last executing test programs:

1m53.941974394s ago: executing program 1 (id=812):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x0, 0x1, 0x7ffffffc}})
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r0, 0x400454a4, 0x0)

1m53.86495666s ago: executing program 1 (id=814):
r0 = fanotify_init(0x0, 0x0)
pipe2(&(0x7f0000000580)={<r1=>0xffffffffffffffff}, 0x0)
fanotify_mark(r0, 0xa, 0x8, r1, 0x0)

1m53.864486305s ago: executing program 1 (id=816):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002200)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000001c0)="6fb5", 0x2}], 0x1}}], 0x1, 0x4000045)
futex(&(0x7f0000000040)=0x2, 0x0, 0x2, 0x0, 0x0, 0x1)
write(r0, &(0x7f0000002280)="6f5f7016a7ef49c6cab459fba61e8d14c2126c7855531a62297718d73f409a6eb9d2a91662b02e2f04fb8a01346be6f5b4fe9309bde73f0923953d49fc60bf97a579e2999b3c817dda2445a3ecf0d9ea3c2ac827bb4b7ff18723ad402d1b415715d00a90e68993dd4960954d6696c42ea3ca913d9a3135bb5899f2b19a2bc3ca3bff38a6d97ef771e4c858da69b6f20691f7aec942afb7b5cb3bb12642e66960c8a3664170363cfc29910d745a12d51432582f4c5477b4e483c515a39dc00ad832d132151146c3bdd445a6c832d77e61b4cd2e32cd78b9e5300802fb253f70cc7167a856f6f5d35e1bcbb312da028bf0ee77cec54b9b3b90ebacc70e9d9c654bd045ba4c68b03896b0bbb3ba3ca3bbbdbb7c6e51688a2f55a7fc9d21eec8027aac81b374753730961d4fa342b526edccd4a4157996f3843ec1e87b229792ab8457129cf6371cef092dbb51825c1d3ad9d8fd83639706ad2ad3c32e8b78dc68feec3099305602a484c165bc66888bd2047135d7f7ebf2962700b755f06d60a990e9a79c31c639cb56b1f1ebc28784a240e0deb030b7af99aae608ba9bd1555b4d5e3ad9fbfaf1cafbeee0c681645dd60eebf99570575b8042d9a46665372daae6e7c83ee20b8181bef649a938c4def9702b90144ee35f148ddaff6ea57ba64405bfb5ba132844353f50c6dd97fa03efa9624dd7e767de00dd508cdaa8f84df49a6e44b16590399170f502b747d95b8206d92dfbe11710b386769233868d4b176cb6e9bd0d90b882ea90d6bd015d0e74d5f77aea9b10761ac2b1ccfcf71703447f1aa80fc41e1f3fe3924d23b355a9fac17a1250f3a8f096cdd4fae9852c020eaa3948142a52e1cc77de2cbfd4aa06f02a1159a9ee837165cdfbd93cfca623fa8bd71a4b3aa71a219b228bb88a5c54555e8e7cb05a190542efecee3be722471c48bac3784c6d382d74cf2baca68bab3f9878266295477ae2521f9c21f49da5b5ebdef6897cfaea39caa26ef1cdfbfc5c4db07905d814413cd958e8fb436388a9356f6436eeccdad0f95532dad85b6eacd6fd6e7efdc3e0f9007b02ed1f7d6363b74cc98e471da3db296f5e0035bace6226f39e9006dc451e14350ba65407e334b4d80b420c27dacd88cb1d5b665d0badcb39e41c8a85499db2f292d2e341cddbe53da0d0e091e4d5358e65ded6f9a2f433f6e96e5b5f5ab02a90595cc050bbf5ca06345fb8a4e086478987b42528e8bfca26a79a7cb4813674747b4dae9dad809dacc4ce1f26b407821d9e1cf12294efcf30ec93e22d2c58e3839dad501c07d8ad712b73e877080f6fab3d7197055d20f4463d260f531b630037feb72583f4aa2cc91156b998ebfea4b7db03a9806faa2621b6ed756f90123981f85e5f2ea58c45f54daacb11df97eecb43ab82c805c989132095ed9d6685b70210cdab2db6bc0b11d66979ee8edce8e04283527c54724fb1e239e5a39ee5b4cdd6c4386365b449ee31809c885d04145ede436b3300535f44ed59266c3c67a7873ac3d70ca2116d80f4f745cfba89ee79d02acde630763d32148737bf91c226c2690dd724ed3c6377a84eff95f1caa52d47a0351cd2c2cef7011576c85767fdd9bc0d41713f5475b4e3b42a34376cc64b327daabc118378179660df954077b94f199633f467130a773fb1b2016d0feb30a75103f916c852bfc11f1bd80dd6e36994c29e991408593d5a6778f02093412df7d3622b741fbb867200da2afdb9f97ef3d8a9cd7afb81406cf19590902b34c43a82bab384041bc2a6a7c3d153cf83dd062bcdc9e54e844d8b6c0226cbdb55e3aeb759576d4e3431736bb0f4d1e0fb84023621f8324051453b5f33d0dd698822bfa3c034c0b365c3f30a94ddc5375cfd5922a7f4dc36c3c47bdb26013d35bdda62121f45b9780edbfff2bb26c9ba04f066efa7314ae8c306c15ca5db9abb3185c29ec8a58713300208ae2b44b305ffb0d49ca71950879ad93a0e3d5196df321a34226a4d1f0b8e59d16e3a74d2e95f591d16be7898f7c018e877f1c46b76051e2df08fd5e99a09f4e59b110cb198a0448c67a2beeee1cf871e7ac3fc5e545f6a1dbaeb8658df2f01d7d71cfa279408bc7aa5710fac11cb805591268e3180d6989be4fa3dbd492b6ed44e1fc1e973aed2718a9ec28b317547368e1fcbe0c37ac14f9e302beada94c1739bbf1e8acc13539ad33a4d019a1745882c039cf27697d787acb690a258610833b0cec4e216ea80801ed265c105a8b26dbf1b7475b3039fa8dcebadbe6649e35969798d86f437cea70e40d502c489e54579e14902b19b4774b96cfca39999a540a70043c14e880749fb012d59d1026182a5368848c764def440d0a86db0cc8733617a79b83e676dde0b2f0c5f8c8c8351163ef5fdc1632f83ebfdeeeed52ad59f2036838692386e2b04157d124d12b142e53002d757c5e8e5c2837581bcd9d19d95431b635b2e1b775f2b2bdbce9412b6010c5367ede03a3a25628293242862e034276705eacfef2fced96151c7c16a1f86508cd1d5a456247583b58bdef1376651662ca2c32c0e84ed3745344417ef29ec8bdfb1cbf90a26fdffae6dbd208a4562560155ecf58baf3179308b2499cdf9c9415fef17db25023bd1576adcc84e5a31906f43f89109ca75a6d0fb42b3d5505c904568dbd7e6850165ad2436f5fc51f66db32afd369e7d95b19e3cf5dfd4047478ddad497047ab0930c1e1be94f56b1782fcc0a5c4be019b35adde307448635a62b7af7618c97ffd51e8856e688c750d3c07af02b2ca1e2b1c47d7b2dceb3245fcd03eb717fb0df4aa9c91424f1a606d29e308d6089a858cdbd4fd1b9613dfdae6dafa9676623ee2ad4b376a286581f076df3dc647fe50f89dfb7a543d11d9d2f993dd0b08fddfbea4c2fc5abba70630930224721931bdc63371965a6610b12a4ec581012e4ac86f7490246346efc645e7b274b98874b0980dacbf383d751c6cf188812b85906fa96f367ab6926e1c188b2bd29eea4dafa1fe5d88df23fedd79fc7132bdb9e0a7fba191aa8f032771107a1a117b2f71bac04f66473c7c7d295592602ac2d4bd4a332653f79dfd1385d2385bf497caf1667d6ff1c7897001b5878cf8b0c3456c9aec48f3132814cdb2dce8e8ace744c0d7c0d253ad0e53ad0657573fb84b4926838b27bfe170581c933289bd1fc7be60f60f22036d93a4d2bf97f672ab6cb5fcdb55354984c9a3ca755a549f186103546e6def0cd7c3ed797cbfe573a0a0f6cae94de78cd0a429dc3210557f25157a3401f43cb60f0e0cfe8c36326a59ea5afff3413bb52e6f2b03a5f445b221af1da6a9f49a4f5eb876fcf1d3994ea054f4c29a131aa0d1e89b1eaa43d3f773501ab45f480bc0fe3b21b2f46da55d0077f40ec23357893b7a178a5044a59e345ecc3ecedf40d5d6c27e2d13fcf02ce60a86566fb96ebc2468c7c2e08056e74c1f4d84efc364b278916bf6dcc6312872cfbccd2d37d4d9cd90d8cb3245f6d0f041cc10e241bc4335c7fe652a432150c483cdcac13d6ef78aa20ba5a3730a813ceee9c6bc342a64b4c0445c900b1036078f0e696926d103c2018910ea4293b618702ab6981003147af8120624d7120315312b8351c056757a40506387b9c69576526a15f60595be3fad8f5c222ee094363c108729ab90cdf95f296c6cb51a3a416185e08ccf1638d1c5830bde8ccf3f4897125b895640d1b9861ef7ed67b2d614e75345ba370e95f40efa75f0a3d6b0027c4dfa73030b081bbae227e2886fc9cf1aa8b2d4f6a5ede4a18ac8b49e0927a063a895ad426f65381cb14572fbaf65e66e7f36ee7c662ef561dee32fd108d713d2b0bd2e5efadf690aff870f68f204c65c1c6c6e2c945db9f18fb5442fb6288daa21740b84d267d339ee6f76a45d32ccf3f5878a11a4b634072035fa36d4344311ac33fae2882101b2d4ca2fc86604ced18174e7d817988d33033e97763a43795ddcc5a3e004163c8fc5c5e30cc0beea5af1034324140383ceed56badef87fe1bf79eea01ec5762f97c9238eabebff5bf59d07964caffd619d31e8036328c5a7f65e6036c1189a02758ff866322be7a14cec80c879631895a7009ab7d2db53770bb23c93a2c4df391eeb2c854622fcc67cb14feeafb91b1627b96e5e15f2c8b32a199cf410abd35d10a52fbdf9512ad6bd0a528a4892ce1eae18a2180b494fbada30194a091c3717907f892702c87c282d860f05391ef91a8bbcf4f4b4c5f27cbb6bdf9fc5b6d0d7d07bdffaeaceeb875ae8f0534c5aa8295266026b66d1433d534a6441f9cdc81efbc901b5511d215391959bf75f9500b36ca8b19061f1d9d48b9eaeacbbb1e52966fe36848e462b84466dbf0760243ade3af4f008055d8441b724b340b21c9ea68f7391cac460356eca863522ca827a3774f35a2f9fe1f38f6a5e062d675071feeaad1b2b97194036d1adf77139d59392157bb4d078354119cdcf3d401feede58e50a88537e6851a5e220a9412860038cc97a0d5a65da5938d703dafb7f7db27a3f942524794f342a380ba56c0a487c98e01b84bc8c3899c2e81893a9ca1a4c543ca6050acbe25e370d20eb51589e11451205702cfeb3cbf87628fa12114139b3fdb39f7c647e950c256e3fd544b39a7261992f7e03116f4f30ef9633c3b192c5da97d9fd1bcbb7b2bc8938e0a728c229fddff8d2be2831f3044ec3f9f23efe0bb2f4b8198266b836f0f70dda40196bd6b81b42653bb7d4d5a6bb7943d9c7f873ccaa6a9466382a78363fafc5e56850a5c6c46ec79ef8a4461afe8118aaec832c0b3e232395a3afc511df45df4500dda40229459165da939e129750d87550122258da5fc19037209c0ad11361542272ac453cc4664cfd49111ed0c0c7069e909a56ec09b94665364ed5de9a27aa7dde50ac2898884d3ff72a8999416785a44bf128d981b6e774dae6ae69e10c0ce2b0f455d65dd8e51e5a69ea49b38d1537d730313e8ab64ffa7a48a9c517a9cc2d58616c6c11b46f2c32c025c16250811810aa17915728cf2ee82c598279dfc691cf41dd7db0e4476b8592e2d6d341fcdf3f53a98606fb9b3a515f7a1354fd18eb5989c8a6e86dde75e373a1d097d39011f03b5297152d34273e2ebe970fc69d82f04adacf16d166a9757dc29a81a892ad874c6fc879bfe5bf4c35dcb6f6e1adab9fefd5bccf85146f773a64c08b01912a2943a238add4d8905fda0cd29eb0fcaf2e4d1748e2641e1579d8c1be11c57df3c80120d70688c6816b149854f38a4981d5048eb01ba89a39f5a1addc0b01771c7bc9fdc7532fa28e75c8d8800a7a3c1837606ddcaafaec298da7b5ebaa00fbeb3a96fedd2adb4037c33c89938adbee19c3a0aa3e99f091a933514c84c196277fa797f592918a04a3576bcbcb2e6d98feb1f1c69c4de36169f1d145ed2c44f912e60ce8e3887bc7a5a392b2cd272cdf0e24515819b304af6732c7877426653f529e573c68234ceb748108e2e1a5db872b8352d48116193ea3766f1d55cad2783047cbe1b3cc319d1e5b3206fb7b28d055d6842c689b37e816b25083a0b0e920acb651e38dd552eccca56832719acc1afc01e25fe59de98bac66069585167878f522fbf781dd489c488eaf177083f62ece998fc58f9ea4816bc88613196c9d77cdade142b2d3b14c4afe0680f2bc500154c17ef24359b90a362c886029597fcb4f3a903acd9e3a310dc59878c94dff236d9880d2c34476d98a48e20d4a5b917a7eb4198db4f7df56c7f7092fe6ab6c1306cf54c08e", 0x1000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ff3000/0xc000)=nil, 0xc000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/201, 0xc9, 0x1, 0x0}, &(0x7f0000000180)=0x40)

1m52.88726037s ago: executing program 1 (id=820):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})

1m52.798869579s ago: executing program 1 (id=822):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="00328d035e4fb66d5f9b5ad81fbf69964c16d35432e9d92b58dc7e2e8cd4c13d1c0c9f764bc3b3108319860dc3f174cc19727c41bb759bbf4530efc741305ec958bb634a603430e9a28715240f9321d8758b13a603ed232600836761519d61c57217b198f9fbbe6888bf823ad8b101747c1a4c2bc9f0ff156f96097aea4b6138f2d7bcbc9666019aa4a21d81db68a071a0b86504e4aafc6ab6c496a87eb64a26336616ed4f3c45f46b52ab03eb164e64c2d7e23666a1513b4712f7a4e3180adb1b10f7721546d48f8e4425cc539b7028849bfb4ee50a3866cee48896810ada7af21c21670d39d90c0dbda076a6b9871e011399542cdad92858ca21ab3d40c89b175e68c314bf8be6a00ecb26aba1b32dac59d75f1212de35e30c34cc67a7"], 0x1, 0x228, &(0x7f0000000300)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiMwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1v9mjOH4hVjOKXcKufG3HWLF+Rapn6+7g0Dw8GozxMZGJcz7mdiYJgZtnMPsr/KG6CRwcDMwMCgwsDAwMTAwpCWmZNq4MHAyMAM5RiyQFXBVDMxcIAl9JLzc1LaGRjBSQCsbTkDC9wMw8cMrHCOETLH2KIBahJDO5RWgdIeUHo5lH4MpeXRkg0L2IR+KE+jgYGBjaEisaSkyJCNgQHKgosZwcWMBOA2M0FtncuE6rnjTAyjYBSMglEwCkbBKBgFo2AUjIJRMJIBIAAA///ZbLn7")
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
epoll_create1(0x0)

1m52.568203475s ago: executing program 1 (id=823):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40002000)
sendmsg$inet(r1, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB='X'], 0x58}, 0x8080)

1m52.488074194s ago: executing program 32 (id=823):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40002000)
sendmsg$inet(r1, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB='X'], 0x58}, 0x8080)

1m22.321266737s ago: executing program 2 (id=1138):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

1m22.237465787s ago: executing program 2 (id=1140):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r1, 0x1, 0xfffffffc, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_WME={0x14, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x3}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0xf}]}]}, 0x3c}}, 0x0)

1m22.15058445s ago: executing program 2 (id=1142):
mq_getsetattr(0xffffffffffffffff, &(0x7f00000000c0)={0x9}, 0x0)

1m22.096393682s ago: executing program 2 (id=1143):
capset(0x0, &(0x7f0000000100)={0xffff8001, 0x6, 0x2, 0x2087, 0xffffffff, 0xef})
unshare(0x28000600)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x10000, &(0x7f00000002c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000004080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4c000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x4000000)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000200)='./file0/file0\x00')
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='./file0\x00')

1m21.77375805s ago: executing program 2 (id=1147):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
accept4(r0, 0x0, 0x0, 0x80000)

1m21.210606232s ago: executing program 2 (id=1152):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000040)=ANY=[@ANYBLOB="c4000000130001000000000000000000fe8000000000000000000000000000aa00000000000000000000ffffe000000200000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="001000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000004000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00100008"], 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1m20.899281184s ago: executing program 33 (id=1152):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000040)=ANY=[@ANYBLOB="c4000000130001000000000000000000fe8000000000000000000000000000aa00000000000000000000ffffe000000200000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="001000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000004000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00100008"], 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0)

36.98047553s ago: executing program 4 (id=1610):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xa8, &(0x7f00000002c0)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b", @ANYRES64])

33.632056766s ago: executing program 4 (id=1628):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x810, &(0x7f0000000180)={[{@discard}, {@nodatacow}, {@nobarrier}, {@usebackuproot}, {@metadata_ratio={'metadata_ratio', 0x3d, 0x3}}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x38, 0x67, 0x30, 0x32, 0xb61148b71cab6665]}}]}, 0x3, 0x510e, &(0x7f00000196c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlVRGht7TRYv2LFNiVGIjE1EIwSlDVLyoQijKKr5ALUCEUkB4SLFESqPiKoogEChNURBpJQkIk2Q4mr23jN759ydhx9rvPT3k7xzZv7ncc+Zh+fce+dcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/+HQV67622bxh397wdPPXTxx2d51F798zQVnPh7C5OzjHVm4o//6Wyd+fuf5d+29b81t9xy58P29ebk8HgaqfzrzO9fFWo8sDeHejhC608DKwSzQk98fjPW9YzCEM8JcoFZiqj8rkTYcvt8Xwv4wF6hV9b2+EAYLgYueeOjBG6uJW/pCWBZCqKRtPFvJ2uhLA+f0ZoH+NLCtOwv86mimFvhuZxaAExbfDLUX/cHJ+gwj85dr8PrrOWkb9sZKu9cVEyON8/1s3QJvVEFv+sDkCT1tpepYEKW3xyHvtkXwbiuN882etuIXqfwbytG5UCV0bp7asvHKmV3xkc4wNtbVqKYFep6fevVLm44lvWheh3EDRk7K6/Cmx5bd2bXiE4/es3LZiwc+sO+lE93MHxWGtJheaJWQv+YWzfMYTfg8WQRvv9K3pFFfukIIWz7/e59sFi/N/0eaz//jyznedtbljrW+PpTNzeMjgzHxylA2NwcAAIBFYzHsNd029sBHCsWHK0l9pfn/aHvH/+Mh/3wyn/X2UAgTs4l9wyGcNft4FrgjNnfJcAjvnk1N1gfWJYFDIbx9NrGiVlVSYkksMZoEfjKUByaSwOEYmEwC34qBm5PAdTFwMAlsioFDSeD8GAjT9f34/aG8H20H+mJgQzaIB+NZCL8Yiq0lY/VMrSoAAICTJJ8d9tTfLZzrcKIZ4vTyYF+rDPEM7IYZKkkN6Qy2Nq1qWEN3qxo6W9VQ6/ee5t0v1dzRqubSaRgd9Rlu/eXffCo0UZr/jzef/1fm2ZCO0vH/ENbP/o25O/PITC2+YbIuAwAAAHACBv73+W82i5fm/xPtnf8f94l0FTKHR+JuiK3DIYzXB7Jq/7AcyI56D+QBAAAAWAxqx+Nrx8Kn89vsFO10Pl3OP3mM+eOB/4l58/ceun9Ds+0tzf8n2zv/v7/+NtuIw3ErvjYcwpJC4AdxK6uBWaMx8OOP1gfy/h+OA3BDrCo/MaFW1Q2xxIYYGE8C+xuV+GGtxFn1gfzJqjW+r9aP6bxEIQAAAACnXNwdEI/Lx/P/3/ObNVc1K1ea/284tvP/Z+fBpdP7ZwZCWNUdQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwjnVTuWVvV8vv5/d7rG4BN9WVUxcNZ7Drx6TjXxzb4QVhUDT37m9g9WE7uSQK3xv+wL4V3V3qaNf2dJ1nhP2vjXl4TwzkKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEshUKvqQ5UQdgcAFqn4X+nm4oM7d1+9dePMzNSOBUzEffh9Ycv0zNTYpm0zmysNtmlzss11yxhdW+5Tu1e+eSZfoujTd68fbCdd+53geLGtfD9+6cTB/H78LtQz2881PXV316Zdft97y02EwjepRl3uXOAu9xcrmXsSS/XH/L1hICy5cufUjrEvbty1a8fq7G+72ddkf+NhpmysVqdj1T/ftrXx8mi4WlbieMdqebGSVbsu375q5+6rV05fvvHSqUunrlj9oTXj546vHf/wuauqvRrP/rbo6vL5qk66evT2Nvt1Ert6dnehklPxqSEhIbHYEtsGljf9P7k0/9/efP4fP3XiJ3++PkOj4/8j8TB/9vjcYf4NMbC/3eP/I42O5tdODBhNAntiYI/D/AAAALw5xEl+3JsZ90r/dMV3XmxWrjT/39Pe7/9P0vr/taXrL2y0zP+KWGK80fr/6TL/tfX/9zRa/z9d5r+2/v/+N2D9/ytrgWRIfmH9fwAA4M3g1K3/33J5//QCAaUMLZf3Ty8QUMrQchn/di8QcMzr/z/7n3/136GJ0vz/5vbm/xbuBwAAgNPHl//sqt9pFi/N//e3N/8/9ev/hUbn/482Ckw2WhjQ+n8AAAAsUo3W/xu5vv9zzcqV5v8H25v/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYG+tpM2/dyqjrjr/Np/KlQJuli57/kyPHdv7/ofbm/3W/y7jpsWV3dq34xKOv37Ny2YsHPrDvpbnj/wAAAMDCaXe/BAAAAAAAAAAAAAAA8MZ7/j/2rm0WL/3+P6yffbzR7//jdf/i7wveWpc71tp6/b/8/kUfv2v37JKFjwyF8N5iYOverWeE/Nr8y4uBBz+74m3VxN60xP3Pnf9CNfG5NPCxlWe+Vk2clwQ2xEUS354G4lUVX1uaBOLyiv+eBuJ4HEwDvXngq0uzfnSkY/XTwWysOtKxenowhOFCoDZW9w5mbXSkHbwlCdQ6+IU0EDv453mgM92quwayrYqBwVj0toFsqwAAOG3Fb4E9Ycv0zNR4/Aofb8/urr+N6pYsu7ZcbUebzT+TL0326bvXD7aT7kq/i85da7wnVKpdWF36ulrM0jHby5NTS4uhe2uDLrda7a2zQbnUsQ5db+Me9WU9Gtu0bWZzT8uOr22dZU13yyyrS5OdYpbO2SFto5Y2tqWNHrU5Nm1scrzfGcbGupJcfxCDI6FOq1dEu7/XL67z1+hVUMxzxZF9v2pWX2n+P9Le/L9S7Ndr+cUA9sQr6/3dsGX+AQAAYGF9dd2vvxH/fer6h59slrc0/x9tb/4f92Dlh4KzvR2H4vX/9w2HMHtp/ZEscEds7pLhEN49m5qMJbIL6l8YS4xngTviDpMVscSGyfqqlsTAwSTwk6E8cCgJHI6BfC/FgZDvyvn7oRA+OJtaX19ieywxkgQ+GQOjSWAsBsaTwNIYmEgCLy/NA5NJ4N9iIEzXj9XdS/OxAgAAOBb5PKun/m5I53kHu1tl6GiVob9Vhs5WGSpNM/SEg416Ee9/O2bo6SiPQnyoJ222L6mllCFeDL/hhrcc3drh/x/W50wLlpqO5x/UzjfoqM9w30e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qdy8r8VTx0dj4McfrQ/kOwYOx8nuDbWqJvMS+aT9hlhiIgZGk8D2GJhIAhvW54H9b6sP5DPtWuP7ao1P5yUKAQAAADjl4g6CuJsmzv9v2/mVgWblSvP/ifbm/7G9gWJj18VajywN4d6Oua2pBVYOZoG4H2Mw/jz+HYMhnFHYwVErMdWflehNGg7f78t+od6bVvW9vuzHB/H+RU889OCN1cQtfSEsK+x9qbXxbCVroy8NnNObBfrTwLbuLBD3/NQC3+3MAnDCansF4wsqP9WlZmT+cg1ef2+Wa4Km3SvtA50n33y/uVoopR2u+T7VmmN72pruv+WkKb09Dnm3LcZ324h3W/GLVP4N5ehcqBI6N09t2XjlzK74SPGXrCUL9DwXf6XaTvokvA73HP/WtlZJN2A8+fgYn7/c/K/DjljdTY8tu7NrxScevWflshcPfGDfS21vRgPxh8IPXfOvgz8qDO9Cq4T8NbfoPk8mfZ4siv8Gknf3qKcthLD+5a/f0Cxemv9Ptjf/705uZ/06DubO4RDeVxjcR+Lw//Fw9jlYCGSfkm8pB7JD7v811PCTEwAAAE622u6O2v6C6fw2OyE8nSeX80+GcHT4GPLH/RUT8+Zvd7v7//qzy5rFS/P/Dc3n/0uSzXT83/F/Fojj//M63XdFL0kf2HNCu6JL1bEgHP+f1+n+bnP8f16O/zv+Px/H/1tw/H9ep/vTVvqWtN2XrhDCi3/0wNPN4qX5//b25v/W/5t/0b7a+n8bGq3/t73R+n97rP8HAAAsqAYLzaXzvNLqfaUM6ep9pQwtFwhsucRg8/X/mqyz96ZZ/680qK3W/3vh7Gd/E5oozf/3tDf/jy+HgWLri2X9v9H1Daq6OQa2WxgQAACA01GjfRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8se77h//Z3Cz+8G8vePq5iycu27vu4pevueDMx0OYnn28Iwt39F9/68TP7zz/rr33rbntniMXvr+Sl+vJb3+3Lnes9fWhEPYXHhmMiVeGqnfmAhd9/K7d3dXEI0MhvLcY2Lp36xnVxLeGQlheDDz42RVvqyb2piXuf+78F6qJz6WBj60887Vq4rw80JFu7j8uzTa3I93cG5eGMFwI1Db3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4bwQQnda1XO9WVXdac8f782qioGz3nPg1XOqif29IawqBp78zO0frCa+kARqjf9Fbwjvqr5k0sa/3ZM13pM2fktPCO8MIfSmJX7ZnZXoTUs83x3CWwqBWuOf7w5hd+BNIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kmxTIx2F9NFrj7/vz7z6pU3V20/fvX6wnXR3Xq5ndpPX9NTdXXu6b33crv5iJXPPR6n+mL83DIQlV+6c2jH2xY27du1Ynf1tN/ua7G9XHs3GavViGavlxUpW7bp8+6qdu69eOX35xkunLp26YvWH1oyfO752/MPnrqr2ajz7ezK6evup7+rZ3YVKTsUHgISExGJLdNZ9uo2f7h/kpS/6cxvaEyqzH9ClaUUxS8dsL09Gp9cdZ4+P53tKyx6tLk0cSlnWzJPl2vosa0uTibla+rIss9/rSpPDYmOds0Ma73eGsbGuRuMwUn+3OLw/O4HhfSofunbTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6zB6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//56HJTY=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000001280)={0x0, 0x1, 0x0, 0x800ff1})

33.130353654s ago: executing program 4 (id=1630):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x803341)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffb, 0x6, 0x6, @buffer={0x0, 0x0, 0x0}, &(0x7f00000000c0)="3edb638bda2b", 0x0, 0x400, 0x20004, 0x1, 0x0})

32.842997649s ago: executing program 4 (id=1632):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x1, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
r0 = syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_setup(0xb54, &(0x7f0000000080)={0x0, 0x28ba1, 0x1000, 0x3, 0x1ad})
ptrace(0x10, r0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={0x0})

32.661897462s ago: executing program 4 (id=1633):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, &(0x7f0000000100))

32.340964143s ago: executing program 4 (id=1637):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x88}, [@ldst={0x6, 0x0, 0x0, 0x0, 0x0, 0x700}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)

32.246826673s ago: executing program 34 (id=1637):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x88}, [@ldst={0x6, 0x0, 0x0, 0x0, 0x0, 0x700}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)

1.892267039s ago: executing program 5 (id=2125):
r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x10001, 0x2, 0x2})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000002c0)={0x2, @pix_mp={0x101, 0x6, 0x43353039, 0x3, 0x9, [{0x9285, 0x10}, {0xc0cf, 0x4}, {0x327, 0x4a}, {0x5ce3, 0x4}, {0x10001, 0x2}, {0x0, 0x1}, {0x200, 0x3}, {0xfff, 0xff}], 0xf, 0x5, 0x1, 0x0, 0x2}})

1.827874818s ago: executing program 5 (id=2126):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="40000000490001002a3d7020ffdbdf250a"], 0x40}, 0x1, 0xba01, 0x0, 0x20008080}, 0x4004044)

1.827702469s ago: executing program 5 (id=2127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x2, 0x4, 0x4, 0x8}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x4000000f, 0x0, r0}, 0x48)

1.729881427s ago: executing program 5 (id=2128):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x36}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

1.667959239s ago: executing program 5 (id=2129):
syz_usb_connect(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="120100002d3d6a08c6051592ac29000000010902240003000000001904000000ff"], 0x0)

1.258808314s ago: executing program 3 (id=2137):
syz_emit_ethernet(0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000d86dd6000000400282c00fe8000000000000084000000000000bbfee6"], 0x0)

1.196090924s ago: executing program 3 (id=2138):
mkdir(&(0x7f0000000580)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000500), 0x0, &(0x7f0000000440)={[{@uuid_off}, {@lowerdir={'lowerdir', 0x3d, './bus'}, 0x3a}], [], 0x2f})

1.143167358s ago: executing program 3 (id=2140):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, &(0x7f00000003c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1bb9ec930dabfc165907d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31c0971007f269f873e14e5fe3c46c0ac2b22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b98ade053b2f9b7918"], 0x1, 0x625c, &(0x7f000000bdc0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEQEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRCMhFjwECIklIJaseIAs2LLjAbBkIwFZpVDNnDOuabrdvmS6eub8ftKk6qtTNX0q/67pbldVnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4nvf/cGZKiIu/TwtOBbxmehH9CJWmnotIlbWjuX1BxHxXGw3x7MRMVyKqHLj0xGvRcRHRyPu3ru13iw6+5D9+M6f/v67Hx75/t/+MDz1nz/f6L8+bb2bN3/977/cfvz9BQAAgBLVdV1X6WP+8fT5vtd1pwCAuciv/3WSl6sXrt5csP6o1Wq1+gDWbfVkt9tFRGy2t2neMzgdDwAHzGZ83HUX6JD8izaIiCNddwJYaFXXHWBf3L13a71K+Vbt14O1nfZ8Lcie/Der3fs7pk1nGb/GZF7Pr63oxzNT+rMypz4skpx/bzz/Szvto7Tefuc/L9PyH+3c+lScnH9/PP8xhyf/3sT8S5XzHzxS/n35AwAAAADAAsv//n+s4/O/S0++Kw/lQed/1+bUBwAAAAAAAAD4tD3p+H+7KuP/AQAAwKJqPqs3fnP0/rJp38XWLL9YRTw1tj5QmHSzzGrX/QAAAAAAAAAAAACAkgx2ruG9WEUMI+Kp1dW6rpuftvH6UT3p9gdd6fsPJev6jzwAAOz46OjYvfxVxHJEXEzf9TdcXV2t6+WV1Xq1XlnK72dHS8v1SutzbZ42y5ZGs98Pr8Sobn7Zcmu7tlmfl2e1j/++5rFGdX92x+akw8ABICJ2Xo3uekU6ZOr66ej6XQ4Hg+P/8HH88zC6fp4CAAAA+6+u67pKX+d9PJ3z73XdKQBgLvLr//h5AbVarVar1Yevbqsnu90uImKzvU3znsFw/ABwwGzGxxOX/9IAv0WYlj9FGETEc113AlhoVdcdYF/cvXdrvUr5Vu3XgzS+e74WZE/+m9X2dnn7SdNZxq8xmdfzayv68cyU/jw7pz4skpx/bzz/Szvto7Tefuc/L9Pyb/bzWAf96VrOvz+e/5jDk39vYv6lyvkPHin/vvwBAAAAAGCB5X//P7ZQ539Hj7s7Mz3o/O/avj0qAAAAAAAAAOyvu/duref7XvP5/89NWM/9n4dTzr+Sf5Fy/un+/90Lb14aW6/fmr/z1v38/3Xv1vrvb/zzs3n6sPkv5ZkqPbOq9Iyo0iNVgzR9zB2bYmvYHzWPNKx6/UG65qcevhNX4mpsxOk96/bS8XC//cye9qanw+32ur/TfnZP+2C3PW9/bk/7MF3pVK/k9pOxHj+Jq/H2dnvTtjRj/5dntNcz2nP+fcd/kXL+g9ZPk/9qaq/Gpo07H/b+77hvTyc9zptXPv+r0/u/OzNtRX9339qa/Xuhg/5s/z85MoqfXd+4dvLm5Rs3rp2JNNmz9Gykyacs5z9MPzn/l17cac9/99vH650PR4+c/6LYisHU/F9szTf7+/Kc+9aFnP8o/eT8307tk4//g5z/9OP/lQ76AwAAAAAAAAAAAAAAAA9S1/X2LaJvRsT5dP9PV/dmAgDzlV//6yQvn1fdf9zt/7h3P7rqv1o957pasP7Mtf6kXqz+qBey/u+C9Wfh6rZ6sjfaRUT8tb1N857hF5N+GQCwyD6JiH903Qk6I/+C5e/7a6Ynuu4MMFfX3//gR5evXt24dr3rngAAAAAAAAAAjyuP/7nWGv/5RF3Xt8fW2zP+61ux9qTjfw7yzO4Ao1MGqu4/+j49yFZv1O+1hht/PqaN/z3cnXvQ+N+DGY83nNE+mtG+NKN9eUb7xBs9WnL+z7fGOz8REcfHhl8vYfzX8THvS5Dzf6H1fG7y/9LYeu38698e5Px7e/I/deO9n566/v4Hr1557/K7G+9u/PjcmTOnz50/f+HChVPvXLm6cXrnvx32eH/l/PPY164DLUvOP2cu/7Lk/L+QavmXJef/xVTLvyw5//x+T/5lyfnnzz7yL0vO/+VUy78sOf8vp1r+Zcn5v5Jq+Zcl5/+VVMu/LDn/V1Mt/7Lk/E+mWv5lyfmfSvVD5r+y3/1iPnL++QyX478sOf98ZYP8y5LzP5tq+Zcl538u1fIvS87/tVTLvyw5/6+mWv5lyfmfT7X8y5Lz/1qq5V+WnP+FVMu/LDn/r6da/mXJ+X8j1fIvS87/9VTLvyw5/2+mWv5lyfl/K9XyL0vO/9upln9Zcv5vpFr+Zbn//f9mzJgxk2e6/ssEAAAAAAAAAAAAAIybx+XEXe8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyPHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TdvHEgMhPyd/E3YOCaEZJNd24lfaFNMeG14Kwmh0Bds17s2C37Da5dAo9pRoETCqKiibbhoCwi1uamIWi5oBSgXqFXVStBe0BtEhcpFVAUUkFBpBWw15zzPszOzZ2d2vWNn5pzPR0p+2Zkzc86ceWZ2v3a+OwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ6ubXzX+ikWVZo9EoLtiSZS9ozqumtuSXvPr5PT4AAABg436e//u5a9MFB9Zwo5Zt/vGmb355aWlpKXvP6B+Pf2ZpKV0xlWXjm7Isvy566nvvbbRuEzyWTTZGWr4e6bH70R7Xj/W4frzH9RM9rt/U4/rJHtevOAErXJU10p3tyP9zS3FKs+uy8fy6HSW3eqyxaaR57tJts0Z+m6Xxo9lCdjybz2bbti+2beTbf/Xm5r7enMV9jbTsa1tzhfzokSPxGBrhHO9o29fyfUY/eG029eMfPXLkL88+e0PZ7Hka2u6vOM7btjeP82PhkuJYG9mmdE7icY60HOe2kudktO04G/ntmv/deZzPrfE4R5cP84rqfM4ns5H8v7+Vn6exRlZynraFy356S5ZlF5YPu3ObFfvKRrLNbZeMLD8/k8WKbN5Hcym9OBtb1zq9eQ3rtDnndrSv087XRHz+bw63G1vlGFqfph88OtHyvP9s6VLWadR81Ku9VjrXYL9fK4OyBuO6+Fb+oB8vXYM7wuN/5NbV12Dp2ilZg+lxt6zB7b3W4MjEaH7M6Ulo5LdZXoM727YfzffUyOczt3ZfgzNnT5yeWfzIR+9cOHH42Pyx+ZO7d+6c3b1nz759+2aOLhyfny3+fYlne/BtzkbSa2B7OHfxNfDKjm1bl+rS5ydWvP9e6utwssvrcEvHtv1+HY51PrjGlXlBrlzTxWvjXc2TPnlxJFvlNZY/P7dv/HWYHnfL63Cs5XVY+j2l5HU4tobXYXOb07ev7WeWsZZ/yo5h9e8FG1uDW1rWYOfPI51rsN8/jwzKGpwM6+I7t6/+vWBbON7Hp9f788joijWYHm5472lekn7en9yXj7J1eWPziqsnsnOL82fuevjw2bNndmZhXBEvaVkrnet1c8tjylas15F1r9cDCzc9fmPJ5VvCuZq8s/mvyVWfq+Y2d9/V/bnKv7uVn8+2S3dlYfTZlT6fZd/Nm+dzIss++41HH/jaI5993arns5k3Pzaz8Z/FUy5tef8dX+X9N+b+XxT7S3f12Oj4WPH6HU1nZ7zt/bj9qRrL37sa+b6fm1nb+/F4+OdKvx9f1+X9eGvHtv1+Px7vfHDx/bjR6087Nqbz+ZwM6+T4bPf34+Y2W3etd02OdX0/viXMRjj/rwpJIeWilrWz2rpN+xobGw+PayzuoX2d7m7bfjxks+a+ntx1aev0tluK+xpNj27ZlVqnUx3b9nudpj/7Wm2dNnr96dul6Xw+J8O6uG5393Xa3Obpuzf+3nlV/M+W986JXmtwfHSieczjaRHm7/fZ0lVxDd6VHclOZcezufzaiXw9NfJ9Td+ztjU4Ef650u+VW7uswds6tu33Gkzfx1Zbe42xlQ++Dzqfz8mwLp64p/sabG7z+r39/dn1tnBJ2qblZ9fOP19b7c+8buw4TZdrrYyF4/zG3u5/Ntvc5vi+9ebM7ufpjnDJ1SXnqfP1u9prai67MudpazjOZ/etfp6ax9Pc5jP717ieDmRZdv5D9+V/3hv+fuVvzn37y21/71L2dzrnP3TfD1949B/Wc/wADL9fFGNz8b2u5W+m1vL3/wAAAMBQiLl/JMxE/gcAAIDKiLk//l/hifwPAAAAlRFz/1iYSU3y/9bXP7vwi/NZauYvBfH6dBruL7aLHdfZ8PXU0rLm5fd9cf4nf39+bfseybLsZ/f/Xun2W++Px1WYCsf51BvaL1/hy3euad+HHjqf9tvaX/9cuP/4eNa6DMoquLNZln312k/l+5l678V8Pn3/oXw+cOHxx5rbPLe/+Dre/pmXFNv/WSj/Hjh6uO32z4Tz8P0wZ99Sfj7i7b508VXb9r57eX/xdo3t1+QP+4n3Ffcbf0/Opx8rto/nebXj/9onn/xSc/uHX1F+/OdHyo//yXC/Xwzzf15WbN/6HDS/jrf7eDj+uL94u7u+8PXS43/qE8X2p99YbHcozLj/28LXO9747ELr+Xq4cbjtcWVvKraL+5/99h/m18f7i/ffefyTBy+2nY/O9fH0vxX3M9Oxfbw87if6u479N++ndX3G/T/5B4faznOv/T/1wDMva95v5/7v6Nju9Iduz/e/fH/tv7Hpzz/+qdL9xeM58Nen2x7PgXeG13HY/xPvC+sxXP+/TxX31/nbFQ69s/39J27/uS3n2x5P9OYfF/t/6jXH8rlp8qrNV7/ghddceHnz3GXZtzYV99dr/8f+4lTb8X/++uJ8xOtjR79z/6uJ+z/z4emTpxbPLcyls/rItfnvznlrcTzxeK8N762dXx88dfb982emZqdms2yqur9C75J9IcwfFuNC962XVryD3v5QeD5v/NOvbr71Xz8ZL//3dxWXX3xL8X3rlWG7T4fLt4Tnb337X+mJm6/PX9+Np8MRLq38fcEbsW3Hf+1b04bh8Xf+XBDX++mXvj8/D83r8u8b8XW9weP/7lxxP18J53Up/Gbm7dcv7691+/i7ES4+WLzeN3z+wttcfF7/Kjzfb/t+cf/xuOLj/W74OebrW9vf7+L6+Mr5kc77z3+Lx4XwfpJdKK6PW8XzffG560sPL/4ekuzCDfnXf5Tu54Z1PczVLH5kceb4wslzD8+cnV88O7P4kY8ePHHq3MmzB/Pf5XnwA71uv/z+tDl/f5qb33N3lr9bnSrGZfZ8H//ph47M7Z29dW7+6OFzR88+dHr+zLEji4tH5ucWbz189Oj8h3vdfmHu3p279u/eu2v62MLcvfv279+9f3rh5KnmYRQH1cOe2Q9OnzxzML/J4r137995zz13z06fODU3f+/e2dnpc71un39vmm7e+nenz8wfP3x24cT89OLCR+fv3bl/z55dLb8N8Celtz9x+uji1MyZcydnzi3On5kpHsvU2fzi5ve+Xvunmhb/o/h5tlOj+EV82Tvu2JN+P2vTFx9d9a6KTTp+geiz4XfR/NOLTu9by9cx94+HmdQk/wMAAEAdxNw/EWYi/wMAAEBlxNy/KcxE/gcAAIDKiLl/MsykJvm/cv3/refXtH/9f/3/1vOl/1+z/v+Dg9b/L94v9P/7Y6P9e/3/QP9f/1//X/9/1f5/Of1/ygxa/z/m/quyrJb5HwAAAOog5v7NYSbyPwAAAFRGzP1Xh5nI/wAAAFAZMfe/IMykJvlf/1//X/9f/1//v3z/+v/DSf+/O/3/HvT/Z7J69f8v9PP49f/1/1lp0Pr/Mfe/MMykJvkfAAAA6iDm/mvCTOR/AAAAqIyY+68NM5H/AQAAoDJi7t8SZlKT/K//r/+v/6//r/9fvn/9/+Gk/9+d/n8P+v8+/1//X/+fvhq0/n/M/S8KM6lJ/gcAAIA6iLn/xWEm8j8AAAAMnrFLu1nM/S8JM1mR/y9xBwAAAMDzLub+67KOInhN/v5f/1//f/D7/5vSdfr/+v/ZQPb/RzP9/8Gh/9+d/n8P+v/6//r/+v/01aD1//Pcn01mLw0zqUn+BwAAgDqIuf/6MBP5HwAAACoj5v7/F2Yi/wMAAEBlxNy/NcykJvlf/1//f/D7/z7/X/9/0Pv/Pv9/kOj/d6f/34P+v/6//r/+P301aP3/mPtvCDOpSf4HAACAOoi5/8YwE/kfAAAAKiPm/v8fZiL/AwAAQGXE3L8tzKQm+V//f8D7/7E5qv+v/6//r/+v/78m+v/d6f/3oP+v/6//r/9PXw1a/z/m/peFmdQk/wMAAEAdxNx/U5iJ/A8AAACVEXP/y8NM5H8AAACojJj7p8JMapL/9f8HvP9f9OAnfP6//r/+v/6//v/a6P93p//fg/6//n9f+v9L5/X/9f8pDFr/P+b+m8NMapL/AQAAoA5i7t8eZiL/AwAAQGXE3H9LmIn8DwAAAJURc/+OMJOa5H/9/6Ho/2f6//r/+v/6//r/a6P/353+fw/6//r/Pv9f/5++GrT+f8z9rwgzqUn+BwAAgDqIuf/WMBP5HwAAACoj5v5XhpnI/wAAAFAZMfffFmZSk/yv/6//r/+v/6//X75//f/hpP/fnf5/D/r/+v/6//r/9NWg9f9j7n9VmElN8j8AAADUQcz9t4eZyP8AAABQGTH33xFmIv8DAABAZcTcPx1mUpP8r/+v/6//r/+v/7/8HOr/Dz/9/+70/3vQ/9f/1//X/6evBq3/H3P/nWEmNcn/AAAAUAcx998VZiL/AwAAQGXE3D8TZiL/AwAAQGXE3D8bZlKT/K//r/+v/6//v67+/8uX77dK/f+y/ev/Dyf9/+70/3vQ/9f/f977/+P6/1TKoPX/Y+7fGWZSk/wPAAAAdRBz/64wE/kfAAAAKiPm/t1hJvI/AAAAVEbM/XeHmdQk/+v/6//r/+v/+/z/8v3r/w8n/f/u+t//jw9R/1//X//f5//r/7PSoPX/Y+6/J8ykJvkfAAAA6iDm/j1hJvI/AAAAVEbM/XvDTOR/AAAAqIyY+/eFmdQk/+v/6//r/+v/6/+X71//fzjp/3fn8/970P/X/9f/1/9ngx78/davLq3/P1F2x33p/8fcvz/MpCb5HwAAAOog5v5Xh5nI/wAAAFAZMff/Uj7/efkK+R8AAAAqo8j9k9kvh5nUJP/r/7d1z5sPV/9f/1//X/8/p/8/nPT/u9P/70H/X/9f/1//n75atf8fond5/79UX/r/MfffG2ZSk/wPAAAAdRBz/6+Emcj/AAAAUBkx978mzET+BwAAgMqIuf9AmElN8r/+v8//1//X/9f/L9//le7/x0+61f/fGP3/7vT/e9D/1//X/9f/p68u7fP/S/Wl/x9z/2vDTGqS/wEAAKAOYu6/L8xE/gcAAIDKiLn/dWEm8j8AAABURsz9rw8zqUn+1//X/9f/1//X/y/fv8//H076/93p//eg/6//r/+v/09fDVr/P+b+N4SZ1CT/AwAAQB3E3P/GMBP5HwAAACoj5v43hZnI/wAAAFAZMfe/OcykJvlf/1//X/9f/1//v3z/+v/DSf+/O/3/HvT/9f/1//X/6atB6//H3P+rYSY1yf8AAAAwlCbXt3nM/fd33lj+BwAAgMqIuf8tYSbyPwAAAFRGzP1vDTOpSf7X/9f/1//X/9f/L9+//v9w0v/vbsj6/z+/Jlyu/1/Q/x/s419v/3+s4+vL0v//3mr9/6VNnbfX/+dyGLT+f8z9bwszqUn+BwAAgDqIuf/tYSbyPwAAAFRGzP3vCDOR/wEAAKAyYu7/tTCTmuR//f/mcSy3l/X/q9r/H9H/H7z+/99+J8v0//X/+07/v7sh6//7/P8O+v+Dffw+/1//n5UGrf8fc/87w0xqkv8BAACgDmLufyDMRP4HAACAyoi5/8EwE/kfAAAAKiPm/neFmdQk/+v/+/z/evT/ff5/Nnj9f5//33JW9f/7R/+/O/3/HvT/9f8Hrf//n/r/DLdB6//H3P9QmElN8j8AAADUQcz97w4zkf8BAACgMmLu//UwE/kfAAAAKiPm/veEmdQk/+v/D0v/f2pI+/+P6v9fxv7/TdcU2+n/6/+zTP+/O/3/HvT/9f8Hrf/v8/8ZcoPW/4+5/71hJmvP/5Nr3hIAAAB4XsTc/xthJjX5+38AAACog5j7fzPMRP4HAACAyoi5/7fCTGqS//X/h6X/7/P/M/1/n//f8Xj0//X/y1y5/n9859H/1//X/4/0//X/9f/pNGj9/5j7fzvMpCb5HwAAAOog5v73hZnI/wAAADAUyv6f7E4x9x8MM5H/AQAAoDJi7j8UZlKT/K//v4b+/6be96f/3378+v/l62Nd/f8/2f4v3/nm2w/t1P/X/9f/X5cr+vn/zRe/z//X/9f/T/T/9f/1/+k0aP3/mPsPh5nUJP8DAABAHcTc/zthJvI/AAAAVEbM/UfCTOR/AAAAqIyY++fCTGqS//X/ff6//v+A9v+H+PP/4/nQ/2/Xt/5/fNPV/y9V9O/TKrq8/f93L/fE9f/X2/+fKL1U/1//f5iPX/9f/5+VBq3/H3P/fJhJTfI/AAAA1EHI/SNHi7l8hfwPAAAAlRFz/7EwE/kfAAAAKiPm/veHmdQk/+v/6//r/+v/+/z/8v136/83xnz+/6BK/fuf5i8U/f8Og9P/L6f/r/8/zMev/6//z0qD1v+PuX8hzKQm+R8AAADqIOb+D4SZyP8AAABQGTH3fzDMRP4HAACAyoi5/3iYSU3yv/7/8PX/47b6//r/+v81/fx//f+uNtq/1/8P9P/r3f//b/1//X/9f/pj0Pr/MfefCDP5P/bu5MnWur7j+Onkktu3yCKLVGWRTaqyzDJLFsk6+QOyyCabVFkucEDFmYvziKLirAjOAw4giKjgPIATijOoOM8DDiBKXYvu7/fb09Pn9HC6+3l+v9drwRcbmnOgbjV8bt+3Tyf7HwAAAHqQu//CuMX+BwAAgGbk7n9Y3GL/AwAAQDNy9z88bulk/+v/D9P/b1TKnv+/9f2Pov//D/3/bq+v/9f/t0z/P5/+fwH9v+f/6//1/yzV2Pr/3P2PiFs62f8AAADQg9z9j4xb7H8AAABoRu7+i+IW+x8AAACakbv/UXFLJ/t/W/+/Muuz/8+MdxLP/9f/e/6//n+d/l//P+R4+/9LH/zKp//X/+v/g/5/T/3/6d0+X/9Pi8bW/+fuf3Tc0sn+BwAAgB7k7n9M3GL/AwAAQDNy918ct9j/AAAA0Izc/Y+NWzrZ/8t7/v+ZtY9PtP8v+n/9/9oH9P/6f/3/ZHn+/3w99f8X3XH+hffc8M837uf19f/6f8//1/+zXGPr/3P3Py5u6WT/AwAAQA9y9z8+brH/AQAAoBm5+58Qt9j/AAAA0Izc/U+MWzrZ/8vr/yf9/P+i/9f/r31A/6//1/9Plv5/vp76/4O8vv5f/6//1/+zXGPr/3P3Pylu6WT/AwAAQA9y9z85brH/AQAAoBm5+y+JW+x/AAAAaEbu/rNxSyf7X/9/9P3/A/p//X9c/b/+X/9/9PT/8+n/F9D/6//1//p/lmps/X/u/kvjlk72PwAAAPQgd/9T4hb7HwAAAJqRu/+pcYv9DwAAAM3I3f+0uKWT/a//9/x//b/+X/8//Pr6/2nS/8+n/19A/3/Yfv48/b/+X//PZvvs/++f82V7Kf1/7v6nxy2d7H8AAADoQe7+Z8Qt9j8AAAA0I3f/M+MW+x8AAACakbv/WXFLJ/tf/6//1//r/w/c/+/8obdG/z9M/3889P/zjab/Xzk1+GH9/+T7f8//1//r/9libM//z93/7Lilk/0PAAAAPcjd/5y4Zc7+3/dP5gMAAAAnKnf/c+MW3/8HAACAycvqLHf/8+KWTva//l//r//X/3v+//Drz+v/b9z0/vT/46L/n280/f8u9P/6/ym/f/2//p+dxtb/5+5/ftzSyf4HAACAHuTuvyxusf8BAACgGbn7XxC32P8AAADQjNz9L4xbOtn/w/3/xh/X/++N/n/r+9f/D//4WFb/n39F/f/c/v8/Pf+/T/r/+Y6//z+t/9/61z9g/7/+FUf/P+7333j/f2bR5+v/GTK2/j93/+VxSyf7HwAAAHqQu/9FcYv9DwAAAM3I3f/iuMX+BwAAgEn793/caMFy978kbulk/3v+v/5f/z+9/t/z/9ed5PP/Z8fe/5/S/++R/n8+z/9fYLT9/zr9/7jff+P9v+f/cyBj6/9z918Rt3Sy/wEAAKAHV9w3W9v9L53N7H8AAACYos2/dmD7LygNuftfFrfY/wAAANCM3P0vj1s62f/6f/2//l//r/8ffv1x9f+e/79Xk+7/T238rv5f/z9kov3/qcb6/yt3+/wx9P+X6P8ZmS39/80bHz+p/j93/yvilk72PwAAAPQgd/8r4xb7HwAAAJqRu/9VcYv9DwAAAM3I3f/quKWT/X/k/f+Z3V9b/6//1//r//X/+v9lm3T/7/n/+v82+3/P//f8f/1/xzb6/61fD0+q/8/d/5q4pZP9DwAAAD3I3f/auMX+BwAAgGbk7r8ybrH/AQAAoBm5+18Xt3Sy/z3/X/+v/9f/6/+HX1//P036//n0/wvo//X/+n/9P0u15fn/m5xU/5+7/6q4pZP9DwAAAD3I3X913GL/AwAAQDNy978+brH/AQAAoBm5+98Qt3Sy//X/R9v/58f1//r/mf5f/6//Pxbd9v8rQ/8m2mmX/v+2h5z9760f0f/r//X/+n/9P0swiv7/3MZ/Xebuf2Pc0sn+BwAAgB7k7n9T3GL/AwAAQDNy9785brH/AQAAoBm5+98St+xz///DUt/V8dH/e/6//l//r/8ffn39/zR12//vkef/L6D/1//r//X/LNWR9P/3bnxx3+/z/3P3vzVu8f1/AAAAaEbu/rfFLfY/AAAANCN3/9vjFvsfAAAAmpG7/x1xSyf7X/+v/9f/6//1/8Ovf9D+f3U2TP9/PPT/8+n/F9D/6//1//p/lupI+v9N9tv/5+6/Jm7pZP8DAABAD3L3vzNusf8BAACgGbn73xW32P8AAADQjNz9745bOtn/+n/9v/5f/6//H359z/+fJv3/fPr/2Wx27Zw3MNT/nzut/9f/6//1/xzQ2Pr/3P3viVs62f8AAADQg9z918Yt9j8AAAA0I3f/dXGL/Q8AAADNyN3/3rilk/2v/9f/6//1//r/4dfX/0+T/n8+/f8Cnv9/2H7+nP5f/6//Z7Ox9f+5+6+PWzrZ/wAAANCD3P03xC32PwAAADQjd//74hb7HwAAAJqRu//GuKWT/a//1//r//X/R9L/n9X/b6f/Px5H1//P9P/6f/3/Ap7/r//X/7PdcfX/98fX+0X9f+7+98ctnex/AAAA6EHu/pviFvsfAAAAmpG7/wNxi/0PAAAAzcjd/8G4pZP9r//X/+v/9f+e/z/8+vr/afL8//n0/wvo//X/+n/9P0t1XP3/br3/9v+du/9DcUsn+x8AAAB6kLv/5rjF/gcAAIBm5O6/JW6x/wEAAKAZufs/HLd0sv/1//r/rf3/bKb/1//r/9cdQ/+/OtP/L53+fz79/wL6/zb7/7+ZNdT/n9n18/X/jNHY+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd//H45aW9v8Du6dv0+//T2/7RP3/bDa782LP/9f/z3l9/f9o+v/6p6r/Xx79/3z6/wX0/232/57/r//nxIyt/8/d/4m4paX9DwAAAJ3L3f/JuMX+BwAAgGbk7v9U3GL/AwAAQDNy9386bulk/2/p/+/dCM/yj4+//9/+ifr/2aGe/6//X/uA/l//r/+frMP291etxr/T9P/6f/3/YD+/sst/98z0//p//T8Dxtb/5+7/TNzSyf4HAACAHuTuvzVusf8BAACgGbn7b4tb7H8AAABoRu7+z8Ytnez/6T//f/sn6v9n+v8u+v9V/b/+X/8/aCzP/7/ggv+6Xf+v/2+x/59H/6//1/+z3dj6/9z9n4tbOtn/AAAA0IPc/Z+PW+x/AAAAaEbu/i/ELfY/AAAANCN3/xfjlk72/87+/7zZeqG6bqj/j0ZN/7+J/n/r+9f/D//48Px//b/+/+iNpf/3/P+DvX/9v/5/yu9/X/3/v+z8fP0/LRpb/5+7//a4pZP9DwAAAD3I3f+luMX+BwAAgGbk7v9y3GL/AwAAQDNy998Rt3Sy/z3/X/+v/9f/6/+HX1//P036//n0/wvo/w/fz+dXVf3/dJ///7f6f5ZnbP1/7v6vxC1rw+9f//6Af5sAAADAiOTu/2rc0sn3/wEAAKAHufu/FrfY/wAAANCM3P1fj1s62f/6f/2//l//r/8ffn39/zTp/+fT/y/QT/+/OvTBk+7nD+uk338z/b/n/7NEY+v/c/d/I27pZP8DAABA2+5b+23u/m/GLfY/AAAANCN3/7fiFvsfAAAAmpG7/864pZP9r//X/7ff//+f/n/b6+v/9f8t0//nv9GH6f8X6Kf/H3TS/fzU33/1/+dO6//1/4Sx9f+5+++KWzrZ/wAAANCD3P3fjlvsfwAAAGhG7v7vxC32PwAAADQjd/9345ZO9r/+v6/+f2XWY//v+f+t9P+r2/5+9P/6/yHT6f+vPjX0Uc//1//r/6f7/j3/X//PTmPr/3P3371yqsv9DwAAAFP1P//20Lv2+ufevfbb1dn34hb7HwAAAJqRu//7cYv9DwAAAM3I3f+DuKWT/a//76v/7/P5//r/Vvp/z//X/+/FdPr/Yfp//b/+f7rvX/+v/2ensfX/uft/GLdsGn6D/wc9AAAAwMn5u/396bn7fxS3dPL9fwAAAOhB7v4fxy079v+5Pf6qdgAAAGBscvf/JG7p5Pv/+v+R9/+zI+r/48/T/6/T/+v/h15f/z9N+v/5Dtn/n1vR/+v/59D/6//1/2w3tv4/d/9N18+63P8AAADQqC0/o/DTtd+uzn4Wt9j/AAAA0Izc/T+PW+x/AAAAaEbu/l/ELZ3sf/3/yPv/Az3//0z9nuf/d97/X7Y6+Pr6f/1/y/T/83n+/wL6f/2//l//z1Lto/9fG6RH3f/n7v9l3NLJ/gcAAIAe5O7/Vdxi/wMAAEAzcvf/Om6x/wEAAKAZuft/E7d0sv/1/yfQ/19+ejY70v5/D8//1//30f/v8vrt9P//dP7ZW//3/6+7Rv/PhuPs//PHgv5f/6//X6f/1//r/9lubM//z93/27ilk/0PAAAAPcjdf0/cYv8DAABAM3L3/y5ueXD/33JS7woAAABYptz9v49bOvn+v/6/xef/T7P/z3/WJ9D/n51e/59Nce/9v+f/6/938vz/+fT/C+j/9f/6f/0/SzW2/j93/x/ilk72PwAAAPQgd/8f45bc/yv7/ql7AAAAYGRy998bt/j+PwAAADQjd/99cUsn+1//r/8fS/+fPP9/4/M8/3+d/l//vx/6//n0/wvo//X/+n/9P0s1tv4/d/+f4pZO9j8AAAD0IHf//XGL/Q8AAADNyN3/57jF/gcAAIBm5O7/S9zSyf7X/+v/9f/6f/3/8Ovr/6dJ/z+f/n8B/b/+X/+v/2epxtb/5+7/awAAAP//Tx5w3g==")
mknodat(0xffffffffffffff9c, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x21c0, 0x103)

916.462753ms ago: executing program 3 (id=2144):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000180)=0x10)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000100), &(0x7f0000000180)=0x8)

780.815864ms ago: executing program 0 (id=2149):
syz_open_dev$dri(0x0, 0x0, 0x651b9f893dcb2416)
r0 = io_uring_setup(0x664b, &(0x7f0000000740)={0x0, 0x0, 0x1880, 0x5})
r1 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
close_range(r0, 0xffffffffffffffff, 0x0)

652.204385ms ago: executing program 0 (id=2150):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xfffffdff})
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0x100b}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac7100b100000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

651.911879ms ago: executing program 0 (id=2151):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000240)={0xe}, 0x1)

574.058103ms ago: executing program 0 (id=2152):
syz_mount_image$hfsplus(&(0x7f0000000500), &(0x7f0000000280)='./file0\x00', 0x13, &(0x7f0000000000)=ANY=[], 0x4, 0x699, &(0x7f0000000c00)="$eJzs3U1oHOf9B/DvrFaS5T/Y+id24pZATAxuqaktWTite2jcUooPoQT30LOw5Vh47QRZKU4ojfpObz2k9/SgW6HQ0rshPbe3QE+ip5RCL7lU9JAtMzu7Wkm7eo8kJ5+PGc3zMvPM8/x2dt4WMwE+t25eSvNJ3u3lV5ZnWivLM+N1tpWkTDeSZl1UPEyKD5Ib6Uz5QlnYrRy2nffmr9/68OOVjzq5Zj1Vyze2Wm9nluop55OM1PPNRvfU3u0N7b24+/4V3RGWAbuw//HCwWhvsrSu/rfZco+3H8NnQNE5b24ymZysDwDVNUF9dGgcauf27MTQmqVD7QcAAAAcjdOrWc3jnDrqfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTaClJUb/fv5wX51OcrF+kP1aXpU4/ncqejx51JwAAAAAAAABggFcGlja3WuXF1azmcU518+2i+s3/pTLZbrfLov/LW3mUuSzkch5nNotZzEKmk0z2NTT2eHZxcWG6WjM5k6FrftIeuObVIR38+8Wdjx8AAAAAAAAAPk++uS7309xc+/0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOgyIZ6cyq6Uw3PZlGM8mJJGPlckvJ37rpY6KxZW379MDiJ59SZwAAAOA4Ob2a1TzOqSozkbSL6p7/ueq+/0TeysMsZj6LaWUud6pnAZ27/sbK8kxrZXnmQTltbvdb/95VN8bq+/eRKjdoy+eqJSZyN/NVyeXczhtp5U4avTv/c93+DO7XT8o+Fa/UdtizO/W8HPlv6vkmtz7Z1WgPxmQVkdFeRKa6D29KW0dil5/Oxi1Np9F78nNm8Jbale5Cw2M+mkxtKjxZz8tY/7Iv5uti3//o6R+7Gs7WRoeU9zbeH4mrfXvfc+sjsbmFL/359z+413p4nJ6Z7d3GfWKmLxLP96JQJEsDjg91JO7fu/vo0sAv1NNkqorE2V7+Zr6b7+dSzue1LGQ+P8xsFjOX8/lOlZqtd6Vi+Len68a63GvbPOKsvhKTvaPo7vr0UrXuqczne3kjdzKXl6t/VzOdr+VaruV63yd8dvsj7fjgb/2JYZ2/8OU6MZHkV/X8eCjj+v99ce0/5k5Wdf0la1F6Zl2Uio3njjJKrzZ3dz5qfrFOlNv42bZPvQ/TxkhM90Xi2a33l9+1y7+PWg/vL9ybfbMq+sO2h8mL9byM6i+GnZm31Nz1GjtTdv2ZXvvr946y7tmBddNV3ZleXWNT3dle3Xbf1LH6Gm5zS1eruucH1s1Udef66tZfb71bXW8dRgQB2Jv62unkV06OTfxr4q8T70/8fOLexKsnvj3+9fEXxjL6l9FvNKdGLjZeKP6Y9/Pj+v4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYl0dvv3N/tjWShU6iNbfDxHh2sfAOEkX9Ip8Da/BYJ9LY50i7L6tbV/Wfzsv32oc5nPFkn3vCn37dGcqRfygHkWiWn0k5mj22k8ZxGEWV+Gy8rhAY7srigzevPHr7na/OP5h9fe71uYej165dn7p+7eWZK3fnW3NTnb9H3Uvg07B20h9Y/c9D7xAAAAAAAAAAAACwrcP47wRHPUYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6XbzUppPUmR66vJUmV9ZnmmVUze9tmQzSSNJ8aOk+CC5kc6Uyb7mimHbeW/++q0PP175aK2tZnf5stH/tvc1iqV6yvkkI/X8oNq7ve/2il5kyoBd6AYOjtr/AgAA//+BPQ0Y")
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10a)

572.739004ms ago: executing program 0 (id=2153):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x220008c9, &(0x7f0000000140)=ANY=[], 0x81, 0x14f3, &(0x7f0000002a80)="$eJzs3AuUzlXbMPB97b3/jGnibpLDsK99/bnTYJskySEhhyRJkiSnhCRJkpAYckoakpDjJDkMITlMY9I4nw85J00eaZIkp5zC/pae53s9z9vzvr3v9/S91nrn+q21172v+c913XvPNWv+h7Xm/rHnqLrN69VqSkTiXwJ/fUkWQsQIIYYJIQoIIQIhRMX4ivFXj+dTkPyvvQn7cz2Wdr1XwK4n7n/uxv3P3bj/uRv3P3fj/udu3P/cjfufu3H/GcvNts8pehOP3Dv4+X9uxuf//0Vyyk3+dmO5W3r9N1K4/7kb9z934/7nbtz/3I37n7tx///3q/mfHOP+527cf8Zys+v9/JnH9R3X+/ePMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljucN5fo4UQV1/Pee+v97oYY4wxxhhjjDH25/F5r/cKGGOMMcYYY4wx9v8fCCmU0CIQeUReESPyiVhxg4gTN4r8ooCIiJtEvLhZFBS3iEKisCgiiooEUUwUF0agsIJEKEqIkiIqbhWlxG0iUZQWZURZ4UQ5kSRuF+XFHaKCuFNUFHeJSuJuUVlUEVVFNXGPqC7uFTVETVFL3Cdqizqirqgn7hf1xQOigXhQNBQPiUbiYdFYPCKaiEdFU/GYaCYeF83FE6KFeFK0FK1Ea9FGtP1/yn9V9BWviX6iv0gWA8RA8boYJAaLIWKoGCbeEMPFm2KEeEukiJFilHhbjBbviDHiXTFWjBPjxXtigpgoJonJYoqYKlLF+2Ka+EBMFx+KGWKmmCVmizQxR8wVH4l5Yr5YID4WC8UnYpFYLJaIpSJdfCoyxDKRKT4Ty8XnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCF2iJ1il9gt9oi9Yp/4UuwXX4kD4muRLb75b+af+3f5vUCAAAkSNGjIA3kgBmIgFmIhDuIgP+SHCEQgHuKhIBSEQlAIikARSIAEKA7FAQGBgKAElIAoRKEUlIJESIQyUAYcOEiCJCgPd0AFqAAVoSJUgkpQGapAFagG1aA6VIcaUANqQS2oDbWhLtSF++F+eAAaQANoCA2hETSCxtAYmkATaApNoRk0g+bQHFpAC2gJLaE1tIa20BbaQTtoD+2hI3SETtAJOkNn6AJdoCt0hW7QDbpDd+gBPaAn9IRe0Bt6w6vwKrwGr0F/qC0HwEAYCINgEAyBoTAU3oDh8Ca8CW9BCoyEUfA2vA3vwBg4C2NhHIyH8VBdToRJMBlIToVUSIVpMA2mw3SYATNhJsyGNJgDc2EuzIP5MB8+hoXwCXwCi2ExLIV0SIcMWAaZkAnL4RxkwQpYCatgNayB1bAO1sM62AibYCNsgS2wDbbBF/AF7ISdsBt2w17YC1/Cl/AVfAUpkA3ZcBAOwiE4BIfhMORADhyBI3AUjsIxOAbH4TicgJNwCk7CGTgDZ+EcnIfzcBEuwiV4OeH7ZntLb0gR8iottcwj88gYGSNjZayMk3Eyv8wvIzKvjJfxsqAsKAvJQrKILCITZIIsLotLlChJhrKELCGjMipLyVIyUSbKMrKMdNLJJJkky8vysoKsICvKu2QlebesLKvIDq6arCary46uhqwpa8lasrasI+vKejJOCFFfNpANZEPZUDaSjWRj+YhsIgfAEHhMXu1MczkSWshR0FK2kq1lG/kOPCXbyTHQXnaQHeUzchyMhc6ynesin5dd5SToJl+Uk+El2UNOhZ7yFdlL9pZ95Kuyr2zv+sn+cgYMkAPlbBgkB8shcqicB3Xk1Y7VlW/JFDlSjpJvy6Xwjhwj35Vj5Tg5Xr4nJ8iJcpKcLKfIqTJVvi+nyQ/kdPmhnCFnyllytkyTc+Rc+ZGcJ+fLBfJjuVB+IhfJxXKJXCrT5acyQy6TmfIzuVx+LrPkCrlSrpKr5Rq5Vq6T6+UGuVFukpvlFrlVbpPb5Rdyh9wpd8ndco/cK/fJL+V++ZU8IL+W2fIbeVD+RR6S38rD8juZI7+XR+QP8qj8UR6TP8nj8md5Qp6Up+RpeUb+Is/Kc/K8vCAvyl/lJXlZXpFeCgVKKqW0ClQelVfFqHwqVt2g4tSNKr8qoCLqJhWvblYF1S2qkCqsiqiiKkEVU8WVUaisIhWqEqqkiqpbVSl1m0pUpVUZVVY5VU4lqdtVeXWHqqDuVBXVXaqSultVVlVUVVVN3aOqq3tVDVVT1VL3qdqqjqqr6qn7VX31gGqgHlQN1UOqkXpYNVaPqCbqUdVUPaaaqcdVc/WEaqGeVC1VK9VatVFt1VOqnXpatVcdVEf1jOqknlWd1XOqi3pedVUvqG7qRdVdvaR6qJdVT/WK6qV6qz7qsrqivOqn+qtkNUANVK+rQWqwGqKGqmHqDTVcvalGqLdUihqpRqm31Wj1jhqj3lVj1Tg1Xr2nJqiJapKarKaoqSpVva+mqQ/UdPWhmqFmqllqtkpTc9SQv1Va8F/I/+Cf5I/47d23qe3qC7VD7VS71G61R+1V+9Q+tV/tVwfUAZWtstVBdVAdUofUYXVY5agcdUQdUUfVUXVMHVPH1XF1Qp1UF9RpdUb9os6qc+qcuqAuqovq0t9+BkKDllpprQOdR+fVMTqfjtU36Dh9o86vC+iIvknH65t1QX2LLqQL6yK6qE7QxXRxbTRqq0mHuoQuqaP6Vl1K36YTdWldRpfVTpfTSfr2fzn/j9bXVrfV7XQ73V631x11R91Jd9KddWfdRUPyX69vuunuurvuoXvonrqn7qV76T66j+6r++p+up9O1sl6oH5dD9KD9RA9VA/Tb+jhergeoUfoFJ2iR+lRerQercfoMXqsHqvH6/F6gp6gJ+lJeoqeolN1qp6mp+nperqeoWfoWXqWTtNpeq6eq+fpeXqBXqAX6oV6kV6kl+glOl2n6wydoTN1pl6ul+ssvUKv0Kv0Kr1Gr9Hr9Dq9QW/Qm/QmvUVv0Vl6u96ud+gdepfepffoPXqf3qf36/36gD6gs3W2PqgP6kP6kD6sD+scnaOP6CP6qD6qj+lj+rg+rk/oE/qUPqXP6DP6rD6rz+vz+qK+qC/pS/qKvnL1si+QgQx0oIM8QZ4gJogJYoPYIC6IC/IH+YNIEAnig/igYHBLUCgoHBQJigYJQbGgeGACDGxAQRiUCEoG0eDWoFRwW5AYlA7KBGUDF5QLkoLbg/LBHUGF4M6gYnBXUCm4O6gcVAmqBtWCe4Lqwb1BjaBmUCu4L6gd1AnqBvWC+4P6wQNBg+DBoGHwUNAoeDhoHDwSNAkeDZoGjwXNgseD5sETQYvgyaBl0CpoHbQJ2v6p9b0/W/hp18/0N8kmxgw0r5tBZrAZYoaaYeYNM9y8aUaYt0yKGWlGmbfNaPOOGWPeNWPNODPevGcmmIlmkplsppipJtW8b6aZD8x086GZYWaaWWa2STNzzFzzkZln5psF5mOz0HxiFpnFZolZatLNpybDLDOZ5jOz3HxusswKs9KsMqvNGrPWrDPrzQaz0Wwym80Ws9VsM9vNF2aH2Wl2md1mj9lr9pkvzX7zlTlgvjbZ5htz0PzFHDLfmsPmO5NjvjdHzA/mqPnRHDM/mePmZ3PCnDSnzGlzxvxizppz5ry5YC6aX80lc9lcMf7qxf3V0ztq1JgH82AMxmAsxmIcxmF+zI8RjGA8xmNBLIiFsBAWwSKYgAlYHIvjVYSEJbAERjGKpbAUJmIilsEy6NBhEiZheSyPFbACVsSKWAkrYWWsjFWxKt6D9+C9eC/WxJp4H96HdbAO1sN6WB/rYwNsgA2xITbCRtgYG2MTbIJNsSk2w2bYHJtjC2yBLbEltsbW2BbbYjtsh+2xPXbEjtgJO2Fn7IxdsAt2xa7YDbthd+yOPbAH9sSe2At7YR/sg32xL/bDfpiMyTgQB+IgHIRDcAgOw2E4HIfjCByBKZiCo3AUjsbROAbH4Fgch+PxPZyAE3ESTsYpOBVTMRWn4TScjtNxBs7AWTgL0zAN5+JcnIfzcAEuwIW4EBcJgUtwCaZjOmZgBmZiJi7H5ZiFWbgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsftuAN34C7chXtwD+7Dfbgf9+MBPIDZmI0H8SAewkN4GA9jDubgETyCR/EoHsNjeByP4wk8gafwFJ7BM3gWz+J5PI8X8Ve8hJfxCnqMsVLE2htsnL3R5rcFbIzNZ/8+LmKL2gRbzBa3xhayhf8hRmttoi1ty9iy1tlyNsne/ru4sq1iq9pq9h5b3d5ra/wurm8fsA3sg7ahfcjWs/f/Q9zIPmwb2ydsE/ukbWpb2Wa2jW1un7At7JO2pW1lW9s2tpN91na2z9ku9nnb1b7wuzjDLrPr7Qa70W6y++1X9ry9YI/aH+1F+6vtZ/vbYfYNO9y+aUfYt2yKHfm7eLx9z06wE+0kO9lOsVN/F8+ys22anWPn2o/sPDv/d3G6/dQutJl2kV1sl9ilv8VX15RpP7PL7ec2y66wK+0qu9qusWvtun9b6yq7xW612+w++6XdYXfaXXa33WP3/hZf3ccB+7XNtt/YI/YHe8h+aw/bYzbHfv9bfHV/x+xP9rj92Z6wJ+0pe9qesb/Ys/bcb/u/uvfT9rK9Yr0VBCRJkaaA8lBeiqF8FEsFKI5upPxUgCJ0E8XTzVSQbqFCVJiKUFFKoGJUnAwhWSIKqQSVpCjdSqXoNkqk0lSGypKjcpREt1N5uoMq0J1Uke6iSnQ3VaYqVJWq0T1Une6lGlSTatF9VJvqUF2qR/dTfXqAGtCD1JAeokb0MDWmR6gJPUpN6TFqRo9Tc3qCWtCT1JJaUWtqQ23pKWpHT1N76kAd6RnqRM9SZ3qOutDz1JVeoG70InWnl6gHvUw96RXqRb2pD71Kfek16kf9KZkG0EB6nQbRYBpCQ2kYvUHD6U0aQW9RCo2kUfQ2jaZ3aAy9S2NpHI2n92gCTaRJNJmm0FRKpfdpGn1A0+lDmkEzaRbNpjSaQ3PpI5pH82kBfUwL6RNaRItpCS2ldPqUMmgZZdJntJw+pyxaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqCdtBO2kW7aQ/tpX30Je2nr+gAfU3Z9A0dpL/QIfqWDtN3lEPf0xH6gY7Sj3SMfqLj9DOdoJN0ik7TGfqFztI5Ok8X6CL9SpfoMl0hTyKEUIYq1GEQ5gnzhjFhvjA2vCGMC28M84cFwkh4Uxgf3hwWDG8JC4WFwyJh0TAhLBYWD02IoQ0pDMMSYckwGt4algpvCxPD0mGZsGzownJhUnh7WD68I6wQ3hlWDO8KK4V3h5XDKuETD1UL7wmrh/eGNcKaYa3wvrB2WCesG9YL7w/rhw+EDcIHw4bhQ2GF8OGwcfhI2CR8NGwaPhY2Cx8Pm4dPhC3CJ8OWYauwddgmbBs+FbYLnw7bhx3CjuEzYafw2bBz+FzYJXw+7Bq+8IfHk8MB4cDw9fD10PsH1ZLo0mh69NNoRnRZNDP6WXR59PNoVnRFdGV0VXR1dE10bXRddH10Q3RjdFN0c3RLdGt0W9T7enmFAyedctoFLo/L62JcPhfrbnBx7kaX3xVwEXeTi3c3u4LuFlfIFXZFXFGX4Iq54s44dNaRC10JV9JF3a2ulLvNJbrSrowr65wr55JcG9fWtXXt3NOuvevgOrpn3DPuWfese8495553Xd0Lrpt70XV3L7ke7mX3snvF9XK9XR/3quvrXnP9XH+X7JLdQDfQDXKD3BA3xA1zw9xwN9yNcCNciktxo9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcaku1U1z09x0N93NcDPcLDfLpbk0N9fNdfPcPLfALXALExe6RW6RW+KWuHSX7jJchst0mW65W+6yXJZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3bZ7qA76A65Q+6w+87luO/dEfeDO+p+dMfcT+64+9mdcCfdKXfanXG/uLPunDvvLriL7ld3yV12V5x3qZH3I9MiH0SmRz6MzIjMjMyKzI6kReZE5kY+isyLzI8siHwcWRj5JLIosjiyJLI0kh75NJIRWRbJjHwWWR75PJIVWRFZGVkVWR1ZE/G+2I7Ql/AlfdTf6kv523yiL+3L+LLe+XI+yd/uy/s7fAV/p6/o7/KV/N2+sq/iq/onfUvfyrf2bXxb/5Rv55/27X0H39E/4zv5Z31n/5zv4p/3Xf0Lvpt/0Xf3L/ke/mXf07/ie/nevo9/1ff1r/l+vr9P9gP8QP+6H+QH+yF+qB/m3/DD/Zt+hH/Lp/iRfpR/24/27/gx/l0/1o/z4/17foKf6Cf5yX6Kn+pT/ft+mv/AT/cf+hl+pp/lZ/s0P8fP9R/5eX6+X+A/9gv9J36RX+yX+KU+3X/qM/wyn+k/88v95z7Lr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/hd/idfpff7ff4vX6f/9Lv91/5A/5rn+2/8Qf9X/wh/60/7L/zOf57f8T/4I/6H/0x/5M/7n/2J/xJf8qf9mf8L/6sP+fP+wv+ov/VX/KX/RX+nzXGGGOMsf8S9QfHB/yTr8m/jasGCiFu3Fk059/X3Fzor/PBMqFTRAjxfP+ej/3fUbt2cvLfHs6LLCWCkouFEJFr+XnEtXiF6CieFV1EB1H+n65vsOx9kf6gfvQuIWL/LidGXIuv1b/jP6j/1DPjMyqF5+P/k/qLhUgseS0nn7gWX6tf4T+oX7jdH6w/37epQrT/u5w4cS2+Vj9JPC1eEF3+4TsZY4wxxhhjjLG/Giyrdv+j++er9+cJ+lpOXnEt/qP7c8YYY4wxxhhjjF1/L/Xu89xTXbp06M4TnvCEJ/82ud5/mRhjjDHGGGN/tmsX/dd7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWO71P/FxYtd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtj19n8CAAD//7CLOQ4=")
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201"], 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

331.125038ms ago: executing program 5 (id=2154):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000df2bfd404b0c0001cad7010203010902240001000000000904450002c9cee40009050802ff03000000090582030004"], 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x3, &(0x7f0000000280)=ANY=[])

320.691µs ago: executing program 3 (id=2155):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000001000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f80)={'wlan1\x00', &(0x7f0000000f40)=@ethtool_stats})

108.954µs ago: executing program 0 (id=2156):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0)
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)='.\x02\x00')
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f00000008c0)=""/31, 0x1f)

0s ago: executing program 3 (id=2157):
bpf$ITER_CREATE(0x21, &(0x7f0000000080)={0xffffffffffffffff, 0x300}, 0x8)

kernel console output (not intermixed with test programs):

rq - nonzero urb status received: -71
[  155.544595][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.547556][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.550503][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.553497][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.556597][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.559636][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.562669][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.565857][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.570368][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.570624][ T5281] usb 1-1: control msg error: -71
[  155.573336][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.578704][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.581752][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.584841][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.587899][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.590941][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.594021][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.597074][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.600160][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.602904][    C0] usb 1-1: pegasus_irq - usb_submit_urb failed with result -1
[  155.606283][   T47] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  155.618992][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.621603][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.624394][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.627366][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.630394][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.633367][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.636370][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.639346][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.642423][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.645423][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.648074][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.650694][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.653584][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.656565][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.659468][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.662539][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.666058][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.669572][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.673312][   T47] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  155.678085][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.681979][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.685428][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.687901][ T5281] usb 1-1: control msg error: -71
[  155.688633][    C1] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.693831][    C1] usb 1-1: pegasus_irq - usb_submit_urb failed with result -1
[  155.706197][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.709733][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.710999][   T47] usb 3-1: USB disconnect, device number 18
[  155.712715][    C0] usb 1-1: pegasus_irq - nonzero urb status received: -71
[  155.715112][ T5899] usb 1-1: USB disconnect, device number 16
[  155.717523][    C0] usb 1-1: pegasus_irq - usb_submit_urb failed with result -19
[  155.738023][ T5281] usb 1-1: control msg error: -19
[  156.797868][ T8462] loop0: detected capacity change from 0 to 1024
[  156.949259][ T8469] loop2: detected capacity change from 0 to 1024
[  156.984658][ T8469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.997903][ T1089] hfsplus: b-tree write err: -5, ino 4
[  157.019246][ T8469] ext4 filesystem being mounted at /333/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.130896][ T8479] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.977'.
[  157.139049][ T8479] netlink: zone id is out of range
[  157.140929][ T8479] netlink: zone id is out of range
[  157.142835][ T8479] netlink: get zone limit has 8 unknown bytes
[  157.223320][ T8480] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  157.450882][ T5856] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.614996][ T8489] netlink: 'syz.0.980': attribute type 8 has an invalid length.
[  157.620704][ T8490] loop2: detected capacity change from 0 to 128
[  157.643963][ T8490] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  157.676417][ T8490] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  158.564142][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  158.652735][ T8533] loop3: detected capacity change from 0 to 512
[  158.700341][ T8533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.704290][ T8533] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.742730][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.747000][    T9] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  158.750745][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.762916][    T9] usb 3-1: config 0 descriptor??
[  159.775900][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  159.787963][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  159.793029][    T9] usb 3-1: USB disconnect, device number 19
[  159.814668][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.967171][ T8555] loop3: detected capacity change from 0 to 4096
[  159.983811][ T8555] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  160.023332][ T8555] ntfs3(loop3): $Secure::$SII is corrupted.
[  160.037465][ T8555] ntfs3(loop3): Failed to initialize $Secure (-22).
[  160.127853][ T8566] netlink: 156 bytes leftover after parsing attributes in process `syz.3.999'.
[  160.192931][ T5236] Bluetooth: hci1: unexpected event for opcode 0x2040
[  160.197220][ T8575] input: syz1 as /devices/virtual/input/input15
[  160.199098][ T8575] input: failed to attach handler leds to device input15, error: -6
[  160.304792][ T8582] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1004'.
[  160.430782][ T8592] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1007'.
[  160.552613][ T5314] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  160.600797][ T5899] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  160.737242][ T5314] usb 1-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  160.747236][ T5314] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.752884][ T5314] usb 1-1: Product: syz
[  160.754503][ T5314] usb 1-1: Manufacturer: syz
[  160.756281][ T5314] usb 1-1: SerialNumber: syz
[  160.768754][ T5314] usb 1-1: config 0 descriptor??
[  160.776754][ T5899] usb 4-1: config index 0 descriptor too short (expected 8192, got 36)
[  160.778554][ T5314] usb 1-1: Waiting for MOTU Microbook II to boot up...
[  160.779916][ T5899] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.782753][ T5314] usb 1-1: failed setting the sample rate for Motu MicroBook II: -22
[  160.788554][ T5314] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22
[  160.795737][ T5899] usb 4-1: config 0 has no interfaces?
[  160.797801][ T5899] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  160.809306][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.819215][ T5899] usb 4-1: config 0 descriptor??
[  160.982598][ T8613] loop2: detected capacity change from 0 to 32768
[  160.985787][ T8613] XFS: noikeep mount option is deprecated.
[  161.001496][ T8613] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  161.014663][ T5314] usb 1-1: USB disconnect, device number 17
[  161.032292][ T8613] XFS (loop2): Ending clean mount
[  161.042062][ T8613] XFS (loop2): Quotacheck needed: Please wait.
[  161.050472][ T5899] usb 4-1: USB disconnect, device number 3
[  161.077393][ T8613] XFS (loop2): Quotacheck: Done.
[  161.119213][ T5856] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  161.496654][ T8637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1022'.
[  161.505949][ T8637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1022'.
[  161.572418][   T33] audit: type=1326 audit(1755260962.481:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.2.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5bd8ebe9 code=0x7ffc0000
[  161.581091][   T33] audit: type=1326 audit(1755260962.481:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.2.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5bd8ebe9 code=0x7ffc0000
[  161.596345][   T33] audit: type=1326 audit(1755260962.499:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.2.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f8c5bd8ebe9 code=0x7ffc0000
[  161.603267][   T33] audit: type=1326 audit(1755260962.499:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.2.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5bd8ebe9 code=0x7ffc0000
[  161.633916][   T33] audit: type=1326 audit(1755260962.499:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.2.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f8c5bd8ebe9 code=0x7ffc0000
[  161.660927][   T33] audit: type=1326 audit(1755260962.499:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8640 comm="syz.2.1024" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5bd8ebe9 code=0x7ffc0000
[  161.850988][ T8658] netlink: 'syz.0.1030': attribute type 1 has an invalid length.
[  161.966507][ T8664] tipc: Started in network mode
[  161.971656][ T8664] tipc: Node identity 7, cluster identity 4711
[  161.973969][ T8664] tipc: Node number set to 7
[  162.192481][ T8678] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1040'.
[  162.398602][ T8686] loop3: detected capacity change from 0 to 4096
[  162.409344][ T8686] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  162.445276][ T8686] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  162.451359][ T8686] ntfs3(loop3): ino=19, mi_enum_attr
[  162.458280][ T8686] ntfs3(loop3): failed to convert "c46c" to cp860
[  162.462066][ T8686] ntfs3(loop3): ino=20, mi_enum_attr
[  162.545618][ T8692] input: syz1 as /devices/virtual/input/input16
[  162.550616][ T8692] input: failed to attach handler leds to device input16, error: -6
[  162.744918][ T8702] loop3: detected capacity change from 0 to 1024
[  163.104306][ T8718] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1058'.
[  163.167211][ T8719] loop3: detected capacity change from 0 to 512
[  163.184128][ T8718] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  163.188191][ T8718] macvtap1: entered allmulticast mode
[  163.190462][ T8718] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  163.207818][ T8719] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  163.318060][ T8719] EXT4-fs (loop3): 1 truncate cleaned up
[  163.321637][ T8719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.435414][ T8723] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  163.437305][    T9] IPVS: starting estimator thread 0...
[  163.497823][   T47] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  163.522270][ T8727] geneve3: entered allmulticast mode
[  163.529977][ T8725] IPVS: using max 68 ests per chain, 163200 per kthread
[  163.632078][ T8729] cgroup: none used incorrectly
[  163.693018][   T47] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.696846][   T47] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  163.703768][   T47] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  163.707284][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  163.710315][   T47] usb 3-1: SerialNumber: syz
[  163.859706][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.954647][   T47] usb 3-1: 0:2 : does not exist
[  163.956677][   T47] usb 3-1: unit 255 not found!
[  164.008657][   T47] usb 3-1: USB disconnect, device number 20
[  164.051390][ T5855] udevd[5855]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  164.091160][ T8739] netlink: set zone limit has 4 unknown bytes
[  164.187394][ T8750] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1072'.
[  164.668012][ T8753] loop3: detected capacity change from 0 to 32768
[  164.826631][ T8753] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  164.826645][ T8753]   allowing incompatible features above 0.0: (unknown version)
[  164.826700][ T8753]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  164.840354][ T8753] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  164.843605][ T8753] bcachefs (loop3): initializing new filesystem
[  164.873622][ T8753] bcachefs (loop3): going read-write
[  164.899535][ T8753] bcachefs (loop3): marking superblocks
[  164.918411][ T8753] bcachefs (loop3): initializing freespace
[  164.927823][ T8753] bcachefs (loop3): done initializing freespace
[  164.933436][ T8753] bcachefs (loop3): reading snapshots table
[  164.935248][ T8753] bcachefs (loop3): reading snapshots done
[  164.972956][ T8753] bcachefs (loop3): done starting filesystem
[  165.032874][   T47] IPVS: starting estimator thread 0...
[  165.143993][ T8769] IPVS: using max 68 ests per chain, 163200 per kthread
[  165.408114][ T8776] erofs (device nullb0): cannot find valid erofs superblock
[  165.932502][ T8778] loop2: detected capacity change from 0 to 32768
[  165.947853][ T8778] BTRFS warning: excessive commit interval 2147483647, use with care
[  165.966216][ T8015] bcachefs (loop3): shutting down
[  165.970107][ T8778] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1080 (8778)
[  165.970663][ T8015] bcachefs (loop3): going read-only
[  165.975649][ T8015] bcachefs (loop3): finished waiting for writes to stop
[  165.980981][ T8015] bcachefs (loop3): flushing journal and stopping allocators, journal seq 5
[  165.991548][ T8778] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.996814][ T8778] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  166.006518][ T8015] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 5
[  166.008295][ T8778] BTRFS info (device loop2): disk space caching is enabled
[  166.012594][ T8778] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  166.013837][ T8015] bcachefs (loop3): clean shutdown complete, journal seq 6
[  166.030989][ T8015] bcachefs (loop3): marking filesystem clean
[  166.098316][ T8015] bcachefs (loop3): shutdown complete
[  166.139301][ T8778] BTRFS info (device loop2): rebuilding free space tree
[  166.163988][ T8778] BTRFS info (device loop2): disabling free space tree
[  166.166670][ T8778] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  166.169617][ T8778] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  166.256878][ T5856] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  166.397422][ T8821] loop0: detected capacity change from 0 to 128
[  166.402365][ T8821] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  166.410591][ T8821] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  166.584874][   T26] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  166.760457][ T8827] kAFS: unable to lookup cell ''
[  167.632142][ T8835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1084'.
[  167.639901][ T8835] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1084'.
[  167.642820][ T8835] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1084'.
[  167.752944][   T47] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  167.841165][ T8837] loop3: detected capacity change from 0 to 40427
[  167.849767][ T8837] F2FS-fs (loop3): invalid crc value
[  167.913127][   T47] usb 3-1: Using ep0 maxpacket: 32
[  167.917154][   T47] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  167.920111][   T47] usb 3-1: config 0 has no interface number 0
[  167.924344][   T47] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  167.927193][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.930054][   T47] usb 3-1: Product: syz
[  167.931280][   T47] usb 3-1: Manufacturer: syz
[  167.932840][   T47] usb 3-1: SerialNumber: syz
[  167.942398][   T47] usb 3-1: config 0 descriptor??
[  167.943109][ T8837] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  167.949479][   T47] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  167.951704][ T8833] loop0: detected capacity change from 0 to 32768
[  167.956640][ T8837] F2FS-fs (loop3): Start checkpoint disabled!
[  167.965761][ T8837] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  167.975930][ T8833] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  168.030083][ T8833] XFS (loop0): Ending clean mount
[  168.046829][ T8833] XFS (loop0): Quotacheck needed: Please wait.
[  168.054913][   T26] kworker/u9:0: attempt to access beyond end of device
[  168.054913][   T26] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  168.061045][   T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  168.061066][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  168.061074][   T26] Workqueue: writeback wb_workfn (flush-7:3)
[  168.061096][   T26] Call Trace:
[  168.061103][   T26]  <TASK>
[  168.061109][   T26]  dump_stack_lvl+0x189/0x250
[  168.061131][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.061148][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  168.061162][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  168.061179][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  168.061242][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  168.061269][   T26]  f2fs_write_end_io+0x886/0xb60
[  168.061299][   T26]  __submit_merged_bio+0x27a/0x6a0
[  168.061324][   T26]  __submit_merged_write_cond+0x255/0x530
[  168.061349][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  168.061409][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  168.061500][   T26]  ? rcu_is_watching+0x15/0xb0
[  168.061532][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  168.061551][   T26]  do_writepages+0x32e/0x550
[  168.061573][   T26]  ? reacquire_held_locks+0x127/0x1d0
[  168.061586][   T26]  ? writeback_sb_inodes+0x384/0x1010
[  168.061610][   T26]  __writeback_single_inode+0x145/0xff0
[  168.061627][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  168.061648][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  168.061662][   T26]  ? preempt_schedule+0xae/0xc0
[  168.061683][   T26]  ? preempt_schedule+0xae/0xc0
[  168.061714][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  168.061787][   T26]  ? rcu_is_watching+0x15/0xb0
[  168.061812][   T26]  wb_writeback+0x43b/0xaf0
[  168.061836][   T26]  ? queue_io+0x3d1/0x590
[  168.061855][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  168.061879][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  168.061899][   T26]  wb_workfn+0x409/0xef0
[  168.061927][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  168.061946][   T26]  ? __lock_acquire+0xab9/0xd20
[  168.061976][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  168.061995][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  168.062009][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  168.062021][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  168.062037][   T26]  process_scheduled_works+0xae1/0x17b0
[  168.062076][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  168.062106][   T26]  worker_thread+0x8a0/0xda0
[  168.062143][   T26]  kthread+0x711/0x8a0
[  168.062161][   T26]  ? __pfx_worker_thread+0x10/0x10
[  168.062174][   T26]  ? __pfx_kthread+0x10/0x10
[  168.062192][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  168.062206][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.062250][   T26]  ? __pfx_kthread+0x10/0x10
[  168.062267][   T26]  ret_from_fork+0x3fc/0x770
[  168.062285][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  168.062305][   T26]  ? __switch_to_asm+0x39/0x70
[  168.062321][   T26]  ? __switch_to_asm+0x33/0x70
[  168.062336][   T26]  ? __pfx_kthread+0x10/0x10
[  168.062353][   T26]  ret_from_fork_asm+0x1a/0x30
[  168.062384][   T26]  </TASK>
[  168.171969][   T26] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  168.184369][   T47] usb 3-1: qt2_attach - failed to power on unit: -71
[  168.187108][   T47] quatech2 3-1:0.51: probe with driver quatech2 failed with error -71
[  168.199685][ T8833] XFS (loop0): Quotacheck: Done.
[  168.211443][   T47] usb 3-1: USB disconnect, device number 21
[  168.239678][ T5851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  168.567487][ T8857] netlink: 'syz.3.1102': attribute type 6 has an invalid length.
[  168.702547][ T8851] loop0: detected capacity change from 0 to 32768
[  168.731852][ T8851] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  168.739158][ T8870] loop3: detected capacity change from 0 to 512
[  168.742791][ T8870] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  168.771584][ T8870] EXT4-fs (loop3): 1 truncate cleaned up
[  168.775253][ T8870] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.793154][ T8851] XFS (loop0): Ending clean mount
[  168.814602][ T8851] XFS (loop0): Quotacheck needed: Please wait.
[  168.822149][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.882762][ T8851] XFS (loop0): Quotacheck: Done.
[  168.953566][ T5851] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  169.104561][   T33] audit: type=1326 audit(1755260969.534:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.112653][   T33] audit: type=1326 audit(1755260969.534:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.133559][   T33] audit: type=1326 audit(1755260969.534:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.154442][   T33] audit: type=1326 audit(1755260969.534:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.162637][   T33] audit: type=1326 audit(1755260969.534:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.173121][   T33] audit: type=1326 audit(1755260969.534:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.181375][   T33] audit: type=1326 audit(1755260969.534:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.193187][   T33] audit: type=1326 audit(1755260969.534:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.202424][   T33] audit: type=1326 audit(1755260969.534:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.214035][   T33] audit: type=1326 audit(1755260969.534:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.3.1114" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  169.415559][ T8905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1120'.
[  169.419058][ T8905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1120'.
[  169.473980][ T5899] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  169.559442][ T8913] Bluetooth: MGMT ver 1.23
[  169.638298][ T5899] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  169.641257][ T5899] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  169.644776][ T5899] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  169.648039][ T5899] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  169.651035][ T5899] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  169.660948][ T5899] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  169.663720][ T5899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  169.666417][ T5899] usb 1-1: Product: syz
[  169.667848][ T5899] usb 1-1: Manufacturer: syz
[  169.669340][ T5899] usb 1-1: SerialNumber: syz
[  169.672558][ T5899] usb 1-1: config 0 descriptor??
[  169.879903][   T47] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  169.895027][ T5899] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  169.897092][ T5899] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  170.042656][   T47] usb 4-1: config 0 has an invalid interface number: 197 but max is 0
[  170.045190][   T47] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  170.048171][   T47] usb 4-1: config 0 has no interface number 0
[  170.050131][   T47] usb 4-1: config 0 interface 197 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  170.053076][   T47] usb 4-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  170.056120][   T47] usb 4-1: config 0 interface 197 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  170.063011][   T47] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[  170.066474][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.069642][   T47] usb 4-1: Product: syz
[  170.070980][   T47] usb 4-1: Manufacturer: syz
[  170.072551][   T47] usb 4-1: SerialNumber: syz
[  170.080833][   T47] usb 4-1: config 0 descriptor??
[  170.112223][ T5899] radio-si470x 1-1:0.0: software version 0, hardware version 0
[  170.114543][ T5899] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  170.120393][ T5899] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  170.178015][ T8929] sctp: [Deprecated]: syz.2.1131 (pid 8929) Use of struct sctp_assoc_value in delayed_ack socket option.
[  170.178015][ T8929] Use struct sctp_sack_info instead
[  170.303447][   T47] usb 4-1: USB disconnect, device number 4
[  170.334756][ T5899] radio-si470x 1-1:0.0: submitting int urb failed (-90)
[  170.765472][ T5899] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71
[  170.772500][ T5899] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22
[  170.777970][ T5899] usb 1-1: USB disconnect, device number 18
[  170.987885][ T8935] loop3: detected capacity change from 0 to 4096
[  171.120753][ T8941] netlink: 'syz.2.1138': attribute type 4 has an invalid length.
[  171.146321][ T8941] netlink: 'syz.2.1138': attribute type 4 has an invalid length.
[  171.243383][ T8949] loop3: detected capacity change from 0 to 1024
[  171.279045][ T8949] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.285135][ T8949] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.366953][ T8955] loop2: detected capacity change from 0 to 4096
[  171.408446][ T8955] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.421746][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.622605][ T8964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1146'.
[  171.687668][ T5856] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /385/bus/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  171.852702][ T8078] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.217588][ T5879] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.385100][ T5879] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.414269][   T10] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  172.503351][ T5879] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.584611][   T10] usb 1-1: Using ep0 maxpacket: 8
[  172.598657][   T10] usb 1-1: config 0 has an invalid interface number: 175 but max is 0
[  172.600269][ T5879] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.601282][   T10] usb 1-1: config 0 has no interface number 0
[  172.630588][   T10] usb 1-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=bc.ed
[  172.633765][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.636303][   T10] usb 1-1: Product: syz
[  172.652213][   T10] usb 1-1: Manufacturer: syz
[  172.653719][   T10] usb 1-1: SerialNumber: syz
[  172.671675][   T10] usb 1-1: config 0 descriptor??
[  172.938302][ T5879] bridge_slave_1: left allmulticast mode
[  172.939096][   T10] usbserial_generic 1-1:0.175: The "generic" usb-serial driver is only for testing and one-off prototypes.
[  172.940556][ T5879] bridge_slave_1: left promiscuous mode
[  172.944840][   T10] usbserial_generic 1-1:0.175: Tell linux-usb@vger.kernel.org to add your device to a proper driver.
[  172.944888][   T10] usbserial_generic 1-1:0.175: device has no bulk endpoints
[  172.960821][   T10] usb 1-1: USB disconnect, device number 19
[  172.961141][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.972381][ T5879] bridge_slave_0: left allmulticast mode
[  172.974623][ T5879] bridge_slave_0: left promiscuous mode
[  172.978993][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.066993][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  173.077383][ T5879] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  173.079651][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  173.083031][ T5879] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  173.087094][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  173.088163][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  173.094171][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  173.522734][ T5879]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.531573][ T5879]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.534794][ T5879]  (unregistering): Released all slaves
[  173.630515][ T5879] bond1 (unregistering): Released all slaves
[  173.720794][ T5879] bond2 (unregistering): (slave veth3): Releasing active interface
[  173.723271][ T5879] veth0_to_bond: entered promiscuous mode
[  173.726640][ T5879] bond2 (unregistering): (slave veth0_to_bond): Releasing active interface
[  173.730903][ T5879] bond2 (unregistering): Released all slaves
[  174.113784][   T47] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  174.186019][ T8978] chnl_net:caif_netlink_parms(): no params data found
[  174.237494][ T8991] loop3: detected capacity change from 0 to 32768
[  174.249438][ T8991] XFS (loop3): invalid logbufsize: 73 [not 16k,32k,64k,128k or 256k]
[  174.265939][ T5879] hsr_slave_0: left promiscuous mode
[  174.278490][ T5879] hsr_slave_1: left promiscuous mode
[  174.282543][   T47] usb 1-1: config 201 has an invalid interface number: 249 but max is 0
[  174.285081][ T5879] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  174.286774][   T47] usb 1-1: config 201 has no interface number 0
[  174.288611][ T5879] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.294883][   T47] usb 1-1: config 201 interface 249 altsetting 4 has an endpoint descriptor with address 0xF1, changing to 0x81
[  174.307996][   T47] usb 1-1: config 201 interface 249 altsetting 4 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  174.312213][   T47] usb 1-1: config 201 interface 249 has no altsetting 0
[  174.320408][   T47] usb 1-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  174.323959][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.332209][   T47] usb 1-1: Product: syz
[  174.333803][   T47] usb 1-1: Manufacturer: syz
[  174.335612][   T47] usb 1-1: SerialNumber: syz
[  174.339134][ T5879] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.343125][ T5879] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.362143][ T9001] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1160'.
[  174.373504][ T5879] veth1_macvtap: left promiscuous mode
[  174.375694][ T5879] veth0_macvtap: left promiscuous mode
[  174.379213][ T5879] veth1_vlan: left promiscuous mode
[  174.388877][ T5879] veth0_vlan: left promiscuous mode
[  174.600810][ T9003] loop3: detected capacity change from 0 to 32768
[  174.606292][ T9003] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1161 (9003)
[  174.615643][ T9003] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  174.618792][ T9003] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  174.621532][ T9003] BTRFS info (device loop3): disk space caching is enabled
[  174.624096][ T9003] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  174.693955][   T47] ath6kl: Failed to submit usb control message: -71
[  174.696258][   T47] ath6kl: unable to send the bmi data to the device: -71
[  174.698578][   T47] ath6kl: Unable to send get target info: -71
[  174.735125][   T47] ath6kl: Failed to init ath6kl core: -71
[  174.759955][   T47] ath6kl_usb 1-1:201.249: probe with driver ath6kl_usb failed with error -71
[  174.777633][ T9003] BTRFS info (device loop3): rebuilding free space tree
[  174.804264][   T47] usb 1-1: USB disconnect, device number 20
[  174.820132][ T9003] BTRFS info (device loop3): disabling free space tree
[  174.822709][ T9003] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  174.825993][ T9003] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  174.881918][ T8015] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  175.297668][ T5879] team0 (unregistering): Port device team_slave_1 removed
[  175.300870][ T5236] Bluetooth: hci2: command tx timeout
[  175.422590][   T33] kauditd_printk_skb: 28 callbacks suppressed
[  175.422607][   T33] audit: type=1326 audit(1755260975.436:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9025 comm="syz.0.1164" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f830638ebe9 code=0x0
[  176.360378][ T8978] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.367202][ T8978] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.391276][ T8978] bridge_slave_0: entered allmulticast mode
[  176.405808][ T8978] bridge_slave_0: entered promiscuous mode
[  176.415590][ T8978] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.418505][ T8978] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.421485][ T8978] bridge_slave_1: entered allmulticast mode
[  176.453104][ T8978] bridge_slave_1: entered promiscuous mode
[  176.549190][ T8978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.567796][ T8978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  176.641606][ T9047] xfrm0: entered promiscuous mode
[  176.643826][ T9047] xfrm0: entered allmulticast mode
[  176.685847][ T8978] team0: Port device team_slave_0 added
[  176.702832][ T8978] team0: Port device team_slave_1 added
[  176.770382][ T8978] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.772403][ T5879] IPVS: stop unused estimator thread 0...
[  176.780949][ T8978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.795257][ T8978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.821482][ T8978] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.824203][ T8978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.845053][ T8978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.893725][ T8978] hsr_slave_0: entered promiscuous mode
[  176.904114][ T8978] hsr_slave_1: entered promiscuous mode
[  176.906747][ T8978] debugfs: 'hsr0' already exists in 'hsr'
[  176.908805][ T8978] Cannot create hsr debugfs directory
[  177.270891][ T9081] netlink: 'syz.0.1182': attribute type 13 has an invalid length.
[  177.319585][ T9081] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  177.324506][ T8978] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  177.333922][ T8978] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  177.340582][ T8978] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  177.351460][ T8978] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  177.444139][ T8978] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.470251][   T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  177.474372][ T8978] 8021q: adding VLAN 0 to HW filter on device team0
[  177.488141][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.490336][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.509628][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.512042][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.528042][ T5236] Bluetooth: hci2: command tx timeout
[  177.642001][   T10] usb 4-1: Using ep0 maxpacket: 16
[  177.646358][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.655993][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.659426][   T10] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00
[  177.670834][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.688599][   T10] usb 4-1: config 0 descriptor??
[  177.715773][ T8978] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.999036][ T8978] veth0_vlan: entered promiscuous mode
[  178.008649][ T8978] veth1_vlan: entered promiscuous mode
[  178.043468][ T8978] veth0_macvtap: entered promiscuous mode
[  178.054128][ T8978] veth1_macvtap: entered promiscuous mode
[  178.074911][ T8978] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.088840][ T8978] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.105387][ T5876] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.108646][ T5876] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.132276][   T10] input: HID 0458:5012 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5012.000A/input/input17
[  178.139745][ T5876] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.144467][ T5876] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.220879][   T10] input: HID 0458:5012 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5012.000A/input/input18
[  178.252001][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.254864][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.279950][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.283801][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.304567][   T10] kye 0003:0458:5012.000A: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.3-1/input0
[  178.585815][ T5857] usb 4-1: USB disconnect, device number 5
[  178.800481][ T9152] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1193'.
[  179.747428][ T5236] Bluetooth: hci2: command tx timeout
[  180.236924][ T9188] loop3: detected capacity change from 0 to 2048
[  180.253999][ T9188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.298001][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.404011][ T9198] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1206'.
[  180.432183][ T5857] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  180.602687][ T5857] usb 1-1: Using ep0 maxpacket: 32
[  180.614487][ T5857] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  180.617093][ T5857] usb 1-1: config 0 has no interface number 0
[  180.619008][ T5857] usb 1-1: config 0 interface 184 has no altsetting 0
[  180.626560][ T5857] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  180.629456][ T5857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.633532][ T5857] usb 1-1: Product: syz
[  180.643454][ T5857] usb 1-1: Manufacturer: syz
[  180.645500][ T5857] usb 1-1: SerialNumber: syz
[  180.650275][ T5857] usb 1-1: config 0 descriptor??
[  180.658259][ T5857] smsc75xx v1.0.0
[  180.671764][ T9209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1211'.
[  180.675171][ T9209] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1211'.
[  180.680556][ T9209] netlink: 'syz.3.1211': attribute type 7 has an invalid length.
[  181.160172][   T10] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  181.311328][ T5857] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  181.315348][ T5857] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  181.319321][ T5857] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  181.323900][ T5857] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  181.332822][ T5857] usb 1-1: USB disconnect, device number 21
[  181.343818][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[  181.348183][   T10] usb 4-1: config 1 interface 0 altsetting 12 endpoint 0x81 has invalid maxpacket 512, setting to 8
[  181.355082][   T10] usb 4-1: config 1 interface 0 has no altsetting 0
[  181.361270][   T10] usb 4-1: string descriptor 0 read error: -22
[  181.364353][   T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice= 0.40
[  181.367574][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.375286][ T9219] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  181.386846][   T10] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input19
[  181.971925][ T5236] Bluetooth: hci2: command tx timeout
[  182.043257][   T10] usb 4-1: USB disconnect, device number 6
[  182.053235][ T5281] bcm5974 4-1:1.0: could not read from device
[  182.073559][ T5281] bcm5974 4-1:1.0: could not read from device
[  182.079028][ T5855] bcm5974 4-1:1.0: could not read from device
[  182.085514][ T5281] bcm5974 4-1:1.0: could not read from device
[  182.584733][ T9241] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1222'.
[  182.898939][   T10] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  182.997434][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  183.057950][ T9261] loop3: detected capacity change from 0 to 256
[  183.073177][   T10] usb 1-1: Using ep0 maxpacket: 16
[  183.087798][   T10] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  183.098443][ T9261] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005)
[  183.101922][ T9261] FAT-fs (loop3): Filesystem has been set read-only
[  183.102220][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  183.110850][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  183.121357][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  183.126722][ T8015] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005)
[  183.131831][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.134979][   T10] usb 1-1: Product: syz
[  183.142001][   T10] usb 1-1: Manufacturer: syz
[  183.143881][   T10] usb 1-1: SerialNumber: syz
[  183.180715][ T9265] netlink: 'syz.4.1234': attribute type 1 has an invalid length.
[  183.190026][ T9265] netlink: 'syz.4.1234': attribute type 4 has an invalid length.
[  183.193199][ T9265] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.1234'.
[  183.392500][   T10] usb 1-1: 0:2 : does not exist
[  183.399745][   T10] usb 1-1: 1:0: cannot get min/max values for control 4 (id 1)
[  183.427859][   T10] usb 1-1: USB disconnect, device number 22
[  183.622341][ T9287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1245'.
[  183.625774][ T9287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1245'.
[  183.772619][ T9283] loop4: detected capacity change from 0 to 32768
[  183.898682][ T9293] loop3: detected capacity change from 0 to 4096
[  183.915606][ T9293] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  184.196607][ T9313] loop0: detected capacity change from 0 to 2048
[  184.217811][ T9313] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  184.439837][ T9332] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1265'.
[  184.447096][ T9332] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1265'.
[  184.450396][ T9332] netlink: 'syz.0.1265': attribute type 6 has an invalid length.
[  184.467287][ T9332] netlink: 'syz.0.1265': attribute type 5 has an invalid length.
[  184.470107][ T9332] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1265'.
[  184.532315][ T9340] loop0: detected capacity change from 0 to 2048
[  184.562284][ T9342] loop3: detected capacity change from 0 to 2048
[  184.569326][ T9342] EXT4-fs: Ignoring removed bh option
[  184.589063][ T9340]  loop0: p3 < > p4 < >
[  184.590870][ T9340] loop0: partition table partially beyond EOD, truncated
[  184.594435][ T9340] loop0: p3 start 4284289 is beyond EOD, truncated
[  184.608285][ T5296]  loop0: p3 < > p4 < >
[  184.609731][ T5296] loop0: partition table partially beyond EOD, truncated
[  184.612665][ T5296] loop0: p3 start 4284289 is beyond EOD, truncated
[  184.625569][ T9342] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.663849][   T33] audit: type=1804 audit(1755260984.079:75): pid=9342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1272" name="/newroot/164/file1/file1" dev="loop3" ino=15 res=1 errno=0
[  184.668473][ T5855] udevd[5855]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  184.680251][   T33] audit: type=1326 audit(1755260984.079:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.688455][   T33] audit: type=1326 audit(1755260984.079:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.695666][   T33] audit: type=1326 audit(1755260984.107:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.705652][   T33] audit: type=1326 audit(1755260984.107:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.722946][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.729120][   T33] audit: type=1326 audit(1755260984.107:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.742530][   T33] audit: type=1326 audit(1755260984.117:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.773597][   T33] audit: type=1326 audit(1755260984.117:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  184.781509][   T33] audit: type=1326 audit(1755260984.117:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9346 comm="syz.4.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  185.765675][ T9357] loop0: detected capacity change from 0 to 65536
[  185.837965][ T9357] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  185.929551][ T9357] XFS (loop0): Ending clean mount
[  186.176939][ T5851] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  186.359355][ T9390] loop4: detected capacity change from 0 to 128
[  186.371508][ T9390] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  186.375960][ T9390] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  186.589737][ T5857] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  186.637508][ T9392] loop4: detected capacity change from 0 to 32768
[  186.673499][ T9392] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  186.710933][ T9392] XFS (loop4): Ending clean mount
[  186.737471][ T8978] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  186.751354][ T5857] usb 4-1: Using ep0 maxpacket: 32
[  186.775967][ T5857] usb 4-1: config 0 has an invalid interface number: 155 but max is 0
[  186.779354][ T5857] usb 4-1: config 0 has no interface number 0
[  186.814019][ T5857] usb 4-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice=a7.4c
[  186.824623][ T5857] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.827809][ T5857] usb 4-1: Product: syz
[  186.829418][ T5857] usb 4-1: Manufacturer: syz
[  186.831216][ T5857] usb 4-1: SerialNumber: syz
[  186.854039][ T5857] usb 4-1: config 0 descriptor??
[  186.984902][  T973] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  187.094274][ T5857] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.155/input/input20
[  187.104970][ T5281] bcm5974 4-1:0.155: could not read from device
[  187.108475][ T5281] bcm5974 4-1:0.155: could not read from device
[  187.126604][ T5281] bcm5974 4-1:0.155: could not read from device
[  187.131049][ T5857] usb 4-1: USB disconnect, device number 7
[  187.132890][ T5281] bcm5974 4-1:0.155: could not read from device
[  187.149209][  T973] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  187.152768][  T973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.181767][  T973] usb 1-1: config 0 descriptor??
[  187.750766][  T973] usb 1-1: Cannot read MAC address
[  187.752902][  T973] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  187.865240][ T9438] loop3: detected capacity change from 0 to 1024
[  187.871233][ T9438] EXT4-fs: Ignoring removed bh option
[  187.940609][ T9438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  187.996859][ T9438] EXT4-fs: Ignoring removed orlov option
[  188.041486][ T9438] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.1303: Abort forced by user
[  188.058702][ T9438] EXT4-fs (loop3): Remounting filesystem read-only
[  188.063702][ T9438] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-001000000000.
[  188.138355][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  188.275402][  T973] usb 1-1: USB disconnect, device number 23
[  189.387683][ T9460] loop0: detected capacity change from 0 to 1024
[  189.397768][ T9460] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  189.426928][ T9460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.438880][ T9460] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.1313: missing EA_INODE flag
[  189.448822][ T9460] EXT4-fs (loop0): Remounting filesystem read-only
[  189.472566][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.620135][ T9458] loop3: detected capacity change from 0 to 131072
[  189.625502][ T9458] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  189.628706][ T9458] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  189.641669][ T9458] F2FS-fs (loop3): invalid crc value
[  189.722674][ T9458] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  189.733281][ T9458] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  189.736123][ T9458] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  189.736728][ T9470] netlink: 5636 bytes leftover after parsing attributes in process `syz.4.1312'.
[  190.898007][ T9496] loop4: detected capacity change from 0 to 4096
[  191.023621][ T9498] erspan0: entered promiscuous mode
[  191.092637][ T9502] loop4: detected capacity change from 0 to 1024
[  191.098950][ T9502] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  191.325971][    C1] vcan0: j1939_tp_rxtimer: 0xffff888108b3ec00: rx timeout, send abort
[  191.334445][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888108b3ec00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  191.539663][ T9519] syzkaller1: entered promiscuous mode
[  191.542041][ T9519] syzkaller1: entered allmulticast mode
[  191.868318][ T9541] loop4: detected capacity change from 0 to 1024
[  191.875024][ T9541] EXT4-fs: Ignoring removed orlov option
[  191.877202][ T9541] EXT4-fs: Ignoring removed nomblk_io_submit option
[  191.926783][ T9541] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.971412][ T8978] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.308551][ T9569] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1345'.
[  192.317805][ T9569] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1345'.
[  192.326317][ T9572] loop0: detected capacity change from 0 to 128
[  192.358591][ T9572] syz.0.1344: attempt to access beyond end of device
[  192.358591][ T9572] loop0: rw=2049, sector=138, nr_sectors = 2 limit=128
[  192.388377][ T9572] syz.0.1344: attempt to access beyond end of device
[  192.388377][ T9572] loop0: rw=2049, sector=138, nr_sectors = 2 limit=128
[  192.748900][ T9598] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1353'.
[  192.753899][ T9598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1353'.
[  192.757090][ T9598] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1353'.
[  192.771939][ T9598] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1353'.
[  192.775331][ T9598] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1353'.
[  192.855433][ T9606] loop3: detected capacity change from 0 to 256
[  193.045625][ T9621] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1362'.
[  193.050207][ T9621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1362'.
[  193.053070][ T9621] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1362'.
[  193.251089][ T9623] loop0: detected capacity change from 0 to 4096
[  194.231550][ T9637] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  194.264617][ T9639] loop3: detected capacity change from 0 to 1024
[  194.292955][ T9639] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  194.307690][ T9639] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.341605][ T9639] EXT4-fs (loop3): Online resizing not supported with bigalloc
[  194.369434][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  194.539868][ T9658] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.542848][ T9658] bridge_slave_1: left promiscuous mode
[  194.546210][ T9658] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.550307][ T9658] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  195.535060][ T9680] loop3: detected capacity change from 0 to 512
[  195.540144][ T9680] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  195.549728][ T9680] EXT4-fs (loop3): 1 truncate cleaned up
[  195.555657][ T9680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.596723][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.849356][ T9720] netlink: 'syz.0.1400': attribute type 18 has an invalid length.
[  196.943535][ T9722] loop0: detected capacity change from 0 to 4096
[  196.948091][ T9722] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  197.679969][ T9743] loop3: detected capacity change from 0 to 1024
[  197.710931][ T9743] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  197.797788][ T9743] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1405: Invalid block bitmap block 0 in block_group 0
[  197.824719][ T9743] Quota error (device loop3): write_blk: dquota write failed
[  197.831318][ T9743] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  197.834707][ T9743] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1405: Failed to acquire dquot type 0
[  197.845714][ T9743] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1405: Freeing blocks not in datazone - block = 0, count = 4096
[  197.852825][ T9743] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1405: Invalid inode bitmap blk 0 in block_group 0
[  197.860986][  T150] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-7
[  197.866854][  T150] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u9:2: Failed to release dquot type 0
[  197.875404][ T9743] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  197.892157][ T9743] EXT4-fs (loop3): 1 orphan inode deleted
[  197.907567][ T9743] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.392804][ T9753] loop4: detected capacity change from 0 to 32768
[  198.401535][ T9753] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1408 (9753)
[  198.436442][ T9753] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  198.437986][ T9758] netlink: 'syz.0.1410': attribute type 1 has an invalid length.
[  198.439782][ T9753] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  198.439833][ T9753] BTRFS info (device loop4): using free-space-tree
[  198.443435][ T9758] __nla_validate_parse: 4 callbacks suppressed
[  198.443448][ T9758] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1410'.
[  198.621689][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.773079][ T8978] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  198.820131][ T9777] loop0: detected capacity change from 0 to 4096
[  198.848530][ T9777] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  198.892153][ T9777] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  198.903203][ T9777] ntfs3(loop0): Failed to load $Bitmap (-22).
[  199.381819][ T9794] loop0: detected capacity change from 0 to 32768
[  199.443268][ T9794] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  199.480585][ T9794] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  199.490967][ T9794] XFS (loop0): Starting recovery (logdev: internal)
[  199.502029][ T9794] XFS (loop0): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x8 
[  199.506541][ T9794] XFS (loop0): Unmount and run xfs_repair
[  199.508736][ T9794] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  199.511521][ T9794] 00000000: 41 42 54 42 00 00 00 02 ff ff ff ff ff ff ff ff  ABTB............
[  199.515067][ T9794] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  199.518441][ T9794] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  199.521872][ T9794] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  199.525311][ T9794] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  199.528822][ T9794] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  199.532299][ T9794] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  199.535894][ T9794] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  199.540301][ T9794] XFS (loop0): Filesystem has been shut down due to log error (0x2).
[  199.543521][ T9794] XFS (loop0): Please unmount the filesystem and rectify the problem(s).
[  199.547334][ T9794] XFS (loop0): log mount/recovery failed: error -74
[  199.559853][ T9794] XFS (loop0): log mount failed
[  199.755642][ T9804] loop3: detected capacity change from 0 to 128
[  199.917882][ T9812] loop3: detected capacity change from 0 to 8192
[  200.028156][  T973] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  200.112243][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  200.191555][  T973] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  200.194704][  T973] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.198029][  T973] usb 1-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0x18, changing to 0x8
[  200.203193][  T973] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  200.206385][  T973] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  200.213262][  T973] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  200.216713][  T973] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.219211][  T973] usb 1-1: Product: syz
[  200.226478][  T973] usb 1-1: Manufacturer: syz
[  200.229082][  T973] usb 1-1: SerialNumber: syz
[  200.252799][ T9816] loop4: detected capacity change from 0 to 32768
[  200.255498][ T9816] btrfs: Deprecated parameter 'usebackuproot'
[  200.257329][ T9816] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  200.260766][ T9816] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1425 (9816)
[  200.270992][ T9816] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.278862][ T9816] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  200.281556][ T9816] BTRFS info (device loop4): using free-space-tree
[  200.318921][   T26] BTRFS warning (device loop4): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  200.328380][ T9816] BTRFS warning (device loop4): couldn't read tree root
[  200.336550][ T9816] BTRFS warning (device loop4): try to load backup roots slot 1
[  200.340377][   T26] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  200.348675][ T9816] BTRFS warning (device loop4): couldn't read tree root
[  200.357366][ T9816] BTRFS warning (device loop4): try to load backup roots slot 2
[  200.369505][   T26] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  200.373261][ T9816] BTRFS warning (device loop4): couldn't read tree root
[  200.375888][ T9816] BTRFS warning (device loop4): try to load backup roots slot 3
[  200.404717][ T9816] BTRFS info (device loop4): rebuilding free space tree
[  200.428620][ T9816] BTRFS info (device loop4): checking UUID tree
[  200.465681][   T10] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  200.506572][ T8978] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.660129][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.664017][   T10] usb 4-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[  200.682605][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.701013][   T10] usb 4-1: config 0 descriptor??
[  201.156389][   T10] input: HID 28bd:0933 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28BD:0933.000B/input/input22
[  201.228424][   T10] uclogic 0003:28BD:0933.000B: input,hidraw0: USB HID v0.01 Mouse [HID 28bd:0933] on usb-dummy_hcd.3-1/input0
[  201.327147][  T973] cdc_mbim 1-1:1.0: bind() failure
[  201.334109][  T973] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  201.337953][  T973] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  201.344628][  T973] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  201.350670][  T973] usb 1-1: USB disconnect, device number 24
[  201.367157][   T24] usb 4-1: USB disconnect, device number 8
[  201.968164][ T9852] loop0: detected capacity change from 0 to 256
[  201.983121][ T9852] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xecfd5def, utbl_chksum : 0xe619d30d)
[  202.159172][ T9861] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1438'.
[  202.518358][ T5857] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  202.682257][ T5857] usb 1-1: unable to get BOS descriptor or descriptor too short
[  202.685900][ T5857] usb 1-1: not running at top speed; connect to a high speed hub
[  202.690268][ T5857] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  202.694084][ T5857] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  202.698441][ T9877] loop3: detected capacity change from 0 to 32768
[  202.699743][ T5857] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  202.706591][ T9877] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1445 (9877)
[  202.707111][ T5857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.713790][ T5857] usb 1-1: Product: syz
[  202.715111][ T5857] usb 1-1: Manufacturer: syz
[  202.716691][ T5857] usb 1-1: SerialNumber: syz
[  202.729927][ T9877] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  202.734615][ T9877] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  202.738295][ T9877] BTRFS info (device loop3): using free-space-tree
[  202.769988][ T9877] BTRFS info (device loop3): rebuilding free space tree
[  202.804701][ T8015] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  202.952260][ T5857] usb 1-1: 0:2 : does not exist
[  202.991424][ T5857] usb 1-1: USB disconnect, device number 25
[  203.013364][ T5855] udevd[5855]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  203.262523][ T9905] loop3: detected capacity change from 0 to 1024
[  203.325369][  T150] hfsplus: b-tree write err: -5, ino 4
[  203.423067][ T9911] kernel read not supported for file / lhOb~h3JyxvL=QRnFGrqςû~QV7"qHd0%NnyD (pid: 9911 comm: syz.3.1454)
[  203.428776][   T33] audit: type=1800 audit(1755261001.646:84): pid=9911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1454" name=BD16206C684F62EDF17EE501D168FEB51D9093339E8F064AC7C879FB78D0EEC3FC76F74CAA3D51E452FA6EC1B746477282A5F28F71F0CF82C3BB7E517F567F37B6B7227148E11197C964309DFA86F888B989FD254E6E79B503831CDD4402 dev="mqueue" ino=23759 res=0 errno=0
[  203.710570][ T9915] loop3: detected capacity change from 0 to 32768
[  203.716939][ T9915] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1456 (9915)
[  203.729320][ T9915] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  203.741535][ T9915] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  203.747537][ T9915] BTRFS info (device loop3): disk space caching is enabled
[  203.749852][ T9915] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  203.757018][ T9924] __vm_enough_memory: pid: 9924, comm: syz.0.1460, bytes: 4503599627366400 not enough memory for the allocation
[  203.841251][ T9915] BTRFS info (device loop3): rebuilding free space tree
[  203.854903][ T9915] BTRFS info (device loop3): disabling free space tree
[  203.857177][ T9915] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  203.860493][ T9915] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  204.010664][ T8015] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  204.131885][ T9948] mmap: syz.0.1463 (9948) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  204.562703][ T9960] batadv_slave_0: entered promiscuous mode
[  204.566932][ T9960] batadv_slave_0: left promiscuous mode
[  204.980543][ T9980] loop0: detected capacity change from 0 to 16
[  204.990733][ T9980] erofs (device loop0): mounted with root inode @ nid 36.
[  205.000654][ T9980] syz.0.1478: attempt to access beyond end of device
[  205.000654][ T9980] loop0: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[  205.009281][ T9980] erofs (device loop0): failed to decompress -2 in[1, 1440] out[1677]
[  205.012587][ T9980] erofs (device loop0): read error -5 @ 87 of nid 36
[  205.015164][ T9980] erofs (device loop0): failed to readdir of logical block 87 of nid 36
[  205.054087][ T5857] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  205.064768][ T9984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1480'.
[  205.236345][ T5857] usb 4-1: Using ep0 maxpacket: 16
[  205.241804][ T9996] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1486'.
[  205.245249][ T9996] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  205.250710][ T5857] usb 4-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.254131][ T5857] usb 4-1: config 0 interface 0 has no altsetting 0
[  205.259213][ T5857] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  205.262650][ T5857] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.267522][ T5857] usb 4-1: config 0 descriptor??
[  205.565220][   T10] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  205.706642][ T5857] hid_parser_main: 5 callbacks suppressed
[  205.706656][ T5857] logitech 0003:046D:C295.000C: unknown main item tag 0x0
[  205.711081][ T5857] logitech 0003:046D:C295.000C: unknown main item tag 0x0
[  205.713294][ T5857] logitech 0003:046D:C295.000C: unknown main item tag 0x0
[  205.716111][ T5857] logitech 0003:046D:C295.000C: unknown main item tag 0x0
[  205.718286][ T5857] logitech 0003:046D:C295.000C: unknown main item tag 0x0
[  205.722133][ T5857] logitech 0003:046D:C295.000C: hidraw0: USB HID v0.05 Device [HID 046d:c295] on usb-dummy_hcd.3-1/input0
[  205.725485][   T10] usb 1-1: Using ep0 maxpacket: 32
[  205.728799][ T5857] logitech 0003:046D:C295.000C: no inputs found
[  205.734174][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  205.741276][   T10] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  205.744040][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.746521][   T10] usb 1-1: Product: syz
[  205.749234][   T10] usb 1-1: Manufacturer: syz
[  205.750891][   T10] usb 1-1: SerialNumber: syz
[  205.753733][   T10] usb 1-1: config 0 descriptor??
[  205.755830][ T9998] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  205.760563][   T10] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input23
[  205.924178][   T47] usb 4-1: USB disconnect, device number 9
[  205.984340][   T10] usb 1-1: USB disconnect, device number 26
[  205.984406][    C0] usbtouchscreen 1-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  206.022363][   T33] audit: type=1326 audit(1755261004.059:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.4.1489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  206.043724][   T33] audit: type=1326 audit(1755261004.059:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.4.1489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  206.057780][   T33] audit: type=1326 audit(1755261004.078:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.4.1489" exe="/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  206.068823][   T33] audit: type=1326 audit(1755261004.078:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.4.1489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  206.077038][   T33] audit: type=1326 audit(1755261004.078:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.4.1489" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5458ebe9 code=0x7ffc0000
[  206.516689][ T5849] Bluetooth: hci2: command 0x0405 tx timeout
[  206.939494][   T47] libceph: connect (1)[c::]:6789 error -101
[  206.942145][   T47] libceph: mon0 (1)[c::]:6789 connect error
[  207.016838][T10052] ceph: No mds server is up or the cluster is laggy
[  207.045529][T10060] netlink: 'syz.4.1515': attribute type 10 has an invalid length.
[  207.141161][T10060] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.191508][T10060] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  207.214212][T10062] bond0: entered promiscuous mode
[  207.216102][T10062] bond_slave_0: entered promiscuous mode
[  207.218132][T10062] bond_slave_1: entered promiscuous mode
[  207.220205][T10062] batadv0: entered promiscuous mode
[  207.223166][T10055] loop3: detected capacity change from 0 to 32768
[  207.260471][T10055] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  207.287069][T10055] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  207.595332][ T8015] ocfs2: Unmounting device (7,3) on (node local)
[  208.003614][T10070] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1518'.
[  208.007109][T10070] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1518'.
[  208.241255][T10076] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1521'.
[  208.244755][T10076] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1521'.
[  208.255366][T10076] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[  208.557707][T10086] loop3: detected capacity change from 0 to 64
[  209.014124][T10095] loop3: detected capacity change from 0 to 4096
[  209.633990][T10099] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1531'.
[  209.820905][   T47] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  209.905656][T10105] loop3: detected capacity change from 0 to 32768
[  209.908814][T10105] XFS (loop3): sunit and swidth options incompatible with the noalign option
[  209.983421][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.987089][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.998347][   T47] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  210.005329][   T47] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  210.008315][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.013954][   T47] usb 1-1: config 0 descriptor??
[  210.059916][T10107] loop3: detected capacity change from 0 to 2048
[  210.080198][T10107] EXT4-fs (loop3): failed to initialize system zone (-117)
[  210.083434][T10107] EXT4-fs (loop3): mount failed
[  210.271334][T10117] loop3: detected capacity change from 0 to 1024
[  210.306654][T10117] hfsplus: walked past end of dir
[  210.464150][T10122] netlink: 'syz.3.1541': attribute type 2 has an invalid length.
[  210.468017][   T47] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  210.489458][T10122] : entered promiscuous mode
[  210.619168][T10130] loop3: detected capacity change from 0 to 128
[  210.633592][T10130] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  210.637761][T10130] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.647779][T10130] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.1545: No space for directory leaf checksum. Please run e2fsck -D.
[  210.652397][T10130] EXT4-fs error (device loop3): htree_dirblock_to_tree:1051: inode #2: comm syz.3.1545: Directory block failed checksum
[  210.663800][  T973] usb 1-1: USB disconnect, device number 27
[  210.669987][ T8015] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  211.616139][  T973] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  211.794100][  T973] usb 1-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  211.800799][  T973] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.803146][  T973] usb 1-1: Product: syz
[  211.804385][  T973] usb 1-1: Manufacturer: syz
[  211.806026][  T973] usb 1-1: SerialNumber: syz
[  211.815238][  T973] usb 1-1: config 0 descriptor??
[  211.822973][  T973] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  211.835923][  T973] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  211.846869][  T973] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19)
[  211.982805][T10159] loop3: detected capacity change from 0 to 1024
[  212.002640][T10159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.020941][T10159] EXT4-fs error (device loop3): ext4_get_first_dir_block:3556: inode #11: comm syz.3.1557: directory missing '..'
[  212.061061][  T973] usb 1-1: USB disconnect, device number 28
[  212.071233][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.093971][T10151] loop4: detected capacity change from 0 to 32768
[  212.494156][T10167] loop3: detected capacity change from 0 to 40427
[  212.525695][T10167] F2FS-fs (loop3): invalid crc value
[  212.593525][T10167] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  212.599738][T10167] F2FS-fs (loop3): Start checkpoint disabled!
[  212.604837][T10167] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  212.607644][T10172] loop4: detected capacity change from 0 to 16
[  212.620279][T10172] erofs (device loop4): mounted with root inode @ nid 36.
[  212.675387][ T1089] kworker/u10:4: attempt to access beyond end of device
[  212.675387][ T1089] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  212.687516][ T1089] CPU: 1 UID: 0 PID: 1089 Comm: kworker/u10:4 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  212.687531][ T1089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  212.687537][ T1089] Workqueue: writeback wb_workfn (flush-7:3)
[  212.687552][ T1089] Call Trace:
[  212.687556][ T1089]  <TASK>
[  212.687560][ T1089]  dump_stack_lvl+0x189/0x250
[  212.687600][ T1089]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.687609][ T1089]  ? __pfx_queue_work_on+0x10/0x10
[  212.687618][ T1089]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  212.687628][ T1089]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  212.687644][ T1089]  f2fs_handle_critical_error+0x37c/0x540
[  212.687659][ T1089]  f2fs_write_end_io+0x886/0xb60
[  212.687676][ T1089]  __submit_merged_bio+0x27a/0x6a0
[  212.687691][ T1089]  __submit_merged_write_cond+0x255/0x530
[  212.687705][ T1089]  f2fs_write_data_pages+0x261d/0x3000
[  212.687734][ T1089]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  212.687753][ T1089]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  212.687775][ T1089]  ? __lock_acquire+0xab9/0xd20
[  212.687799][ T1089]  ? __update_load_avg_se+0x751/0xbc0
[  212.687813][ T1089]  ? __dequeue_entity+0x4e/0xc60
[  212.687828][ T1089]  ? update_entity_lag+0x287/0x2d0
[  212.687842][ T1089]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  212.687854][ T1089]  do_writepages+0x32e/0x550
[  212.687872][ T1089]  ? reacquire_held_locks+0x127/0x1d0
[  212.687883][ T1089]  ? writeback_sb_inodes+0x384/0x1010
[  212.687903][ T1089]  __writeback_single_inode+0x145/0xff0
[  212.687917][ T1089]  ? do_raw_spin_unlock+0x4d/0x240
[  212.687935][ T1089]  writeback_sb_inodes+0x6c7/0x1010
[  212.687962][ T1089]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  212.687994][ T1089]  ? rcu_is_watching+0x15/0xb0
[  212.688008][ T1089]  wb_writeback+0x43b/0xaf0
[  212.688022][ T1089]  ? queue_io+0x3d1/0x590
[  212.688034][ T1089]  ? __pfx_wb_writeback+0x10/0x10
[  212.688056][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  212.688069][ T1089]  wb_workfn+0x409/0xef0
[  212.688085][ T1089]  ? __pfx_wb_workfn+0x10/0x10
[  212.688097][ T1089]  ? __lock_acquire+0xab9/0xd20
[  212.688114][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  212.688126][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  212.688134][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  212.688142][ T1089]  ? process_scheduled_works+0x9ef/0x17b0
[  212.688150][ T1089]  process_scheduled_works+0xae1/0x17b0
[  212.688174][ T1089]  ? __pfx_process_scheduled_works+0x10/0x10
[  212.688191][ T1089]  worker_thread+0x8a0/0xda0
[  212.688216][ T1089]  kthread+0x711/0x8a0
[  212.688235][ T1089]  ? __pfx_worker_thread+0x10/0x10
[  212.688247][ T1089]  ? __pfx_kthread+0x10/0x10
[  212.688257][ T1089]  ? _raw_spin_unlock_irq+0x23/0x50
[  212.688284][ T1089]  ? lockdep_hardirqs_on+0x9c/0x150
[  212.688295][ T1089]  ? __pfx_kthread+0x10/0x10
[  212.688305][ T1089]  ret_from_fork+0x3fc/0x770
[  212.688316][ T1089]  ? __pfx_ret_from_fork+0x10/0x10
[  212.688328][ T1089]  ? __switch_to_asm+0x39/0x70
[  212.688337][ T1089]  ? __switch_to_asm+0x33/0x70
[  212.688346][ T1089]  ? __pfx_kthread+0x10/0x10
[  212.688362][ T1089]  ret_from_fork_asm+0x1a/0x30
[  212.688389][ T1089]  </TASK>
[  212.690608][ T1089] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  213.172510][T10206] tracefs: Invalid uid '0x00000000ffffffff'
[  213.369380][   T10] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[  213.825463][   T10] usb 1-1: config index 0 descriptor too short (expected 539, got 27)
[  213.832307][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 4
[  213.846385][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 15692, setting to 1023
[  213.858309][   T10] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  213.867926][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.875426][   T10] usb 1-1: Product: syz
[  213.879616][   T10] usb 1-1: Manufacturer: syz
[  213.885545][   T10] usb 1-1: SerialNumber: syz
[  213.895693][   T10] usb 1-1: config 0 descriptor??
[  213.906619][   T10] hub 1-1:0.0: bad descriptor, ignoring hub
[  213.909376][   T10] hub 1-1:0.0: probe with driver hub failed with error -5
[  213.915874][   T10] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input25
[  213.928411][   T10] usbtouchscreen 1-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22
[  213.937058][   T10] usbtouchscreen 1-1:0.0: probe with driver usbtouchscreen failed with error -22
[  214.019253][T10222] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1581'.
[  214.024118][T10222] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1581'.
[  214.064324][T10224] loop4: detected capacity change from 0 to 512
[  214.219127][T10228] netlink: 128124 bytes leftover after parsing attributes in process `syz.4.1584'.
[  214.275987][T10230] loop4: detected capacity change from 0 to 2048
[  214.290953][   T10] usb 1-1: USB disconnect, device number 29
[  214.311389][T10232] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  214.326898][T10230] syz.4.1585: attempt to access beyond end of device
[  214.326898][T10230] loop4: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048
[  214.339117][T10230] NILFS (loop4): I/O error reading b-tree node block (ino=16, blocknr=15)
[  214.347220][T10230] NILFS (loop4): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0
[  214.347729][T10233] loop3: detected capacity change from 0 to 1024
[  214.362359][T10230] NILFS error (device loop4): nilfs_bmap_last_key: broken bmap (inode number=16)
[  214.378254][T10233] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.383216][T10230] Remounting filesystem read-only
[  214.385253][T10230] NILFS (loop4): error -5 truncating bmap (ino=16)
[  214.406603][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.410237][ T8978] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  214.534360][T10243] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1590'.
[  214.543881][T10243] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1590'.
[  214.548964][T10243] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1590'.
[  214.551838][T10243] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1590'.
[  214.554898][T10245] netem: change failed
[  214.609738][T10249] loop4: detected capacity change from 0 to 2048
[  214.616114][T10249] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  214.619556][T10249] NILFS (loop4): mounting unchecked fs
[  214.623045][ T5855] udevd[5855]: incorrect nilfs2 checksum on /dev/loop4
[  214.630221][ T5855] udevd[5855]: incorrect nilfs2 checksum on /dev/loop4
[  214.637495][T10249] NILFS (loop4): recovery complete
[  214.640022][T10250] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  214.649625][   T33] audit: type=1800 audit(1755261012.132:90): pid=10249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1593" name="file1" dev="loop4" ino=15 res=0 errno=0
[  214.681798][   T33] audit: type=1804 audit(1755261012.150:91): pid=10249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1593" name="/newroot/124/file0/file1" dev="loop4" ino=15 res=1 errno=0
[  215.142714][T10259] netlink: 'syz.0.1596': attribute type 1 has an invalid length.
[  215.683494][T10274] loop3: detected capacity change from 0 to 128
[  215.731470][T10274] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /syz-executor /syz-executor /newroot/294/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  215.839872][T10278] loop3: detected capacity change from 0 to 512
[  216.357130][T10282] loop0: detected capacity change from 0 to 256
[  216.357430][T10284] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1608'.
[  216.359953][T10282] exfat: Deprecated parameter 'namecase'
[  216.372340][T10282] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  216.541938][T10292] netlink: 'syz.3.1612': attribute type 1 has an invalid length.
[  216.586547][T10294] RDS: rds_bind could not find a transport for ::ffff:0.0.0.224, load rds_tcp or rds_rdma?
[  219.919933][T10334] loop4: detected capacity change from 0 to 32768
[  219.923550][T10334] btrfs: Deprecated parameter 'usebackuproot'
[  219.925896][T10334] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  219.930025][T10334] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1628 (10334)
[  219.964682][T10334] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  219.976211][T10334] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  219.979506][T10334] BTRFS info (device loop4): using free-space-tree
[  220.046845][   T36] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  220.069703][T10334] BTRFS error (device loop4): failed to load root extent
[  220.075337][T10334] BTRFS warning (device loop4): try to load backup roots slot 1
[  220.083417][   T40] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  220.088680][T10334] BTRFS warning (device loop4): couldn't read tree root
[  220.091532][T10334] BTRFS warning (device loop4): try to load backup roots slot 2
[  220.102699][   T40] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  220.107459][T10334] BTRFS warning (device loop4): couldn't read tree root
[  220.110208][T10334] BTRFS warning (device loop4): try to load backup roots slot 3
[  220.139626][T10334] BTRFS info (device loop4): rebuilding free space tree
[  220.149868][T10337] loop0: detected capacity change from 0 to 40427
[  220.159105][T10337] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  220.161704][T10337] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  220.175258][T10334] BTRFS info (device loop4): checking UUID tree
[  220.175812][T10337] F2FS-fs (loop0): invalid crc value
[  220.230881][T10337] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  220.240380][T10337] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  220.242711][T10337] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  220.260704][ T8978] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  220.347244][ T5851] syz-executor: attempt to access beyond end of device
[  220.347244][ T5851] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  220.358732][ T5851] CPU: 1 UID: 0 PID: 5851 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  220.358755][ T5851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  220.358763][ T5851] Call Trace:
[  220.358770][ T5851]  <TASK>
[  220.358777][ T5851]  dump_stack_lvl+0x189/0x250
[  220.358803][ T5851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.358820][ T5851]  ? __pfx_queue_work_on+0x10/0x10
[  220.358832][ T5851]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  220.358850][ T5851]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  220.358877][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[  220.358903][ T5851]  f2fs_write_end_io+0x886/0xb60
[  220.358934][ T5851]  __submit_merged_bio+0x27a/0x6a0
[  220.358951][ T5851]  ? up_write+0x1c4/0x420
[  220.358971][ T5851]  __submit_merged_write_cond+0x44c/0x530
[  220.358997][ T5851]  f2fs_sync_node_pages+0x1479/0x15e0
[  220.359033][ T5851]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  220.359079][ T5851]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  220.359098][ T5851]  ? up_write+0x1c4/0x420
[  220.359138][ T5851]  ? do_raw_spin_unlock+0x4d/0x240
[  220.359161][ T5851]  f2fs_write_checkpoint+0xe6f/0x1df0
[  220.359199][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  220.359259][ T5851]  ? kill_f2fs_super+0x298/0x6c0
[  220.359278][ T5851]  kill_f2fs_super+0x2c3/0x6c0
[  220.359298][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[  220.359316][ T5851]  ? radix_tree_delete_item+0x2b6/0x400
[  220.359341][ T5851]  ? shrinker_free+0x2ce/0x3e0
[  220.359359][ T5851]  deactivate_locked_super+0xbc/0x130
[  220.359378][ T5851]  cleanup_mnt+0x425/0x4c0
[  220.359393][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  220.359414][ T5851]  task_work_run+0x1d4/0x260
[  220.359435][ T5851]  ? __pfx_task_work_run+0x10/0x10
[  220.359451][ T5851]  ? __x64_sys_umount+0x122/0x160
[  220.359472][ T5851]  ? exit_to_user_mode_loop+0x40/0x110
[  220.359495][ T5851]  exit_to_user_mode_loop+0xec/0x110
[  220.359514][ T5851]  do_syscall_64+0x2bd/0x3b0
[  220.359532][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  220.359548][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.359561][ T5851]  ? exc_page_fault+0x9f/0xf0
[  220.359580][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.359593][ T5851] RIP: 0033:0x7f830638ff17
[  220.359607][ T5851] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  220.359618][ T5851] RSP: 002b:00007ffed9651ff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  220.359634][ T5851] RAX: 0000000000000000 RBX: 00007f8306411c05 RCX: 00007f830638ff17
[  220.359643][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed96520b0
[  220.359651][ T5851] RBP: 00007ffed96520b0 R08: 0000000000000000 R09: 0000000000000000
[  220.359660][ T5851] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed9653140
[  220.359668][ T5851] R13: 00007f8306411c05 R14: 0000000000033f45 R15: 00007ffed9653180
[  220.359695][ T5851]  </TASK>
[  220.359701][ T5851] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  220.443900][T10359] capability: warning: `syz.4.1630' uses 32-bit capabilities (legacy support in use)
[  220.595951][T10361] loop4: detected capacity change from 0 to 512
[  220.599814][T10361] EXT4-fs: Ignoring removed nobh option
[  220.609955][T10361] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1632: iget: bad i_size value: 38620345925642
[  220.620773][T10361] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1632: couldn't read orphan inode 15 (err -117)
[  220.632942][T10361] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.997994][T10364] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.054901][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.132809][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.257966][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.333289][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  221.337895][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  221.342050][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  221.351435][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.352141][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  221.362745][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  221.503794][T10378] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1639'.
[  221.592863][   T13] bridge_slave_1: left allmulticast mode
[  221.595145][   T13] bridge_slave_1: left promiscuous mode
[  221.596381][T10383] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1641'.
[  221.597509][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.600693][T10383] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  221.609336][   T13] bridge_slave_0: left allmulticast mode
[  221.611567][   T13] bridge_slave_0: left promiscuous mode
[  221.614018][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.015939][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  222.020994][   T13] bond_slave_0: left promiscuous mode
[  222.025047][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  222.028507][   T13] bond_slave_1: left promiscuous mode
[  222.032492][   T13] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  222.035799][   T13] batadv0: left promiscuous mode
[  222.043850][   T13] bond0 (unregistering): Released all slaves
[  222.121508][T10374] chnl_net:caif_netlink_parms(): no params data found
[  222.353453][T10415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1654'.
[  222.437310][T10374] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.442211][T10374] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.445079][T10374] bridge_slave_0: entered allmulticast mode
[  222.461597][T10374] bridge_slave_0: entered promiscuous mode
[  222.485123][T10374] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.488579][T10374] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.491351][T10374] bridge_slave_1: entered allmulticast mode
[  222.494819][T10374] bridge_slave_1: entered promiscuous mode
[  222.593458][   T13] hsr_slave_0: left promiscuous mode
[  222.603700][   T13] hsr_slave_1: left promiscuous mode
[  222.613023][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.615764][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.624602][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.632219][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.654640][   T13] veth1_macvtap: left promiscuous mode
[  222.656692][   T13] veth0_macvtap: left promiscuous mode
[  222.658915][   T13] veth1_vlan: left promiscuous mode
[  222.663885][   T13] veth0_vlan: left promiscuous mode
[  223.062149][   T13] team0 (unregistering): Port device team_slave_1 removed
[  223.097511][   T13] team0 (unregistering): Port device team_slave_0 removed
[  223.226666][ T5236] Bluetooth: hci1: unexpected event for opcode 0x0c6d
[  223.538664][ T5236] Bluetooth: hci2: command tx timeout
[  223.678563][T10374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  223.722347][T10374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  223.766264][T10444] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1666'.
[  223.840876][T10374] team0: Port device team_slave_0 added
[  223.845678][T10374] team0: Port device team_slave_1 added
[  223.933127][T10374] batman_adv: batadv0: Adding interface: batadv_slave_0
[  223.935218][T10374] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  223.962133][T10374] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  223.985472][T10450] overlayfs: failed to clone upperpath
[  224.004260][T10374] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.022703][T10374] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.034860][T10374] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  224.169320][T10374] hsr_slave_0: entered promiscuous mode
[  224.171572][T10374] hsr_slave_1: entered promiscuous mode
[  224.185642][T10374] debugfs: 'hsr0' already exists in 'hsr'
[  224.200726][T10374] Cannot create hsr debugfs directory
[  224.623029][T10374] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  224.648642][T10485] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1681'.
[  224.651945][T10374] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  224.664690][T10374] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  224.676022][T10374] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  224.772402][T10473] loop3: detected capacity change from 0 to 40427
[  224.783168][T10473] F2FS-fs (loop3): build fault injection rate: 16
[  224.785234][T10473] F2FS-fs (loop3): build fault injection type: 0x77fd1
[  224.816907][T10473] F2FS-fs (loop3): invalid crc value
[  224.827961][T10473] F2FS-fs (loop3): inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x30ed/0x49f0
[  224.836587][T10473] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12)
[  224.879686][T10374] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.911507][T10374] 8021q: adding VLAN 0 to HW filter on device team0
[  224.940685][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.943563][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.971474][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.974315][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.054793][T10504] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1685'.
[  225.082035][T10504] bond0: entered promiscuous mode
[  225.087149][T10504] bond_slave_0: entered promiscuous mode
[  225.089351][T10504] bond_slave_1: entered promiscuous mode
[  225.105348][T10504] bond0: left promiscuous mode
[  225.106938][T10504] bond_slave_0: left promiscuous mode
[  225.111432][T10504] bond_slave_1: left promiscuous mode
[  225.322949][T10374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.515177][T10533] loop3: detected capacity change from 0 to 512
[  225.546114][T10533] EXT4-fs error (device loop3): ext4_orphan_get:1392: comm syz.3.1690: inode #15: comm syz.3.1690: iget: illegal inode #
[  225.551315][T10533] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1690: couldn't read orphan inode 15 (err -117)
[  225.559107][T10533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.648619][ T8015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.742455][T10542] loop3: detected capacity change from 0 to 256
[  225.759967][ T5236] Bluetooth: hci2: command tx timeout
[  225.783368][T10542] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5658fca8, utbl_chksum : 0xe619d30d)
[  225.929779][T10374] veth0_vlan: entered promiscuous mode
[  225.982140][T10374] veth1_vlan: entered promiscuous mode
[  226.061522][T10374] veth0_macvtap: entered promiscuous mode
[  226.070909][T10374] veth1_macvtap: entered promiscuous mode
[  226.091727][T10374] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.097994][T10374] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.107366][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.114793][ T5879] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.118946][ T5879] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.126800][ T5879] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.206129][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.211295][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.231131][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.234208][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.389714][T10546] loop3: detected capacity change from 0 to 32768
[  226.464571][T10546] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.564601][T10546] XFS (loop3): Ending clean mount
[  226.569090][T10546] XFS (loop3): Quotacheck needed: Please wait.
[  226.644324][T10546] XFS (loop3): Quotacheck: Done.
[  226.723447][ T8015] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.738612][T10584] loop5: detected capacity change from 0 to 4096
[  226.767505][T10584] ntfs3(loop5): Primary boot: invalid bytes per MFT record 4 (-2).
[  226.786164][T10584] ntfs3(loop5): try to read out of volume at offset 0x1ffe00
[  227.162670][T10604] loop3: detected capacity change from 0 to 512
[  227.166584][T10604] EXT4-fs (loop3): inodes count not valid: 2 vs 32
[  227.278638][T10607] netlink: 'syz.5.1705': attribute type 4 has an invalid length.
[  227.422015][T10616] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  227.636222][T10620] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1711'.
[  227.677380][T10611] loop3: detected capacity change from 0 to 32768
[  227.699598][T10611] ialloc: diAlloc returned -17!
[  227.813146][T10612] team0 (unregistering): Port device team_slave_0 removed
[  227.820190][T10612] team0 (unregistering): Port device team_slave_1 removed
[  227.955513][   T33] audit: type=1326 audit(1755261024.582:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.3.1712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  227.967269][   T33] audit: type=1326 audit(1755261024.591:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.3.1712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  227.980048][   T33] audit: type=1326 audit(1755261024.591:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.3.1712" exe="/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  227.990170][   T33] audit: type=1326 audit(1755261024.591:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.3.1712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  228.002126][ T5236] Bluetooth: hci2: command tx timeout
[  228.002599][   T33] audit: type=1326 audit(1755261024.591:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.3.1712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4d9b8ebe9 code=0x7ffc0000
[  228.088119][T10634] netlink: 'syz.3.1716': attribute type 10 has an invalid length.
[  228.098537][T10634] lo: entered promiscuous mode
[  228.105082][T10634] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  228.124846][T10636] loop5: detected capacity change from 0 to 2048
[  228.193163][T10636] NILFS (loop5): bad btree root (ino=6): level = 5, flags = 0xbd, nchildren = 0
[  228.199737][T10636] NILFS (loop5): ifile inode (checkpoint number=2) corrupted
[  228.203929][T10636] NILFS (loop5): error -5 while loading last checkpoint (checkpoint number=2)
[  229.580826][T10706] cgroup: No subsys list or none specified
[  229.610759][T10709] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  229.743289][   T33] audit: type=1326 audit(1755261026.219:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10691 comm="syz.0.1740" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  229.844646][   T33] audit: type=1326 audit(1755261026.219:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10691 comm="syz.0.1740" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  229.865177][   T33] audit: type=1326 audit(1755261026.219:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10691 comm="syz.0.1740" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  229.893655][   T33] audit: type=1326 audit(1755261026.219:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10691 comm="syz.0.1740" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  229.906661][   T33] audit: type=1326 audit(1755261026.219:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10691 comm="syz.0.1740" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  230.207374][ T5236] Bluetooth: hci2: command tx timeout
[  230.447663][T10720] netlink: 'syz.0.1751': attribute type 6 has an invalid length.
[  230.452704][T10720] netlink: 'syz.0.1751': attribute type 6 has an invalid length.
[  230.581528][ T5236] Bluetooth: hci1: unexpected event for opcode 0x2011
[  230.682158][T10722] loop5: detected capacity change from 0 to 32768
[  230.700161][T10722] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  230.715967][T10722] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  230.740222][T10722] (syz.5.1752,10722,1):ocfs2_read_blocks:239 ERROR: status = -12
[  230.747139][T10722] (syz.5.1752,10722,1):ocfs2_xattr_block_find:2831 ERROR: status = -12
[  230.791453][T10374] ocfs2: Unmounting device (7,5) on (node local)
[  231.085161][T10750] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1764'.
[  231.113173][T10752] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-xor(2)
[  231.170953][T10757] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1767'.
[  231.406431][T10772] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1773'.
[  234.914206][ T5236] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  234.917635][ T5236] Bluetooth: hci1: Injecting HCI hardware error event
[  234.924387][ T5236] Bluetooth: hci1: hardware error 0x00
[  235.414507][T10911] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1829'.
[  235.502952][T10915] qrtr: Invalid version 0
[  235.998617][T10948] netlink: 228 bytes leftover after parsing attributes in process `syz.5.1847'.
[  236.222994][T10961] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1852'.
[  236.239058][T10961] tipc: Enabled bearer <udp:syz0>, priority 10
[  237.037837][T10991] overlayfs: failed to clone upperpath
[  237.145512][ T5236] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  237.288341][T11012] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  237.354379][T11017] fuse: Bad value for 'fd'
[  237.491745][T11031] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1880'.
[  237.516639][T11035] tc_dump_action: action bad kind
[  238.049163][T11073] netlink: 'syz.3.1900': attribute type 1 has an invalid length.
[  238.052268][T11073] netlink: 'syz.3.1900': attribute type 1 has an invalid length.
[  238.363115][T11095] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1906'.
[  238.402078][    T9] kernel write not supported for file /132/clear_refs (pid: 9 comm: kworker/0:0)
[  239.369055][T11136] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1922'.
[  239.600743][T11154] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1929'.
[  239.993864][T11179] loop5: detected capacity change from 0 to 16
[  240.003340][T11179] erofs (device loop5): mounted with root inode @ nid 36.
[  240.032067][T11182] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1936'.
[  240.224641][T11197] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1943'.
[  240.367483][ T5857] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  240.549649][ T5857] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  240.554379][ T5857] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  240.561615][ T5857] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  240.580095][ T5857] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  240.583220][ T5857] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  240.585865][ T5857] usb 6-1: Product: syz
[  240.587231][ T5857] usb 6-1: Manufacturer: syz
[  240.593212][ T5857] usb 6-1: SerialNumber: syz
[  240.829052][ T5857] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  241.043752][ T5857] usb 6-1: USB disconnect, device number 2
[  241.057198][ T5857] usblp0: removed
[  241.358300][   T33] kauditd_printk_skb: 178 callbacks suppressed
[  241.358324][   T33] audit: type=1326 audit(1755261037.126:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.371767][   T33] audit: type=1326 audit(1755261037.126:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.384607][   T33] audit: type=1326 audit(1755261037.135:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.394242][ T5236] Bluetooth: hci0: Malformed Event: 0x2f
[  241.398473][   T33] audit: type=1326 audit(1755261037.135:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.407272][   T33] audit: type=1326 audit(1755261037.135:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.422720][   T33] audit: type=1326 audit(1755261037.135:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.431326][   T33] audit: type=1326 audit(1755261037.135:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.442843][   T33] audit: type=1326 audit(1755261037.135:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.451488][   T33] audit: type=1326 audit(1755261037.144:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.461781][   T33] audit: type=1326 audit(1755261037.144:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11251 comm="syz.0.1960" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f830638ebe9 code=0x7ffc0000
[  241.532070][T11263] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  241.665148][T11272] netlink: 'syz.3.1971': attribute type 11 has an invalid length.
[  242.309972][T11318] loop5: detected capacity change from 0 to 64
[  242.332012][T11318] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop5
[  242.466844][T11330] lo speed is unknown, defaulting to 1000
[  242.476585][T11330] lo speed is unknown, defaulting to 1000
[  242.492194][T11330] lo speed is unknown, defaulting to 1000
[  242.507841][T11330] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  242.527623][T11330] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  242.583149][T11335] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1999'.
[  242.588168][T11330] lo speed is unknown, defaulting to 1000
[  242.602416][T11330] lo speed is unknown, defaulting to 1000
[  242.613351][T11330] lo speed is unknown, defaulting to 1000
[  242.645128][T11328] loop5: detected capacity change from 0 to 32768
[  242.719399][T11328] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  242.756508][T11328] XFS (loop5): Ending clean mount
[  242.787575][T11328] XFS (loop5): Quotacheck needed: Please wait.
[  242.828369][T11328] XFS (loop5): Quotacheck: Done.
[  243.082988][T10374] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  243.230812][T11367] netlink: 'syz.0.2012': attribute type 3 has an invalid length.
[  243.557577][T11369] loop5: detected capacity change from 0 to 32768
[  243.602684][T11369] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  243.643720][T11369] XFS (loop5): Ending clean mount
[  243.669715][T10374] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  243.924461][T11371] overlayfs: failed to clone upperpath
[  245.118503][   T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  245.293229][   T10] usb 6-1: config 102 has an invalid interface number: 120 but max is 0
[  245.304749][   T10] usb 6-1: config 102 has no interface number 0
[  245.311258][   T10] usb 6-1: config 102 interface 120 has no altsetting 0
[  245.325248][   T10] usb 6-1: New USB device found, idVendor=10fd, idProduct=de00, bcdDevice= 0.01
[  245.328462][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.332349][   T10] usb 6-1: Product: syz
[  245.334081][   T10] usb 6-1: Manufacturer: syz
[  245.338739][   T10] usb 6-1: SerialNumber: syz
[  245.500503][T11428] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2035'.
[  245.565602][T11434] cgroup: Bad value for 'name'
[  245.578291][   T10] go7007 6-1:102.120: The Lifeview TV Walker Ultra is not supported. Sorry!
[  245.612432][   T10] usb 6-1: USB disconnect, device number 3
[  247.259149][T11491] netlink: 'syz.3.2062': attribute type 1 has an invalid length.
[  247.262379][T11491] netlink: 'syz.3.2062': attribute type 2 has an invalid length.
[  247.272267][T11493] overlayfs: failed to clone upperpath
[  247.323039][   T47] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  247.542690][   T47] usb 6-1: Using ep0 maxpacket: 32
[  247.550384][   T47] usb 6-1: config 0 has an invalid interface number: 89 but max is 0
[  247.553092][   T47] usb 6-1: config 0 has no interface number 0
[  247.560131][   T47] usb 6-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68
[  247.563462][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.566573][   T47] usb 6-1: Product: syz
[  247.568202][   T47] usb 6-1: Manufacturer: syz
[  247.570182][   T47] usb 6-1: SerialNumber: syz
[  247.573749][   T47] usb 6-1: config 0 descriptor??
[  247.577044][   T47] hub 6-1:0.89: bad descriptor, ignoring hub
[  247.579545][   T47] hub 6-1:0.89: probe with driver hub failed with error -5
[  247.582834][   T47] option 6-1:0.89: GSM modem (1-port) converter detected
[  247.587741][   T47] usb 6-1: GSM modem (1-port) converter now attached to ttyUSB0
[  247.912711][   T47] usb 6-1: USB disconnect, device number 4
[  247.919231][   T47] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  247.923541][   T47] option 6-1:0.89: device disconnected
[  248.151757][T11510] IPv4: Oversized IP packet from 172.20.20.24
[  248.259453][T11512] netlink: 212264 bytes leftover after parsing attributes in process `syz.0.2072'.
[  248.408653][T11519] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2074'.
[  248.412399][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2074'.
[  248.431137][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2074'.
[  248.443022][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2074'.
[  249.171583][T11545] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2086'.
[  249.174633][T11545] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2086'.
[  249.364709][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  249.422553][T11558] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2092'.
[  249.437014][T11558] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2092'.
[  249.636015][T11568] loop5: detected capacity change from 0 to 2048
[  249.666905][T11568] EXT4-fs (loop5): cluster size (1024) smaller than block size (2048)
[  251.242054][T11627] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2123'.
[  252.005969][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  252.097920][T11651] netlink: 'syz.0.2135': attribute type 3 has an invalid length.
[  252.127093][T11653] veth1_macvtap: left promiscuous mode
[  252.129266][T11653] macsec0: entered allmulticast mode
[  252.139629][T11653] veth1_macvtap: entered promiscuous mode
[  252.141546][T11653] veth1_macvtap: entered allmulticast mode
[  252.144416][T11653] macsec0: left allmulticast mode
[  252.146450][T11653] veth1_macvtap: left allmulticast mode
[  252.186418][T11659] overlayfs: failed to clone lowerpath
[  252.187864][    T9] usb 6-1: Using ep0 maxpacket: 8
[  252.193135][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  252.197856][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3
[  252.208033][    T9] usb 6-1: New USB device found, idVendor=05c6, idProduct=9215, bcdDevice=29.ac
[  252.215957][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.228479][    T9] usb 6-1: config 0 descriptor??
[  252.243782][    T9] qmi_wwan 6-1:0.0: probe with driver qmi_wwan failed with error -22
[  252.473706][   T47] usb 6-1: USB disconnect, device number 5
[  253.320079][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  253.443918][T11699] overlayfs: failed to clone upperpath
[  253.472891][T11702] netlink: 'syz.3.2158': attribute type 29 has an invalid length.
[  253.477472][T11702] netlink: 'syz.3.2158': attribute type 29 has an invalid length.
[  253.481926][T11702] ==================================================================
[  253.485176][T11702] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  253.488201][T11702] Read of size 4 at addr ffff8881178749c4 by task syz.3.2158/11702
[  253.492322][T11702] 
[  253.493572][T11702] CPU: 0 UID: 0 PID: 11702 Comm: syz.3.2158 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  253.493598][T11702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  253.493608][T11702] Call Trace:
[  253.493615][T11702]  <TASK>
[  253.493621][T11702]  dump_stack_lvl+0x189/0x250
[  253.493644][T11702]  ? __kasan_check_byte+0x12/0x40
[  253.493666][T11702]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.493683][T11702]  ? lock_release+0x4b/0x3e0
[  253.493706][T11702]  ? __virt_addr_valid+0x4a5/0x5c0
[  253.493724][T11702]  print_report+0xca/0x240
[  253.493737][T11702]  ? xfrm_alloc_spi+0x570/0xf30
[  253.493751][T11702]  kasan_report+0x118/0x150
[  253.493772][T11702]  ? xfrm_alloc_spi+0x570/0xf30
[  253.493789][T11702]  xfrm_alloc_spi+0x570/0xf30
[  253.493803][T11702]  ? xfrm_alloc_spi+0x2a0/0xf30
[  253.493822][T11702]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  253.493837][T11702]  ? xfrm_find_acq+0x87/0xa0
[  253.493853][T11702]  xfrm_alloc_userspi+0x70b/0xc90
[  253.493872][T11702]  ? apparmor_capable+0x137/0x1b0
[  253.493888][T11702]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  253.493905][T11702]  ? __nla_parse+0x40/0x60
[  253.493925][T11702]  xfrm_user_rcv_msg+0x7a3/0xab0
[  253.493941][T11702]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  253.493965][T11702]  ? __pfx___mutex_trylock_common+0x10/0x10
[  253.493981][T11702]  ? rcu_is_watching+0x15/0xb0
[  253.493996][T11702]  ? trace_contention_end+0x39/0x120
[  253.494012][T11702]  ? __mutex_lock+0x335/0x1360
[  253.494033][T11702]  netlink_rcv_skb+0x208/0x470
[  253.494052][T11702]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  253.494067][T11702]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.494090][T11702]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.494109][T11702]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.494128][T11702]  xfrm_netlink_rcv+0x79/0x90
[  253.494143][T11702]  netlink_unicast+0x82f/0x9e0
[  253.494189][T11702]  ? __pfx_netlink_unicast+0x10/0x10
[  253.494216][T11702]  ? netlink_sendmsg+0x642/0xb30
[  253.494234][T11702]  ? skb_put+0x11b/0x210
[  253.494256][T11702]  netlink_sendmsg+0x805/0xb30
[  253.494277][T11702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.494297][T11702]  ? aa_sock_msg_perm+0xf1/0x1d0
[  253.494317][T11702]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  253.494332][T11702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.494349][T11702]  __sock_sendmsg+0x21c/0x270
[  253.494366][T11702]  ____sys_sendmsg+0x505/0x830
[  253.494382][T11702]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.494397][T11702]  ? import_iovec+0x74/0xa0
[  253.494413][T11702]  ___sys_sendmsg+0x21f/0x2a0
[  253.494427][T11702]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.494451][T11702]  ? __fget_files+0x2a/0x420
[  253.494471][T11702]  ? __fget_files+0x3a0/0x420
[  253.494493][T11702]  __x64_sys_sendmsg+0x19b/0x260
[  253.494507][T11702]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  253.494523][T11702]  ? rcu_is_watching+0x15/0xb0
[  253.494538][T11702]  ? do_syscall_64+0xbe/0x3b0
[  253.494558][T11702]  do_syscall_64+0xfa/0x3b0
[  253.494576][T11702]  ? lockdep_hardirqs_on+0x9c/0x150
[  253.494600][T11702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.494614][T11702]  ? exc_page_fault+0x9f/0xf0
[  253.494632][T11702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.494646][T11702] RIP: 0033:0x7fe4d9b8ebe9
[  253.494660][T11702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.494673][T11702] RSP: 002b:00007fe4daac3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.494689][T11702] RAX: ffffffffffffffda RBX: 00007fe4d9db5fa0 RCX: 00007fe4d9b8ebe9
[  253.494701][T11702] RDX: 0000000000000000 RSI: 0000200000000840 RDI: 0000000000000004
[  253.494710][T11702] RBP: 00007fe4d9c11e19 R08: 0000000000000000 R09: 0000000000000000
[  253.494719][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.494728][T11702] R13: 00007fe4d9db6038 R14: 00007fe4d9db5fa0 R15: 00007ffd5720c868
[  253.494743][T11702]  </TASK>
[  253.494749][T11702] 
[  253.640234][T11702] Allocated by task 9953:
[  253.641516][T11702]  kasan_save_track+0x3e/0x80
[  253.642912][T11702]  __kasan_slab_alloc+0x6c/0x80
[  253.644399][T11702]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  253.646063][T11702]  xfrm_state_alloc+0x24/0x2f0
[  253.647493][T11702]  xfrm_add_sa+0x17d1/0x4070
[  253.648943][T11702]  xfrm_user_rcv_msg+0x7a3/0xab0
[  253.650580][T11702]  netlink_rcv_skb+0x208/0x470
[  253.652282][T11702]  xfrm_netlink_rcv+0x79/0x90
[  253.653768][T11702]  netlink_unicast+0x82f/0x9e0
[  253.655497][T11702]  netlink_sendmsg+0x805/0xb30
[  253.657247][T11702]  __sock_sendmsg+0x21c/0x270
[  253.658734][T11702]  ____sys_sendmsg+0x505/0x830
[  253.660449][T11702]  ___sys_sendmsg+0x21f/0x2a0
[  253.662261][T11702]  __x64_sys_sendmsg+0x19b/0x260
[  253.663958][T11702]  do_syscall_64+0xfa/0x3b0
[  253.665625][T11702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.667460][T11702] 
[  253.668213][T11702] Freed by task 47:
[  253.669420][T11702]  kasan_save_track+0x3e/0x80
[  253.671063][T11702]  kasan_save_free_info+0x46/0x50
[  253.673001][T11702]  __kasan_slab_free+0x5b/0x80
[  253.674728][T11702]  kmem_cache_free+0x18f/0x400
[  253.676569][T11702]  xfrm_state_gc_task+0x52d/0x6b0
[  253.678170][T11702]  process_scheduled_works+0xae1/0x17b0
[  253.679954][T11702]  worker_thread+0x8a0/0xda0
[  253.681487][T11702]  kthread+0x711/0x8a0
[  253.682806][T11702]  ret_from_fork+0x3fc/0x770
[  253.684364][T11702]  ret_from_fork_asm+0x1a/0x30
[  253.685885][T11702] 
[  253.686655][T11702] The buggy address belongs to the object at ffff888117874900
[  253.686655][T11702]  which belongs to the cache xfrm_state of size 928
[  253.691086][T11702] The buggy address is located 196 bytes inside of
[  253.691086][T11702]  freed 928-byte region [ffff888117874900, ffff888117874ca0)
[  253.695861][T11702] 
[  253.696614][T11702] The buggy address belongs to the physical page:
[  253.698704][T11702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888117874480 pfn:0x117874
[  253.702654][T11702] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  253.705797][T11702] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  253.708671][T11702] page_type: f5(slab)
[  253.710240][T11702] raw: 057ff00000000040 ffff88801afc7500 dead000000000122 0000000000000000
[  253.713364][T11702] raw: ffff888117874480 00000000800e000a 00000000f5000000 0000000000000000
[  253.716166][T11702] head: 057ff00000000040 ffff88801afc7500 dead000000000122 0000000000000000
[  253.719581][T11702] head: ffff888117874480 00000000800e000a 00000000f5000000 0000000000000000
[  253.722998][T11702] head: 057ff00000000002 ffffea00045e1d01 00000000ffffffff 00000000ffffffff
[  253.726247][T11702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  253.728904][T11702] page dumped because: kasan: bad access detected
[  253.730948][T11702] page_owner tracks the page as allocated
[  253.732668][T11702] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8157, tgid 8156 (syz.2.868), ts 144977721082, free_ts 144967005010
[  253.739721][T11702]  post_alloc_hook+0x240/0x2a0
[  253.741607][T11702]  get_page_from_freelist+0x21e4/0x22c0
[  253.743737][T11702]  __alloc_frozen_pages_noprof+0x181/0x370
[  253.746018][T11702]  alloc_pages_mpol+0x232/0x4a0
[  253.747960][T11702]  allocate_slab+0x8a/0x370
[  253.749525][T11702]  ___slab_alloc+0xbeb/0x1410
[  253.751062][T11702]  kmem_cache_alloc_noprof+0x283/0x3c0
[  253.753124][T11702]  xfrm_state_alloc+0x24/0x2f0
[  253.754770][T11702]  pfkey_add+0x6e4/0x2e00
[  253.756298][T11702]  pfkey_sendmsg+0xbfe/0x1090
[  253.758010][T11702]  __sock_sendmsg+0x21c/0x270
[  253.759861][T11702]  ____sys_sendmsg+0x505/0x830
[  253.761715][T11702]  ___sys_sendmsg+0x21f/0x2a0
[  253.763578][T11702]  __x64_sys_sendmsg+0x19b/0x260
[  253.765547][T11702]  do_syscall_64+0xfa/0x3b0
[  253.767380][T11702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.769653][T11702] page last free pid 53 tgid 53 stack trace:
[  253.771984][T11702]  __free_frozen_pages+0xbc4/0xd30
[  253.773986][T11702]  stack_depot_save_flags+0x436/0x860
[  253.776124][T11702]  kasan_save_track+0x4f/0x80
[  253.777983][T11702]  __kasan_slab_alloc+0x6c/0x80
[  253.779859][T11702]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  253.782187][T11702]  __alloc_skb+0x112/0x2d0
[  253.783956][T11702]  rtmsg_ifinfo_build_skb+0x84/0x260
[  253.786027][T11702]  rtmsg_ifinfo+0x8c/0x1a0
[  253.787634][T11702]  netif_state_change+0x29e/0x3a0
[  253.789189][T11702]  netif_set_operstate+0x116/0x180
[  253.790889][T11702]  hsr_check_carrier_and_operstate+0x2a8/0x5e0
[  253.793251][T11702]  hsr_netdev_notify+0x414/0xcf0
[  253.795299][T11702]  notifier_call_chain+0x1b6/0x3e0
[  253.797409][T11702]  netif_state_change+0x284/0x3a0
[  253.799484][T11702]  linkwatch_do_dev+0x117/0x170
[  253.801461][T11702]  __linkwatch_run_queue+0x56a/0x7e0
[  253.803615][T11702] 
[  253.804620][T11702] Memory state around the buggy address:
[  253.806885][T11702]  ffff888117874880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  253.810019][T11702]  ffff888117874900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  253.813035][T11702] >ffff888117874980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  253.816185][T11702]                                            ^
[  253.818561][T11702]  ffff888117874a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  253.821026][T11702]  ffff888117874a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  253.823469][T11702] ==================================================================
[  253.826252][T11702] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  253.828745][T11702] CPU: 0 UID: 0 PID: 11702 Comm: syz.3.2158 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  253.832632][T11702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  253.836356][T11702] Call Trace:
[  253.837413][T11702]  <TASK>
[  253.838350][T11702]  dump_stack_lvl+0x99/0x250
[  253.839791][T11702]  ? __asan_memcpy+0x40/0x70
[  253.841237][T11702]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.842886][T11702]  ? __pfx__printk+0x10/0x10
[  253.844326][T11702]  vpanic+0x281/0x750
[  253.845680][T11702]  ? __pfx_vpanic+0x10/0x10
[  253.847345][T11702]  ? irqentry_exit+0x74/0x90
[  253.848785][T11702]  panic+0xb9/0xc0
[  253.849957][T11702]  ? __pfx_panic+0x10/0x10
[  253.851654][T11702]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  253.853691][T11702]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  253.855567][T11702]  ? xfrm_alloc_spi+0x570/0xf30
[  253.857077][T11702]  check_panic_on_warn+0x89/0xb0
[  253.858835][T11702]  ? xfrm_alloc_spi+0x570/0xf30
[  253.860735][T11702]  end_report+0x78/0x160
[  253.862387][T11702]  kasan_report+0x129/0x150
[  253.863968][T11702]  ? xfrm_alloc_spi+0x570/0xf30
[  253.865932][T11702]  xfrm_alloc_spi+0x570/0xf30
[  253.867746][T11702]  ? xfrm_alloc_spi+0x2a0/0xf30
[  253.869664][T11702]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  253.871747][T11702]  ? xfrm_find_acq+0x87/0xa0
[  253.873626][T11702]  xfrm_alloc_userspi+0x70b/0xc90
[  253.875642][T11702]  ? apparmor_capable+0x137/0x1b0
[  253.877684][T11702]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  253.879830][T11702]  ? __nla_parse+0x40/0x60
[  253.881616][T11702]  xfrm_user_rcv_msg+0x7a3/0xab0
[  253.883659][T11702]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  253.885872][T11702]  ? __pfx___mutex_trylock_common+0x10/0x10
[  253.888208][T11702]  ? rcu_is_watching+0x15/0xb0
[  253.890107][T11702]  ? trace_contention_end+0x39/0x120
[  253.892267][T11702]  ? __mutex_lock+0x335/0x1360
[  253.894255][T11702]  netlink_rcv_skb+0x208/0x470
[  253.896202][T11702]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  253.898351][T11702]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.900500][T11702]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.902596][T11702]  ? netlink_deliver_tap+0x2e/0x1b0
[  253.904699][T11702]  xfrm_netlink_rcv+0x79/0x90
[  253.906552][T11702]  netlink_unicast+0x82f/0x9e0
[  253.908490][T11702]  ? __pfx_netlink_unicast+0x10/0x10
[  253.910637][T11702]  ? netlink_sendmsg+0x642/0xb30
[  253.912677][T11702]  ? skb_put+0x11b/0x210
[  253.914411][T11702]  netlink_sendmsg+0x805/0xb30
[  253.916305][T11702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.918388][T11702]  ? aa_sock_msg_perm+0xf1/0x1d0
[  253.920319][T11702]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  253.922353][T11702]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.924486][T11702]  __sock_sendmsg+0x21c/0x270
[  253.926403][T11702]  ____sys_sendmsg+0x505/0x830
[  253.928321][T11702]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.930417][T11702]  ? import_iovec+0x74/0xa0
[  253.932159][T11702]  ___sys_sendmsg+0x21f/0x2a0
[  253.933997][T11702]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.936070][T11702]  ? __fget_files+0x2a/0x420
[  253.937924][T11702]  ? __fget_files+0x3a0/0x420
[  253.939735][T11702]  __x64_sys_sendmsg+0x19b/0x260
[  253.941638][T11702]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  253.943700][T11702]  ? rcu_is_watching+0x15/0xb0
[  253.945543][T11702]  ? do_syscall_64+0xbe/0x3b0
[  253.947322][T11702]  do_syscall_64+0xfa/0x3b0
[  253.949047][T11702]  ? lockdep_hardirqs_on+0x9c/0x150
[  253.951039][T11702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.953280][T11702]  ? exc_page_fault+0x9f/0xf0
[  253.955075][T11702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.957320][T11702] RIP: 0033:0x7fe4d9b8ebe9
[  253.959025][T11702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.966089][T11702] RSP: 002b:00007fe4daac3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.969206][T11702] RAX: ffffffffffffffda RBX: 00007fe4d9db5fa0 RCX: 00007fe4d9b8ebe9
[  253.972247][T11702] RDX: 0000000000000000 RSI: 0000200000000840 RDI: 0000000000000004
[  253.975418][T11702] RBP: 00007fe4d9c11e19 R08: 0000000000000000 R09: 0000000000000000
[  253.978490][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.981582][T11702] R13: 00007fe4d9db6038 R14: 00007fe4d9db5fa0 R15: 00007ffd5720c868
[  253.984695][T11702]  </TASK>
[  253.986548][T11702] Kernel Offset: disabled
[  253.988279][T11702] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:30:58  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006b RBX=000000000000006b RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001143 RDI=0000000000001144 RBP=00000000000003f8 RSP=ffffc9000443e9f0
R8 =ffff88801ff90237 R9 =1ffff11003ff2046 R10=dffffc0000000000 R11=ffffffff854efc10
R12=dffffc0000000000 R13=ffffffff99af9906 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854efc8c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe4daac36c0 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b3201fff8 CR3=00000000273ae000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fe4d9d87498 00007fe4d9d87470 XMM03=00007fe4d9d874a8 00007fe4d9d874a0
XMM04=00007fe4da8ed100 00007fe4d9d87460 XMM05=00007fe4d9d87478 00007fe4d9d874c0
XMM06=00007fe4d9d874b8 00007fe4d9d874b0 XMM07=00007fe4d9d874a8 00007fe4d9d874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fe4d9c12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffffff8e8dbba0 RCX=ffff888026018000 RDX=0000000000000000
RSI=0000000000000001 RDI=ffffffff8e8dbba0 RBP=0000000000000000 RSP=ffffc9000330f630
R8 =ffff888026018000 R9 =0000000000000006 R10=0000000000000005 R11=0000000000000000
R12=dffffc0000000000 R13=1ffffffff1d1b774 R14=0000000000000001 R15=ffff8880260195e4
RIP=ffffffff84fd1942 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f96bfcd7800 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055558d7a5808 CR3=000000010fa58000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
