last executing test programs:

3m34.615286808s ago: executing program 2 (id=1079):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000054000000030a01030000000000000000050000000900010073797a30000000000900030073797a30000000002800048008000240000000001400030073797a5f74756e000000000000000000080001400000000014000000110001"], 0x9c}}, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000940)={@local, @empty, @void, {@ipv6={0x86dd, @dccp_packet={0x2, 0x6, "1c0adf", 0x58, 0x21, 0x1, @ipv4={'\x00', '\xff\xff', @remote}, @local, {[@srh={0x1, 0x0, 0x4, 0x0, 0x8, 0x10, 0x9}, @dstopts={0x21, 0x0, '\x00', [@generic={0x2}]}], {{0x4e20, 0x4e21, 0x4, 0x1, 0xe, 0x0, 0x0, 0xa, 0x1, "a43a72", 0x6, "5e6a98"}, "c72e76f2bfa5ab126751365f0803d9fbcd60ed354a4d00d18f7635414162d88bfab2f1f11e6ac9996d7e9697017ee73a"}}}}}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}}, 0x24}}, 0x0)

3m33.903431682s ago: executing program 2 (id=1080):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r4, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)

3m32.79416522s ago: executing program 2 (id=1086):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

3m32.793422691s ago: executing program 2 (id=1087):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x2}}}}]}, 0x40}}, 0x0)

3m32.736270195s ago: executing program 2 (id=1089):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0x58}, 0x1, 0x0, 0x0, 0x8001}, 0x0)

3m32.735770752s ago: executing program 2 (id=1091):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x0, 0x400, 0x6, 0x0, 0x0, 0x0})

3m18.204653123s ago: executing program 32 (id=1091):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000001c0)={0xa1, 0x0, 0x400, 0x6, 0x0, 0x0, 0x0})

2m6.782376385s ago: executing program 3 (id=2425):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xe, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@generic={0x91, 0x1, 0x1, 0x81}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)

2m6.782064498s ago: executing program 3 (id=2426):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002500)=ANY=[@ANYBLOB="e5000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff0000000065040200000000ff2d400500000000003400000001ed00007b030000000000001d440000000000007a0a00fe00ffffffdb03000051000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2400000000000000800643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10e98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad8018bbe4424edc6d9b0e61b404bb7a2d4883bbc200de8332029cbc04a0bc52"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

2m6.727998027s ago: executing program 3 (id=2427):
r0 = gettid()
prlimit64(r0, 0xe, &(0x7f0000000140)={0x9, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000180)='./bus\x00', 0x10, &(0x7f0000000040)=ANY=[], 0xff, 0x5a82, &(0x7f0000001080)="$eJzs3X+QHNV9IPDXM7Pa2V39WAkcZDCrRUYJwbG14lf5RyqWc4mdAoeSyynH4mTDglZE9kqo9COATGKRA591YJedci7ByR/EhX1nW3FxZV+MQpmAOYnzLxUXH3VlU2ffYf/hK8KhMqCjXD42tTP9Zmd6p7dnZ2elBT6fkran37z59rdfv+np92Z2JwAAAPCqcPzOfaeuPvd3v/1nEy989Pf+YdftYahcK6/GCsPp8pYzlSGnU39lbW2Z7Re/9pEv/XT0ht/+1v2Dn3/x2PYLdvzwd8664cEPXXn0nr9+5PkVX3vpqaK4sT9dPLOePJOEUP3Gyb/42LHvnDNdlqyc/lk6FMLqZM0jq5NMiLFfhBC2T+cYQlibufOrL1y6Y3p5+139LeWrMvX091e36eM83bEOnrr5DeFH79h6x/fWfeXv+o48fWimSlJt6k8hrLyu+fF9IYSB9H9I+2Jo6o+x024JIQw2Pe7NBXm9vsP8N+asn5cul6XLoYI48f71mfVSpl52PerLLAcLtrdQeXl0U6/cQZ3lmfXsyWih8vKM5avT5dfT5cXzjF9O96GchFISKo30J5OZPhKajlsSktqxrDbWS41jG9L9z6wnmfVSZr3cl9mv2nbTjlZOktbyWC9THk/HlbT8guZzdRvvzSl/bbqspk/UF+N6yN6oG5p1o7FfNTGvk3PkcjqUms5B7cobBz49GENp2VCyZtZjptqI9x3beveG8rZvHh/OySO5P0njJ13FP/jd1cs/+OXDB7Kv643415XS+KWu4v/4qhPPXnP4c5/Njf+pGL/cVfxLHhp85qpH71yf2z4nY/tUuoo//tRjn1h39vVHcvO/N8avdhV/89ET/StOPfRwbv5jsX0Guor/5Nve+ZMvPvHA07nxQ4w/2FX8bUf3fLJ/5NRFufEfju0z1F3/ee7IFT8YGfnZaF78x2P8FV3F/8Khe95636q7rsw9vlti+wx3Ff/dFz54x/JTD5yfd+5M7u30FRaAds5Kr7E+nq53Nc6cys5azF/TeOGvRiv1a77l6f8VC47eJHPxOb2dlb2MDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhNe84b++63+/b/iZSrren954slRfxvJlISQDIYR9+8f37t+5+8bRD910YO/u8cnR8f2jE7v377119LLfGN07sWdy/Nbpe8feeGn9cWtCUl8m58/a9kCYmioNt5bF7f2rC4/8aMOb/88/hzD2mu+PVHLz33jPrvvObvMzI9k89fZdB67+/uV/m+7XcJrXcJu8pqampkJOXv/3/b+8789P/vSiEMZ+Za68Hnvyt/6xJaFawUycVKk/1BPqTwbb5tHIOs0ntldlx87JibG523f68eWc/fjXH3n6Fztu+fQv6+1bzd2PDtt3YPPUZOkvt777///lbfWCorzO1HEvau+4FzG/2H7VtL1Xpvu1Mme/Kjn7def3Hn7iG+cezm/ogv3qSztAX/LajrYb924wWd1SXk3rx0Ti4zbu37Vn475bD75x567xGydunNj9lk2Xbbpi7PIrLt9Y2/ONvdn/5w+Fscpz6wZD3P6vdrj/vehPA9ln36ztrvrjQ1+PPzvrT615LZt3e0znVdwezRnlPf8G3/uxz7zlnkevrhcU9fNYu3E+SZeD08d5U2jqb7Pbqt1+FR2fEMJou3Z49vkrwzn/Y+cdReeh5iPT/DMj2Tz1nfU//9s3/83a36wXnJbzfHNCXZ7nG1nP5FNrr+qOnbc3111q7dsfyul+DbXNa9N3Hu27+/g//0kjv2XLwi3j+/fv3VT/uTzNdHlyXtu8sqVxv9bVfpZDenhDo5u26a/T+kI9v+z5M1bPtupQet9QsqbtfmXF+45tvXtDeds3j+e1dHJ/fYsDYUV9mbwup+Zk5oHlRsLttr9Un39F/WPkXX/ztfd97e8vm9U/Lqn/LNqvJGe/vvLEFz7z+U//27/v3X6967dODP/8f/7RhnrBkj+vlOuJNLJO80lmziuTE5eEUPT8Wxfa70fj+ffvyzFumlH7/Sl6/mW3M1O/fbzRzPpQKHf1fL3kocFnrnr0zvW5z9eTcz1fm3f2tpbHlQuer0ul/2SfX0mlNY/Fe361dJRk89S3Pn7WoUc+uuXcekHR62Wjdrt+fWkH44+c/frHa34wctPov/nvvTtvfOk3vnrtD8c3/2m9oPvjHnPpzXGvpu1bzWnfRtZx3Nncvm+64abJ7fXyonY+c9e/6bJg/BNPJftuPfjh8cnJib37OtuvTl9P43ayrdzt62k8u60p2K/SrP1avBudtFenz7eY//au26v1+TYUkq5eFw5+d/XyD3758IHhWY9KN3RdKY1f6ir+j6868ew1hz/32dz4n4rxK13FH3/qsU+sO/v6I7nx703S+NWu4m8+eqJ/xamHHs6NPxbzH+gq/pNve+dPvvjEA0/nxg8x/lBX8VM/y43/eJJuZ/oaKYSvvnDpjvp6EvrS51vMo68lr5BdTzLrpcx6uXm9FGcR0g2Uk6S1PNZLyy9oyqWdP8wpj1dh1bX15YtxPWRvzF2+1JSazv3tyouuUwEAXuni+//xGjS+/z+RXijlzzTAjG7HYT9+7sgVPxgZ+dnanLhxHDYzn9P6HuvaNH58fJwHHHlTGJte3j5av9Cf7/sI8fmQneeM27no9a0xCuc5p2rbnzXPWTT/vj6zHvOqz5dXmsahqdnjmkroYP59fSZM0fx7ZveL388a/fistEab5q2yx68vnTFr93mH0NoulekIef0jOy8WP88xsjJsqW2vw/6R/RxNPA7Zz9HE7ZybOXF2+zmavP4xPLsdWvKK/SPWm6N/1FIufj9y9vELc7TvzPFrHy17/OZxvKsh/KfPxZXFen+2B/OGbU9pncwb9rfZQryv83nDxX0/zLxkTvz0CdbBvOFLq1oed3rnDWN53I9Kh/OJ78sp79V8YjxdxLxOzpHL6WA+EXiliuP/+BoxPf6fvgD/f5l6ReOU7FVjjJf7Ob1y+3yKxh2zP6c32NXr+Lajez7ZP3LqotzrnIc7/Zzenpa1wYLP/RS144bMemE75kzQFI33stspavfs5zKGwoqu2v0Lh+55632r7royt9231F9Ii9v9My1rKwrafbE/z/ny/5yB8ULb+Ev8cwydzp+dsc8xpB98WqzxyB/klM93PDI460Zjv2qW7nhk5oW0v3UCDwCgrTj+b7x/lo7//1eskF5HFI1bL86sx3i549ac65O8cevvp8tbMvWH0t+omO9187svfPCO5aceOD933HJvp+PQ/9iyNlw4Dl3YuDl3HLGlN58Xzx1HNMZZCxsn5ubfGCcubJye8zZt0zh9YePo3PZpjKNb5wE+c6Kz+HEeIDd+Yx6gh+Pcl2Yqnb5xbsF8XWZjcbXT+bozMo5e2bqfizKOTn99drHG0e/NKZ/vOHpo1o3GftUs3XF0a7lxNADwShXH//EyLo7/H83UW+j77Lnjgh5dt2f/Hkgj/uOLMq6cid+j93+Lx32LPW7NG9cnh9ptJd7b+bh+seclXu7v/y72vNBw7Q94pvE3rewwfqfzZGfs/eWlMi5ON2pcDADAUhbH/wPpev74f2Hjk1njt776JeTM+OTlNz5vrnfmxue9et/d+Lxt/E7ft86Jv3Tmvxb3czKv+vF/XE9Xp4z/AQBYguL4P/7aY/z7f/8lXc/+3fqlN06fSi9JF+l99LQ9jNON08Mc4/S35/y+R7y/83F6j+fZYvzmzwGYBzi9n48fmKlvHgAAgDOhrzZSmv179h9Il9nfs8/7vfxrcurXdPA3USvp5fH1+/dOTFx7YM/28f0T1+6+afvEvmtv3rtz//6J3fV6Cx035o5b0iT7QiVtj/b1suO2VenEwKqcv4eQrR/Dnle7MfvvIWQ3O1DwdwRmjl9n+eYdv9Ic9dv1j7zjnRf/D3PqR43jf8MfXXLtjn3X7ty9c//O8cmdBydao083xOA8vjczSf/P6/tSH3vy3x0PoX6r9q2ZGaX5f39nPDzzzKPlx6wnUmm6RZLc4z+dR5LJY3Wayeq87z/Iyfvb/+3P//jCqV9+MYSx15RfN9+8W0NunvrP75/4/f3Hv79nOv/SnPk3aqZ5FX1fabZ+3J/K5E379r9hx00Hdme/UbI7cT6j1FhfpPmM9Olf7nB+YltO+Xx/f78868bS1PH8xLR3XH/6EgMAWOLi+//xeja+f/jp9AIqlnc+Tq9fOHb7/nHuOH2ss3F69nvJisbp2fpxfzsdp1cXOE7Pbj9/nD6QW7/dOD1v3J0X/w9y6s9X5/2ki9/HiMPPLx8+kNtPrsv2k4G29bLfZ1DUT7L159tPkgX2k+z2i+Zz2tVv10/yjnte/Pfk1M9T1B8qjf6wsN+fye0Pn+rsvPHrmfWi/pCtP9/+UFpgf8huv6g/tKvfrj/kHd+8+Ffn1O9Ua/+Y7hi1fjFx7c037f1wU73F/v6LMPsjGZ3kt2zmsYv7/R/d6rx9F/dzXwvPP4TNtZK8/Bf3c2ULz7+o/efx+18rw6zPleXm/3jOCaTn+S/u97tk5FWf/fjTNV+bngmKPn9WNI+7Nad8vvO4y2bdWJrmNY8L9FQc/8e3e+L4/6502eu3gV7+35Pme8zaxu/R95gVXce86l7Ps2+5ez0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePnrD6G/srZ28/id+05dfe7vfvvPJl746O/9w67bf+0jX/rp6A2//a37Bz//4rHtF+z44e+cdcODH7ry6D1//cjzK7720lOFsYdrPysXp6vVEJJnkhCq3zj5Fx879p1zpsuSEEI5GT4UwupkzSOrk0yEsV+EELbHVCutd371hUt3TC9vv6u/pXxVJkh2v8JQOebTnGcItxTuES9D1bSfHTx18xvCj96x9Y7vrfvK3/UdefrQTJWk2tSfQlh5XfPj+0IIA+n/UH/K1KyND06XW0IIg02Pe3NBXq/vMP+NOevnpctl6XKoIE68f31mvZSpl12P+jLLwYLtLVReHt3WK7I8s549GS1UXp6xfHW6/Hq6vHie8cvxfxJKSag00p9MZvpIaDpuSUhqx7LaWC81jm1I9z+znmTWS5n1cl9mv2rbTTtaOUlay2O9THk8HVfS8guaz9VtvDen/LXpspo+UV+M6yF7o25o1o3GftXEvE7OkUvqPxRX6V6p6RzUrrxx4NODMZSWDSVrZj1mqo1437Gtd28ob/vm8eGcPJL7kzR+0lX8g99dvfyDXz58YG1e/OtKafxSV/F/fNWJZ685/LnP5sb/VIxf7ir+JQ8NPnPVo3euz22fk7F9Kl3FH3/qsU+sO/v6I7n53xvjV7uKv/noif4Vpx56ODf/sdg+A13Ff/Jt7/zJF5944Onc+CHGH+wq/rajez7ZP3Lqotz4D8f2Gequ/zx35IofjIz8bDQv/uMx/oqu4n/h0D1vvW/VXVfmHt8tsX2Gu4r/7gsfvGP5qQfOzzt3Jvf26pUT4NXprPQa6+PperfjzIVqGi/81Wilfs23PP2/opcbypjezspFjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCvTP9122Qfe//b3bK0kISQ5dabaiPeVl23ePNrFdsefeuwT686+/khz2dou4gAAAADF4ji81CiphrXh5mQgnNe2fpwjOC+uJa3l2WWMk50j6DROyMQptYlT6iJOuUf5VHoUp69HcZb1KE5/j+JUC+JUQ2dxBuaIU5nuAR3mMzhnPp3HGepRnOU9irOiR3FW9ijOqh7FGZ4zTuf9cHWP4qzpUZyzehTn7B7FeU2P4vxKj+Kc06M42Tnl+fbDFWnNc/Pi1G6UC+NUknLjjnbz6eek2zl/gdsZmnM71akVRa/HHW5noGB/4nZen3lcqXg7h5rrVzvczq/Ofzut+9/hdn59gdspFWwn9ttbsvnF7cS1Dvv/rT2Kc7BHcT7Sozi39SjOn8wnTpv3yGKcP+1RPh9dYByATsXx/8x4bzj0V34zDKZnnOwsQBzvrqv9nP16l3dCivFelylfVhQvO1DPxFs33/yyEwiZeOsz0fpa4lUa45E54lWb423I3DnX/r5tc/vcmuNdnCnvnyNeTXZiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAW0T/ddtkH3v/292wNSZj+19ZUG/G+8rLNm0e72O6xrXdvKG/75vHmsv5KF4EAAACAQnEc3tcoqYb+yqbQnyxrqVdN5wGq6Xp5uL4cWRm2TC+T0VJtfTBZPefjKunjNu7ftWfjvlsPvnHnrvEbJ26c2P2WTZdtumLs8isu37hj5+TEWP1nCP0F8UIItemHfbce/PD45OTE3n31wmz+a9PHra0lW/tXe9zIm8LY9PL2NP81Bdsrzdre4t3o6AACAAAAAAAAAADAv7Brt6GSluUDwK9nZs7MeHT/zh/fxsU9DusqVlZqx9ASzwNBgi+LByHmWCdZciXp6C66K2aTLqSmFIGysGz4oQ2TNOmLLymRLywYZgmdTUKl/FAfCi1DxQ+hTJwz88yZmTPjnAZx1+33+/C8XPd139dzPx8OXM8ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAP0WJjer4+Mzs3mUQkQ3KaA2Rj+WKa1sao+5Untv+gNPXO6d2xUmGMhQAAAICRsj58ohMpR6mQj3ycuHy3MboGYqXvBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/vcsNqbn6zOzc0cmEcmQnOYA2Vi+mKa1Meq++tZDn31paupv3bHqGOsAAAAAo2V9eK4TKUc1TomJ5MSlzr8Tzb4NrO+b38pbka2zYY15/d8OhuWdssa809aY97EReZvb55sCAAAAPvqy/r/QiVSiVFi3qh/O+v9RfX2Wd3JfXr59XvtvBYprzgQAAADeX9b/lzqRapQK1U6/vtZ+f2NfXjZ/1P/ts/mnDpk/6v/5l7bP/k8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8di43p+frM7Fw+iUiG5DQHyMbyxTStjVH37Ccn/3Hx/ts3dsdKhTEWAgAAAEbK+vCV1rscpcJkTMSRy33/1IX3PvKlRx6bjohWm18sxk1bduy4/uzWMcs76/n9E99/9vVvr8o7q3U8aBsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+MIuN6fn6zOzcEUlEMiSnOUA2li+maW2Muq98/ot/eeDFx1/rjlXHWAcAAAAYLevDV3r/clSjGMU4fvmuu9dfkuubP+ybAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD4uOGbN39jy8LC1utdHJyLZj7iEHgMFy56Lw72XyYAAOCDdnIk0fwvnXDZwX5qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgULDYmJ6vz8zOlZOIZEhOs9nctXTolo3li2laG6Nu+sQLpXXvPPl0d6w6xjoAAADAaFkfvtL7l6MaEzERxy3fDfomsNz/Vz7EhwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKYuN6fn6zOzcuiQiGZLTHCAbyxfTtDZG3ft37f3cfUd/76LuWKkwxkIAAADASFkfXuxEylEqfDxKcVL7fqF3QpJvnwd/F1iZt71n2uSa5zW6ZhUjv+Z5d/btrNDeTWteuR3NV1rnzrzayrxce16ta141OuVrnXnLL2t3T7V1I55z0LsHAACAD0vW/5c6kUqUCqWu/v+nPfkVfS4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMMRiY3q+PjM7lyQRyZCc5gDZWL6YprUx6t782/8/6qs/u2tnd6w6xjoAAADAaFkfvtL7l6MaG+L/YsNy3x+V3vws75/1d++7519/PT3izOMPTBX6l/1RdvHrVy54qv8QkevNzkUc3a6XDKn3m9/fc+Om5rsPRJx5XP6kVfXi/ev1Lpk2H61vvXTHswe2j3g5AAAAcJjI+v+JTqQSpcJ1Q/v/rPMe0f93LDfgR9+46xfHto/tjrxvRq7SrpcbUu8Lmx7686nn/v31pf5/db1Pdq4+vffa+47tKdiK9EnS5sy1OzcfOGdfLtt1q36+r372Xr78rdf+ffVNd7/bql+Ocju+vu9RWtVWH/vKR9pcyO2Zu+S9PY3e+oUh+7/9d0+/+Kv1d729VP+tkyc79U+LQfVbOy8MrR9HpM3Jy+/Yfd7e/Zt760dELfKr67/x9kVxwh+vua1//5N9C3e/+e5j/wtIm89vfHPfufdWz++tnyzV75K9/5+/eP/un9z93cey+tlvRU4/Za31c331n7vzmF3P3HrZ+t76ub762f6fuuKlqW217/yhf/9X9axaGPoUq/f/4BkPX/nylvSW/iEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDDy2Jjer4+MzuXSyKSITnNAbKxfDFNa2PUffXiF9644q4f/7A7Vh1jHQAAAGC0rA9f6f3LUY1iFGNyue9/tL710h3PHtgeldZo0j4XFrbdsOMTV2/bed1VB+nJAQAAgLV69eJkuf8vdCKVKBU2xUS7/5+5dufmA+fsy2X9f27pnETE1dcsbD0zOnnP3XnMrmduvWx95ztBxPLPAspLeZ9Zybvwghcqb/7p66cOzDt7Je/5jW/uO/fe6vlZXnTnnRWd7xMPnvHwlS9vSW/pPF933qe+tm2h/XkiW3fy8jt2n7d3/+Zc9h2jfZ5sr5vlLeT2zF3y3p5GrhKlpfF8O6/c3jcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNpiY3q+PjM7F/mIZEhOs1s7kI3li2laG6PuJZt+edtR7zy+oTtWKoyxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAfduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBffyFSlX0cwJ9nZvbd2Z1d3dUX2orW1YrCLpSCiLqpqAiNELoyJCzNiygIIgq7aA2NxIpugqwbiQqqLQSD3CTRYo3+STddVFBgXQQiLdQu0kXGzjxnnD3OaXS2AunzgeHZ5znnfM/vnOeZM3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4LzSWxmpt0d2PDJ750W3fvbU/TNP3v7BQ9uueOKtn8Y23fzp3v7XT05tXr7l21uWbjrwwJrJ3a8c/m3wvT+OdQx+vNGsTN1qCPFEDKH64fSLT099fsHcWAwhlOPQeAjDccnh4ZhLWP17CGFzs875G/fNXLNlrt22q3fe+OJcSP66Qq2c1dMwNL/eVqfyYZx3qmmdbZ197Krw/U3rt3+57N13eiaOj5/eJc7tU07rKYRFG1uP7wkh9KXPnGy1jWQHp3ZdCKG/5bjrOtR16VnWv6qgf3Fq/5faWoecbPuKXL+U2y/fz/Tk2v4O51uoojq63a+TgVw//zBaqGadq9qPD6f2/dSuPMf8cvaJoRRDpVn+g/H0Ggkt8xZDrM9ltdkvZXNbCen6e1qOiyHEXL+U65d7ctdVP29aaOUY549n++XGs8dxJY0vb31Wt3FXwfiFqa2mL+rJrB/yfzTUzvijeV11WV3Tf1HLv6HU8gxqN96c+DQZtTRWi0vOOOZUG9m2qfXPXl7e8NGRoYI64t6Y8mNX+Vu/GB645+2dj44U5W8spfxSV/k/rD36y907X325MP+FLL/cVf7VB/tPrP14x4rC+zOd3Z/KWeXH1M+23Xvsk+eW/f++iXZzXc/fk+VXu6r/xsmjvYOzBw8V1r86uz99XeV/d8NtP7759f7jhfkhy+/vKn/D5MPP947OXlmYf6jxVajVV2gX6+fXiWu/GR39eawo/6vs/g+2yY8d898Y3339a4t3rSlcn+uy+zOU8vvOqf47LjuwfWB2/yVFz8645+/65QT4b1qa/sd6JvU7vWfumym1fc9cqJb3hZfGKo1foIH06fRuuBBz51n0D+YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwJztwQAIAAAAg6P/rdgQKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVAAAAP//y70YrQ==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)

2m6.398774767s ago: executing program 3 (id=2429):
modify_ldt$write(0x1, &(0x7f0000000040)={0x6, 0x800, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000080)={0x5, 0x0, 0x1000, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10)

2m4.847439854s ago: executing program 3 (id=2460):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000640)='syzkaller\x00', 0x8, 0x8d, &(0x7f0000000680)=""/141}, 0x22)

2m4.847152119s ago: executing program 3 (id=2461):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000180)={0x23, 0x1, 0x13, 0x1, 0x0, 0x2, 0x0})

1m48.525045834s ago: executing program 33 (id=2461):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000180)={0x23, 0x1, 0x13, 0x1, 0x0, 0x2, 0x0})

34.286025755s ago: executing program 4 (id=4032):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x0, &(0x7f0000000140)})
getpriority(0x2, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT=r1, @ANYRES64=0x0, @ANYRES64=r1], 0x20)
r2 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
preadv(r2, &(0x7f00000033c0)=[{&(0x7f00000031c0)=""/207, 0xcf}], 0x1, 0x6, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r4 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_SIOCGIFCONF(r4, 0x8912, &(0x7f0000006000)=@req={0x28, &(0x7f0000005fc0)={'ip6gretap0\x00', @ifru_addrs=@nfc={0x27, 0x0, 0x0, 0x7}}})

32.544510951s ago: executing program 4 (id=4055):
request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000240)='.,:[#\'%*\x00', 0xfffffffffffffffb)

32.54424259s ago: executing program 4 (id=4057):
r0 = syz_clone(0x82020080, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x1, r0, 0x4000)

31.699990272s ago: executing program 4 (id=4067):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f0000000400)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x7}}], [{@fowner_lt={'fowner<', 0xee00}}, {@smackfsdef}]}, 0x2, 0x46f, &(0x7f0000000a00)="$eJzs3MtvVNUfAPDvvdPC78erFfEBolaJsfHR0oLKwo1GExcYTXSBuqptIYRCDa2JECLVGNyYGBJdq0sT/wJ3boy6MjFxpXtDQpQN6Krm3rkXZoaZPugwUzufT3LhnDln5pwz5557z71nbgPoWUPZP0nEtoj4LSIGqtH6DEPV/65dOTf595Vzk0ksLr72Z5Lnu3rl3GSZtXzf1iIynEakHyVFIfXmzpw9MTEzM326iI/On3xndO7M2SePn5w4Nn1s+tT4oUMHD4w98/T4U21pZ9auq3ven927+6U3Lr48eeTi2z9+k9V3W5Fe245bsunml4ayhv+1mGtMeyT+v6bi1pvtNeGkr4sVYVUqEZF1V38+/geiEjc6byBe/LCrlQNuq+zctLl18sIisIEl0e0aAN1Rnuiz699y69DUY124/Fz1Aihr97Viq6b0RVrk6W+4vi0stKP8oYg4svDPF9kW7bgPAQCwjE8mPz8cTzSb/6Vxd02+HcUaymBE3BEROyPizojYFRF3ReR574mIe1dZfuPS0M3zn/TSLTVshbL537PF2lb9/K+c/cVgpYhtz9vfnxw9PjO9v/hOhqN/cxYfW6KM71745dNWabXzv2zLyi/ngkU9LvU13KCbmpifyCelbXD5g4g9fc3an1xfCUgiYndE7FndR+8oA8cf+3pvq0zLt38JbVhnWvwq4tFq/y9EQ/tLydLrk6P/i5np/aPlXnGzn36+8Gqr8tfU/jbI+n9L/f5fpHx5pggMvlW7XjsXq165vPD7xy2vaW51/9+UvJ4fj8pl1/cm5udPj0VsSg7n8brXx2+8t4yX+bP2D+9rPv53Fu/J+v++iMh24vsj4oGIeLCo+0MR8XBE7Fui/T883zptPfT/VNPj3/X9fzCp6//VByonvv+2Vfkr6/+DeWi4eCU//i1jpRVcy3cHAAAA/xVp/hv4JB25Hk7TkZHqb/h3xZZ0ZnZu/vGjs++emqr+Vn4w+tPyTtdAzf3QsaRcDq/Gx4t7xWX6geK+8WeVyOMjk7MzU11uO/S6rS3Gf+aPSrdrB9x2zdbRxps80AZsPI3jP62Pnn+lk5UBOsrz2tC7lhn/aafqAXSe8z/0rmbj/3xD3FoAbEzO/9C7jH/oXcY/9K6G8V+JX7tVE6CD1vJcv0AvByLtUFmVWPPnrPzvQdzuwJvroxorCHT7yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAe/wYAAP//JgPv9g==")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./bus\x00')

31.699694589s ago: executing program 4 (id=4068):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ec0)=ANY=[@ANYBLOB="b702000024000080bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006502040001001f000404000001007d60b7030000000000006a0a00fefdff00008500000026000000b7000000000000009500000000000000c743a0c8e3ebbadcb74220e5a7efcc9ac1467fb2ea80dbcf8df265e1b40e4c8afd5c0c000000008da68076774bbcdb2c769937000090af27db5b56024db96bcbbbd2cb2000ce03000000000000007e357754508535766c80114604a86fe569b05614eab9297eb290a248a120c9c6e39f403ff065fd3052aae80675eeba68562eaeaea5fecf298ca20f274233106eab63ecf772de7b265040b6c50b7420b48a93fe94c756108afcd0b2eb78040000005f02a5a6474ae549070004000000ed5020e6474ac921fee1f6d8ad6a80d0947cd6d4a561ced21a0b4a902be6af7ec2d1ba002e57f301000000000000000000000000100000aaf25343063e6581f9e6de14ad72e5ad84309f47f96a576cd20cef7ed951a73ea73d7c7f14e306f1f1d1377e57abb19700f0077e9d0000b93eb0f2c6f8141e350dc68147e5958128d22d58625cf9dba211bfff9c3709c9b134625d3d2369f516a49eeeb1a662c8dfb875bdf5c6ba73cccdfacb202994c40d322717faff03323dce8a34ee0ca2cf61efb4b30000642735d6d482ba98d252f36c54333a8b1aa736369392b9067665339820f5f1557b0bf7cc06a5a13c714e0b1a1f000000ff3283076cda3d0b1a2905cfc3d04f1db264b530abcbe44bc405f600807909727fb819afa1907228fa9e83433eedb4ac88d0285594ffb0d14c09d5c77f33702822b02488ea570204c8441ced81cacf945dcb2486d658eec8bcaffbe800a041a378b40dc9e3600e916ae6307bd8325a442095bc9a8b0c95905979f34adddbb26f0d24425c8ab9d937d84b521914f92eed3d3e9de82942a952e86b567aff5bc2e3d1fcc00f618363df5d0d181ee8f4b8fd356c9eb365adc037e443820c05c5db16ff07a9cb471e2ebf91ab00a05f88c1cd55f8c81f5eb1f8d615ca27efb2193bb61665a1ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50225563cd37343d09da72472efc2b2877fbab12a891513e5f0763ae06c0610a2869747c143d7500760600f3ffb2310e19ac58bf29d7f178d09a9f634a3ae492f54649589e3692768a0f3a082c5242c8fa7ff40007ff275df45508ad85950d8e08465fa1067ea8f383b3e7a7ddf5977d46f4bc38f914b4a496426d8468f9ba618b6b2218b50c8fc9efbce3ba799cf70de7e13be871aa7eb402e2b11f440361e18d4e334bfc6ae54e62e67a0338c756c544189e4519a029674e2a2bbbc7f6600000000000800000e5e30b70b198246d3a62660600000030a0af132e680510811d3ab71af5d98e2d3d928a749e8b9402d14655612bd58fb40b4625cb69bf6cea97b447f2d970d99100000000086000001b881afb2cc500003a73562af4878f75b4c98274eeb666aa1f5fcf91990cf0dcfef9540057b8a3fff2bc02c5941626d2015f414546e87835ba18e9101734a9e9c6955fc6b9a25fe2a3dd8bab7f21beccba5493a164c663eceed401737c12c65804712236a9a29a43b1e27e9b6816f2328ea8423121f12b7b35aa721fef26934ccafde573bee5c33ef15309f43cbd5d61aa679a9c402d337ebf57a5eacb569401c1df7b9c45b09743c61d1db37f0000000000020000000061d7d6818db785d8ba13dc577fe61a68eb365de5661f43d4c789bb117a3d208ae44a381b718b3157e218959156ff8e92b7e92bc275d2c9114547351a0d0f2a70d13be0194b6cb68b03000000000000004f153bbc7f52861e4e5df0d19e4e40ac44cfda6f87807e5b5ed7072c04da88afd3d4b79f060e004a0e2f00b9e726ac75d2ac0691314c627e9a8a07bdd607919fd48f01ad6d2f7621d9a75b134f1bc25ed7c33d411a5baa4daa3add16afc502b2b7629541d722e91d631e5ffb9d4beb5aa5a2c4e490a5bd5cf4538ba310b8cbc221af38ea842d4cb908bcd574f794459fd54b58c6a791e6df620047bade4ba41ee014184395a479544619f749ff70088b0fd115077f7eff7c5a3315ca604d110df1c54407f191a78d8362e4dc6e1138391c2a65246779bb76c9f1daea4f085f38810edef6dd047937c231cba791a4e7713c5b3b0a0b6ba37db5016e02d114d714459d065a79609fea4efebad04edac11aac0e53dd094827453144fa419ee81823d00a90a9058ba740d2f41253a8d01a8c1a7265a084e30ad10d412aee8170a7111d62473e7bd8f3d64fb7ebdd32aada331900000000000000000000000084ef49dd02000000bf48ea48e0e1f463d9dcb285038ec38d5f4969ed0e98a71ac7bf8159a234833a5241722b2d24aa2fa4965d4eb7966fb27d118b6ef3308627e67d42f1041d5e92da28e0a7724ce715854775cbe06c5166f1dac0745f1373156a536cb6394c2c4473e2050cacf693fdf8e305080000001a901ecd90a5f53b8327a485557bc2a147b036477915e600000000034258ebbb6099b597d17ee2fc97ca850b8580b1337016a40566814594c13052b9d2b0741326825f19a244609ac04a0c29691a7c8f7a78c1a7590a293c561f304533c638ae635f5ce026f7fa034d8cfe0e11831d4829692beab26891ef583cfcb713a4d3a2d8b958c0875d7e4bdcf98802db086ebcbb9d82fa569a18f06facc2ffe1ea9ae4231e1e7a5dd7503faa2de7f898c97788c4b9c61c70ff92abdf7476cc351156d11c0ada7614f315f4c6cca119d16827d4e864f5a7a9b690272a510c451dc07f391309d02e31e53b2bf0b5f86e776b1bcfe6c85ccd7ddf8a9559d58bb5603895f265685fdd11263c946f8ef3ccec1b0d45a47a89b8237cbbdab14e4ca6dc76b2c41e071b93a065c0f5aa718e1cfab29beea78a6bd9a3114f0fb92be9a5862627b4bd99db2c08e4636e43f05f33535d5d1f9bb40e1fd8e5125a3d29b31dd94a6744bbc21722222b976089f073a4d3fcafc6d06518cf0c4fc6c8e3da0000000000000000000000007d3b60775243f2143d9f54804b11102cf0e4c641db1ba8bf75e46ab3a8fdece6562e7ebb3e407f3c7504dfa3da3aecbd49af3d1edeea11cc970416fadeedc8423bfdc85041ac4d8243a1130e6f4cb5bbfed9d095e18c98c7d690e4c491a7ddcd5635bc61dbed719ca28e8ca3f1fbbe588913ed057f1d6e34a79f4dc10df54d1993a5bc5f9ef6dbd339ee4b0b5764169f305e284ef82cc23e9366d4bc7eb45c7230b13433e5240657cb8eba33260147be8620b6d98cc48b000000000000000000000000c1ce872b18984f080100000000000000bd3fded92547d41809b398f36749083a147eb09ff1ed601bd36b873d3947fb223da647052528e0466cb917db7800f7c7000b593fca1903991cca1343882e3a1f60044f11c081dae4fc5bcf20efacdd2c577f4bcda2eea6f75a31dc90eebb6135b6fb824052181b0ad8a49ebf03ccf61d7e39bf6b0762d24d19796016301d1415b5110ba9df7f204aedb2a2e4e621c0553d312b309db67192f98ef7800000d629c04e216afc8fc66616bbf304e452373aa927c2ad6f5417f1b9bc322b802c1c42112a92a331cdc113b9ace3ff52ede7a853f9a89002ba070bac2f635a03db3375e5564f1a798bf9c0f8c72725d2eca9b0ec7e453d78ea20eca61530fe574299b393ca144adcb06108dfbb934065a87972739150a8752ac111c4d9062ccb95c54034fbdee131d94dfbaab1854d55665746fb7b47d25e54070b0d14c0a29c57bc4930075e1761913b036d43852c6df9f10e15105b2a18668298a3577943514db0dce953dcec62139ff3f16066efec5d8cbc0600000000007289be5883aab951ea67cf2ff691d05c1ea91dd569ed9897fe8d88a0a6977dc8955be17e8026aff11c61fa5cc76196c1423cd597345253baa1537eb6962a3ce1fe5d5ab46938e8fb23fa7047bc59c4345e912585a9adb5fe2ff51b64a326321b594e3f2d339f4090bdae6b30b62064bacbc155d3c930576f506b093ca7c60957bdfdd6536baaa871cf6a603c736b78761e6463b8ac503e219cc3d98f649602ad24d5667368290ee926fba76ee482a201a03efece3b236f4ee2ffcd5d90d92a2f0c5cfa48c87f27c2f1e92988a6508c12f6b7755cc48eb10edafca92cb0260c72295a27a24846d3a2334bd60e94c0fd07e5db0a4964a7fc4e89f11a300510776934e87bb3c21394f46954a012b2a3b0760f1bad1dbd6b466ed7153bd18ee2c0b2353c38df9e0782eb000000000000000000000000001b58cadcc5aaf65e05663985a177aa1d1ea2ad1b8151c7d58f5b92827f550269b3585d98e1394e816a477e52ce2f6de2bd7192f46cf965e774968d151d2bda084b10ec4c8d2c6ab582b1e5e3ed874235ff128c661298ed75879d8a4025ad1c3d9ef6355dc7284c6e648a61da026a777fcc7ae2c60ce64a2f2b0000000000000000000000000000003022110d1230e998429a6fd8f35939a8ae5acc89125539d84b98df6f8ee2ad0b238759bf400ac14c591aefe9660076a494f73b0ea8f3cb4a9c2e4f745a2afb593fabb9481600b2f44e64dcb0d0d57d5aeae626d2700608bb283800000000008a4c26b16213f0d9d7c3c57413b1e5895c9c12259519274ca8fd3bce804c8176a297f28add10956f3aaa3db687abcc17d326fd3674b7680206e875332b82c1de5ff793f6971d98c787c6daef28f66b542f08eeb6c82fbe03a3dc625bddf98d2a200c94065db5d5414361a785ff39392d9b1c870d8a2287af0ee98231100efa30652f2dd84da00970b5d209c623b26770258fcf63690f17cce7a78aeba7f6cbc4c143f48b1d0a10afdc93eaaff72e6622fd4da72ca7b30cd30b568599a6b44a2dee51985d802ed8088391a6717c4d97"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfe37}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="b907ef19edfff007049e0ff0888e", 0x0, 0x102a, 0x18000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

31.406205491s ago: executing program 4 (id=4069):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x4, 0x4, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ldst={0x5c6ccd1daf94070, 0x1, 0x2, 0x0, 0xb, 0xc}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

31.356491941s ago: executing program 34 (id=4069):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x4, 0x4, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ldst={0x5c6ccd1daf94070, 0x1, 0x2, 0x0, 0xb, 0xc}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.675934378s ago: executing program 0 (id=4542):
syz_usb_connect(0x2, 0x3d, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x5f, 0xfc, 0x70, 0x20, 0x711, 0x210, 0xfdd6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x8b, 0x0, 0x2, 0xbe, 0x44, 0x8f, 0xff, [], [{{0x9, 0x5, 0x80, 0x2, 0x3ff, 0x9, 0xf, 0x5, [@generic={0x7, 0x5, "bdf74e3781"}]}}, {{0x9, 0x5, 0x8b, 0x3, 0x40, 0xe, 0x4b, 0x2}}]}}]}}]}}, 0x0)

1.118600041s ago: executing program 0 (id=4550):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x8, 0x0, 0x0)

990.44146ms ago: executing program 0 (id=4552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r1, 0x9, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_IDX={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x3c}}, 0x0)

793.591158ms ago: executing program 0 (id=4554):
syz_usb_connect(0x5, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x8c, 0xad, 0x32, 0x40, 0x6e1, 0x709, 0x204, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0xcc, 0x0, 0x0, [{{0x9, 0x4, 0x2f, 0x0, 0x0, 0xd2, 0x91, 0xe1}}]}}]}}, 0x0)

351.578532ms ago: executing program 1 (id=4565):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4de, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nUma9Ot1Xl9f32utmlrFYDFp02q7EKSi4EJBrKAuQ5KW2rSRJgVbqkxB6lIK7sWlWxdu1U0RV4LbuhSkUKSbtoI4cmfunZlMZ5ImmWSM+f1gMufcr3POPffcOfeczASwYQ2lf5Ja+GZE7IiIQusGQ7W3e3euTNy/c2UiypXKyd+S6m5303gmO0xszSLDhYjCx0ljRZPZS5fPjk9PT13I4qNz594fnb10+dkzg9mS48ePHjl87Pmx55ZeqDbppeW6u/ejmX17Xn33+usTffnyPLXmcnTLUAy1y0rVU91OrMe2N4WTvh5mhCVJr/+0uvqr7X9HFGOhyiuvYc6A1VapVCoDnVeXK62uPrAEWLdisNc5AHoj/6BPn3/zV7uOwKbV6X703O0TtQegtNz3slfE49WF+ThIf8vzbTcNRcQ75d8/T1+xSuMQAADNvj2R9wRb+n+l2szIHxdvvJi+/yubQylFxL8jYmdE/CcidkXEfyNid0T8LyL+33L8YkRUFkh/qCVeT78+CVW41aWitpX2/17I5rYa/b95GSgVs9j2iLzDPHUoOyfD0T9w6sz01OEF0vju5Z8+7bSuuf+XvtL0875glo9bfS0DdJPjc+PLLnCL21cj9va1lj/pi0jqMwFJROyJiL1LOG6pKXzmmS/31SP987dbvPxVlbbzaF2YZ6p8EfF0rf7LMa/+Gykm8+Ynz42fnjo9dX6sPj85OhjTU4dG06vgUNs0fvjx2hud0l+0/F//0rrLK8e+OZm1rJVL639L0/Uf+fxto/ylJCKpz9fOLj2Naz9/0vGZZrnX/6bkrWo4fy79YHxu7sLhiE3Jaw8uH2vsm8fT9yjXyj98oH3735ntk56JRyIivYgfjYjHovaEmOZ9f0Q8EREHFij/9y89+d7yy7+60vJPttz/ajU/r/4b8/WdAkk2N9hmVfHs/pv3O9w8Hq7+j1ZDw9mS9ve/ZN4tolNO80+7dMmfKz57AAAAsD4UImJb01jStigURkZqY0C7YkthemZ27uCpmYvnJ9N1EaXoL+QjXbXx4P4kH/8sNcXHWuJHsnHjz4qbq/GRiZnpyZ6WHNhabfNJYSTi7WJT+0/92p0hZuDvzPe1YONaqP2nnfjd19cwM8CaevjP/xsfrmpGgDXX1P47fcO/vIz/+wLWAc//QMPiP/TjngHrX0Vbhg1tSe3/oB8BhH+SvnizHi70NCfAWtP/hw1p0e/1ryhQGWi/ajAe3DgGFz5gMZaXjc1t0upJIO1Z9ST1zcvZK/81hY7bRGFpBxyI7tTpqRWejfKF2dO7u37xV7L/le92DX61Ju20XaAntyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICu+ysAAP//+sDgnA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
open(0x0, 0x100, 0x48)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000000)=0xc)

331.695545ms ago: executing program 1 (id=4566):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
bind$netrom(r0, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)

326.986357ms ago: executing program 5 (id=4567):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x800, &(0x7f00000005c0)={[{@rodir}, {@numtail}, {@shortname_winnt}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '864'}}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@shortname_mixed}, {@utf8no}, {@rodir}, {@uni_xlate}]}, 0x1, 0x26c, &(0x7f0000000340)="$eJzs3U9rU1kYB+A3bTpJC0OyGCgzDMwdZjOr0HaYfcrQgWECipKFriw2RWlqoYWCLtruit9Bv4Iu3QouxK1fQASpghvrqgshEm//JDWJjZpG7PNs+nLu++Ock17upYueXPl1eWlhZW1xd3cn8vlMZMtRjr1MFGMkRiO1FQDA92Sv0Yg3jdSw1wIAnA7vfwA4e3q9/zNbh2PnT39lAMCgfNHf/yMDWRIAMGAXL13+f7ZSmbuQJPmI5e316no1/Zlen12M61GPWkxFId5FNA6l9b//VeamkqaXxcgvb46k+c316mh7fjoKUeycn05SUW3mDvJjMbGffzYRtZiJQvzUOT/TMf9D/PlHy/ylKMTTq7ES9ViIZjbN5yJiYzpJ/jlXOZbPfegDAAAAAAAAAAAAAAAAAAAAAIBBKCWHiu3n36Tn95RK3a6n+dbzgcZ7nQ/U2Dx2vk42fskOd+8AAAAAAAAAAAAAAAAAAADwrVi7eWtpvl6vrfYqbjy592gnlwY+2dy7yOzP219qu2fP+Ml2caz48fcXdzpdykWu38/n84qxiGgdSfanfPjbACf9WsXjnWs//7U2+Xe3nsi2jtxubrWtp8uNlB3UB/66ENG1J9/3Ddla3D8oym8/6jm4lWqr48P+xU3eLc8/2Hj+6qSpHg+NxuggHkUAAAAAAAAAAAAAAAAAAHDmHf3T77BXAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDc/T9//0WuWgbyXdt3hr2HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H0AAAD//7qXlSU=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
renameat2(r1, &(0x7f0000000140)='./file1\x00', r1, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
mkdirat(r0, &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x20040, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

256.128765ms ago: executing program 1 (id=4568):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x50, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x3c, 0x1, [@m_sample={0x38, 0x1, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0xfffffff8}]}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x50}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

255.76816ms ago: executing program 1 (id=4569):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@bridge_dellink={0x34, 0x11, 0x5, 0x0, 0xfffffffe, {0x7, 0x0, 0x0, r1, 0x3000}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x4, 0x0, 0x1, {0xc, 0x8, 0x0, 0x1, [{0x8, 0x1b, 0x0, 0x0, 0xfffffffd}]}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)

235.928836ms ago: executing program 5 (id=4570):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x35, 0x0, 0x0, 0xfffffffd}, {0x20, 0x6, 0x0, 0x8}, {0x6, 0xfd, 0x0, 0x7ffffcbb}]})

233.223656ms ago: executing program 1 (id=4571):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x10, 0xf, &(0x7f0000000900)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r1, r0, 0x7, 0x2000000, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x3, 0x0, 0x1}}, 0x40)

170.837477ms ago: executing program 0 (id=4572):
clock_settime(0x0, &(0x7f0000000380))

170.553511ms ago: executing program 5 (id=4573):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000080)={'netpci0\x00', {0x2, 0x0, @loopback}})

170.357922ms ago: executing program 0 (id=4574):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000140), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000240)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x64010101, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x3, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xe041, 0x65, 0x2000, 0x5, 0x84, 0x3, @rand_addr=0x64010902, @multicast1}}}}}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
socket(0xa, 0x2, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

170.065727ms ago: executing program 1 (id=4575):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f00000011c0)=[{0x0, 0x0, &(0x7f0000001140)=[{&(0x7f00000022c0)="2c2b74fddbc858e42edcd12037e5751c680f2e3099edf8f9d5a3a3e83d9a78c4b9e8c4324c327477723fc69642803d0ed4f42e83d068a0cbe1038c574676809bcd3eb9c8abe84cf07e74bc76c679f56293ca909551c6bc396200608271a4cc09e0c90c686fe2d3b5ecbcffbcde51f51ef184793dccaa40c9a0edc00a09274506ec60853df9ca40b59166853c6019bd046e19", 0x92}, {&(0x7f0000003cc0)="d815e2824b383e261b12ce3a276e935d9986635f19c4b0948ee16149f775c7e07f69d10707f39808df56bb79714ecd16b02c599a348b6710a7ace4b076f60b38de91432fc21315ff8424db7d2154f90a5d3905406ec9917ed492ce25009fb11319a03b0ca1dbcde7b8b727d1923f8a6ebdac05c5e63f7555904e28f84a5af5a79036eb141e2cee5802fd9b6db3fd6f787832ce5d7f1763be7751c54ff6a16b25f62dfd73d961869a40ce5c4a7546917e1706ffbbca7627c5793c5a4671ff7703e3a5cd20719c366b6c940f47f8db42ee7e5330ce31bb58357fa076bc9471149ee9e293ed5336414c91d8be4c65badab4a4f7511c1f6d5155d6a40d71524441c99188b3364863f3b4279677e0bd70f6d23ab55f2383901d8fee5e7bee380c113c2a03267a953020764fe8e2cb76e2eca0e51bf8314e20f5e947e4bc47e5c1a549b55311c0bdbed1d4da4af4682373556df0e4f45e297f66e09a0e38e61b5882f225ce59d604c2dd68414eb4748d8d3cd768a0313583c65da303a15c64333a5405f629ca5b9bb6bdbfad550e5d9fde4c4bc710f1ee77eaf2273740c80ac59aa93b78c5550737186cf63ccc4f6a794e27e455829cf79ce9db4e3f0316ad3ac19c55c464a4d7a68ada9aaa0b6885ba6edb3f5bc8d3aaf191d31be189fc1e76297430e67828d3711af9f2ad445a5e80c6bd47126054d2b3ea79c289a0acb37ae88b425470d955a877b4c8d571714b2a1bf02a16810628f3be2a6caa892a427152c2bd8e74175f840501c25cf73e44fba17cf310dfefe279520f726b6dd96644b4ae97e1afbbe6f2592a1d2e4dd01dcc23bb708a6ae57746f91eea92dfb90d43d6a82e83d3663f9768a682f269486054aeb61c78892d739ab4566c49a297abe9556ebb4139a838281bce3cf9be1bceb3005004314fc3ffe703c7656c92058453aa162add0a40b3018cea774b12bee95fbfa507757d06c3d1c89741890bf250092a624185908f3ed369d0930667d5a9ecc52f5a01ca2a8b171ce06be9d204b3e0af166b7546dcf1d7e0e9d5197cf6b01ce5a2ed62b4d5a8ead5d8704373935100ececb3750fd42d343984ba90e6ea22f90c67a248532ba4cbd03c2d042fb7e34aa11ed3cfe3a177c429299600b9d1231db4414110be42481bdd3a8162d2b4d3b5104065d5a4cd4319bb9fa04a29b93f211f68538e33cbdb5443ae01c13bbe23620eec4cf83ea12ddb39ad468109c0777e39a8e2e3e2f7ead0b5f894e06d58816c66ebe01f9e03c3a4bb2aa5542b6e0e8ed6f653d73a6bf7591d041621b606018f594a0657421081bdb8d8a2b060fa28f7a817070fd1696933686c858584f8d942e2b1cad5ce530a85ae30d8903d7f7fdd4602cbe2b6c61304300dd43562cc08e341ca2583cc25c642d5db8dc0f72fa3912dfadd7c663554dcc9072015e187bc4ac6211ab2b8bc0cc157cc143d93dd0d9f27d04136120770161088c4bda79324e395622b07ed2bd22ea56be7396db5725125e0799ba28e920897440b1ffdd8474c92e527b93991b46214d0e8c5bd30359a735853c62977812e927d2841f7dc3427ad61bdc368887452080c84723387e83e523802cdff6694eb05a658cfab4b31ca41f73757fa417cefd277548c1fb25423e959fbc00f817c15b32d96132e92b2c33c6dd70293215e51843a3363f1d3d3244ac9d5713dba567adba36a81696e3dfe9fd69ada751101d2daeb5fefcee44d87f8fe29530341eebfdc1b797b28e968d54b0143058aeeee2fd36d069351307f093445fb7547cb0dc90a3a4820c67b824ea857d7e8bc1a37e0c6405333d3cbe77befcd9697b87b8dd45899551f2fe3e737026855d2c650dadae7a48f2b925080e913f064f5327942ee0e1154b93e209621689156c078946572f26c5e8715adf42def7f48dc8ee27c8a3a84145c580e30218626ce639b56abbbb24d0d0f2b1ad6408e50aa11ef0c53448f3610b42a16d28a5d2507e56e762abe159ca712a1cf69e50b8207f69a425c592a53da2641f26864634e2e9f8d529a37b45478bfcc6db4d22c90fc0ace6e75a20085fc6f221536e11097c113126a96902821247341e1ed77a782ba7dd160e1b6ca6fcbcc474f50b372d81ec856c6e6a9ea8170a5e937773fcc9ed97e7082480c34e98ebd9952c0d8543a9d3e85c889c5a1aceaa81aee732b66af67a952254ea04d4cc6d72cac0dc92cbaa365eac3013c053029939eafc02d3acd4a0c98d9540be7bbd9f1f79b34c2b43874301bf8bb18ca9cd14ce9e1b2c31c460dbdf6cc702f7a13823f0fd2f8ba4e093100989ba3d4564fc1a73965ae58f2c85de06a0c6dbb43760ab5a34ffe6ba2ba57983cc13af9af76707d6a9d67f86ad7c1aa73017fc10320bca4eae81bfbcb333b41884fa5702912189757768cdbbdb61558170f802db4dd95709c01956133e953649342c07eae84f82ff70b54881a1364c179a7569c3780f1d0bf73ab2e6eded9b4be4d4fb42d1efbea7e9c733a0c6e982d49d3dc9ad780949e379cfab4aca3a16c9fcfd3cc47674c80916d770ba12aacdaf8db4365690b2d541758ed1202018adcbb53f7288bac3b94bb793405c8550da7a7d983dd577eac527c07840b2f7ed2d5fa87082778ee4e2b2277a56807afadbbfc28c1c55312bc97c76c305a1bf42fc9d72ead3770cd47560af64de888e4a1ea7b2670fc6dac6ef08a219db1c1489b233045e6545fd2a29d052439115c07af8a117fb0490a0430ae9e00bed089c197393ed974722e61a8d152df160b7a130fca2304d9e0f53d6e71a6889813028b19b0afc2ca337ac2edc18a724224b1defa4270e6874fb4be392245c995b1ae22f9d337a4666b38de92929f2859b6b176d473f71aa7790707453ddde600d6893b0e267fe40b91ef5040610ceb6e2744a9ae6fda1471d35143d76e95c74f88a2633dbf448f6c6b878d7f6f3504d09495bd7e5b3c9c0ac298577983e40c2ca7dee61d646d8d826d5ec7249589f34650aa08fc435843933c1007ace87de34ff9a3a5ed338486ee62713ebbd7863a98960a829d81ef26cefb8336a5730317c079a22c4a8cae7d62762d963f0d9f4b4ed87e0b5434fc8451ce1039c49a393ae6ed4ad037ca83cd977be5dc50199050c3db16967e8e06af08ee86b1a0b7a44b996415ac13a866c7d8302fb6e4a8d754e08adc5f6b84bc1c7e0da98577901189dee5de09773704abe037c6243ca3bfadc100886fcc6dd5b766698cf4837d7bbb2424e9ecb75cc39d8bd18c209f9db36ac2bd8d9e9325360011bf6f85c1dd63a24da210970e41b29b9220584a72ce79e94f699b0724b7679a2ba3eb785d3ee2e1333f736f713ca98c5137e09442f71f57463915771367374a275aeef3665b3184a7f3f44b749c132c0fdaa45d873d55f5eff1244f7fe60fc7eb576e9f92d330734d9a97945e58d5e74f5aa8bfca61ec371d89cfafd3f165315ab9f5d9e9bc1524577d5651e14fbb05abc9bd5f64e711dea2ed9df88c34f34493ea8ea2731885c0abdecf456056bcb4e678bccd07abaef1332249b6968fced7c345dc9ea76fc97506a1d378839bcaa371dde04c237db44a9a3aec8d9389b6b5f4eb3cf6d3daa37e7d4ac11fa90b46492994cb34c6d65c92c69e37f9b7db619c7d800efa9246254b7dc449a64f42e800338c825c464c50a5c6fe800bda7f2839ea47de916cb7970f9afe8c94da5c5bcd0664827e0bfd673b97e4b547e369575106583f26d11fde202dcf75249e934b42db16ab2f557347a0abec9da3bb4fb08400611d7bcc1d04a47d9155610fc4767b3272e5ed0fc8d80108e35715ef9bf5dfa9e7b12143af6d19dffb6fed14417ee89fb981196f72af5c75018553953a924f42bcd16948e2cb61d846928b2b10bbe1a705284a79f9531d56b5606dc74f7c8baf6aaf61400ac36e6ad64e9342440c304df1dc1cac47ba174d84ad27ac80201b718216a5e65cb79a38e50b245816564e30dac78c10632b665a93e140aeb0ba4f37af456cec6a21f5f6db4a4ba21ea239ccad37f3a36a9b05d65a24b42b0c5f660edd12faec57d52e8aa407f843df2a0971b16c1b352c64580f226e5801b014c137935906fb87b88b5f81d16da4a607e3229379dfc3848aa1debb6e094ad4945c024a9b6c0cb9159442bc84abe56dea43a458ab904a4606540e19997a19765fa11e1eeb422cf2a90b407c52c952992846178a7bf4186206b453f57383544c8ba6438eade775a1f75750694dfaefa866a229e61958a69dd7ba52fc9612713ad7a63916a4bb1daa6da0b8ee49bfc69c37cce5572a79c22d42e0f73a862284a87667ea42cac5d8c16c1195a4d68f776885cbe42fe17b8cf83b5a88d5dd97594b5be938be7d3aa49523d64429d941966a64a1c7f47d4d179a5c55184092e1da71f5667fa94cde636cdfa1a7aad2a74ff5afd044ee2a3577a0a2706977329b81f9941ff4ada83ff6d8abe2a3d142176448f93e5602c820dc57197e2a977b894805428563318e0c25e8d008652762bd4c32d4c7e985a6e2b85c5edb93c3c85e2a0ea7d58b83ea1848e255a1529aad74d675436605a19cf640932d41f0f6c43533a9eb2f9f57b14c14f7833484c91911179f8e67bceebd035abc41a243ed0c0949a02d66044762e675ab42554ca75ea5d6e7b50a181e03b484f5ab76831004395bbb7ce1b496786d28304721dc67279a64039016206b5b3938881ee1131bf86cc90ab8c788b6982a5d575913a11a6009a7142d03ee6109f734f7b37a8ba596a09113f5140c7655bd58da09c62c67d3d426e7a242575cc5f8261d842d2654d27f27701021535a9310922f3bda55749b8ab2d747c4fabb39b8a3213f05758411f1c71e9730ee9c6eb48bfe4d105a75e21da7eb3f0f329b253176c0eea7628adb8dc9ab99e2a5fb7f93398d8be9809bbb0b3d55171886f89f1f45ad3b64c4c0f3af24eb367af95fa7987ef81f8dc2c16368db3a8d0dc2193674d19e9861eff2d264e5abfc91b1585acabc7051835fc898f17634e4d2bfb0d7ac2c7cff516ee521771b3689d42803612fa62e01ebf3d6da56d38302936b2f8a91d02fe49a1750eb7be6f0a9d3a4cd53d0da2fe06e4b6115e71430ace1aea20e3fc83412ab10372dd2437fba6619931d26a1a2986c68d5645d3dc8dfdb6b36f018eb9abb0101b289587d9d4e8c8522229eba922f19d2fce349e8ad3bf55035d52009cd8ac3af330bf4d60ec1808377f6de4ec6f8842f4fc6a75c2cc05f246be9854fe7546550ec57bd8e9d52bfb87f79889e5561955235322b83797cddd1cf31f733dbfef560b2373c05d2740cc52e3895f8f18fde3607d857f71d298d7dc17f83ef97774a253d4bac6e1ec0f03f50255c5da2a6fe8851b01e96ba73e616583b13271a4be5462726c3ff1d096f56a9c81f8e811e52ec1b59f8ec5f9c8f76c5faa1c3d46ff1e2b70b0d00beb3a2ea1c7c9e89536469633161021b755766c262d0ae8d1cd2245b576a5f884297b129108884ea0b895e536edd04baf989d3841c47a11c4d191c7c6c0ebf18b9aa9472e4a4194832bc9768284dee5b0eb36ff8e15c5a27d9734234ca68", 0xf6e}], 0x2, &(0x7f00000024c0)=ANY=[@ANYBLOB="18000000000000001701000004000000fcffffff00000000180000000000000017010000030000000100000000000000e0"], 0x110, 0x4000}], 0x1, 0x8081)
recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1}, 0xffffff0b}], 0x1, 0x2001, 0x0)

64.17146ms ago: executing program 5 (id=4576):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}}, 0x1c)

63.875673ms ago: executing program 5 (id=4577):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000157000/0x2000)=nil, 0x1fffff, 0x0, 0x157, 0x0)

0s ago: executing program 5 (id=4578):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7ffeda95b76f5623", 0x7d}, {&(0x7f00000001c0)="66f7", 0x4}, {&(0x7f0000000300)='l3', 0x7fffef80}], 0x3}], 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xe, &(0x7f0000000000)=0x8, 0x4)

kernel console output (not intermixed with test programs):

ound
[  191.195426][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.197879][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.200198][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.202553][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.204817][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.207177][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.209454][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.211846][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.214203][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.216682][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.218976][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.221286][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.223680][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.226171][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.228577][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.231056][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.233478][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.236024][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.238411][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.240865][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.243250][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.245922][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.248288][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.250754][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.253208][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.255681][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.258090][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.260475][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.262752][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.265357][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.267761][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.270123][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.272455][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.274971][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.277369][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.279831][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.282304][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.284749][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.287146][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.289556][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.291948][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.294255][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.296579][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.299014][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.301402][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.305662][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.308188][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.310508][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.313070][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.315422][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.317809][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.320181][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.322486][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.324897][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.327293][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.329757][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.332167][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.334473][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.336772][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.339259][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.341674][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.344091][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.346404][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.348860][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.351128][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.354026][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.357205][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.359875][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.362314][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.364767][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.367164][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.369629][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.372023][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.374471][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.376760][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.379142][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.381413][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.383708][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.386046][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.388524][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.390900][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.393311][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.395680][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.398131][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.400532][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.402925][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.405293][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.407825][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.410213][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.412637][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.415012][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.417499][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.419891][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.422349][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.424817][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.427286][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.429635][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.432082][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.434548][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.437019][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.439429][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.441954][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.444297][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.446758][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.449115][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.451475][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.453923][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  191.456246][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  191.458603][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  192.061472][T10428] loop3: detected capacity change from 0 to 4096
[  192.066942][T10428] ntfs3(loop3): ino=3, Correct links count -> 2.
[  192.491737][T10441] loop3: detected capacity change from 0 to 32768
[  192.493840][T10447] netlink: 'syz.0.1782': attribute type 21 has an invalid length.
[  192.607904][T10458] geneve2: entered promiscuous mode
[  192.609658][T10458] geneve2: entered allmulticast mode
[  192.841709][T10475] lo speed is unknown, defaulting to 1000
[  192.900439][T10481] AppArmor: change_hat: Invalid input, NULL hat and NULL magic
[  194.637495][T10527] netlink: 'syz.1.1816': attribute type 1 has an invalid length.
[  194.642984][T10527] netlink: 'syz.1.1816': attribute type 1 has an invalid length.
[  194.786975][   T33] audit: type=1326 audit(1755119703.523:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.3.1825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f9718ebe9 code=0x7ffc0000
[  194.797752][   T33] audit: type=1326 audit(1755119703.523:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.3.1825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f9718ebe9 code=0x7ffc0000
[  194.807455][   T33] audit: type=1326 audit(1755119703.523:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.3.1825" exe="/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f5f9718ebe9 code=0x7ffc0000
[  194.814613][   T33] audit: type=1326 audit(1755119703.523:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10543 comm="syz.3.1825" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f9718ebe9 code=0x7ffc0000
[  195.034097][T10553] netlink: 'syz.0.1829': attribute type 21 has an invalid length.
[  195.036562][T10553] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1829'.
[  195.284831][T10567] libceph: resolve '4' (ret=-3): failed
[  195.568599][T10591] loop3: detected capacity change from 0 to 4096
[  195.571649][T10591] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  195.919836][T10601] loop3: detected capacity change from 0 to 32768
[  195.923562][T10601] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1850 (10601)
[  195.930808][T10601] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  195.936315][T10601] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  195.939818][T10601] BTRFS info (device loop3): using free-space-tree
[  195.958715][T10601] BTRFS info (device loop3): rebuilding free space tree
[  195.988361][ T9130] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  196.168105][T10622] netlink: 1053 bytes leftover after parsing attributes in process `syz.3.1851'.
[  196.349013][T10624] loop3: detected capacity change from 0 to 32768
[  196.365836][T10624] MetaData crosses page boundary!!
[  196.371216][T10624] lblock = 621d00, size  = 28672
[  196.381076][T10624] CPU: 0 UID: 0 PID: 10624 Comm: syz.3.1854 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  196.381099][T10624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  196.381105][T10624] Call Trace:
[  196.381108][T10624]  <TASK>
[  196.381113][T10624]  dump_stack_lvl+0x189/0x250
[  196.381131][T10624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.381145][T10624]  ? __pfx__printk+0x10/0x10
[  196.381164][T10624]  __get_metapage+0x9ea/0xde0
[  196.381181][T10624]  dtSearch+0x591/0x21b0
[  196.381207][T10624]  jfs_lookup+0x155/0x380
[  196.381219][T10624]  ? __pfx_jfs_lookup+0x10/0x10
[  196.381238][T10624]  ? __pfx_apparmor_path_mknod+0x10/0x10
[  196.381247][T10624]  ? make_vfsuid+0x49/0xa0
[  196.381257][T10624]  ? generic_permission+0x2e5/0x690
[  196.381268][T10624]  ? inode_permission+0x149/0x470
[  196.381275][T10624]  ? bpf_lsm_path_mknod+0x9/0x20
[  196.381287][T10624]  ? bpf_lsm_inode_create+0x9/0x20
[  196.381303][T10624]  path_openat+0x1101/0x3830
[  196.381319][T10624]  ? arch_stack_walk+0xfc/0x150
[  196.381345][T10624]  ? __pfx_path_openat+0x10/0x10
[  196.381354][T10624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.381372][T10624]  do_filp_open+0x1fa/0x410
[  196.381380][T10624]  ? __lock_acquire+0xab9/0xd20
[  196.381393][T10624]  ? __pfx_do_filp_open+0x10/0x10
[  196.381441][T10624]  ? _raw_spin_unlock+0x28/0x50
[  196.381451][T10624]  ? alloc_fd+0x64c/0x6c0
[  196.381469][T10624]  do_sys_openat2+0x121/0x1c0
[  196.381479][T10624]  ? __se_sys_futex+0x36f/0x400
[  196.381491][T10624]  ? __pfx_do_sys_openat2+0x10/0x10
[  196.381503][T10624]  ? rcu_is_watching+0x15/0xb0
[  196.381513][T10624]  __x64_sys_openat+0x138/0x170
[  196.381524][T10624]  do_syscall_64+0xfa/0x3b0
[  196.381534][T10624]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.381543][T10624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.381553][T10624]  ? exc_page_fault+0x9f/0xf0
[  196.381563][T10624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.381571][T10624] RIP: 0033:0x7f5f9718ebe9
[  196.381579][T10624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.381587][T10624] RSP: 002b:00007f5f97f9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  196.381597][T10624] RAX: ffffffffffffffda RBX: 00007f5f973b5fa0 RCX: 00007f5f9718ebe9
[  196.381603][T10624] RDX: 000000000000275a RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  196.381610][T10624] RBP: 00007f5f97211e19 R08: 0000000000000000 R09: 0000000000000000
[  196.381615][T10624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  196.381620][T10624] R13: 00007f5f973b6038 R14: 00007f5f973b5fa0 R15: 00007fffee0d78e8
[  196.381634][T10624]  </TASK>
[  196.381639][T10624] bread failed!
[  196.468157][T10624] jfs_lookup: dtSearch returned -5
[  197.372794][T10662] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1872'.
[  197.375616][T10662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1872'.
[  197.535799][T10650] loop3: detected capacity change from 0 to 131072
[  197.629177][T10650] F2FS-fs (loop3): Allow to mount readonly mode only
[  198.160771][T10693] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1885'.
[  198.362707][T10708] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1892'.
[  199.453194][T10749] sit0: entered promiscuous mode
[  199.460700][T10749] netlink: 'syz.1.1908': attribute type 1 has an invalid length.
[  199.464205][T10749] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1908'.
[  199.503480][  T792] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  199.589339][T10757] @: renamed from vlan0 (while UP)
[  199.644289][  T792] usb 4-1: Using ep0 maxpacket: 32
[  199.647821][  T792] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  199.652864][  T792] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  199.655932][  T792] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  199.658536][  T792] usb 4-1: Product: syz
[  199.659862][  T792] usb 4-1: Manufacturer: syz
[  199.661376][  T792] usb 4-1: SerialNumber: syz
[  199.666372][  T792] usb 4-1: config 0 descriptor??
[  199.669655][T10736] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  199.672652][  T792] hub 4-1:0.0: bad descriptor, ignoring hub
[  199.675232][  T792] hub 4-1:0.0: probe with driver hub failed with error -5
[  199.878894][T10777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1922'.
[  199.903955][T10781] netlink: 'syz.1.1923': attribute type 9 has an invalid length.
[  199.978206][  T792] usb 4-1: USB disconnect, device number 6
[  200.072940][T10793] ip6erspan0: entered promiscuous mode
[  200.300667][  T792] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  200.364239][T10817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1941'.
[  200.452934][  T792] usb 4-1: Using ep0 maxpacket: 32
[  200.456265][  T792] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  200.463051][  T792] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  200.465947][  T792] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  200.468867][  T792] usb 4-1: Product: syz
[  200.470235][  T792] usb 4-1: Manufacturer: syz
[  200.471655][  T792] usb 4-1: SerialNumber: syz
[  200.475878][  T792] usb 4-1: config 0 descriptor??
[  200.478008][T10736] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  200.481057][  T792] hub 4-1:0.0: bad descriptor, ignoring hub
[  200.482889][  T792] hub 4-1:0.0: probe with driver hub failed with error -5
[  200.785681][  T792] usb 4-1: USB disconnect, device number 7
[  201.227342][T10860] loop3: detected capacity change from 0 to 2048
[  201.229889][T10860] EXT4-fs: Ignoring removed mblk_io_submit option
[  201.232007][T10860] EXT4-fs: Ignoring removed i_version option
[  201.256699][T10860] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.283010][ T9130] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.315311][T10867] cgroup: Name too long
[  202.197848][T10901] netlink: 'syz.1.1972': attribute type 1 has an invalid length.
[  202.200491][T10901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1972'.
[  202.238466][T10905] netlink: 'syz.1.1974': attribute type 5 has an invalid length.
[  202.291874][T10911] netlink: 'syz.0.1977': attribute type 1 has an invalid length.
[  202.543813][T10948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1994'.
[  203.666467][T10990] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2011'.
[  203.892589][T11011] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2019'.
[  203.895618][T11011] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2019'.
[  203.900973][T11011] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2019'.
[  203.903859][T11011] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2019'.
[  204.807305][T11025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2025'.
[  204.814065][T11025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2025'.
[  205.572088][   T77] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  205.643072][T11052] loop3: detected capacity change from 0 to 32768
[  205.647632][T11052] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2037 (11052)
[  205.656425][T11052] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  205.659824][T11052] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  205.662605][T11052] BTRFS info (device loop3): using free-space-tree
[  206.226810][ T9130] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  206.453908][T11096] netlink: 'syz.3.2050': attribute type 5 has an invalid length.
[  206.545869][T11103] loop3: detected capacity change from 0 to 256
[  207.242194][T11111] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2057'.
[  207.245109][T11111] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2057'.
[  207.250122][T11111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2057'.
[  207.328003][T11117] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2060'.
[  207.617610][   T61] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  207.769260][   T61] usb 4-1: Using ep0 maxpacket: 8
[  207.773337][   T61] usb 4-1: config 1 has an invalid descriptor of length 72, skipping remainder of the config
[  207.776573][   T61] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 48, changing to 7
[  207.782736][   T61] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 9588, setting to 1024
[  207.790576][   T61] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  207.806947][   T61] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  207.817871][   T61] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.820269][   T61] usb 4-1: Product: syz
[  207.821584][   T61] usb 4-1: Manufacturer: syz
[  207.822969][   T61] usb 4-1: SerialNumber: syz
[  207.834086][   T61] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  207.839775][   T61] usbtest 4-1:1.0: Linux user mode ISO test driver
[  207.841794][   T61] usbtest 4-1:1.0: high-speed {control iso-in} tests (+alt)
[  208.032346][   T61] usb 4-1: USB disconnect, device number 8
[  209.181682][T11206] net_ratelimit: 68 callbacks suppressed
[  209.181712][T11206] openvswitch: netlink: IP tunnel dst address not specified
[  209.879782][T11247] io-wq is not configured for unbound workers
[  210.019418][T11259] netlink: 'syz.3.2121': attribute type 23 has an invalid length.
[  210.069108][T11264] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2123'.
[  210.357692][T11290] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2136'.
[  211.436104][T11314] netlink: 'syz.0.2147': attribute type 4 has an invalid length.
[  211.465105][T11318] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2149'.
[  211.470243][T11316] loop3: detected capacity change from 0 to 1024
[  211.501188][T11316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.577131][T11332] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2154'.
[  211.579912][T11332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2154'.
[  212.103494][T11325] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  212.686616][   T29] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  212.701747][   T29] EXT4-fs (loop3): This should not happen!! Data will be lost
[  212.701747][   T29] 
[  212.705560][   T29] EXT4-fs (loop3): Total free blocks count 0
[  212.710127][T11366] sctp: [Deprecated]: syz.1.2172 (pid 11366) Use of struct sctp_assoc_value in delayed_ack socket option.
[  212.710127][T11366] Use struct sctp_sack_info instead
[  212.711670][   T29] EXT4-fs (loop3): Free/Dirty block details
[  212.717603][   T29] EXT4-fs (loop3): free_blocks=68451041280
[  212.720816][   T29] EXT4-fs (loop3): dirty_blocks=10016
[  212.722534][   T29] EXT4-fs (loop3): Block reservation details
[  212.724465][   T29] EXT4-fs (loop3): i_reserved_data_blocks=626
[  212.731458][ T1103] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 28
[  212.911996][T11376] IPv6: NLM_F_CREATE should be specified when creating new route
[  212.927010][T11376] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  212.929343][T11376] IPv6: NLM_F_CREATE should be set when creating new route
[  212.931662][T11376] IPv6: NLM_F_CREATE should be set when creating new route
[  212.933900][T11376] IPv6: NLM_F_CREATE should be set when creating new route
[  212.947366][T11376] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  213.080119][T11387] loop3: detected capacity change from 0 to 4096
[  213.339617][T11410] loop3: detected capacity change from 0 to 512
[  213.355074][T11410] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2191: casefold flag without casefold feature
[  213.362471][T11410] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2191: couldn't read orphan inode 15 (err -117)
[  213.368186][T11410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.468346][ T9130] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.590854][T11432] netlink: zone id is out of range
[  213.592798][T11432] netlink: zone id is out of range
[  213.597129][T11432] netlink: zone id is out of range
[  213.599791][T11432] netlink: zone id is out of range
[  213.601498][T11432] netlink: zone id is out of range
[  213.604359][T11432] netlink: zone id is out of range
[  213.606051][T11432] netlink: zone id is out of range
[  213.607961][T11432] netlink: zone id is out of range
[  213.610065][T11432] netlink: zone id is out of range
[  213.853901][T11455] loop3: detected capacity change from 0 to 4096
[  213.857883][T11455] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  213.870358][T11455] ntfs3(loop3): ino=1a, mi_enum_attr
[  213.872089][T11455] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  213.876571][T11455] ntfs3(loop3): ino=1a, mi_enum_attr
[  213.878531][T11455] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  213.886225][T11455] ntfs3(loop3): ino=5, "/" ntfs_readdir
[  214.192820][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  214.335371][    T9] usb 4-1: Using ep0 maxpacket: 32
[  214.339450][    T9] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  214.344994][    T9] usb 4-1: config 0 has no interface number 0
[  214.348716][    T9] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  214.351569][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.354289][    T9] usb 4-1: Product: syz
[  214.355779][    T9] usb 4-1: Manufacturer: syz
[  214.357205][    T9] usb 4-1: SerialNumber: syz
[  214.360278][    T9] usb 4-1: config 0 descriptor??
[  214.363522][    T9] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  214.574696][    T9] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  214.585005][    T9] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  214.987265][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  214.990723][    T9] usb 4-1: USB disconnect, device number 9
[  214.994737][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  214.999520][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  215.003567][    T9] quatech2 4-1:0.51: device disconnected
[  215.592020][T11543] tipc: Enabling <eth:lo> not permitted
[  215.595554][T11543] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  215.635767][T11549] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2255'.
[  215.668715][T11553] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  215.669490][T11552] loop3: detected capacity change from 0 to 512
[  215.671219][T11553] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  215.671243][T11553] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  215.671249][T11553] overlayfs: missing 'lowerdir'
[  215.680652][T11552] EXT4-fs: Ignoring removed nobh option
[  215.682771][T11552] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  215.689574][T11552] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2257: iget: bad i_size value: 38620345925642
[  215.694379][T11552] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2257: couldn't read orphan inode 15 (err -117)
[  215.700610][T11552] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.754476][T11559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2259'.
[  215.808802][ T9130] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.062749][T11583] loop3: detected capacity change from 0 to 256
[  216.585432][T11598] Process accounting resumed
[  216.697160][T11613] GUP no longer grows the stack in syz.0.2282 (11613): 200000005000-200000008000 (200000004000)
[  216.700898][T11613] CPU: 1 UID: 0 PID: 11613 Comm: syz.0.2282 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  216.700912][T11613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  216.700917][T11613] Call Trace:
[  216.700922][T11613]  <TASK>
[  216.700927][T11613]  dump_stack_lvl+0x189/0x250
[  216.700942][T11613]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.700952][T11613]  ? __pfx__printk+0x10/0x10
[  216.700962][T11613]  ? find_vma+0xe7/0x160
[  216.700980][T11613]  fixup_user_fault+0x661/0x720
[  216.700993][T11613]  fault_in_user_writeable+0x72/0xe0
[  216.701004][T11613]  futex_lock_pi+0x773/0xa90
[  216.701025][T11613]  ? __pfx_futex_lock_pi+0x10/0x10
[  216.701050][T11613]  ? __pfx_futex_wake_mark+0x10/0x10
[  216.701069][T11613]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  216.701085][T11613]  do_futex+0x292/0x420
[  216.701099][T11613]  ? __pfx_do_futex+0x10/0x10
[  216.701109][T11613]  ? __vm_munmap+0x301/0x3d0
[  216.701122][T11613]  __se_sys_futex+0x36f/0x400
[  216.701135][T11613]  ? __pfx___se_sys_futex+0x10/0x10
[  216.701149][T11613]  ? rcu_is_watching+0x15/0xb0
[  216.701159][T11613]  ? __x64_sys_futex+0x21/0xf0
[  216.701170][T11613]  do_syscall_64+0xfa/0x3b0
[  216.701181][T11613]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.701189][T11613]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.701198][T11613]  ? exc_page_fault+0x9f/0xf0
[  216.701209][T11613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.701216][T11613] RIP: 0033:0x7fef7278ebe9
[  216.701225][T11613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.701232][T11613] RSP: 002b:00007fef735a4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  216.701241][T11613] RAX: ffffffffffffffda RBX: 00007fef729b5fa0 RCX: 00007fef7278ebe9
[  216.701247][T11613] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  216.701252][T11613] RBP: 00007fef72811e19 R08: 0000000000000000 R09: 0000000000000000
[  216.701257][T11613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  216.701262][T11613] R13: 00007fef729b6038 R14: 00007fef729b5fa0 R15: 00007ffc106595c8
[  216.701275][T11613]  </TASK>
[  217.460216][T11650] netlink: 'syz.3.2299': attribute type 5 has an invalid length.
[  217.498479][T11653] loop3: detected capacity change from 0 to 2048
[  217.501058][T11653] udf: Unknown parameter ''
[  217.777186][ T5881] IPVS: starting estimator thread 0...
[  217.905220][T11669] IPVS: using max 67 ests per chain, 160800 per kthread
[  218.171124][T11693] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2315'.
[  218.191457][T11693] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2315'.
[  218.467002][T11699] loop3: detected capacity change from 0 to 16
[  218.473200][T11699] erofs (device loop3): mounted with root inode @ nid 36.
[  218.478272][T11699] erofs (device loop3): readahead error at folio 3600 @ nid 36
[  218.481132][T11699] erofs (device loop3): readahead error at folio 3599 @ nid 36
[  218.723803][T11717] veth2: entered promiscuous mode
[  218.725496][T11717] veth2: entered allmulticast mode
[  218.980492][T11725] loop3: detected capacity change from 0 to 8
[  218.985296][T11725] SQUASHFS error: zlib decompression failed, data probably corrupt
[  218.987892][T11725] SQUASHFS error: Failed to read block 0x9b: -5
[  218.993647][T11725] SQUASHFS error: Unable to read metadata cache entry [99]
[  218.995999][T11725] SQUASHFS error: Unable to read inode 0x127
[  219.070849][T11731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2332'.
[  219.073689][T11731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2332'.
[  219.079865][T11731] gretap0: entered promiscuous mode
[  219.082479][T11731] gretap0: left promiscuous mode
[  219.256874][T11740] IPVS: set_ctl: invalid protocol: 136 10.1.1.2:20004
[  219.413844][T11755] netlink: 'syz.0.2344': attribute type 3 has an invalid length.
[  219.416441][T11755] netlink: 'syz.0.2344': attribute type 3 has an invalid length.
[  220.517359][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  220.678757][    T9] usb 4-1: Using ep0 maxpacket: 8
[  220.688738][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  220.694609][    T9] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  220.697091][    T9] usb 4-1: Product: syz
[  220.698357][    T9] usb 4-1: Manufacturer: syz
[  220.699775][    T9] usb 4-1: SerialNumber: syz
[  220.709082][    T9] usb 4-1: config 0 descriptor??
[  220.713831][    T9] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  220.941978][    T9] gspca_zc3xx: reg_w_i err -71
[  220.943608][    T9] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  220.951484][    T9] usb 4-1: USB disconnect, device number 10
[  221.005620][T11808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2368'.
[  221.022226][T11808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2368'.
[  221.026399][T11808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2368'.
[  221.029268][T11808] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2368'.
[  221.444364][T11835] netlink: 'syz.0.2381': attribute type 2 has an invalid length.
[  221.496776][T11839] net_ratelimit: 3 callbacks suppressed
[  221.496787][T11839] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x13
[  221.708567][T11847] loop3: detected capacity change from 0 to 32768
[  221.712054][T11847] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2387 (11847)
[  221.717436][T11847] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  221.721073][T11847] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  221.723858][T11847] BTRFS info (device loop3): using free-space-tree
[  221.757540][T11847] BTRFS info (device loop3): rebuilding free space tree
[  221.797338][ T9130] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  222.318403][T11879] loop3: detected capacity change from 0 to 512
[  222.327051][T11879] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  222.329670][T11879] System zones: 0-2, 18-18, 34-35
[  222.335242][T11879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.340316][T11879] ext4 filesystem being mounted at /295/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.361023][ T9130] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.400270][T11884] bond1: entered allmulticast mode
[  223.759768][T11913] netem: change failed
[  223.952272][T11914] loop3: detected capacity change from 0 to 40427
[  223.956274][T11914] F2FS-fs (loop3): invalid crc value
[  224.012974][T11914] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  224.017255][T11914] F2FS-fs (loop3): Start checkpoint disabled!
[  224.026770][T11914] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  224.087506][  T736] kworker/u10:3: attempt to access beyond end of device
[  224.087506][  T736] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  224.094002][  T736] CPU: 1 UID: 0 PID: 736 Comm: kworker/u10:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  224.094017][  T736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  224.094023][  T736] Workqueue: writeback wb_workfn (flush-7:3)
[  224.094038][  T736] Call Trace:
[  224.094042][  T736]  <TASK>
[  224.094047][  T736]  dump_stack_lvl+0x189/0x250
[  224.094061][  T736]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.094070][  T736]  ? __pfx_queue_work_on+0x10/0x10
[  224.094079][  T736]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  224.094088][  T736]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  224.094103][  T736]  f2fs_handle_critical_error+0x37c/0x540
[  224.094118][  T736]  f2fs_write_end_io+0x886/0xb60
[  224.094139][  T736]  __submit_merged_bio+0x27a/0x6a0
[  224.094153][  T736]  __submit_merged_write_cond+0x255/0x530
[  224.094166][  T736]  f2fs_write_data_pages+0x261d/0x3000
[  224.094194][  T736]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  224.094212][  T736]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  224.094243][  T736]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  224.094259][  T736]  ? trace_f2fs_writepages+0x7f/0x200
[  224.094270][  T736]  ? f2fs_write_node_pages+0x478/0x6e0
[  224.094282][  T736]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  224.094328][  T736]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  224.094339][  T736]  do_writepages+0x32e/0x550
[  224.094353][  T736]  ? reacquire_held_locks+0x127/0x1d0
[  224.094361][  T736]  ? writeback_sb_inodes+0x384/0x1010
[  224.094376][  T736]  __writeback_single_inode+0x145/0xff0
[  224.094386][  T736]  ? do_raw_spin_unlock+0x4d/0x240
[  224.094398][  T736]  writeback_sb_inodes+0x6c7/0x1010
[  224.094423][  T736]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  224.094463][  T736]  ? rcu_is_watching+0x15/0xb0
[  224.094478][  T736]  wb_writeback+0x43b/0xaf0
[  224.094492][  T736]  ? queue_io+0x391/0x590
[  224.094503][  T736]  ? __pfx_wb_writeback+0x10/0x10
[  224.094518][  T736]  ? _raw_spin_unlock_irq+0x23/0x50
[  224.094529][  T736]  wb_workfn+0x409/0xef0
[  224.094546][  T736]  ? __pfx_wb_workfn+0x10/0x10
[  224.094557][  T736]  ? __lock_acquire+0xab9/0xd20
[  224.094574][  T736]  ? process_scheduled_works+0x9ef/0x17b0
[  224.094586][  T736]  ? _raw_spin_unlock_irq+0x23/0x50
[  224.094593][  T736]  ? process_scheduled_works+0x9ef/0x17b0
[  224.094600][  T736]  ? process_scheduled_works+0x9ef/0x17b0
[  224.094609][  T736]  process_scheduled_works+0xae1/0x17b0
[  224.094633][  T736]  ? __pfx_process_scheduled_works+0x10/0x10
[  224.094655][  T736]  worker_thread+0x8a0/0xda0
[  224.094665][  T736]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  224.094678][  T736]  ? __kthread_parkme+0x7b/0x200
[  224.094693][  T736]  kthread+0x711/0x8a0
[  224.094704][  T736]  ? __pfx_worker_thread+0x10/0x10
[  224.094711][  T736]  ? __pfx_kthread+0x10/0x10
[  224.094722][  T736]  ? _raw_spin_unlock_irq+0x23/0x50
[  224.094730][  T736]  ? lockdep_hardirqs_on+0x9c/0x150
[  224.094738][  T736]  ? __pfx_kthread+0x10/0x10
[  224.094748][  T736]  ret_from_fork+0x3fc/0x770
[  224.094759][  T736]  ? __pfx_ret_from_fork+0x10/0x10
[  224.094770][  T736]  ? __switch_to_asm+0x39/0x70
[  224.094779][  T736]  ? __switch_to_asm+0x33/0x70
[  224.094788][  T736]  ? __pfx_kthread+0x10/0x10
[  224.094798][  T736]  ret_from_fork_asm+0x1a/0x30
[  224.094817][  T736]  </TASK>
[  224.094820][  T736] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  224.812863][T11971] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2424'.
[  225.033990][T11977] loop3: detected capacity change from 0 to 32768
[  225.121330][T11977] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  225.121343][T11977]   allowing incompatible features above 0.0: (unknown version)
[  225.121348][T11977]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  225.132750][T11977] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  225.135252][T11977] bcachefs (loop3): initializing new filesystem
[  225.143911][T11977] bcachefs (loop3): going read-write
[  225.149001][T11977] bcachefs (loop3): marking superblocks
[  225.154821][T11977] bcachefs (loop3): initializing freespace
[  225.158474][T11977] bcachefs (loop3): done initializing freespace
[  225.162324][T11977] bcachefs (loop3): reading snapshots table
[  225.164662][T11977] bcachefs (loop3): reading snapshots done
[  225.189022][T11977] bcachefs (loop3): done starting filesystem
[  225.267657][ T9130] bcachefs (loop3): shutting down
[  225.269309][ T9130] bcachefs (loop3): going read-only
[  225.270995][ T9130] bcachefs (loop3): finished waiting for writes to stop
[  225.277791][ T9130] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  225.298932][ T9130] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  225.305281][ T9130] bcachefs (loop3): clean shutdown complete, journal seq 4
[  225.308057][ T9130] bcachefs (loop3): marking filesystem clean
[  225.324786][ T9130] bcachefs (loop3): shutdown complete
[  225.491111][T12000] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  225.514108][T12000] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  227.409935][T12071] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2464'.
[  227.713963][T12078] openvswitch: netlink: IP tunnel dst address not specified
[  227.886088][T12090] veth1_to_bond: entered allmulticast mode
[  227.889165][T12089] veth1_to_bond: left allmulticast mode
[  228.021527][T12100] netlink: 'syz.0.2478': attribute type 12 has an invalid length.
[  228.025205][T12100] netlink: 9472 bytes leftover after parsing attributes in process `syz.0.2478'.
[  230.465342][T12155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2501'.
[  231.700207][ T5854] Bluetooth: hci2: command 0x040f tx timeout
[  231.938872][   T33] audit: type=1800 audit(1755119740.357:59): pid=12183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2515" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  232.017707][T12189] netlink: 'syz.0.2518': attribute type 10 has an invalid length.
[  232.020184][T12189] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2518'.
[  232.600268][T12199] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2522'.
[  232.722022][T12205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2525'.
[  232.725012][T12205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2525'.
[  233.412394][T12241] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  234.621040][T12317] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2579'.
[  235.054123][T12351] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  235.060228][  T792] lo speed is unknown, defaulting to 1000
[  235.101606][T12353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2597'.
[  236.861924][T12436] netlink: 'syz.0.2636': attribute type 2 has an invalid length.
[  237.014273][T12452] ip6erspan0: entered promiscuous mode
[  237.014488][T12454] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2644'.
[  238.006329][T12481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2655'.
[  238.244079][T12492] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  238.533970][T12512] overlayfs: failed to clone upperpath
[  238.977635][   T27] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  239.928699][   T33] audit: type=1326 audit(1755119747.732:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  239.946516][   T33] audit: type=1326 audit(1755119747.741:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  239.965771][   T33] audit: type=1326 audit(1755119747.741:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  239.980182][   T33] audit: type=1326 audit(1755119747.741:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fef7278ec23 code=0x7ffc0000
[  239.995933][   T33] audit: type=1326 audit(1755119747.750:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fef7278d69f code=0x7ffc0000
[  240.002547][   T33] audit: type=1326 audit(1755119747.750:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fef7278ec77 code=0x7ffc0000
[  240.016629][   T33] audit: type=1326 audit(1755119747.769:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fef7278d550 code=0x7ffc0000
[  240.023672][   T33] audit: type=1326 audit(1755119747.769:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fef7278d84a code=0x7ffc0000
[  240.040200][   T33] audit: type=1326 audit(1755119747.769:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  240.048299][   T33] audit: type=1326 audit(1755119747.769:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2684" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  240.081792][T12550] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  240.084674][T12550] IPv6: NLM_F_CREATE should be set when creating new route
[  240.087547][T12550] IPv6: NLM_F_CREATE should be set when creating new route
[  240.089833][T12550] IPv6: NLM_F_CREATE should be set when creating new route
[  240.094204][T12550] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  240.164443][T12559] bridge_slave_0: entered promiscuous mode
[  240.220391][T12565] IPVS: Unknown mcast interface: vcan0
[  240.290862][T12572] netlink: 1276 bytes leftover after parsing attributes in process `syz.0.2696'.
[  241.935094][T12598] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2709'.
[  241.938310][T12598] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2709'.
[  241.941212][T12598] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2709'.
[  242.019672][T12604] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  242.686639][T12625] netlink: 'syz.0.2722': attribute type 13 has an invalid length.
[  242.774275][T12625] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.776571][T12625] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.058423][ T5949] lo speed is unknown, defaulting to 1000
[  243.061682][ T5888] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.064647][ T5949] sz1: Port: 1 Link DOWN
[  243.068660][ T5888] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.071414][ T5888] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.076119][ T5949] lo speed is unknown, defaulting to 1000
[  243.077178][ T5888] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.262449][ T5854] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  243.265648][ T5854] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  243.269282][ T5854] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  243.272430][ T5854] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  243.280757][ T5854] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  243.308793][T12635] lo speed is unknown, defaulting to 1000
[  243.770163][T12635] chnl_net:caif_netlink_parms(): no params data found
[  243.837841][T12635] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.840224][T12635] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.843042][T12635] bridge_slave_0: entered allmulticast mode
[  243.846035][T12635] bridge_slave_0: entered promiscuous mode
[  243.850226][T12635] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.852596][T12635] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.855996][T12635] bridge_slave_1: entered allmulticast mode
[  243.858821][T12635] bridge_slave_1: entered promiscuous mode
[  243.886385][T12635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.892536][T12635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.929519][T12635] team0: Port device team_slave_0 added
[  243.933100][T12635] team0: Port device team_slave_1 added
[  243.957957][T12635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.960212][T12635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.969012][T12635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.974984][T12635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.977235][T12635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.987561][T12635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.018862][T12635] hsr_slave_0: entered promiscuous mode
[  244.021321][T12635] hsr_slave_1: entered promiscuous mode
[  244.023547][T12635] debugfs: 'hsr0' already exists in 'hsr'
[  244.025412][T12635] Cannot create hsr debugfs directory
[  244.163277][T12635] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  244.168127][T12635] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  244.172838][T12635] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  244.177714][T12635] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  244.241407][T12635] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.255653][T12635] 8021q: adding VLAN 0 to HW filter on device team0
[  244.265116][T12121] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.267340][T12121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.279024][T12121] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.281332][T12121] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.407836][T12635] 8021q: adding VLAN 0 to HW filter on device batadv0
[  244.610312][T12635] veth0_vlan: entered promiscuous mode
[  244.618757][T12635] veth1_vlan: entered promiscuous mode
[  244.658549][T12635] veth0_macvtap: entered promiscuous mode
[  244.662815][T12635] veth1_macvtap: entered promiscuous mode
[  244.675284][T12635] batman_adv: batadv0: Interface activated: batadv_slave_0
[  244.682572][T12635] batman_adv: batadv0: Interface activated: batadv_slave_1
[  244.704067][ T5720] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  244.706948][ T5720] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  244.724371][ T5720] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  244.727194][ T5720] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  244.767781][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  244.770250][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  244.788824][T12121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  244.791220][T12121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.020055][T12693] loop4: detected capacity change from 0 to 32768
[  245.027890][T12693] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2724 (12693)
[  245.034689][T12693] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  245.037987][T12693] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  245.040771][T12693] BTRFS info (device loop4): using free-space-tree
[  245.151903][T12635] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  245.440397][T12715] syz.4.2740: attempt to access beyond end of device
[  245.440397][T12715] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[  245.447614][T12715] vxfs: unable to read disk superblock at 1
[  245.457029][T12715] syz.4.2740: attempt to access beyond end of device
[  245.457029][T12715] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[  245.461043][T12715] vxfs: unable to read disk superblock at 8
[  245.462852][T12715] vxfs: can't find superblock.
[  245.478297][ T5854] Bluetooth: hci4: command tx timeout
[  245.516315][T12724] loop4: detected capacity change from 0 to 256
[  245.519445][T12724] MINIX-fs: mounting file system with errors, running fsck is recommended
[  245.684309][T12739] netlink: 'syz.1.2753': attribute type 21 has an invalid length.
[  245.686932][T12739] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2753'.
[  245.783221][T12730] loop4: detected capacity change from 0 to 32768
[  245.786143][T12730] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2747 (12730)
[  245.791824][T12730] BTRFS info (device loop4): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  245.795383][T12730] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  245.798141][T12730] BTRFS info (device loop4): using free-space-tree
[  245.821411][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  245.821421][   T33] audit: type=1800 audit(1755119753.168:74): pid=12730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2747" name="file1" dev="loop4" ino=260 res=0 errno=0
[  245.835241][T12760] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2755'.
[  245.842389][T12744] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2755'.
[  245.875133][T12635] BTRFS info (device loop4): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  246.039367][T12770] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3946
[  246.079413][T12774] netlink: 'syz.1.2762': attribute type 27 has an invalid length.
[  246.082946][T12774] netlink: 'syz.1.2762': attribute type 3 has an invalid length.
[  246.085698][T12774] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2762'.
[  247.243218][   T33] audit: type=1326 audit(1755119754.479:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12796 comm="syz.4.2772" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398ebe9 code=0x7fc00000
[  247.742665][ T5854] Bluetooth: hci4: command tx timeout
[  247.977439][   T33] audit: type=1326 audit(1755119755.162:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12796 comm="syz.4.2772" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f183398ebe9 code=0x7fc00000
[  249.574419][T12886] netlink: 161716 bytes leftover after parsing attributes in process `syz.0.2814'.
[  249.764129][T12900] netlink: 'syz.0.2821': attribute type 10 has an invalid length.
[  249.766660][T12900] syz_tun: entered promiscuous mode
[  249.773016][T12900] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  249.815978][T12902] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2822'.
[  249.989474][ T5854] Bluetooth: hci4: command tx timeout
[  251.464079][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  251.465459][ T2398] pvrusb2: request_firmware fatal error with code=-110
[  251.466251][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  251.481756][ T2398] pvrusb2: Failure uploading firmware1
[  251.491036][ T2398] pvrusb2: Device initialization was not successful.
[  251.501443][ T2398] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  251.520757][ T2398] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  251.529241][ T5915] pvrusb2: Device being rendered inoperable
[  251.833044][ T5915] IPVS: starting estimator thread 0...
[  251.928776][T12985] IPVS: using max 67 ests per chain, 160800 per kthread
[  252.238916][ T5854] Bluetooth: hci4: command tx timeout
[  252.569265][T13000] loop4: detected capacity change from 0 to 1024
[  252.599433][T13000] hfsplus: extend alloc file! (16384,256,150995124)
[  252.785488][T13002] loop4: detected capacity change from 0 to 32768
[  252.821192][T13002] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  252.823281][ T5874] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.836025][T13002] XFS (loop4): Ending clean mount
[  252.842693][T13002] XFS (loop4): Quotacheck needed: Please wait.
[  252.894124][T13002] XFS (loop4): Quotacheck: Done.
[  252.914586][ T5874] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.930171][T12635] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  252.974045][ T5874] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.983138][T13016] vlan0: entered promiscuous mode
[  253.048419][ T5874] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.230838][T13033] tmpfs: Bad value for 'mpol'
[  253.243836][ T5874] bridge_slave_1: left allmulticast mode
[  253.246037][ T5874] bridge_slave_1: left promiscuous mode
[  253.251872][ T5874] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.272426][ T5874] bridge_slave_0: left allmulticast mode
[  253.274293][ T5874] bridge_slave_0: left promiscuous mode
[  253.288352][ T5874] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.781217][ T5874] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.785860][ T5874] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.789949][ T5874] bond0 (unregistering): Released all slaves
[  253.797341][ T5874] bond1 (unregistering): Released all slaves
[  253.874598][ T5874] tipc: Disabling bearer <eth:batadv0>
[  253.902400][ T5874] tipc: Left network mode
[  253.909918][T13076] netlink: 4436 bytes leftover after parsing attributes in process `syz.4.2895'.
[  253.913780][T13076] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  254.630539][ T5874] hsr_slave_0: left promiscuous mode
[  254.636195][ T5874] hsr_slave_1: left promiscuous mode
[  254.640243][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.642767][ T5874] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.649783][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.652200][ T5874] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.705343][ T5874] veth1_macvtap: left promiscuous mode
[  254.707587][ T5874] veth0_macvtap: left promiscuous mode
[  254.711430][ T5874] veth1_vlan: left promiscuous mode
[  254.713603][ T5874] veth0_vlan: left promiscuous mode
[  255.290021][T13089] sctp: [Deprecated]: syz.4.2901 (pid 13089) Use of int in maxseg socket option.
[  255.290021][T13089] Use struct sctp_assoc_value instead
[  255.461099][ T5874] team0 (unregistering): Port device team_slave_1 removed
[  255.493936][ T5874] team0 (unregistering): Port device team_slave_0 removed
[  256.515565][ T5874] IPVS: stop unused estimator thread 0...
[  258.205918][T13211] trusted_key: syz.1.2954 sent an empty control message without MSG_MORE.
[  258.255200][T13218] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[  258.265841][T13219] loop4: detected capacity change from 0 to 512
[  258.273492][T13219] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  258.291164][T13225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2960'.
[  258.293947][T13225] netlink: 'syz.1.2960': attribute type 30 has an invalid length.
[  258.300460][T13219] EXT4-fs (loop4): 1 truncate cleaned up
[  258.303043][T13219] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.310304][ T5874] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  258.313397][ T5874] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  258.320153][   T33] audit: type=1800 audit(1755119764.706:77): pid=13219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2958" name="file1" dev="loop4" ino=15 res=0 errno=0
[  258.338031][ T5874] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  258.351651][ T5874] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  259.245101][T13254] overlayfs: failed to clone upperpath
[  259.715868][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.814646][T13271] geneve1: entered promiscuous mode
[  259.816868][T13271] macsec1: entered promiscuous mode
[  259.818680][T13271] macsec1: entered allmulticast mode
[  259.820406][T13271] geneve1: entered allmulticast mode
[  259.830299][T13271] geneve1: left allmulticast mode
[  259.832295][T13271] geneve1: left promiscuous mode
[  260.397762][  T792] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  260.459611][T13325] netlink: 'syz.0.3006': attribute type 21 has an invalid length.
[  260.462235][T13325] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3006'.
[  260.465706][T13325] netlink: 'syz.0.3006': attribute type 4 has an invalid length.
[  260.468380][T13325] netlink: 'syz.0.3006': attribute type 3 has an invalid length.
[  260.470852][T13325] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3006'.
[  260.560682][  T792] usb 5-1: Using ep0 maxpacket: 8
[  260.563982][  T792] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  260.573014][  T792] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  260.575735][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.583228][  T792] usb 5-1: Product: syz
[  260.584560][  T792] usb 5-1: Manufacturer: syz
[  260.585979][  T792] usb 5-1: SerialNumber: syz
[  260.590450][  T792] usb 5-1: bad CDC descriptors
[  260.811840][  T792] usb 5-1: USB disconnect, device number 2
[  260.897703][T13340] Process accounting resumed
[  261.073111][T13363] netlink: 'syz.0.3023': attribute type 12 has an invalid length.
[  261.075539][T13363] netlink: 'syz.0.3023': attribute type 29 has an invalid length.
[  261.077917][T13363] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3023'.
[  261.081090][T13363] netlink: 'syz.0.3023': attribute type 1 has an invalid length.
[  261.974734][T13397] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  261.977118][T13397] IPv6: NLM_F_CREATE should be set when creating new route
[  262.867221][T13417] loop4: detected capacity change from 0 to 40427
[  262.869693][T13417] F2FS-fs: heap/no_heap options were deprecated
[  262.872437][T13417] F2FS-fs (loop4): build fault injection rate: 19
[  262.874445][T13417] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  262.879937][T13417] F2FS-fs (loop4): invalid crc value
[  262.886287][T13417] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  262.917042][T13417] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  262.923732][T13417] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  262.927724][T13417] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  262.934373][T13417] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  262.940264][T13417] syz.4.3048: attempt to access beyond end of device
[  262.940264][T13417] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  262.946584][T13417] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of f2fs_mpage_readpages+0x18df/0x1ac0
[  262.950078][T13417] syz.4.3048: attempt to access beyond end of device
[  262.950078][T13417] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  262.969580][T12635] syz-executor: attempt to access beyond end of device
[  262.969580][T12635] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  262.973883][T12635] CPU: 1 UID: 0 PID: 12635 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  262.973898][T12635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  262.973905][T12635] Call Trace:
[  262.973909][T12635]  <TASK>
[  262.973914][T12635]  dump_stack_lvl+0x189/0x250
[  262.973932][T12635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.973942][T12635]  ? __pfx_queue_work_on+0x10/0x10
[  262.973952][T12635]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  262.973963][T12635]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  262.973978][T12635]  f2fs_handle_critical_error+0x37c/0x540
[  262.973994][T12635]  f2fs_write_end_io+0x886/0xb60
[  262.974015][T12635]  __submit_merged_bio+0x27a/0x6a0
[  262.974028][T12635]  __submit_merged_write_cond+0x255/0x530
[  262.974042][T12635]  f2fs_write_data_pages+0x261d/0x3000
[  262.974071][T12635]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  262.974105][T12635]  ? __mod_zone_page_state+0xd7/0x140
[  262.974123][T12635]  ? folios_put_refs+0x560/0x640
[  262.974139][T12635]  ? __lock_acquire+0xab9/0xd20
[  262.974157][T12635]  ? do_raw_spin_lock+0x121/0x290
[  262.974172][T12635]  ? do_raw_spin_unlock+0x4d/0x240
[  262.974182][T12635]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  262.974193][T12635]  do_writepages+0x32e/0x550
[  262.974211][T12635]  ? do_raw_spin_unlock+0x4d/0x240
[  262.974222][T12635]  filemap_fdatawrite+0x199/0x240
[  262.974234][T12635]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  262.974270][T12635]  ? do_raw_spin_unlock+0x4d/0x240
[  262.974282][T12635]  f2fs_sync_dirty_inodes+0x31f/0x830
[  262.974302][T12635]  f2fs_write_checkpoint+0x95a/0x1df0
[  262.974347][T12635]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  262.974401][T12635]  ? kill_f2fs_super+0x298/0x6c0
[  262.974422][T12635]  kill_f2fs_super+0x2c3/0x6c0
[  262.974443][T12635]  ? __pfx_kill_f2fs_super+0x10/0x10
[  262.974453][T12635]  ? radix_tree_delete_item+0x2b6/0x400
[  262.974467][T12635]  ? shrinker_free+0x2ce/0x3e0
[  262.974478][T12635]  deactivate_locked_super+0xbc/0x130
[  262.974490][T12635]  cleanup_mnt+0x425/0x4c0
[  262.974501][T12635]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.974513][T12635]  task_work_run+0x1d4/0x260
[  262.974543][T12635]  ? __pfx_task_work_run+0x10/0x10
[  262.974553][T12635]  ? __x64_sys_umount+0x122/0x160
[  262.974567][T12635]  ? exit_to_user_mode_loop+0x40/0x110
[  262.974582][T12635]  exit_to_user_mode_loop+0xec/0x110
[  262.974595][T12635]  do_syscall_64+0x2bd/0x3b0
[  262.974606][T12635]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.974615][T12635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.974623][T12635]  ? exc_page_fault+0x9f/0xf0
[  262.974634][T12635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.974642][T12635] RIP: 0033:0x7f183398ff17
[  262.974651][T12635] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  262.974659][T12635] RSP: 002b:00007ffc4ed97248 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  262.974669][T12635] RAX: 0000000000000000 RBX: 00007f1833a11c05 RCX: 00007f183398ff17
[  262.974675][T12635] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4ed97300
[  262.974680][T12635] RBP: 00007ffc4ed97300 R08: 0000000000000000 R09: 0000000000000000
[  262.974685][T12635] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4ed98390
[  262.974690][T12635] R13: 00007f1833a11c05 R14: 0000000000040e0e R15: 00007ffc4ed983d0
[  262.974705][T12635]  </TASK>
[  262.975401][T12635] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  263.154977][T13434] sctp: [Deprecated]: syz.1.3055 (pid 13434) Use of struct sctp_assoc_value in delayed_ack socket option.
[  263.154977][T13434] Use struct sctp_sack_info instead
[  263.467190][ T5888] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  263.470089][ T5888] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  263.484650][  T792] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[  263.563689][T13460] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3066'.
[  263.648667][  T792] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  263.651175][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  263.654361][  T792] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  263.658395][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  263.661964][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  263.666731][  T792] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  263.669509][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  263.673113][  T792] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  263.677214][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  263.681181][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  263.686024][  T792] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  263.688468][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  263.691739][  T792] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  263.695293][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  263.698630][  T792] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  263.704849][  T792] usb 5-1: string descriptor 0 read error: -22
[  263.706891][  T792] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  263.709604][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.716582][  T792] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  263.938747][  T792] usb 5-1: USB disconnect, device number 3
[  264.079700][T13478] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3075'.
[  264.116890][T13480] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.3076'.
[  264.226158][T13492] overlayfs: failed to clone upperpath
[  264.228821][T13492] overlayfs: failed to clone upperpath
[  264.898534][T13527] loop4: detected capacity change from 0 to 512
[  264.919108][T13527] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.923055][T13527] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.943479][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.130241][T13532] loop4: detected capacity change from 0 to 32768
[  265.145206][T13532] JBD2: Ignoring recovery information on journal
[  265.154697][T13539] bond0: (slave syz_tun): Releasing backup interface
[  265.160454][T13539] bond0: (slave bridge0): Releasing backup interface
[  265.164799][T13539] bridge_slave_0: left allmulticast mode
[  265.166641][T13539] bridge_slave_0: left promiscuous mode
[  265.168566][T13539] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.176444][T13539] bridge_slave_1: left allmulticast mode
[  265.177991][T13532] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  265.178312][T13539] bridge_slave_1: left promiscuous mode
[  265.182900][T13539] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.198434][T13539] bond1: (slave veth0_to_bond): Releasing active interface
[  265.206779][T13539] bond0: (slave bond_slave_0): Releasing backup interface
[  265.212098][T13539] bond0: (slave bond_slave_1): Releasing backup interface
[  265.216486][T13539] team0: Port device team_slave_0 removed
[  265.221298][T13539] team0: Port device team_slave_1 removed
[  265.225703][T13539] bond0: (slave wlan1): Releasing backup interface
[  265.227906][T12635] ocfs2: Unmounting device (7,4) on (node local)
[  265.238371][T13539] bond0: (slave macvlan2): Releasing backup interface
[  265.243988][T13539] bond1: (slave veth3): Releasing active interface
[  265.331386][T13542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3102'.
[  265.334307][T13542] bridge_slave_1: left allmulticast mode
[  265.336082][T13542] bridge_slave_1: left promiscuous mode
[  265.338077][T13542] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.343416][T13542] bridge_slave_0: left allmulticast mode
[  265.351460][T13542] bridge_slave_0: left promiscuous mode
[  265.353594][T13542] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.497947][T13558] netlink: 'syz.0.3109': attribute type 46 has an invalid length.
[  265.553915][T13560] netlink: 'syz.0.3110': attribute type 5 has an invalid length.
[  265.587453][T13563] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3111'.
[  266.615388][T13577] loop4: detected capacity change from 0 to 32768
[  266.619987][T13577] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3116 (13577)
[  266.631661][T13577] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  266.635171][T13577] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  266.640301][T13577] BTRFS info (device loop4): using free-space-tree
[  266.677011][T13577] BTRFS info (device loop4): rebuilding free space tree
[  266.693337][T13605] netlink: 'syz.1.3122': attribute type 4 has an invalid length.
[  266.777760][T12635] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  267.007523][T13612] loop4: detected capacity change from 0 to 256
[  267.017821][T13612] FAT-fs (loop4): Directory bread(block 64) failed
[  267.019910][T13612] FAT-fs (loop4): Directory bread(block 65) failed
[  267.022009][T13612] FAT-fs (loop4): Directory bread(block 66) failed
[  267.024117][T13612] FAT-fs (loop4): Directory bread(block 67) failed
[  267.026326][T13612] FAT-fs (loop4): Directory bread(block 68) failed
[  267.028914][T13612] FAT-fs (loop4): Directory bread(block 69) failed
[  267.031060][T13612] FAT-fs (loop4): Directory bread(block 70) failed
[  267.032997][T13612] FAT-fs (loop4): Directory bread(block 71) failed
[  267.035142][T13612] FAT-fs (loop4): Directory bread(block 72) failed
[  267.037158][T13612] FAT-fs (loop4): Directory bread(block 73) failed
[  267.238829][T13625] loop4: detected capacity change from 0 to 128
[  267.242753][T13625] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  267.785418][T13649] netlink: 208 bytes leftover after parsing attributes in process `syz.1.3141'.
[  268.381790][T13657] netlink: 196 bytes leftover after parsing attributes in process `syz.4.3145'.
[  268.384750][T13657] netlink: 196 bytes leftover after parsing attributes in process `syz.4.3145'.
[  268.387679][T13657] netlink: 19 bytes leftover after parsing attributes in process `syz.4.3145'.
[  268.815122][ T5915] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  268.980346][ T5915] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  268.983807][ T5915] usb 5-1: config 220 has an invalid descriptor of length 201, skipping remainder of the config
[  268.987338][ T5915] usb 5-1: config 220 has no interface number 2
[  268.989452][ T5915] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  268.993505][ T5915] usb 5-1: config 220 interface 0 has no altsetting 0
[  268.995731][ T5915] usb 5-1: config 220 interface 76 has no altsetting 0
[  268.998045][ T5915] usb 5-1: config 220 interface 1 has no altsetting 0
[  269.003515][ T5915] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  269.006327][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.008913][ T5915] usb 5-1: Product: syz
[  269.010382][ T5915] usb 5-1: Manufacturer: syz
[  269.011824][ T5915] usb 5-1: SerialNumber: syz
[  269.239308][ T5915] usb 5-1: selecting invalid altsetting 0
[  269.241570][ T5915] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  269.251432][ T5915] usb 5-1: No valid video chain found.
[  269.259914][ T5915] usb 5-1: selecting invalid altsetting 0
[  269.261748][ T5915] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  269.266355][ T5915] usb 5-1: USB disconnect, device number 4
[  270.357796][T13701] 8021q: adding VLAN 0 to HW filter on device batadv1
[  270.360624][T13701] batadv1: entered promiscuous mode
[  270.362830][T13701] team0: Failed to send port change of device batadv1 via netlink (err -105)
[  270.367009][T13701] team0: Failed to send options change via netlink (err -105)
[  270.369712][T13701] team0: Port device batadv1 added
[  270.947959][ T5854] Bluetooth: hci4: ACL packet too small
[  271.482052][T13756] loop4: detected capacity change from 0 to 4096
[  272.515644][T13785] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3202'.
[  272.634262][T13790] loop4: detected capacity change from 0 to 4096
[  272.647537][T13790] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  272.846757][T13798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3208'.
[  272.865136][T13800] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  272.867861][T13800] team0: Device ipvlan2 is already an upper device of the team interface
[  273.194522][   T33] audit: type=1326 audit(1755119778.440:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.0.3223" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x0
[  273.263625][T13830] veth1_macvtap: left promiscuous mode
[  273.265362][T13830] macsec0: entered allmulticast mode
[  273.278535][T13830] veth1_macvtap: entered promiscuous mode
[  273.285755][T13830] veth1_macvtap: entered allmulticast mode
[  273.289647][T13830] macsec0: left allmulticast mode
[  273.291317][T13830] veth1_macvtap: left allmulticast mode
[  273.384323][T13826] loop4: detected capacity change from 0 to 40427
[  273.389914][   T33] audit: type=1326 audit(1755119778.616:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13840 comm="syz.1.3230" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f787a58ebe9 code=0x0
[  273.406827][T13826] F2FS-fs (loop4): invalid crc value
[  273.449664][T13826] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  273.454830][T13826] F2FS-fs (loop4): Start checkpoint disabled!
[  273.458327][T13826] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  273.647359][   T26] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  273.890329][T13874] loop4: detected capacity change from 0 to 32768
[  274.049868][T13886] netlink: 376 bytes leftover after parsing attributes in process `syz.4.3250'.
[  274.085379][   T33] audit: type=1326 audit(2000000000.581:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13889 comm="syz.4.3252" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f183398ebe9 code=0x0
[  274.348877][T13920] lo speed is unknown, defaulting to 1000
[  274.580667][T13940] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3276'.
[  274.588394][T13940] IPVS: Error connecting to the multicast addr
[  274.729868][T13953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3282'.
[  275.848166][T13977] overlayfs: failed lookup in lower (newroot/140, name='file1', err=-40): overlapping layers
[  275.917184][T13981] loop4: detected capacity change from 0 to 256
[  276.150650][T13997] loop4: detected capacity change from 0 to 256
[  276.154405][T13997] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  276.158444][T13997] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  276.174089][T13997] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  276.355776][T14010] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3308'.
[  276.369140][T14010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3308'.
[  277.858923][T14034] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3318'.
[  277.905153][T14036] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3319'.
[  277.992666][ T5949] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  278.007814][T14046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3324'.
[  278.010676][T14046] netlink: 34 bytes leftover after parsing attributes in process `syz.1.3324'.
[  278.102968][T14054] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3327'.
[  278.175899][ T5949] usb 5-1: Using ep0 maxpacket: 8
[  278.181031][ T5949] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  278.185200][ T5949] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.188086][ T5949] usb 5-1: Product: syz
[  278.189612][ T5949] usb 5-1: Manufacturer: syz
[  278.191137][ T5949] usb 5-1: SerialNumber: syz
[  278.194490][ T5949] usb 5-1: config 0 descriptor??
[  278.199216][ T5949] radio-usb-si4713 5-1:0.0: Si4713 development board discovered: (10C4:8244)
[  278.654274][ T5949] radio-usb-si4713 5-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  278.657597][ T5949] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  278.662232][ T5949] usb 5-1: USB disconnect, device number 5
[  279.359366][T14093] loop4: detected capacity change from 0 to 512
[  279.376328][T14093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.386404][T14093] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  279.464506][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.515254][T14102] loop4: detected capacity change from 0 to 512
[  279.518871][T14102] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  279.526762][T14102] EXT4-fs (loop4): invalid journal inode
[  279.528952][T14102] EXT4-fs (loop4): can't get journal size
[  279.536430][T14102] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a056c118, mo2=0002]
[  279.539544][T14102] System zones: 1-12, 13-13
[  279.541771][T14102] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.3347: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  279.550165][T14102] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.3347: couldn't read orphan inode 15 (err -117)
[  279.558314][T14102] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.587855][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.739226][T14111] RDS: rds_bind could not find a transport for ::ffff:0.0.0.224, load rds_tcp or rds_rdma?
[  279.820071][T14115] loop4: detected capacity change from 0 to 16
[  279.823476][T14115] erofs (device loop4): mounted with root inode @ nid 36.
[  280.020746][T14120] erofs (device loop4): readahead error at folio 2 @ nid 89
[  280.066562][ T7537] erofs (device loop4): failed to decompress 6887 in[4096, 0] out[8192]
[  280.086550][T14120] erofs (device loop4): failed to decompress 6887 in[4096, 0] out[8192]
[  280.093813][T14120] erofs (device loop4): read error -117 @ 1 of nid 89
[  280.097454][   T33] audit: type=1800 audit(2000000006.128:81): pid=14120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3352" name="file3" dev="loop4" ino=89 res=0 errno=0
[  281.295438][T14156] overlayfs: failed to clone upperpath
[  281.330057][T14159] loop4: detected capacity change from 0 to 512
[  281.333477][T14159] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  281.342281][T14159] EXT4-fs (loop4): 1 truncate cleaned up
[  281.345256][T14159] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.408843][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.799153][   T61] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  282.003752][   T61] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  282.025418][   T61] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  282.036543][   T61] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  282.045218][   T61] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  282.052710][   T61] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  282.057717][   T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.068744][   T61] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  282.071510][   T61] usb 5-1: invalid MIDI out EP 0
[  282.103814][   T61] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  282.295331][   T61] usb 5-1: USB disconnect, device number 6
[  282.687469][T14183] __nla_validate_parse: 2 callbacks suppressed
[  282.687482][T14183] netlink: 23 bytes leftover after parsing attributes in process `syz.0.3381'.
[  283.074875][T14213] sctp: [Deprecated]: syz.4.3395 (pid 14213) Use of struct sctp_assoc_value in delayed_ack socket option.
[  283.074875][T14213] Use struct sctp_sack_info instead
[  283.574368][T14238] loop4: detected capacity change from 0 to 128
[  283.773863][T14240] loop4: detected capacity change from 0 to 40427
[  283.777402][T14240] F2FS-fs (loop4): Image doesn't support compression
[  283.779690][T14240] F2FS-fs (loop4): build fault injection rate: 690
[  283.781733][T14240] F2FS-fs (loop4): build fault injection type: 0x35f7
[  283.785281][T14240] F2FS-fs (loop4): invalid crc value
[  283.819511][T14240] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  283.822996][T14240] F2FS-fs (loop4): Start checkpoint disabled!
[  283.825923][T14240] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  283.840238][T14240] syz.4.3407: attempt to access beyond end of device
[  283.840238][T14240] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  284.177666][ T5915] libceph: connect (1)[c::]:6789 error -101
[  284.180919][ T5915] libceph: mon0 (1)[c::]:6789 connect error
[  284.235087][ T2288] libceph: connect (1)[c::]:6789 error -101
[  284.237214][ T2288] libceph: mon0 (1)[c::]:6789 connect error
[  284.372665][T14275] loop4: detected capacity change from 0 to 256
[  284.494090][T14275] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  284.538299][ T2288] libceph: connect (1)[c::]:6789 error -101
[  284.541845][ T2288] libceph: mon0 (1)[c::]:6789 connect error
[  284.550497][ T5915] libceph: connect (1)[c::]:6789 error -101
[  284.552495][ T5915] libceph: mon0 (1)[c::]:6789 connect error
[  284.975001][T14264] ceph: No mds server is up or the cluster is laggy
[  284.975732][T14271] ceph: No mds server is up or the cluster is laggy
[  285.668738][T14287] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3423'.
[  286.066739][T14302] loop4: detected capacity change from 0 to 512
[  286.069988][T14302] EXT4-fs: Ignoring removed mblk_io_submit option
[  286.072694][T14302] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  286.088141][T14302] EXT4-fs (loop4): 1 truncate cleaned up
[  286.091001][T14302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.102613][T14308] overlayfs: failed to clone upperpath
[  286.108979][   T33] audit: type=1804 audit(2000000011.675:82): pid=14302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3429" name="/newroot/186/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  286.340068][T14322] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3437'.
[  287.092635][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.137765][T14328] loop4: detected capacity change from 0 to 256
[  287.159108][T14328] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  287.167075][T14328] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  287.257598][   T33] audit: type=1326 audit(2000000012.746:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.257872][T14336] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3445'.
[  287.264154][   T33] audit: type=1326 audit(2000000012.746:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.276083][   T33] audit: type=1326 audit(2000000012.755:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.284265][   T33] audit: type=1326 audit(2000000012.755:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.291428][   T33] audit: type=1326 audit(2000000012.755:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.300945][   T33] audit: type=1326 audit(2000000012.774:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.307834][   T33] audit: type=1326 audit(2000000012.774:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.316781][   T33] audit: type=1326 audit(2000000012.774:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.324955][   T33] audit: type=1326 audit(2000000012.783:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14334 comm="syz.0.3444" exe="/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  287.338595][T14338] loop4: detected capacity change from 0 to 8192
[  287.355648][T14338] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  287.689988][T14374] tmpfs: Bad value for 'grpquota_inode_hardlimit'
[  287.744716][  T792] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  287.940209][  T792] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  287.943033][  T792] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.951690][  T792] usb 5-1: config 0 descriptor??
[  287.955455][  T792] gspca_main: spca508-2.14.0 probing 8086:0110
[  288.498081][  T792] gspca_spca508: reg_read err -32
[  288.502278][  T792] gspca_spca508: reg_read err -32
[  288.504681][  T792] gspca_spca508: reg_read err -32
[  288.725707][  T792] gspca_spca508: reg_read err -71
[  288.728153][  T792] gspca_spca508: reg write: error -71
[  288.730100][  T792] spca508 5-1:0.0: probe with driver spca508 failed with error -71
[  288.734096][  T792] usb 5-1: USB disconnect, device number 7
[  289.536553][T14422] netlink: 176 bytes leftover after parsing attributes in process `syz.1.3483'.
[  289.565851][T14424] loop4: detected capacity change from 0 to 512
[  289.569520][T14424] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  289.579057][T14424] EXT4-fs (loop4): 1 truncate cleaned up
[  289.582084][T14424] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.608654][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.046477][T14453] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3492'.
[  290.184971][T14459] loop4: detected capacity change from 0 to 16
[  290.188381][T14459] erofs (device loop4): mounted with root inode @ nid 36.
[  291.872740][T14501] loop4: detected capacity change from 0 to 256
[  291.886274][T14501] FAT-fs (loop4): Directory bread(block 64) failed
[  291.888440][T14501] FAT-fs (loop4): Directory bread(block 65) failed
[  291.891009][T14501] FAT-fs (loop4): Directory bread(block 66) failed
[  291.893936][T14501] FAT-fs (loop4): Directory bread(block 67) failed
[  291.896151][T14501] FAT-fs (loop4): Directory bread(block 68) failed
[  291.898339][T14501] FAT-fs (loop4): Directory bread(block 69) failed
[  291.904926][T14501] FAT-fs (loop4): Directory bread(block 70) failed
[  291.907319][T14501] FAT-fs (loop4): Directory bread(block 71) failed
[  291.909654][T14501] FAT-fs (loop4): Directory bread(block 72) failed
[  291.912064][T14501] FAT-fs (loop4): Directory bread(block 73) failed
[  291.916212][T14503] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3513'.
[  292.009352][T14509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3516'.
[  292.489233][T14536] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3529'.
[  293.022123][T14575] macvlan2: entered promiscuous mode
[  293.023814][T14575] macvlan2: entered allmulticast mode
[  293.025959][T14575] veth1_vlan: entered allmulticast mode
[  293.038747][T14575] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  293.155695][T14585] <
[  293.207708][T14596] loop4: detected capacity change from 0 to 2048
[  293.213434][T14596] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  293.277269][T14604] kAFS: unparsable volume name
[  293.797750][   T33] kauditd_printk_skb: 5 callbacks suppressed
[  293.797763][   T33] audit: type=1326 audit(294.194:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  293.822178][   T33] audit: type=1326 audit(294.203:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  293.836862][   T33] audit: type=1326 audit(294.212:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  293.851639][   T33] audit: type=1326 audit(294.212:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fef7278ec23 code=0x7ffc0000
[  293.862189][   T33] audit: type=1326 audit(294.212:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fef7278d69f code=0x7ffc0000
[  293.869266][   T33] audit: type=1326 audit(294.212:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fef7278ec77 code=0x7ffc0000
[  293.878664][   T33] audit: type=1326 audit(294.212:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fef7278d550 code=0x7ffc0000
[  293.886171][   T33] audit: type=1326 audit(294.212:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fef7278d84a code=0x7ffc0000
[  293.893147][   T33] audit: type=1326 audit(294.212:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  293.900067][   T33] audit: type=1326 audit(294.212:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14619 comm="syz.0.3569" exe="/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7fef7278ebe9 code=0x7ffc0000
[  294.169069][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3578'.
[  294.171937][T14639] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3578'.
[  294.205490][T14641] netlink: 666 bytes leftover after parsing attributes in process `syz.1.3579'.
[  294.399681][T14659] ip6gre1: entered promiscuous mode
[  295.959123][T14712] loop4: detected capacity change from 0 to 128
[  295.964925][T14712] FAT-fs (loop4): bogus number of FAT structure
[  295.969762][T14712] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  295.972713][T14712] FAT-fs (loop4): Can't find a valid FAT filesystem
[  296.007941][T14714] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3611'.
[  296.012002][T14714] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3611'.
[  296.273970][T14738] netlink: 'syz.0.3622': attribute type 29 has an invalid length.
[  297.150524][T14777] loop4: detected capacity change from 0 to 1024
[  297.517050][T14816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3658'.
[  297.544068][T14818] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3660'.
[  297.548344][T14815] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3660'.
[  298.519998][T14834] loop4: detected capacity change from 0 to 4096
[  298.528126][T14834] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  298.538608][T14834] ntfs3(loop4): ino=4, mi_enum_attr
[  298.540917][T14834] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  298.543967][T14834] ntfs3(loop4): Failed to load $AttrDef (-22)
[  298.722284][T14840] loop4: detected capacity change from 0 to 8192
[  298.770412][T14840] Dev loop4: RDB in block 1 has bad checksum
[  298.785438][ T5854] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  298.788550][ T5854] Bluetooth: hci4: Injecting HCI hardware error event
[  298.793505][ T5854] Bluetooth: hci4: hardware error 0x00
[  299.421368][T14859] netlink: 'syz.1.3679': attribute type 64 has an invalid length.
[  299.422305][ T6055] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[  299.425190][T14859] netlink: 'syz.1.3679': attribute type 4 has an invalid length.
[  299.428356][T14859] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3679'.
[  299.585650][ T6055] usb 5-1: config 9 has an invalid interface number: 1 but max is 0
[  299.588434][ T6055] usb 5-1: config 9 has no interface number 0
[  299.590461][ T6055] usb 5-1: config 9 interface 1 has no altsetting 0
[  299.607855][ T6055] usb 5-1: string descriptor 0 read error: -22
[  299.610041][ T6055] usb 5-1: New USB device found, idVendor=2040, idProduct=b140, bcdDevice=75.36
[  299.612847][ T6055] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.629188][ T6055] cx231xx 5-1:9.1: New device   @ 1.5 Mbps (2040:b140) with 1 interfaces
[  299.638656][ T6055] cx231xx 5-1:9.1: Not found matching IAD interface
[  299.820874][T14893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3694'.
[  299.853953][ T6055] usb 5-1: USB disconnect, device number 8
[  299.890928][T14897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3696'.
[  300.207568][T14913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3704'.
[  300.210336][T14913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3704'.
[  301.036252][ T5854] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  303.058620][T15012] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3749'.
[  303.206311][T15022] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  304.074084][T15053] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3768'.
[  304.077019][T15053] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3768'.
[  304.368067][T15077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3779'.
[  304.465927][T15087] bridge_slave_0: default FDB implementation only supports local addresses
[  304.519307][   T61] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  304.558386][T15089] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode
[  304.560777][T15089] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  304.698108][   T61] usb 5-1: config 0 has an invalid interface number: 64 but max is 0
[  304.700847][   T61] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  304.704095][   T61] usb 5-1: config 0 has no interface number 0
[  304.716006][   T61] usb 5-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  304.719076][   T61] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.963394][   T61] usb 5-1: Product: syz
[  304.964968][   T61] usb 5-1: Manufacturer: syz
[  304.966957][   T61] usb 5-1: SerialNumber: syz
[  304.986658][   T61] usb 5-1: config 0 descriptor??
[  304.993959][   T61] usb 5-1: Found UVC 0.00 device syz (046d:0823)
[  304.996613][   T61] usb 5-1: No valid video chain found.
[  305.210341][ T5915] usb 5-1: USB disconnect, device number 9
[  306.762369][T15148] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  306.971960][T15168] Invalid source name
[  306.976094][T15168] UBIFS error (pid: 15168): cannot open "./file0", error -22
[  307.070861][ T6055] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  307.239308][ T6055] usb 5-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55
[  307.242168][ T6055] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.244740][ T6055] usb 5-1: Product: syz
[  307.245997][ T6055] usb 5-1: Manufacturer: syz
[  307.247473][ T6055] usb 5-1: SerialNumber: syz
[  307.250399][ T6055] usb 5-1: config 0 descriptor??
[  307.253937][ T6055] gspca_main: sonixb-2.14.0 probing 0c45:60a8
[  307.690988][ T6055] sonixb 5-1:0.0: Error writing register 01: -71
[  307.693061][ T6055] sonixb 5-1:0.0: probe with driver sonixb failed with error -71
[  307.696777][ T6055] usb 5-1: USB disconnect, device number 10
[  308.320522][   T27] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  308.489788][T15223] loop4: detected capacity change from 0 to 32768
[  308.497505][T15223] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3848 (15223)
[  308.503737][T15223] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  308.506955][T15223] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  308.509602][T15223] BTRFS info (device loop4): using free-space-tree
[  308.543614][T15223] BTRFS info (device loop4): rebuilding free space tree
[  308.584146][T12635] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  309.053647][ T6055] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  309.173097][T15257] netlink: 88 bytes leftover after parsing attributes in process `syz.0.3856'.
[  309.175964][T15257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3856'.
[  309.218765][ T6055] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  309.222853][ T6055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.228792][ T6055] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  309.232230][ T6055] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  309.234824][ T6055] usb 5-1: Manufacturer: syz
[  309.238119][ T6055] usb 5-1: config 0 descriptor??
[  309.292892][ T6055] rc_core: IR keymap rc-hauppauge not found
[  309.296533][ T6055] Registered IR keymap rc-empty
[  309.299400][ T6055] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  309.303702][ T6055] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input17
[  309.677976][    C0] igorplugusb 5-1:0.0: receive overflow, at least 13 lost
[  309.897983][ T6055] usb 5-1: USB disconnect, device number 11
[  312.960905][T15404] vivid-000: disconnect
[  313.066901][T15409] delete_channel: no stack
[  313.074289][T15411] random: crng reseeded on system resumption
[  313.111807][T15411] vivid-000: reconnect
[  313.120835][T15413] overlayfs: failed to clone upperpath
[  314.018303][T15470] loop4: detected capacity change from 0 to 256
[  314.034175][T15470] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  314.066774][T15470] exFAT-fs (loop4): start_clu is invalid cluster(0xffffffff)
[  315.214299][T15515] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  315.763979][T15554] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3993'.
[  316.108504][ T6055] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  316.272291][ T6055] usb 5-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=3f.fc
[  316.275419][ T6055] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.278035][ T6055] usb 5-1: Product: syz
[  316.279618][ T6055] usb 5-1: Manufacturer: syz
[  316.281165][ T6055] usb 5-1: SerialNumber: syz
[  316.284384][ T6055] usb 5-1: config 0 descriptor??
[  316.287636][ T6055] cypress_m8 5-1:0.0: Nokia CA-42 V2 Adapter converter detected
[  316.290691][ T6055] nokiaca42v2 ttyUSB0: required endpoint is missing
[  316.505970][ T6055] usb 5-1: USB disconnect, device number 12
[  316.509098][ T6055] cypress_m8 5-1:0.0: device disconnected
[  316.758523][T15580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4006'.
[  317.217364][T15618] netlink: 'syz.4.4025': attribute type 63 has an invalid length.
[  317.958673][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  317.961220][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  318.012623][T15646] netlink: 6032 bytes leftover after parsing attributes in process `syz.0.4037'.
[  318.635567][T15672] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[  318.791614][T15678] netlink: 'syz.0.4047': attribute type 3 has an invalid length.
[  318.794459][T15678] netlink: 'syz.0.4047': attribute type 3 has an invalid length.
[  318.820111][T15678] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4047'.
[  318.847822][T15679] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4047'.
[  319.918877][T15712] loop4: detected capacity change from 0 to 512
[  319.921972][T15712] EXT4-fs: Ignoring removed oldalloc option
[  319.923939][T15712] ext4: Unknown parameter 'fowner<00000000000000060928'
[  320.261353][ T5874] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.352297][ T5874] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.488772][ T5239] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  320.493024][ T5239] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  320.496992][ T5239] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  320.503907][ T5239] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  320.520093][ T5239] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  320.538934][ T5874] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.577442][T15720] lo speed is unknown, defaulting to 1000
[  320.729921][ T5874] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.039453][ T5874] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  322.045503][ T5874] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  322.050303][ T5874] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  322.053872][ T5874] veth1_vlan: left allmulticast mode
[  322.056552][ T5874] bond0 (unregistering): Released all slaves
[  322.067036][ T5874] bond1 (unregistering): Released all slaves
[  322.080771][T15720] chnl_net:caif_netlink_parms(): no params data found
[  322.185973][T15720] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.188466][T15720] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.190880][T15720] bridge_slave_0: entered allmulticast mode
[  322.194266][T15720] bridge_slave_0: entered promiscuous mode
[  322.198239][T15720] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.200754][T15720] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.203276][T15720] bridge_slave_1: entered allmulticast mode
[  322.206432][T15720] bridge_slave_1: entered promiscuous mode
[  322.313737][T15720] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.324419][T15720] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.408267][T15720] team0: Port device team_slave_0 added
[  322.413279][T15720] team0: Port device team_slave_1 added
[  322.469025][T15720] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.484597][T15720] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.501554][T15720] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.506366][T15720] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.508591][T15720] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.535120][T15720] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.570954][ T5874] hsr_slave_0: left promiscuous mode
[  322.583934][ T5874] hsr_slave_1: left promiscuous mode
[  322.586219][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.590195][ T5874] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.593245][ T5874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.595591][ T5874] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.629030][ T5874] veth1_macvtap: left promiscuous mode
[  322.631223][ T5874] veth0_macvtap: left promiscuous mode
[  322.633113][ T5874] veth1_vlan: left promiscuous mode
[  322.634910][ T5874] veth0_vlan: left promiscuous mode
[  322.736167][ T5854] Bluetooth: hci2: command tx timeout
[  323.330200][ T5874] team0 (unregistering): Port device team_slave_1 removed
[  323.388052][ T5874] team0 (unregistering): Port device team_slave_0 removed
[  324.282221][T15720] hsr_slave_0: entered promiscuous mode
[  324.285160][T15720] hsr_slave_1: entered promiscuous mode
[  324.290903][T15720] debugfs: 'hsr0' already exists in 'hsr'
[  324.292641][T15720] Cannot create hsr debugfs directory
[  324.540474][T15720] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  324.546053][T15720] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  324.555069][T15720] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  324.560320][T15720] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  324.616605][T15720] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.629493][T15720] 8021q: adding VLAN 0 to HW filter on device team0
[  324.636345][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.638703][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.651544][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.653907][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.798542][T15720] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.949850][ T5854] Bluetooth: hci2: command tx timeout
[  324.980138][T15720] veth0_vlan: entered promiscuous mode
[  324.989361][T15720] veth1_vlan: entered promiscuous mode
[  325.013150][T15720] veth0_macvtap: entered promiscuous mode
[  325.027153][T15720] veth1_macvtap: entered promiscuous mode
[  325.042900][T15720] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.053986][T15720] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.072875][ T5874] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.084677][ T5888] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.087533][ T5888] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.096423][ T5888] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.114035][T15822] gfs2: path_lookup on GPL returned error -2
[  325.181491][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.183968][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.217415][T12121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.219907][T12121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.969752][T15894] overlayfs: failed to clone upperpath
[  327.173262][ T5854] Bluetooth: hci2: command tx timeout
[  329.407886][ T5854] Bluetooth: hci2: command tx timeout
[  329.580146][T15972] wg2: entered promiscuous mode
[  329.584071][T15972] wg2: entered allmulticast mode
[  329.645017][T15981] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  329.853348][T16000] netlink: 'syz.1.4189': attribute type 3 has an invalid length.
[  329.855836][T16000] netlink: 766 bytes leftover after parsing attributes in process `syz.1.4189'.
[  329.941728][T16007] overlayfs: failed to clone upperpath
[  330.753540][   T14] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  330.763161][   T14] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  330.770463][   T14] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  330.773298][   T14] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  330.811868][T16048] lo speed is unknown, defaulting to 1000
[  330.865622][T16053] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4214'.
[  330.878509][T16053] netlink: 'syz.5.4214': attribute type 20 has an invalid length.
[  330.889287][T16053] netlink: 'syz.5.4214': attribute type 21 has an invalid length.
[  331.572966][T16082] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.4225'.
[  331.609364][T16084] 9pnet_fd: Insufficient options for proto=fd
[  331.972991][T16094] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4232'.
[  333.597683][T16177] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4267'.
[  333.602723][T16177] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4267'.
[  335.799576][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  335.799590][   T33] audit: type=1326 audit(333.262:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16227 comm="syz.1.4289" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f787a58ebe9 code=0x0
[  336.582453][T16244] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4297'.
[  336.585381][T16244] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4297'.
[  336.797261][   T33] audit: type=1326 audit(334.207:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787a58ebe9 code=0x7ffc0000
[  336.803628][   T33] audit: type=1326 audit(334.207:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787a58ebe9 code=0x7ffc0000
[  336.837823][   T33] audit: type=1326 audit(334.207:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f787a58d550 code=0x7ffc0000
[  336.844512][   T33] audit: type=1326 audit(334.207:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f787a58d550 code=0x7ffc0000
[  336.857744][   T33] audit: type=1326 audit(334.207:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787a58ebe9 code=0x7ffc0000
[  336.877903][   T33] audit: type=1326 audit(334.207:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f787a58ebe9 code=0x7ffc0000
[  336.895586][   T33] audit: type=1326 audit(334.207:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16260 comm="syz.1.4306" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787a58ebe9 code=0x7ffc0000
[  337.794515][T16298] loop5: detected capacity change from 0 to 4096
[  337.815436][T16298] NILFS (loop5): invalid segment: Checksum error in segment payload
[  337.818324][T16298] NILFS (loop5): trying rollback from an earlier position
[  337.838694][T16298] NILFS (loop5): recovery complete
[  337.844227][T16299] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  337.886730][   T33] audit: type=1800 audit(335.226:117): pid=16298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4319" name="file2" dev="loop5" ino=12 res=0 errno=0
[  338.156222][T16303] loop5: detected capacity change from 0 to 512
[  338.159870][T16303] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  338.166553][T16303] EXT4-fs (loop5): 1 truncate cleaned up
[  338.169314][T16303] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.271349][T15720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.448891][T16320] overlayfs: failed to clone upperpath
[  339.463503][T16362] erspan1: entered allmulticast mode
[  339.822871][T16383] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4357'.
[  340.123693][T16402] loop5: detected capacity change from 0 to 32768
[  340.133566][T16402] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4366 (16402)
[  340.139399][T16402] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  340.142718][T16402] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  340.145299][T16402] BTRFS info (device loop5): disk space caching is enabled
[  340.147622][T16402] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  340.192696][T16402] BTRFS info (device loop5): rebuilding free space tree
[  340.203045][T16402] BTRFS info (device loop5): disabling free space tree
[  340.207062][T16402] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  340.210076][T16402] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  340.248065][   T33] audit: type=1800 audit(337.424:118): pid=16402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4366" name="file1" dev="loop5" ino=265 res=0 errno=0
[  340.281986][T15720] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  340.473530][T16445] openvswitch: netlink: VXLAN extension 11 out of range max 1
[  340.635760][T16456] loop5: detected capacity change from 0 to 512
[  340.638763][T16456] EXT4-fs: Ignoring removed orlov option
[  340.644102][T16456] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.4385: Attempting to read directory block (0) that is past i_size (256)
[  340.657974][T16456] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  340.662571][T16456] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.689544][T15720] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.973370][T16467] loop5: detected capacity change from 0 to 32768
[  340.981216][T16467] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  341.010059][T16467] XFS (loop5): Ending clean mount
[  341.048004][T15720] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  341.299699][T16487] loop5: detected capacity change from 0 to 1024
[  341.340676][ T3228] hfsplus: b-tree write err: -5, ino 4
[  341.557206][T16505] overlayfs: failed to clone upperpath
[  341.667068][T16513] netlink: 'syz.0.4409': attribute type 6 has an invalid length.
[  342.568030][ T3228] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  346.242937][T16649] tmpfs: Bad value for 'mpol'
[  346.915550][   T33] audit: type=1800 audit(343.664:119): pid=16659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4471" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0
[  347.003467][T16667] xt_socket: unknown flags 0x50
[  347.127878][T16676] netlink: 'syz.0.4479': attribute type 2 has an invalid length.
[  347.130242][T16676] netlink: 1184 bytes leftover after parsing attributes in process `syz.0.4479'.
[  347.638282][T16697] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4489'.
[  347.671488][T16699] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4490'.
[  347.704478][T16701] smc: net device bond0 applied user defined pnetid SYZ2
[  347.819709][T16709] netlink: 'syz.0.4495': attribute type 11 has an invalid length.
[  348.375050][T16741] overlayfs: failed to clone lowerpath
[  348.511027][T16749] ptrace attach of "/syz-executor exec"[5844] was attempted by "ߖ鷴)Qo  \x0dvҢ9T{-92\x0ap_3j nޭOa)bkߟ.\x0aK~򜛱تKOkF^3B3){\x5crHBd,X\x09\x0b3c\x22&W\x22\x1bTL'\x09!_Nhٹ=n>a (G6茷A+&ϋЈUߍa{@{\x0b[ɸYacAzÂGl:d<]u~v!9,?Ŵ>\x22ar\x1blKڬY*VS8ȁ6]kK.=`#\x07x!gMDR*OLK\x0c}oKbA>{@aMdnQj̖5)];r,L\x0c=\x0dWAE n`>Ɵs-3`yfeH^/$L1&NP\x0d1D<\x07cPd(EdtaE!ҭ \x09@ݞHG~H<D$\x0crX`-ͪ/IFEtI;{*W\x0c\x0a:ÈV'\x0c8sejke~ɫRLB*\x0b-r@\x07VMšv%OymWGܕ|ʤ=tU?hK0uӣٜ0G 'b,\x22ߊ;2Ո'G/޳7Wd\x5c!w%xg\x22x[4!NlQ(\x0a@[+ ؐǬ[[zN sB&X>%3{- ^Qǚ4e3\x0b>sF̗H]+\x0
[  349.669887][T16797] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4535'.
[  350.231764][T16824] hub 1-0:1.0: USB hub found
[  350.234531][T16824] hub 1-0:1.0: 1 port detected
[  351.117756][T16842] netlink: 'syz.1.4556': attribute type 21 has an invalid length.
[  351.127358][T16842] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4556'.
[  351.265200][T16857] loop5: detected capacity change from 0 to 256
[  351.271286][T16857] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  351.274957][T16857] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  351.283167][T16857] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  351.354327][T16865] loop5: detected capacity change from 0 to 256
[  351.358520][T16867] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.4568'.
[  351.361543][T16867] openvswitch: netlink: Port -8 exceeds max allowable 65535
[  351.496131][T16881] syz_tun: entered allmulticast mode
[  351.505384][   T33] audit: type=1326 audit(347.957:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16877 comm="syz.0.4574" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fef7278ebe9 code=0x0
[  351.610217][T16896] syz_tun: left allmulticast mode
[  351.732455][    C0] ==================================================================
[  351.735033][    C0] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x666/0xca0
[  351.737455][    C0] Write of size 8 at addr ffff88803ca2f558 by task syz-executor/5848
[  351.740131][    C0] 
[  351.741284][    C0] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  351.741298][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  351.741304][    C0] Call Trace:
[  351.741309][    C0]  <IRQ>
[  351.741314][    C0]  dump_stack_lvl+0x189/0x250
[  351.741329][    C0]  ? __virt_addr_valid+0x1c8/0x5c0
[  351.741341][    C0]  ? rcu_is_watching+0x15/0xb0
[  351.741349][    C0]  ? __kasan_check_byte+0x12/0x40
[  351.741362][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.741370][    C0]  ? rcu_is_watching+0x15/0xb0
[  351.741377][    C0]  ? lock_release+0x4b/0x3e0
[  351.741390][    C0]  ? __virt_addr_valid+0x1c8/0x5c0
[  351.741399][    C0]  ? __virt_addr_valid+0x4a5/0x5c0
[  351.741409][    C0]  print_report+0xca/0x240
[  351.741419][    C0]  ? __xfrm_state_delete+0x666/0xca0
[  351.741430][    C0]  kasan_report+0x118/0x150
[  351.741441][    C0]  ? __xfrm_state_delete+0x666/0xca0
[  351.741452][    C0]  __xfrm_state_delete+0x666/0xca0
[  351.741465][    C0]  xfrm_timer_handler+0x18f/0xa00
[  351.741476][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  351.741485][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  351.741496][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.741506][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  351.741515][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  351.741524][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  351.741534][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  351.741543][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  351.741556][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  351.741565][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  351.741596][    C0]  handle_softirqs+0x286/0x870
[  351.741606][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  351.741614][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  351.741624][    C0]  __irq_exit_rcu+0xca/0x1f0
[  351.741631][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  351.741640][    C0]  irq_exit_rcu+0x9/0x30
[  351.741646][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  351.741656][    C0]  </IRQ>
[  351.741659][    C0]  <TASK>
[  351.741663][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  351.741674][    C0] RIP: 0010:__kasan_check_byte+0x6/0x40
[  351.741685][    C0] Code: 84 da fe ff ff 48 ff c8 49 89 c4 e9 cf fe ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 56 <53> 48 89 f3 49 89 fe e8 5e 14 00 00 84 c0 75 16 be 01 00 00 00 4c
[  351.741694][    C0] RSP: 0018:ffffc900036ef7e8 EFLAGS: 00000202
[  351.741703][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: f6d7eaad263ef900
[  351.741709][    C0] RDX: 0000000000000000 RSI: ffffffff8172c1b2 RDI: ffffffff8e139ee0
[  351.741714][    C0] RBP: ffffffff8172c195 R08: 0000000000000000 R09: 0000000000000000
[  351.741720][    C0] R10: ffffc900036efa18 R11: fffff520006ddf45 R12: 0000000000000002
[  351.741726][    C0] R13: ffffffff8e139ee0 R14: 0000000000000000 R15: 0000000000000000
[  351.741732][    C0]  ? unwind_next_frame+0xa5/0x2390
[  351.741743][    C0]  ? unwind_next_frame+0xc2/0x2390
[  351.741753][    C0]  lock_acquire+0x8d/0x360
[  351.741766][    C0]  ? unwind_next_frame+0xa5/0x2390
[  351.741774][    C0]  ? arch_stack_walk+0xe4/0x150
[  351.741785][    C0]  ? unwind_next_frame+0xa5/0x2390
[  351.741793][    C0]  unwind_next_frame+0xc2/0x2390
[  351.741802][    C0]  ? unwind_next_frame+0xa5/0x2390
[  351.741811][    C0]  ? unwind_next_frame+0xa5/0x2390
[  351.741820][    C0]  ? __unwind_start+0xf8/0x760
[  351.741829][    C0]  __unwind_start+0x5b9/0x760
[  351.741839][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  351.741849][    C0]  arch_stack_walk+0xe4/0x150
[  351.741864][    C0]  ? arch_stack_walk+0xe4/0x150
[  351.741874][    C0]  stack_trace_save+0x9c/0xe0
[  351.741883][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  351.741892][    C0]  ? stack_depot_save_flags+0x40/0x860
[  351.741905][    C0]  kasan_save_track+0x3e/0x80
[  351.741926][    C0]  __kasan_slab_alloc+0x6c/0x80
[  351.741936][    C0]  kmem_cache_alloc_lru_noprof+0x1c6/0x3d0
[  351.741949][    C0]  ? sock_alloc_inode+0x28/0xc0
[  351.741960][    C0]  ? __pfx_sock_alloc_inode+0x10/0x10
[  351.741968][    C0]  sock_alloc_inode+0x28/0xc0
[  351.741976][    C0]  alloc_inode+0x6a/0x1b0
[  351.741989][    C0]  __sock_create+0x12d/0x9f0
[  351.741999][    C0]  ? __pfx_do_mkdirat+0x10/0x10
[  351.742011][    C0]  __sys_socket+0xd7/0x1b0
[  351.742020][    C0]  __x64_sys_socket+0x7a/0x90
[  351.742029][    C0]  do_syscall_64+0xfa/0x3b0
[  351.742040][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.742048][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.742056][    C0]  ? exc_page_fault+0x9f/0xf0
[  351.742065][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.742073][    C0] RIP: 0033:0x7f787a590b07
[  351.742082][    C0] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.742089][    C0] RSP: 002b:00007fff2fb6ae18 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[  351.742098][    C0] RAX: ffffffffffffffda RBX: 00007f787a781300 RCX: 00007f787a590b07
[  351.742104][    C0] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[  351.742109][    C0] RBP: 00007fff2fb6b53c R08: 0000000000000000 R09: 00007fff2fb6b247
[  351.742114][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000006a4
[  351.742119][    C0] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007fff2fb6b590
[  351.742128][    C0]  </TASK>
[  351.742131][    C0] 
[  351.900670][    C0] Allocated by task 16177:
[  351.902003][    C0]  kasan_save_track+0x3e/0x80
[  351.903401][    C0]  __kasan_kmalloc+0x93/0xb0
[  351.904820][    C0]  __kmalloc_noprof+0x27a/0x4f0
[  351.906329][    C0]  sk_prot_alloc+0xe7/0x220
[  351.907726][    C0]  sk_alloc+0x3a/0x370
[  351.909005][    C0]  __netlink_create+0x65/0x260
[  351.910490][    C0]  netlink_create+0x3ca/0x590
[  351.911979][    C0]  __sock_create+0x4b3/0x9f0
[  351.913449][    C0]  __sys_socket+0xd7/0x1b0
[  351.914827][    C0]  __x64_sys_socket+0x7a/0x90
[  351.916224][    C0]  do_syscall_64+0xfa/0x3b0
[  351.917613][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.919441][    C0] 
[  351.920211][    C0] Freed by task 0:
[  351.921398][    C0]  kasan_save_track+0x3e/0x80
[  351.922875][    C0]  kasan_save_free_info+0x46/0x50
[  351.924435][    C0]  __kasan_slab_free+0x5b/0x80
[  351.925945][    C0]  kfree+0x18e/0x440
[  351.927179][    C0]  __sk_destruct+0x4e1/0x660
[  351.928635][    C0]  rcu_core+0xcab/0x1770
[  351.929963][    C0]  handle_softirqs+0x286/0x870
[  351.931459][    C0]  __irq_exit_rcu+0xca/0x1f0
[  351.932919][    C0]  irq_exit_rcu+0x9/0x30
[  351.934217][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  351.935994][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  351.937871][    C0] 
[  351.938596][    C0] Last potentially related work creation:
[  351.940358][    C0]  kasan_save_stack+0x3e/0x60
[  351.941845][    C0]  kasan_record_aux_stack+0xbd/0xd0
[  351.943460][    C0]  call_rcu+0x157/0x9c0
[  351.944766][    C0]  netlink_release+0x171a/0x1b10
[  351.946331][    C0]  sock_close+0xc3/0x240
[  351.947655][    C0]  __fput+0x44c/0xa70
[  351.948908][    C0]  task_work_run+0x1d4/0x260
[  351.950350][    C0]  exit_to_user_mode_loop+0xec/0x110
[  351.951969][    C0]  do_syscall_64+0x2bd/0x3b0
[  351.953390][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.955241][    C0] 
[  351.956006][    C0] The buggy address belongs to the object at ffff88803ca2f000
[  351.956006][    C0]  which belongs to the cache kmalloc-2k of size 2048
[  351.960303][    C0] The buggy address is located 1368 bytes inside of
[  351.960303][    C0]  freed 2048-byte region [ffff88803ca2f000, ffff88803ca2f800)
[  351.964531][    C0] 
[  351.965298][    C0] The buggy address belongs to the physical page:
[  351.967282][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803ca29000 pfn:0x3ca28
[  351.970327][    C0] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  351.972911][    C0] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  351.975537][    C0] page_type: f5(slab)
[  351.976816][    C0] raw: 00fff00000000240 ffff88801a442000 ffffea0000ed8c10 ffffea0000f30210
[  351.979475][    C0] raw: ffff88803ca29000 0000000000080003 00000000f5000000 0000000000000000
[  351.982059][    C0] head: 00fff00000000240 ffff88801a442000 ffffea0000ed8c10 ffffea0000f30210
[  351.984626][    C0] head: ffff88803ca29000 0000000000080003 00000000f5000000 0000000000000000
[  351.987319][    C0] head: 00fff00000000003 ffffea0000f28a01 00000000ffffffff 00000000ffffffff
[  351.989979][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  351.992600][    C0] page dumped because: kasan: bad access detected
[  351.994616][    C0] page_owner tracks the page as allocated
[  351.996340][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 26, tgid 26 (kworker/u9:0), ts 56875403480, free_ts 0
[  352.002365][    C0]  post_alloc_hook+0x240/0x2a0
[  352.003900][    C0]  get_page_from_freelist+0x21e4/0x22c0
[  352.005646][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  352.007483][    C0]  alloc_pages_mpol+0x232/0x4a0
[  352.009057][    C0]  allocate_slab+0x8a/0x370
[  352.010503][    C0]  ___slab_alloc+0xbeb/0x1410
[  352.011989][    C0]  __kmalloc_node_track_caller_noprof+0x2f8/0x4e0
[  352.013966][    C0]  kmalloc_reserve+0x136/0x290
[  352.015435][    C0]  pskb_expand_head+0x18e/0x1150
[  352.016992][    C0]  netlink_trim+0x1d5/0x2e0
[  352.018341][    C0]  netlink_broadcast_filtered+0xd6/0x12c0
[  352.020051][    C0]  nlmsg_notify+0xf0/0x1a0
[  352.021437][    C0]  netif_state_change+0x29e/0x3a0
[  352.023019][    C0]  linkwatch_do_dev+0x117/0x170
[  352.024515][    C0]  __linkwatch_run_queue+0x56a/0x7e0
[  352.026181][    C0]  linkwatch_event+0x4c/0x60
[  352.027637][    C0] page_owner free stack trace missing
[  352.029321][    C0] 
[  352.030092][    C0] Memory state around the buggy address:
[  352.031815][    C0]  ffff88803ca2f400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.034232][    C0]  ffff88803ca2f480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.036710][    C0] >ffff88803ca2f500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.039177][    C0]                                                     ^
[  352.041337][    C0]  ffff88803ca2f580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.043836][    C0]  ffff88803ca2f600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.046237][    C0] ==================================================================
[  352.048722][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  352.050941][    C0] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  352.054706][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  352.057831][    C0] Call Trace:
[  352.058890][    C0]  <IRQ>
[  352.059813][    C0]  dump_stack_lvl+0x99/0x250
[  352.061269][    C0]  ? __asan_memcpy+0x40/0x70
[  352.062719][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  352.064345][    C0]  ? __pfx__printk+0x10/0x10
[  352.065814][    C0]  vpanic+0x281/0x750
[  352.067072][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  352.068703][    C0]  ? __pfx_vpanic+0x10/0x10
[  352.070133][    C0]  ? irqentry_exit+0x74/0x90
[  352.071604][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  352.073229][    C0]  panic+0xb9/0xc0
[  352.074413][    C0]  ? __pfx_panic+0x10/0x10
[  352.075811][    C0]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  352.077658][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  352.079643][    C0]  ? __xfrm_state_delete+0x666/0xca0
[  352.081310][    C0]  check_panic_on_warn+0x89/0xb0
[  352.082826][    C0]  ? __xfrm_state_delete+0x666/0xca0
[  352.084472][    C0]  end_report+0x78/0x160
[  352.085749][    C0]  kasan_report+0x129/0x150
[  352.087145][    C0]  ? __xfrm_state_delete+0x666/0xca0
[  352.088806][    C0]  __xfrm_state_delete+0x666/0xca0
[  352.090385][    C0]  xfrm_timer_handler+0x18f/0xa00
[  352.091973][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  352.093721][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  352.095570][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  352.097231][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  352.099073][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  352.101059][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  352.102804][    C0]  ? __pfx_xfrm_timer_handler+0x10/0x10
[  352.104517][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  352.106141][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  352.107921][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  352.109518][    C0]  handle_softirqs+0x286/0x870
[  352.111038][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  352.112563][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  352.114238][    C0]  __irq_exit_rcu+0xca/0x1f0
[  352.115689][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  352.117295][    C0]  irq_exit_rcu+0x9/0x30
[  352.118642][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  352.120417][    C0]  </IRQ>
[  352.121364][    C0]  <TASK>
[  352.122299][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  352.124211][    C0] RIP: 0010:__kasan_check_byte+0x6/0x40
[  352.125972][    C0] Code: 84 da fe ff ff 48 ff c8 49 89 c4 e9 cf fe ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 56 <53> 48 89 f3 49 89 fe e8 5e 14 00 00 84 c0 75 16 be 01 00 00 00 4c
[  352.131875][    C0] RSP: 0018:ffffc900036ef7e8 EFLAGS: 00000202
[  352.133789][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: f6d7eaad263ef900
[  352.136265][    C0] RDX: 0000000000000000 RSI: ffffffff8172c1b2 RDI: ffffffff8e139ee0
[  352.138736][    C0] RBP: ffffffff8172c195 R08: 0000000000000000 R09: 0000000000000000
[  352.141168][    C0] R10: ffffc900036efa18 R11: fffff520006ddf45 R12: 0000000000000002
[  352.143560][    C0] R13: ffffffff8e139ee0 R14: 0000000000000000 R15: 0000000000000000
[  352.145997][    C0]  ? unwind_next_frame+0xa5/0x2390
[  352.147616][    C0]  ? unwind_next_frame+0xc2/0x2390
[  352.149270][    C0]  lock_acquire+0x8d/0x360
[  352.150686][    C0]  ? unwind_next_frame+0xa5/0x2390
[  352.152293][    C0]  ? arch_stack_walk+0xe4/0x150
[  352.153843][    C0]  ? unwind_next_frame+0xa5/0x2390
[  352.155454][    C0]  unwind_next_frame+0xc2/0x2390
[  352.157022][    C0]  ? unwind_next_frame+0xa5/0x2390
[  352.158637][    C0]  ? unwind_next_frame+0xa5/0x2390
[  352.160244][    C0]  ? __unwind_start+0xf8/0x760
[  352.161759][    C0]  __unwind_start+0x5b9/0x760
[  352.163255][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  352.165193][    C0]  arch_stack_walk+0xe4/0x150
[  352.166705][    C0]  ? arch_stack_walk+0xe4/0x150
[  352.168229][    C0]  stack_trace_save+0x9c/0xe0
[  352.169715][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  352.171403][    C0]  ? stack_depot_save_flags+0x40/0x860
[  352.173123][    C0]  kasan_save_track+0x3e/0x80
[  352.174626][    C0]  __kasan_slab_alloc+0x6c/0x80
[  352.176159][    C0]  kmem_cache_alloc_lru_noprof+0x1c6/0x3d0
[  352.178002][    C0]  ? sock_alloc_inode+0x28/0xc0
[  352.179534][    C0]  ? __pfx_sock_alloc_inode+0x10/0x10
[  352.181209][    C0]  sock_alloc_inode+0x28/0xc0
[  352.182697][    C0]  alloc_inode+0x6a/0x1b0
[  352.184067][    C0]  __sock_create+0x12d/0x9f0
[  352.185522][    C0]  ? __pfx_do_mkdirat+0x10/0x10
[  352.187079][    C0]  __sys_socket+0xd7/0x1b0
[  352.188486][    C0]  __x64_sys_socket+0x7a/0x90
[  352.189974][    C0]  do_syscall_64+0xfa/0x3b0
[  352.191400][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  352.193061][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.194966][    C0]  ? exc_page_fault+0x9f/0xf0
[  352.196433][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.198293][    C0] RIP: 0033:0x7f787a590b07
[  352.199663][    C0] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.205579][    C0] RSP: 002b:00007fff2fb6ae18 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[  352.208178][    C0] RAX: ffffffffffffffda RBX: 00007f787a781300 RCX: 00007f787a590b07
[  352.210647][    C0] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[  352.213611][    C0] RBP: 00007fff2fb6b53c R08: 0000000000000000 R09: 00007fff2fb6b247
[  352.216192][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000006a4
[  352.218665][    C0] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007fff2fb6b590
[  352.221124][    C0]  </TASK>
[  352.222674][    C0] Kernel Offset: disabled
[  352.224040][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:04:47  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000034 RBX=0000000000000034 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900000073b0
R8 =ffff888106948237 R9 =1ffff11020d29046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af18c9 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558d656500 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fff2fb69c58 CR3=0000000027196000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=f145f9fedf676fa6 99b57fe5988a2d3c
XMM06=518d3e38f97e2747 ee30e23facad7bdc XMM07=66831f905c3f6fee 3feb05c5e277ac3f
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f787a612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc900078c0000 RBX=1ffff1102115325a RCX=ffff8881006b8000 RDX=0000000000010000
RSI=ffff888108a98000 RDI=0000000000000017 RBP=0000000000000080 RSP=ffffc900001e0dc0
R8 =ffffffff8fa34237 R9 =1ffffffff1f46846 R10=dffffc0000000000 R11=ffffffff86990e20
R12=dffffc0000000000 R13=ffff888108a992d0 R14=ffff888108a98000 R15=dffffc0000000000
RIP=ffffffff86990e68 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=fffffffffffffffd CR3=000000011ec10000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8133c57e ffffffff8133c57e
XMM02=ffffffff8133c57e ffffffff8133c57e XMM03=ffffffff8133c57e ffffffff8133c57e
XMM04=00007fef734ed100 00007fef72987460 XMM05=00007fef72987478 00007fef729874c0
XMM06=00007fef729874b8 00007fef729874b0 XMM07=00007fef729874a8 00007fef729874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fef72812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
