
[  117.564144][ T6933] Trying to free block not in datazone
[  117.567928][ T6933] Trying to free block not in datazone
[  117.578543][ T6933] Trying to free block not in datazone
[  117.592768][ T6933] Trying to free block not in datazone
[  117.597595][ T6933] minix_free_inode: bit 5 already cleared
[  117.613297][ T5900] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  117.617357][ T5900] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3
[  117.620702][ T5900] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  117.624043][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.630398][ T5900] usb 2-1: config 0 descriptor??
[  117.982876][ T6937] loop0: detected capacity change from 0 to 40427
[  117.997398][ T6937] F2FS-fs: heap/no_heap options were deprecated
[  118.007458][ T6937] F2FS-fs (loop0): build fault injection rate: 19
[  118.009883][ T6937] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  118.034798][ T6937] F2FS-fs (loop0): invalid crc value
[  118.043685][ T5900] Bluetooth: Can't get version to change to load ram patch err
[  118.054087][ T5900] Bluetooth: Loading patch file failed
[  118.076147][ T5900] ath3k 2-1:0.0: probe with driver ath3k failed with error -71
[  118.087906][ T6937] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  118.103904][ T5900] usb 2-1: USB disconnect, device number 8
[  118.189265][ T6937] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  118.201800][ T6937] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  118.216273][ T6937] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  118.586877][ T1152] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  118.691710][ T6960] loop0: detected capacity change from 0 to 1764
[  118.739867][ T1152] usb 3-1: config 0 interface 0 altsetting 13 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  118.753515][ T1152] usb 3-1: config 0 interface 0 has no altsetting 0
[  118.776180][ T1152] usb 3-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  118.779804][ T1152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.818653][ T1152] usb 3-1: config 0 descriptor??
[  118.822769][ T6954] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  119.269489][ T1152] thrustmaster 0003:044F:B323.0005: hidraw0: USB HID v0.00 Device [HID 044f:b323] on usb-dummy_hcd.2-1/input0
[  119.274888][ T1152] thrustmaster 0003:044F:B323.0005: no inputs found
[  119.427078][ T6970] ceph: No mds server is up or the cluster is laggy
[  119.476861][ T6973] vxfs: WRONG superblock magic 00000000 at 1
[  119.481319][ T6973] vxfs: WRONG superblock magic 00000000 at 8
[  119.483923][ T6973] vxfs: can't find superblock.
[  119.499305][ T1152] libceph: connect (1)[c::]:6789 error -101
[  119.503540][ T1152] libceph: mon0 (1)[c::]:6789 connect error
[  119.678385][ T1152] usb 3-1: USB disconnect, device number 10
[  120.127788][ T6965] loop0: detected capacity change from 0 to 40427
[  120.140067][ T6965] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  120.143587][ T6965] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  120.288166][ T6965] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  120.305828][ T6965] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  120.309034][ T6965] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  120.391574][   T33] audit: type=1804 audit(1755520550.734:6): pid=6965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.363" name="/newroot/113/bus/file0" dev="loop0" ino=10 res=1 errno=0
[  121.655543][ T7013] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  121.661861][ T7013] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  121.691007][ T7015] netlink: 'syz.2.382': attribute type 29 has an invalid length.
[  121.693901][ T7015] netlink: 36 bytes leftover after parsing attributes in process `syz.2.382'.
[  121.726784][ T7013] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  121.730413][ T7019] Driver unsupported XDP return value 0 on prog  (id 34) dev N/A, expect packet loss!
[  121.754821][ T7013] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  121.759347][ T7013] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  121.769371][ T7013] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  121.775456][ T7013] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  121.779053][ T7013] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  121.791999][ T7013] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  122.059753][ T1152] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  122.102269][ T7036] libceph: resolve '00' (ret=-3): failed
[  122.216261][ T1152] usb 3-1: Using ep0 maxpacket: 32
[  122.225605][ T1152] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.235407][ T1152] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  122.243192][ T1152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.246436][ T1152] usb 3-1: Product: syz
[  122.248048][ T1152] usb 3-1: Manufacturer: syz
[  122.249713][ T1152] usb 3-1: SerialNumber: syz
[  122.255414][ T1152] usb 3-1: config 0 descriptor??
[  122.264272][ T1152] usb 3-1: bad CDC descriptors
[  122.268132][ T1152] usb 3-1: unsupported MDLM descriptors
[  122.452232][ T7046] loop0: detected capacity change from 0 to 512
[  122.457940][ T7046] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.460719][ T7046] EXT4-fs: inline encryption not supported
[  122.463460][ T7046] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.471265][ T7046] EXT4-fs: Ignoring removed nomblk_io_submit option
[  122.480069][ T7046] EXT4-fs (loop0): Test dummy encryption mode enabled
[  122.481257][ T1152] usb 3-1: USB disconnect, device number 11
[  122.483006][ T7046] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  122.495757][ T7046] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  122.509959][ T7046] EXT4-fs (loop0): 1 truncate cleaned up
[  122.513008][ T7046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.640394][ T7046] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  122.688561][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.795913][ T7058] loop1: detected capacity change from 0 to 1024
[  122.799682][ T7058] EXT4-fs: Ignoring removed nobh option
[  122.801714][ T7058] EXT4-fs: Ignoring removed bh option
[  122.831542][ T7058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.893238][ T7058] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.398: Allocating blocks 481-513 which overlap fs metadata
[  122.909571][ T7057] EXT4-fs (loop1): pa ffff88811b0a20e8: logic 16, phys. 369, len 9
[  122.913010][ T7057] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 2
[  122.961219][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.128592][ T7056] loop0: detected capacity change from 0 to 40427
[  123.147083][ T7068] netlink: 64 bytes leftover after parsing attributes in process `syz.2.402'.
[  123.165829][ T7056] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  123.187908][ T7056] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  123.207591][ T7056] F2FS-fs (loop0): invalid crc value
[  123.235108][ T7075] loop1: detected capacity change from 0 to 1024
[  123.283398][ T7075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.301496][ T7075] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.315981][ T7056] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  123.334220][ T7056] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  123.335661][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 13)
[  123.347160][ T7056] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  123.348221][ T7075] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  123.360289][ T7075] EXT4-fs (loop1): This should not happen!! Data will be lost
[  123.360289][ T7075] 
[  123.390789][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.402996][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.411540][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.420429][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.427273][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.434958][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.442953][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.449530][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.457304][ T7075] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.403: lblock 3 mapped to illegal pblock 3 (length 1)
[  123.576763][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.667180][ T5857] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.702392][ T7090] netlink: 20 bytes leftover after parsing attributes in process `syz.1.409'.
[  123.827574][ T5857] Bluetooth: hci2: command 0x0c1a tx timeout
[  123.830274][ T5857] Bluetooth: hci1: command 0x0c1a tx timeout
[  123.887448][ T7092] netem: change failed
[  124.259092][ T7094] sg_write: data in/out 768/4 bytes for SCSI command 0x77-- guessing data in;
[  124.259092][ T7094]    program syz.1.411 not setting count and/or reply_len properly
[  125.215939][ T5915] iguanair 1-1:0.255: failed to get version
[  125.239946][ T5915] iguanair 1-1:0.255: probe with driver iguanair failed with error -110
[  125.247104][ T5915] usb 1-1: USB disconnect, device number 5
[  125.375506][ T7109] netlink: 44 bytes leftover after parsing attributes in process `syz.1.416'.
[  125.756286][ T5849] Bluetooth: hci0: command 0x0c1a tx timeout
[  125.907532][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout
[  125.908206][ T5857] Bluetooth: hci2: command 0x0c1a tx timeout
[  125.951702][ T7119] loop1: detected capacity change from 0 to 1024
[  126.079519][ T7121] loop2: detected capacity change from 0 to 1024
[  126.124960][   T33] audit: type=1800 audit(1755520556.464:7): pid=7121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.422" name="bus" dev="loop2" ino=26 res=0 errno=0
[  126.329678][   T36] hfsplus: b-tree write err: -5, ino 4
[  126.430234][ T7133] dlm: no locking on control device
[  126.481032][ T7131] loop0: detected capacity change from 0 to 4096
[  126.850977][ T7138] netlink: 12 bytes leftover after parsing attributes in process `syz.2.428'.
[  126.882139][ T7138] gretap1: entered promiscuous mode
[  126.887892][ T7138] bridge1: port 1(gretap1) entered blocking state
[  126.890719][ T7138] bridge1: port 1(gretap1) entered disabled state
[  126.894201][ T7138] gretap1: entered allmulticast mode
[  126.953428][ T7140] loop0: detected capacity change from 0 to 512
[  126.993472][ T7140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.006666][ T7140] ext4 filesystem being mounted at /136/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  127.033423][ T7140] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #2: comm syz.0.429: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  127.062516][ T7140] EXT4-fs (loop0): Remounting filesystem read-only
[  127.219604][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.591071][ T7173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.443'.
[  127.595098][ T7173] netlink: 'syz.0.443': attribute type 14 has an invalid length.
[  127.620547][ T7173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.443'.
[  127.624612][ T7173] netlink: 'syz.0.443': attribute type 14 has an invalid length.
[  127.630819][ T5878] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  127.634339][ T5878] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  127.643718][ T5878] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  127.665700][ T5878] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  127.828581][ T5857] Bluetooth: hci0: command 0x0c1a tx timeout
[  127.986387][ T5857] Bluetooth: hci2: command 0x0c1a tx timeout
[  127.986423][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout
[  128.026017][ T7195] netlink: 'syz.0.454': attribute type 3 has an invalid length.
[  128.029517][ T7195] netlink: 716 bytes leftover after parsing attributes in process `syz.0.454'.
[  128.263619][ T7206] block device autoloading is deprecated and will be removed.
[  128.458215][ T7209] netlink: 'syz.0.458': attribute type 1 has an invalid length.
[  128.461336][ T7209] netlink: 224 bytes leftover after parsing attributes in process `syz.0.458'.
[  128.835958][ T7215] loop1: detected capacity change from 0 to 256
[  128.873334][ T7215] FAT-fs (loop1): Directory bread(block 64) failed
[  128.882139][ T7215] FAT-fs (loop1): Directory bread(block 65) failed
[  128.885874][ T7215] FAT-fs (loop1): Directory bread(block 66) failed
[  128.890111][ T7215] FAT-fs (loop1): Directory bread(block 67) failed
[  128.895243][ T7215] FAT-fs (loop1): Directory bread(block 68) failed
[  128.901587][ T7215] FAT-fs (loop1): Directory bread(block 69) failed
[  128.904023][ T7215] FAT-fs (loop1): Directory bread(block 70) failed
[  128.910306][ T7215] FAT-fs (loop1): Directory bread(block 71) failed
[  128.913054][ T7215] FAT-fs (loop1): Directory bread(block 72) failed
[  128.915743][ T7215] FAT-fs (loop1): Directory bread(block 73) failed
[  128.976636][ T7216] block nbd2: shutting down sockets
[  129.110172][ T7222] netlink: 'syz.2.466': attribute type 1 has an invalid length.
[  129.113836][ T7222] netlink: 'syz.2.466': attribute type 2 has an invalid length.
[  129.285762][ T7235] loop2: detected capacity change from 0 to 512
[  129.328541][ T7235] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.471: corrupted in-inode xattr: invalid ea_ino
[  129.340075][ T7235] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.471: couldn't read orphan inode 15 (err -117)
[  129.352854][ T7235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.407813][ T7240] loop1: detected capacity change from 0 to 8192
[  129.412474][ T7240] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  129.427690][ T7240] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  129.464566][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.502954][ T5915] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  129.582589][ T7246] loop1: detected capacity change from 0 to 256
[  129.621410][ T7246] FAT-fs (loop1): Directory bread(block 64) failed
[  129.623655][ T7246] FAT-fs (loop1): Directory bread(block 65) failed
[  129.625917][ T7246] FAT-fs (loop1): Directory bread(block 66) failed
[  129.631372][ T7246] FAT-fs (loop1): Directory bread(block 67) failed
[  129.633985][ T7246] FAT-fs (loop1): Directory bread(block 68) failed
[  129.639214][ T7246] FAT-fs (loop1): Directory bread(block 69) failed
[  129.641619][ T7246] FAT-fs (loop1): Directory bread(block 70) failed
[  129.643825][ T7246] FAT-fs (loop1): Directory bread(block 71) failed
[  129.646765][ T7246] FAT-fs (loop1): Directory bread(block 72) failed
[  129.648945][ T7246] FAT-fs (loop1): Directory bread(block 73) failed
[  129.679707][ T5915] usb 1-1: config 0 has an invalid interface number: 147 but max is 0
[  129.683401][ T5915] usb 1-1: config 0 has no interface number 0
[  129.687441][ T5915] usb 1-1: config 0 interface 147 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  129.694864][ T5915] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.03
[  129.700492][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.704057][ T5915] usb 1-1: Product: syz
[  129.709876][ T5915] usb 1-1: Manufacturer: syz
[  129.711882][ T5915] usb 1-1: SerialNumber: syz
[  129.725870][ T5915] usb 1-1: config 0 descriptor??
[  129.737138][ T7233] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  129.753465][ T5915] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  129.948877][  T793] usb 1-1: USB disconnect, device number 6
[  129.954230][   T12] usb 1-1: Failed to submit usb control message: -71
[  129.967053][   T12] usb 1-1: unable to send the bmi data to the device: -71
[  129.979088][   T12] usb 1-1: unable to get target info from device
[  129.981541][   T12] usb 1-1: could not get target info (-71)
[  130.001861][ T7265] loop2: detected capacity change from 0 to 256
[  130.016565][   T12] usb 1-1: could not probe fw (-71)
[  130.030441][ T7265] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  130.036415][ T7265] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  130.215333][ T7271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.487'.
[  130.224878][ T7271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.487'.
[  130.230350][ T7273] tmpfs: User quota block hardlimit too large.
[  130.399638][ T7285] loop2: detected capacity change from 0 to 512
[  130.405801][ T7285] EXT4-fs: Ignoring removed oldalloc option
[  130.434502][ T7285] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.494: Parent and EA inode have the same ino 15
[  130.440409][ T7285] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  130.445131][ T7285] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.494: Parent and EA inode have the same ino 15
[  130.454657][ T7285] EXT4-fs (loop2): 1 orphan inode deleted
[  130.458004][ T7285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.476374][ T5851] EXT4-fs error (device loop2): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  130.490413][ T5851] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 15
[  130.497549][ T5851] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 15
[  130.688578][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.717435][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.021080][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.087780][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.203742][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.911577][   T12] bridge_slave_1: left allmulticast mode
[  131.925514][   T12] bridge_slave_1: left promiscuous mode
[  131.937299][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.982233][   T12] bridge_slave_0: left allmulticast mode
[  131.984735][   T12] bridge_slave_0: left promiscuous mode
[  131.999612][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.023793][   T12] gretap1: left allmulticast mode
[  132.025653][   T12] bridge1: port 1(gretap1) entered disabled state
[  132.136950][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  132.143496][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  132.149106][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  132.155346][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  132.159803][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  132.619890][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.625957][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.630500][   T12] bond0 (unregistering): Released all slaves
[  133.108777][   T12] hsr_slave_0: left promiscuous mode
[  133.111931][   T12] hsr_slave_1: left promiscuous mode
[  133.114294][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.128419][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.139600][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.148433][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.177733][   T12] veth1_macvtap: left promiscuous mode
[  133.181528][   T12] veth0_macvtap: left promiscuous mode
[  133.566239][  T793] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  133.584793][   T12] team0 (unregistering): Port device team_slave_1 removed
[  133.629627][   T12] team0 (unregistering): Port device team_slave_0 removed
[  133.716253][  T793] usb 2-1: Using ep0 maxpacket: 8
[  133.723653][  T793] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  133.727797][  T793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.731208][  T793] usb 2-1: Product: syz
[  133.733094][  T793] usb 2-1: Manufacturer: syz
[  133.735153][  T793] usb 2-1: SerialNumber: syz
[  133.741259][  T793] usb 2-1: config 0 descriptor??
[  133.749564][  T793] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  133.753145][  T793] usb 2-1: setting power ON
[  133.769200][  T793] dvb-usb: bulk message failed: -22 (2/0)
[  133.789763][  T793] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  133.801534][  T793] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  133.812655][  T793] usb 2-1: media controller created
[  133.885161][  T793] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  133.938964][  T793] usb 2-1: selecting invalid altsetting 6
[  133.942306][  T793] usb 2-1: digital interface selection failed (-22)
[  133.948376][  T793] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  133.961727][  T793] usb 2-1: setting power OFF
[  133.964122][  T793] dvb-usb: bulk message failed: -22 (2/0)
[  133.969786][  T793] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  133.973765][  T793] (NULL device *): no alternate interface
[  134.085217][  T793] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  134.101880][  T793] usb 2-1: USB disconnect, device number 9
[  134.175548][ T7305] chnl_net:caif_netlink_parms(): no params data found
[  134.246440][ T5857] Bluetooth: hci1: command tx timeout
[  134.398327][ T7305] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.406752][ T7305] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.409226][ T7305] bridge_slave_0: entered allmulticast mode
[  134.412764][ T7305] bridge_slave_0: entered promiscuous mode
[  134.420560][ T7305] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.423061][ T7305] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.425345][ T7305] bridge_slave_1: entered allmulticast mode
[  134.437140][ T7305] bridge_slave_1: entered promiscuous mode
[  134.537850][ T7305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.551095][ T7305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.619475][ T7305] team0: Port device team_slave_0 added
[  134.631872][ T7305] team0: Port device team_slave_1 added
[  134.704843][ T7305] batman_adv: batadv0: Adding interface: batadv_slave_0
[  134.709011][ T7305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.739398][ T7305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  134.749705][ T7305] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.752189][ T7305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.769729][ T7305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.808029][   T12] ------------[ cut here ]------------
[  134.810480][   T12] WARNING: CPU: 0 PID: 12 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x270/0x2f0
[  134.813966][   T12] Modules linked in:
[  134.815644][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  134.821525][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  134.825472][   T12] Workqueue: netns cleanup_net
[  134.827465][   T12] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[  134.829762][   T12] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 f8 30 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b6 f1 e1 f7 e8 91 c7 9d f7 90 <0f> 0b 90 e9 fd fd ff ff e8 83 c7 9d f7 90 0f 0b 90 e9 60 fe ff ff
[  134.837374][   T12] RSP: 0018:ffffc900000f7898 EFLAGS: 00010293
[  134.839720][   T12] RAX: ffffffff8a21e3ff RBX: ffff88801f2f2440 RCX: ffff88801c2f5640
[  134.842685][   T12] RDX: 0000000000000000 RSI: ffffffff8dba6026 RDI: ffff88801c2f5640
[  134.845798][   T12] RBP: ffffc900000f79b0 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  134.849228][   T12] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: ffffffff8f630aa0
[  134.852467][   T12] R13: 1ffff9200001ef40 R14: ffff88801f2f38c0 R15: dffffc0000000000
[  134.855462][   T12] FS:  0000000000000000(0000) GS:ffff8880b861c000(0000) knlGS:0000000000000000
[  134.858946][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  134.861517][   T12] CR2: 0000200000000140 CR3: 00000000232ec000 CR4: 00000000000006f0
[  134.864605][   T12] Call Trace:
[  134.865962][   T12]  <TASK>
[  134.867418][   T12]  xfrm_net_exit+0x2d/0x70
[  134.869245][   T12]  ops_undo_list+0x49a/0x990
[  134.871029][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[  134.873046][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[  134.874923][   T12]  cleanup_net+0x4c5/0x800
[  134.876789][   T12]  ? __pfx_cleanup_net+0x10/0x10
[  134.878775][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  134.880746][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  134.882935][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  134.885087][   T12]  process_scheduled_works+0xae1/0x17b0
[  134.887294][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  134.889634][   T12]  worker_thread+0x8a0/0xda0
[  134.891388][   T12]  kthread+0x711/0x8a0
[  134.892986][   T12]  ? __pfx_worker_thread+0x10/0x10
[  134.894954][   T12]  ? __pfx_kthread+0x10/0x10
[  134.896819][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  134.898806][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  134.900826][   T12]  ? __pfx_kthread+0x10/0x10
[  134.902554][   T12]  ret_from_fork+0x3fc/0x770
[  134.904279][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  134.906361][   T12]  ? __switch_to_asm+0x39/0x70
[  134.908247][   T12]  ? __switch_to_asm+0x33/0x70
[  134.910127][   T12]  ? __pfx_kthread+0x10/0x10
[  134.912038][   T12]  ret_from_fork_asm+0x1a/0x30
[  134.913918][   T12]  </TASK>
[  134.915104][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  134.917858][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  134.922452][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  134.926329][   T12] Workqueue: netns cleanup_net
[  134.928223][   T12] Call Trace:
[  134.929542][   T12]  <TASK>
[  134.930665][   T12]  dump_stack_lvl+0x99/0x250
[  134.932398][   T12]  ? __asan_memcpy+0x40/0x70
[  134.934234][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.936209][   T12]  ? __pfx__printk+0x10/0x10
[  134.938021][   T12]  vpanic+0x281/0x750
[  134.939553][   T12]  ? __pfx__printk+0x10/0x10
[  134.941415][   T12]  ? __pfx_vpanic+0x10/0x10
[  134.943173][   T12]  ? is_bpf_text_address+0x292/0x2b0
[  134.945237][   T12]  panic+0xb9/0xc0
[  134.946662][   T12]  ? __pfx_panic+0x10/0x10
[  134.948472][   T12]  __warn+0x31b/0x4b0
[  134.950018][   T12]  ? xfrm_state_fini+0x270/0x2f0
[  134.951922][   T12]  ? xfrm_state_fini+0x270/0x2f0
[  134.953734][   T12]  report_bug+0x2be/0x4f0
[  134.955286][   T12]  ? xfrm_state_fini+0x270/0x2f0
[  134.957175][   T12]  ? xfrm_state_fini+0x270/0x2f0
[  134.959020][   T12]  ? xfrm_state_fini+0x272/0x2f0
[  134.961377][   T12]  handle_bug+0x84/0x160
[  134.963079][   T12]  exc_invalid_op+0x1a/0x50
[  134.964804][   T12]  asm_exc_invalid_op+0x1a/0x20
[  134.966560][   T12] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[  134.968765][   T12] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 f8 30 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b6 f1 e1 f7 e8 91 c7 9d f7 90 <0f> 0b 90 e9 fd fd ff ff e8 83 c7 9d f7 90 0f 0b 90 e9 60 fe ff ff
[  134.976403][   T12] RSP: 0018:ffffc900000f7898 EFLAGS: 00010293
[  134.978802][   T12] RAX: ffffffff8a21e3ff RBX: ffff88801f2f2440 RCX: ffff88801c2f5640
[  134.981763][   T12] RDX: 0000000000000000 RSI: ffffffff8dba6026 RDI: ffff88801c2f5640
[  134.984574][   T12] RBP: ffffc900000f79b0 R08: ffffffff8fa37e37 R09: 1ffffffff1f46fc6
[  134.987784][   T12] R10: dffffc0000000000 R11: fffffbfff1f46fc7 R12: ffffffff8f630aa0
[  134.990984][   T12] R13: 1ffff9200001ef40 R14: ffff88801f2f38c0 R15: dffffc0000000000
[  134.994027][   T12]  ? xfrm_state_fini+0x26f/0x2f0
[  134.995861][   T12]  ? xfrm_state_fini+0x26f/0x2f0
[  134.997704][   T12]  xfrm_net_exit+0x2d/0x70
[  134.999386][   T12]  ops_undo_list+0x49a/0x990
[  135.001137][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[  135.003259][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[  135.005338][   T12]  cleanup_net+0x4c5/0x800
[  135.007169][   T12]  ? __pfx_cleanup_net+0x10/0x10
[  135.009149][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.011032][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  135.013073][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  135.015239][   T12]  process_scheduled_works+0xae1/0x17b0
[  135.017523][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  135.020089][   T12]  worker_thread+0x8a0/0xda0
[  135.022041][   T12]  kthread+0x711/0x8a0
[  135.023563][   T12]  ? __pfx_worker_thread+0x10/0x10
[  135.025525][   T12]  ? __pfx_kthread+0x10/0x10
[  135.027249][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.029169][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.031568][   T12]  ? __pfx_kthread+0x10/0x10
[  135.033375][   T12]  ret_from_fork+0x3fc/0x770
[  135.035213][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  135.037290][   T12]  ? __switch_to_asm+0x39/0x70
[  135.039206][   T12]  ? __switch_to_asm+0x33/0x70
[  135.041012][   T12]  ? __pfx_kthread+0x10/0x10
[  135.042632][   T12]  ret_from_fork_asm+0x1a/0x30
[  135.044481][   T12]  </TASK>
[  135.046461][   T12] Kernel Offset: disabled
[  135.048222][   T12] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:36:05  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=0000000000000031 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900000f7030
R8 =ffff888107898237 R9 =1ffff11020f13046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af98eb R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000140 CR3=00000000232ec000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff000000000000 ff00000000000000 XMM05=000000000000002d 0000000000002f2e
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffffff0000 XMM09=303a312d322f312d 322f326273752f31
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81b44d4b RBX=1ffff11009608341 RCX=ffff888107a01cc0 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc900032cf700 RSP=ffffc900032cf578
R8 =ffffffff8fa37e37 R9 =1ffffffff1f46fc6 R10=dffffc0000000000 R11=fffffbfff1f46fc7
R12=ffff88804b041a08 R13=dffffc0000000000 R14=ffff88813663b1c0 R15=0000000000000000
RIP=ffffffff81bfabc7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fda912e7d60 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00007fda907876c3 00007fda907876c3 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 00ff000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000ff0000 XMM05=0000555582c43cd0 0000555582c434a0
XMM06=0000555582c3e304 0000555582c3e300 XMM07=a7d00300100001a7 c00302100001a7b0
XMM08=0340100010033131 3230386c6e000200 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
