last executing test programs:

15m25.969629476s ago: executing program 32 (id=2533):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(0x0, 0x2, 0x1)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000300)={&(0x7f0000000880)=[{0x0, 0x2001, 0x0, 0x0}], 0x1})

15m12.747445029s ago: executing program 3 (id=2551):
pipe(&(0x7f00000007c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0x42795000)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1)
setreuid(0xee01, 0xee01)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendto$unix(r3, &(0x7f00000004c0)="0434", 0x2, 0xd1, 0x0, 0x0)
recvfrom$unix(r4, 0x0, 0x0, 0x10102, 0x0, 0x0)
splice(r0, 0x0, r1, 0x0, 0xfffd, 0x0)

15m11.646872039s ago: executing program 3 (id=2552):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x20, 0x2, 0xfd, 0x5ae9}, {0x20, 0x7f, 0x4, 0xfffff010}, {0x6, 0x0, 0x7, 0x7}]}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000a80)="2a89ed35", 0xffffffffffffff4e}], 0x1}}], 0x1, 0x8000)
socket$inet6(0xa, 0x1, 0x8010000000000084)
r1 = socket(0xa, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000019300)={0x0, @in6={{0xa, 0x4e24, 0x400, @empty, 0x7}}}, &(0x7f00000193c0)=0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000)
syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x1, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000180)=@gcm_256={{0x303}, "0200", "ab02a1a449283e8a3bc95815ece487ebcc5bb6a8d8a744e4b7edb45c7e7336ab", 'vb q', "9900000100"}, 0x38)
shutdown(r3, 0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
sendfile(r3, r4, 0x0, 0xffffffff004)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000180)=0x8)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)

15m10.589734579s ago: executing program 3 (id=2555):
syz_io_uring_setup(0x44d5, 0x0, 0x0, 0x0, 0x0)
fanotify_init(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004c40)=""/102376, 0x18fe8)
lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000700), &(0x7f0000000040)=@v3={0x3000000, [{0x8, 0x8000}, {0x2, 0x2}], 0xee00}, 0x18, 0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = syz_open_pts(r3, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x13)

15m8.032746333s ago: executing program 3 (id=2557):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000140)='./file1\x00', 0x804800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
creat(&(0x7f00000004c0)='./bus\x00', 0x20)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4083, 0xffffffdf}], 0x1, 0x0, 0x0, 0x1)

15m4.00978434s ago: executing program 3 (id=2561):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x20, 0x2, 0xfd, 0x5ae9}, {0x20, 0x7f, 0x4, 0xfffff010}, {0x6, 0x0, 0x7, 0x7}]}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000a80)="2a89ed35", 0xffffffffffffff4e}], 0x1}}], 0x1, 0x8000)
socket$inet6(0xa, 0x1, 0x8010000000000084)
r1 = socket(0xa, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000019300)={0x0, @in6={{0xa, 0x4e24, 0x400, @empty, 0x7}}}, &(0x7f00000193c0)=0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000100), 0x0, 0x2)
syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x1, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000180)=@gcm_256={{0x303}, "0200", "ab02a1a449283e8a3bc95815ece487ebcc5bb6a8d8a744e4b7edb45c7e7336ab", 'vb q', "9900000100"}, 0x38)
shutdown(r2, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
sendfile(r2, r3, 0x0, 0xffffffff004)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000180)=0x8)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)

15m3.387632906s ago: executing program 3 (id=2564):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001b40)=ANY=[@ANYBLOB="120100000000002003043060000000000001090224000100000000090400000103000000092100000001220200090581", @ANYBLOB="03"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\"\v'], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00M'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, &(0x7f0000000400)={0x40, 0xf, 0x19, "3be3794d05a2b510c711cd1e8580c7ada53faed7b27dc91e87"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

15m1.580581753s ago: executing program 33 (id=2564):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001b40)=ANY=[@ANYBLOB="120100000000002003043060000000000001090224000100000000090400000103000000092100000001220200090581", @ANYBLOB="03"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\"\v'], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00M'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, &(0x7f0000000400)={0x40, 0xf, 0x19, "3be3794d05a2b510c711cd1e8580c7ada53faed7b27dc91e87"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

14m2.367395863s ago: executing program 5 (id=2681):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000000)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
statx(0xffffffffffffffff, 0x0, 0x400, 0x40, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})

14m1.298843913s ago: executing program 5 (id=2684):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

13m59.773403657s ago: executing program 5 (id=2689):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x4})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
preadv2(r2, &(0x7f0000000200)=[{&(0x7f0000000500)=""/61, 0x3d}], 0x1, 0x40, 0x4, 0x0)
r3 = userfaultfd(0x80001)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x3489c2, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4000009c, 0x0, 0xeff}]})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x4c)
r8 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
ioctl$I2C_PEC(r8, 0x708, 0x11)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r9, 0x0, 0x32, 0x0, &(0x7f0000000300))
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x4, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}}, 0x4)
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x3000})
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c", 0x93}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)}], 0x1}}], 0x3, 0x240080e4)

13m58.37322858s ago: executing program 5 (id=2694):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000140)='./file1\x00', 0x804800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
creat(&(0x7f00000004c0)='./bus\x00', 0x20)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4083, 0xffffffdf}], 0x1, 0x0, 0x0, 0x1)

13m56.673183826s ago: executing program 5 (id=2698):
mkdirat(0xffffffffffffff9c, 0x0, 0x1c8)
mkdirat(0xffffffffffffff9c, 0x0, 0x207)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
fspick(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x106f)
socket$rds(0x15, 0x5, 0x0)
ptrace$setregset(0x4205, 0x0, 0x1, &(0x7f0000000100)={0x0})
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
prctl$PR_SET_PTRACER(0x59616d61, r0)

13m55.765294744s ago: executing program 5 (id=2700):
r0 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000200)=[{}, {}, {}, {}], 0x0, 0x0, 0x0})

13m54.476108176s ago: executing program 34 (id=2700):
r0 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000200)=[{}, {}, {}, {}], 0x0, 0x0, 0x0})

3m8.952564407s ago: executing program 2 (id=4254):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_gettime(0x2, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x4c}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0xfffffffd, 0x25dfdbff, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
close(0xffffffffffffffff)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4003, 0x0, 0x5, 0x2)
r4 = openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x8040)
r5 = socket$qrtr(0x2a, 0x2, 0x0)
read$qrtrtun(r4, 0x0, 0x500)
write$binfmt_script(r5, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000000)='bridge0\x00')
socket$inet_sctp(0x2, 0x1, 0x84)

3m7.473054531s ago: executing program 2 (id=4256):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$P9_RGETLOCK(r1, &(0x7f00000001c0)=ANY=[], 0x200002e6)
fcntl$setpipe(r1, 0x407, 0x7000000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3m0.616391455s ago: executing program 2 (id=4271):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94)
io_uring_setup(0xd94, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x8001}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000280)='bbr', 0x3)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

2m59.425118906s ago: executing program 2 (id=4274):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000380)={0x6, 0x7, 'syz2\x00'}, &(0x7f00000003c0)=0x28)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0)

2m59.274522598s ago: executing program 4 (id=4276):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x2000000, 0x2449, 0xfffffffffffffffd})
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0xb0000)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r1, 0x7a4, &(0x7f0000000380)={{@hyper, 0xfffffffe}, 0x9, 0x4, 0x1, 0xfffffffe})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r2, &(0x7f0000000200)="927241f69a757f25d215cb6e9873a1257e824b7839714f33a2309107d472572bc2088f91fc5b741d46c745ac06a5e9d19639c3fea9ec7862da6053c70ebab6ebf97e9b297df190d4e4dffc55678c4bc382ffd57ebac7f7e582f9b2511141f3e124265fa87788bfa207000000000000004b0dd26cafe718edf8bf0373169e08a09cd88b0b525934e55adbfad89ec1cc17f13c4599d8c8f0", 0x97, 0x24010095, &(0x7f0000000080)={0xa, 0x4e21, 0xd2, @mcast1, 0x56}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, 0x0, &(0x7f0000000040))
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f0000000040)=0x4d, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xc2, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x38, &(0x7f0000000340)=0x6, 0x4)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setpgid(r4, r4)
setpgid(0x0, r4)
wait4(r4, 0x0, 0x2, 0x0)
r5 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100024286bd10b00d815522f90102030109021200019ddb10"], 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000080)={0x2})
ioctl$SOUND_MIXER_READ_DEVMASK(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000480))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x18)
syz_usb_control_io$hid(r5, &(0x7f0000000c40)={0x24, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x180c}}, 0x0, 0x0}, 0x0)
r6 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000100)={0x0, 0x6, 0x2, &(0x7f0000000240)={0x2b, "1a9c66bf2f615e427b2644e953449f6c12f206b2855cd8c82b1b9951cf5e1dee93"}})

2m59.131055359s ago: executing program 2 (id=4278):
syz_usb_connect(0x5, 0x4c, &(0x7f0000000100)=ANY=[@ANYBLOB="12012bc635fe6510ca1a8eb232920102030109023a00010d019002090432a70201039e08090588061000060408082387ac33afe3410725010305f8040905070200020402660725"], &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0})

2m58.521401086s ago: executing program 2 (id=4281):
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

2m57.814700822s ago: executing program 35 (id=4281):
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

2m54.641083366s ago: executing program 4 (id=4291):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x8, 0x2, 0xffffffffffffffff], 0x0, 0x200})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000080)=[{0x2, 0x0, 0xf, 0xd8}, {0x2, 0x9, 0x8, 0x5}, {0x10, 0x7, 0x6, 0x8}]}, 0x10)
ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, &(0x7f0000000040)={0x200000, 0xf000, 0x70, 0x3, 0x4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0xcb5e, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m53.553662447s ago: executing program 4 (id=4292):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$P9_RGETLOCK(r1, &(0x7f00000001c0)=ANY=[], 0x200002e6)
fcntl$setpipe(r1, 0x407, 0x7000000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

2m51.216159261s ago: executing program 4 (id=4294):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000380)={0x6, 0x7, 'syz2\x00'}, &(0x7f00000003c0)=0x28)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0)

2m49.964486794s ago: executing program 4 (id=4295):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{0x20, 0x2, 0xfd, 0x5ae9}]}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000a80)}], 0x1}}], 0x1, 0x8000)
socket$inet6(0xa, 0x1, 0x8010000000000084)
socket(0xa, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
syz_open_dev$vbi(&(0x7f0000000100), 0x0, 0x2)
syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x1, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000180)=@gcm_256={{0x303}, "0200", "ab02a1a449283e8a3bc95815ece487ebcc5bb6a8d8a744e4b7edb45c7e7336ab", 'vb q', "9900000100"}, 0x38)
shutdown(r2, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
sendfile(r2, r3, 0x0, 0xffffffff004)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000180)=0x8)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r4 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r4, 0x0, 0x20000011)

2m49.298267921s ago: executing program 4 (id=4299):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrusage(0xffffffffffffffff, &(0x7f0000000380))
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/127, 0x7f}], 0x1, 0x6, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)

2m48.710309947s ago: executing program 36 (id=4299):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrusage(0xffffffffffffffff, &(0x7f0000000380))
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/127, 0x7f}], 0x1, 0x6, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)

1m48.968767724s ago: executing program 7 (id=4412):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@block_validity}, {}, {@user_xattr}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nombcache}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x569, &(0x7f0000000940)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFxGkCCIWxD/Au8fiP+BfIWihSAl68BKZzWy7TXa7yXZrUufzgWnfm5nkO2/fvJfvzOyyARTWWPZPKeLliPg6iTjYtm048o1ja/utPLg2nS1JrK5+8mcSSb6utX+S/78/r7wUEb98EXG8tDFufWl5rlKtpgt5fbwxf3m8vrR84uJ8ZTadTS9NTk2demtq8t133h5YW18/9/d3H9/94NSXR1e+/eneodtJnIkD+bb2djyFG+2VsRjLX5OROLNux4kBBNtJkl47dDgH2H5D+TgfiWwOOBhD+agH/v+uR8QqUFCJ8Q8F1coDWtf2A7oOfm7cf3/tAqi9/V81b4IMr90biT3Na6N9K8ljV0bZ9e7oAOJnMX7+487tbIke9yGuDyAeQMuNmxFxcnh44/yf5PNf/05u4q7f+hhF+/sD2+lulv+80Sn/Kz3Mf6JD/rO/w9jtR+/xX7o3gDBdZfnfex3z34dT1+hQXnuhmfONJBcuVtOTEfFiRByLkd1Zvd/nOe35X7Zk8Vu5YH4c94Z3P/4zM5VGpc9wG9y/GfHKo/w3iQ3z/55mrru+/7PX49wmYxxJ77zabVvv9rcbfAa8+mPEax37/9ETreTJzyfHm+fDeOus2OivW0d+7RZ/a+0fvKz/9z25/aNJ+/Pa+tZj/LDnn7Tbtn7P/13Jp83yrnzd1UqjsTARsSv5aOP6yUc/26q39s/af+zok+e/Tuf/3oj4bJPtv3W4exq0E/p/Zkv9v/XCbx9+/n23+Jvr/zebpWP5ms3Mf5s9wKd57QAAAAAAAGCnKUXEgUhK5YflUqlcXnt/x+HYV6rW6o3jF2qLl2ai+VnZ0RgptZ50H2x7P8RE/n7YVn1yXX0qIg5FxDdDe5v18nStOrPdjQcAAAAAAAAAAAAAAAAAAIAdYn+Xz/9nfh/a7qMDnjlf+Q3F1XP8D+KbnoAdyd9/KC7jH4rL+IfiMv6huIx/KC7jH4rL+IfiMv4BAAAAAAAAAAAAAAAAAAAAAAAAAABgoM6dPZstqysPrk1n9ZkrS4tztSsnZtL6XHl+cbo8XVu4XJ6t1WaraXm6Nt/r91VrtcsTk7F4dbyR1hvj9aXl8/O1xUuN8xfnK7Pp+XTkP2kVAAAAAAAAAAAAAAAAAAAAPF/qS8tzlWo1XVDoWjgdO+Iw+i4kvXr5dH4y9BViePsbqPAMCts8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAm38DAAD//wC8MHI=")
socketpair$unix(0x1, 0x2, 0x0, 0x0)
llistxattr(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000300)=""/159, 0x9f)

1m48.021305434s ago: executing program 7 (id=4416):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e230005000020003a00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000000000000000000000000092010000000000000000000800000000ffff0000000000001c250800000000000500000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff0000000080000000003500000200010020000000000000004800"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

1m47.630542868s ago: executing program 7 (id=4417):
syz_open_dev$loop(0x0, 0x5, 0x1a2c42)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={0x0}}, 0x8000)

1m46.530357719s ago: executing program 7 (id=4418):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2, &(0x7f0000000440)=ANY=[], 0xff, 0x1509, &(0x7f0000002d40)="$eJzs3Am4TmX3MPC17vveHDI8Sea97rV5kuEmSUJJMiRJEpI5IUmSJEkcMiUhCRlPkjlkTicd8zxkTjp5JUkSkinc33VUn7f3fft6p//n/b9n/a5rX+deZ++1nrXPup7z7L2v65xvuwyt1rB65XrMDP8M/esCf/6SCAAJADAAALIDQAAAZXKUyZG2P5PGxH/qRcT/kPrTr3YH4mqS+advMv/0Teafvsn80zeZf/om80/fZP7pm8xfiHRtZt5rZUu/mzz//19O/SvJ8vmfLuDv7ZD5/7fR/9DRMv/0Teafvsn80zeZf/pz5RYsuKp9iKtP3v/pm8xfiHTt3/5Mef3Zq/1MW7Z/YBNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIf4/OOuvMADw6/pq9yWEEEIIIYQQQoh/H//+1e5ACCGEEEIIIYQQ//MQFGgwEEAGyAgJkAkywzWQBbJCNsgOMbgWcsB1kBOuh1yQG/JAXsgH+aEAhEBggSGCglAI4nADFIYboQgUhWJQHByUgJJwE5SCm6E03AJl4FYoC7dBOSh/+TXT3AmV4C6oDHdDFagK1aA63AM14F6oCfdBLbgfasMDUAcehLrwENSD+tAAHoaG8Ag0gsbQBJpCM2gOLf4gPyn738p/EbrDS9ADekIi9ILe8DL0gb7QD/rDAHgFBsKrMAheg8EwBIbC6zAM3oDh8CaMgJEwCt6C0TAGxsI4GA8TIAnehonwDkyCdx/JClNgKkyD6TADZsJ7MAtmwxx4H+bCPJgPSZkWwiJYDB/AEvgQkuEjWAofQwosg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK3wC22A77ICdsAt2wx74FPbCZ7APPodU/OIfzD/z23zoioCAChUaNJgBM2ACJmBmzIxZMAtmw2wYwxjmwByYE3NiLsyFeTAPJmI+LIAFkJCQkbEgFsQ4xrEwFsYiWASLYTF06LAklsRSeNF7XxrLYBksi2WxHJbH8ng73o4VsSJWwkpYGStjFayC1bAa3oP34L1YE2tiLayFtbE21sE6WBfrYj2shw2wATbEhtgIG2ETbILNsBm2wBbYEltiK2yFbbANtsW22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xRfwBXwRX8SX8CXsiVVUL+yNvbEP9sF+2B/74ys4EF/FV/E1HIxDcCi+jq/jGzgcT+MIHImjcBRWVGNwLI5DVhMwCZMwI0zESTgJJ+MUnILTcDrOwJk4E2fhbJyN7+NcnIfzcAEuwEW4GBfjEvwQkzEZl+IZTMFluBxX4EpchStxDa7FNbgeN+B63ISbcAtuwU/wE9yO23En7sTduBs/xU/xM/wMB2MqpuJ+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8gSfxBJ7CU3gaz+BZADiP5/ECXsBLeCntza/SGGVUBpVBJagElVllVllUFpVNZVMxFVM5VA6VU+VUuVQulUflUflUPlVAFVCkSLGKVEFVUMVVXBVWhVURVUQVU8WUU06VVCVVKVVKlValVRl1qyqrblPlVHnV2t2ublcVVRtXSd2lKqvKqoqqqqqp6qq6qqFqqJqqpqqlaqnaqraqox5UdVUv7If1VdpkGqoh2EgNxSaqqWqmmqs38FHVUg3HVqq1aqMeVyNxBLZTLV179ZTqoMZiR/WMGofPqs5qAnZRz6uu6gXVTb2ouqtWrofqqSZjL9VbTcM+qq/qp/qrWVhVpU2smnpNvZhxiBqqXleL8A01XL2pRqiRapR6S41WY9RYNU6NVxNUknpbTVTvqEnqXTVZTVFT1TQ1Xc1QM9V7apaareao99VcNU+DWqAWqkVqsfpALVEfqmT1kVqqPlYpaplarlaolWqVWq3WqLVqnVqvNqiNapParLaoreoTtU1tVzvUTrVL7VZ71Kdqr/pM7VOfq1T1hdqv/qQOqC/VQfWVOqS+VofVN+qI+lYdVd+pY+p7dVydUCfVD+qU+lGdVmfUWXVOnVc/qQvqorqkvAKNWmmtjQ50Bp1RJ+hMOrO+RmfRWXU2nV3H9LU6h75O59TX61w6t85j8up8Or8uoENN2mrWkS6oC+m4vkEX1jfqIrqoLqaLa6dL6JL6Jl1K36xL61t0GX2rLqtv0+V0eV3Bg75DV9R36kr6Ll1Z362r6Kq6mq6u79E19L26pr5P19L369r6AV1HP6jr6od0PV1fN9AP64b6Ed1IN9ZNdFPdTDfXLfSjuqV+TLfSrXUb/bhuq5/Q7fSTur1+SnfQT+uO+hndST+rO+vndBf9vO6qX9Dd9EV9SXvdQ/fUibqX7q1f1n10X91P99cD9Ct6oH5VD9Kv6cF6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6tx+ixepweryfoJP22nqjf0ZP0u3qynqKn6ml6up6h+/1Sac7fkf/O38gfdPnVt+it+hO9TW/XO/ROvUvv1nv0Hr1X79X79D6dqlP1fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qp/TP+hT+kd9Wp/RZ/Q5fV6f1xd++RmAQaOMNsYEJoPJaBJMJpPZXGOymKwmm8luYuZak8NcZ3Ka600uk9vkMXlNPpPfFDChIWMNm8gUNIVM3NxgCpsbTRFT1BQzxY0zJUxJc9O/nP9H/bUwLUxL09K0Mq1MG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU030810N91ND9PDJJpE09u8bPqYvqaf6W8GmFfMQDPQDDKDzGAz2Aw1Q80wM8wMN8PNCDPCjDKjzGgz2ow1Y814M94k+exmoploJplJZrKZbKYOyG6mm+lmpplpZplZZo6ZY+aauWa+mW8WmoVmsVlslpglJtkkm6VmqUkxy8wys8KsMKvMKrPGrDHrzDqzwWwwm8wmk2K2mq1mm9lmdpgdZpfZZfaYPWav2Wv2mX0m1aSa/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmePmuDlpTppT5pQ5bU6bs+asOW/OmwvmgrlkLqVd9gUqUIEJTJAhyBAkBAlB5iBzkCXIEmQLsgWxIBbkCHIEOYPrg1xB7iBPkDfIF+QPCgRhQIENOIiCgkGhIB7cEBQObgyKBEWDYkHxwAUlgpLBTUGp4OagdHBLUCa4NSgb3BaUC8oHFYLbgzuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUC+oHDYKHg4bBI0GjoHHQJGgaNAuaBy3+rfW9P537Mdcj7Bkmhr3C3uHLYZ+wb9gv7B8OCF8JB4avhoPC18LB4ZBwaPh6OCx8IxwevhmOCEeGo8K3wtHhmHBsOC4cH04Ik8K3w4nhO+Gk8N1wcjglnBpMC6eHM8KZ4XvhrHB2OCd8P5wbzgvnhwvCheGiEH++JIbk8KNwafhxmBIuC5eHK8KV4apwdbgmXBuuC9eHG8KN4aYyA38+NNwWbg93hDvDXeHucE/4abg3/CzcF34epoZfhPvDP4UHwi/Dg+FX4aHw6/Bw+E14JPw2PBp+Fx4Lvw+PhyfCk+EP4anwx/B0eCY8G54Lz4c/hRfCi+Gl0Kdd3Kd9vJMhQxkoAyVQAmWmzJSFslA2ykYxilEOykE5KSflolyUh/JQPspHBagApWFiKkgFKU5xKkyFqQgVoWJUjBw5KkklqRSVotJUmspQGSpLZakclaMKVIHuoDvoTrqT7qK76G66m6pSVapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqCE1pEbUiJpQE2pGzagFtaCW1JJaUStqQ22oLbWldtSO2lN76kAdqCN1pE7UiTpTZ+pCXagrdaVu1I26U3fqQT0okRKpN/WmPtSH+lE/GkADaCANpEE0iAbTYBpKQ2kYDaPhNJxG0EgaRW/RaBpDY2kcjacJlERJNJEm0iSaRJNpMk2lqTSdptNMmkmzaBbNoTk0l+bSfJpPC2khLabFtISWUDIl01JaSimUQstpOa2klbSaVtNaWkvraT1tpI20mTbTVtpK22gb7aAdtIt20R7aQ3tpL+2jfZRKqbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO00k6SafoFJ2m03SWztJ5+oku0EW6RJ4SbCab2V5js9isNpvNbv8yzmPz2nw2vy1gQ5vL5v5NTNbaIraoLWaLW2dL2JL2pr+Ky9nytoK93d5hK9o7bSVbzmaCP49r2HttTXufrWXvt9XtPb+Ja9sHbB37iK1rG9t6tqltYJvbhvYR28g2tk1sU9vMNrdt7RO2nX3StrdPJXSwT/95bNPiJfZDu9aus+vtBrvXfmbP2nP2iP3Wnrc/2R62px1gX7ED7at2kH3NDrZDfhsD2FH2LTvajrFj7Tg73k74q3iqnWan2xl2pn3PzrKz/ypebD+wc22ynW8X2IV20eU4radk+5Fdaj+2KXaZXW5X2JV2lV1t1/zfXlfYTXaz3WL32E/tNrvd7rA77S67+3Kcdh777Oc21X5hD9tv7AH7pT1oj9pD9uvLcdr5HbXf2WP2e3vcnrAn7Q/2lP3RnrZnLp9/2rn/YC/aS9ZbYGTFmg0HnIEzcgJn4sx8DWfhrJyNs3OMr+UcfB3n5Os5F+fmPJyX83F+LsAhE1tmjrggF+I438CF+UYuwkW5GBdnxyW4JN/EpfhmLs23cBm+lcvybVyOy3MFvp3v4Ip8J1fiu7gy381VuCpX4+p8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI/rcwN+mBvyI9yIG3MTbsrNuDm34Ee5JT/Grbg1t+HHuS0/we34SW7PT3EHfpo78jPciZ/lzvwcd+HnuSu/wN34Re7OL3EP7smJ3It788vch/tyP+7PA/gVHsiv8iB+jQfzEB7Kr/MwfoOH85s8gkfyKH6LR/MYHsvjeDxP4CR+myfyOzyJ3+XJPIWn8jSezjN4Jr/Hs3g2z+H3eS7P4/m8gBfyIl7MH/AS/pCT+SNeyh9zCi/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grf8LbeDvv4J28i3fzHv6U9/JnvI8/51T+gvfzn/gAf8kH+Ss+xF/zYf6Gj/C3fJS/42P8PR/nE3ySf+BT/COf5jN8ls/xef6JL/BFvsSeIcJIRToyURBliDJGCVGmKHN0TZQlyhpli7JHsejaKEd0XZQzuj7KFeWO8kR5o3xR/qhAFEYU2YijKCoYFYri0Q1R4ejGqEhUNCoWFY9cVCIqGd0UlYpujkpHt0RlolujstFtUbmofFQhuj26I6oY3RlViu6KKkd3R1WiqlG1qHp0T1QjujeqGd0X1Yruj0pHD0R1ogejutFDUb2oftQgejhqGD0SNYoaR02iplGzqHnUIno0ahk9FrWKWkdtosejttETUbvoyah99FTUIXr6yv6iwc+fpn+xPzHqFelfnpDdpxfGF8UXxz+IL4l/GE+OfxRfGv84nhJfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c3xL3vnpGcJh2IwzGBS6Dy+gSXCaX2V3jsrisLpvL7mLuWpfDXedyuutdLpfb5XF5XT6X3xVwoSNnHbvIFXSFXNzd4Aq7G10RV9QVc8WdcyVcSdfctXAtXEv3mGvlWrs27nH3uHvCPeGeTPilcdfRPeM6uWddZ/ece84977q6F1w396Lr7l5yPVxPl+gSXW/X2/VxfVw/188NcAPcQDfQDXKD3GA32A11Q90wN8wNd8PdCDfCjXKj3Gg32o11Y914N94luSQ30U10k9wkN9lNdlPdVDfdTXcz3Uw3y81yc9wcN9fNdfPdfLfQLXSL3WK3xC1xyS7ZLXVLXYpLccvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XOpLtXtd/vdAXfAHXRfuUPua3fYfeOOuG/dUfedO+a+d8fdCXfSeX3K/ehOuzPurDvnzruf3AV30V1y3iXF3o5NjL0TmxR7NzY5NiU2NTYtNj02IzYz9l5sVmx2bE7s/djc2LzY/NiC2MLYotji2AexJbEPY8mxj2JLYx/HUmLLYstjK2IrY6ti3uffFvmCvpCP+xt8YX+jL+KL+mK+uHe+hC/pb/Kl/M2+tL/Fl/G3+rL+Nl/Ol/cVfGPfxDf1zXxz38I/6lv6x3wr39q38Y/7tv4J384/6dv7p3wH/7Tv6J/xnfyzvrN/znfxz8/7Zcq+u3/J9/A9faLv5Xv7l30f39f38/39AP+KH+hf9YP8a36wH+KH+tf9MP+GH+7f9CP8SD/Kv+VH+zF+rB/nx/sJPsm/7Sf6d/wk/66f7Kf4qX6an+5n+Jn+PT/Lz/Zz/Pt+rp/n5/sFfqFf5Bf7D/wS/6FP9h/5pf5jn+KX+eV+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qP/Hb/Ha/w+/0u/xuv8d/6vf6z/w+/7lP9V/4/f5P/oD/0h/0X/lD/mt/2H/jj/hv/VH/nT/mv/fH/Ql/0v/gT/kf/Wl/xp/15/x5/5O/4C/6S/I3a0IIIYQQfxf9B/t7/Y3vqV+2NL0BIOv2vIf+subGXD+v+6q9HWIA8FTPLvV/3erXT0xM/OXYFA1BoQUAELuSnwGuxMugDTwB7aE1lPqb/fVVFS5f9/2/6sdvBcgMkOnXnLTbo1/jK/Vv/p36jT/g362/7Of6CwCKFLqSk1b41/hK/dK/U39329+vf7n/TF8mAbT6s5wscCW+Ur8kPAZPQ/vfHCmEEEIIIYQQQvysrzrf9Q/uPy/fn+czv837Nf6j+/M/UOlf7V8IIYQQQgghhBB/7NkXuj35aPv2rTv9Ny8y/me08R+wQAD4D2hDFv/5i6v9m0kIIYQQQgjx73blov9qdyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqRf//x/CFN/98FX+xyFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+3/BAAA//+0FVXr")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioprio_set$pid(0x1, 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
symlink(&(0x7f00000005c0)='./file0\x00', &(0x7f00000002c0)='.\x02\x00')

1m44.429486621s ago: executing program 7 (id=4423):
ioctl$XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875)
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e20, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@loopback, 0x4e20, 0x10000, 0x2, 0x2}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0}, 0x0)

1m41.65724484s ago: executing program 7 (id=4429):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', 0x450, &(0x7f00000015c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b46e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998247856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f0b00f694c5bef739aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c425179b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404c669485a2e714ec9bb31ae0f201ca2e5b9ece2b035fbe2ee8d90aa87a986a307fe4fe90b7b2a48217f79001e60692c", @ANYRES64], 0x2, 0x5587, &(0x7f0000009cc0)="$eJzs3MuLW2UUAPCTyfT9cBAX7nqhiDPQhGb6QHdVW3xgS/GxcFUzSRrSJrnDJE3HrkRdigv/E1FwJbjxb3Dh2p24UNwJI/cx1dqHDkknffx+cHPu/fLl3O9cwoSTOySAp9ZS8sdvlTgaByKiGhGHK5HvV8otd64Iz0fEsYhY+MdWKcdvD+yNiIMRcTRLHvH9qJiTPfXlicnxM7++9ft3P+5bPPTVtz/Nr2pg3l6IiMF6sX9zUMS0W8Rr5Xhz0svj4PSkjMUTg+vlcVrEm521PMPN5va8Zh5PdYv56fqNURav9putLHZ7V/Px9WFxwtGku50nf8G15kZ+3O6s5bE3SvPYvVWsa/NW8ffy1mhc5GmX+T7K08d4vB2L8c5mp6hn/XoeW8NxOV7kTdudzSxOylieLlppv52vY22aK/1oe7s3vLGZTDobo146TM7UGy/VG2drjY203Rl3Tteag/bZ08lyt59Nq714pTk4103Tbr9Tb6WDlWS522rVGo1k+XxnrdccJo1G/VT9ZO3MSrl3Inn90vtJv50sZ/HV3vDG3l5/lFxNN5LiFSvJav3UyyvJ8Uby7sXLyeV3Lly4ePm9K+c/uPTKxTdfKyfdtaxkefXk6mqtcbK22ljZxfrHnXvXn33u/s/6x9PU/1m56B3UX5nu8sCDeYMB7Nhd/X/Mtv+vhv4fuNtj2/9vbW1tlTXMrP/PWqoH9v/7p7nUj7Qd9b8L9+l/d9D/T9X/Pqr9/yzrLz/vY5fqh6no/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnlo/7/n6jXxnqTg+VI4fKYeeLY8rEbEQEVv3UI29d+Sslnn23Gf+nn+t4YdK5Bmyc+wrt4MRca7c/nzmYV8FAAAAeHJ98/GxL4puvXhYmveC2E3F1zALhz+cUb5KlnPplxllW8genptRsvz9vRibM8qWX7n9M0pWfOW2GBGf7JtVyv9S3Q6fHvl7MC+oUoSF3VoJAACwe6p3hMW5rgUAAICH6fN5L4D5qMTtm8Db/8Bf3oAsb20euOM5AAAA4DFUmfcCAAAAgIcu7//9/h8AAAA82Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv9i5nxu1gSgOwM8GA/mnoCj3tJIblJEScswRKCBNUAJpIQ1QA7nlnksEK+wRkndBWi3jtUDfJ9lmbPSbGeDyxsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJf+VJv5r8WXn7G4Lmd/uE6u+QAAAABP7arNvH4xbdrv0vkP6dSn1C4iooyIc7X7IEatzEHKqS68v3o0ht8RdcKxj3Ha3kbE17T9/9j1pwAAAAD3a7taz5pqvdlN+x4Qr6lZtCnff8uUV0RENf2bKa087j5nCqt/38P4kSmtXsCaZAprltyG56+NcnXSNmgd0kwmy/pLrFtlN/0CAAB9alcCF6oQAAAA7sD3vgdAP4rT7nSfcdwc0g3BN60WAAAAcIOKvgcAAAAAdK6u/2/h+X///C0BAAAAXqx5/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lWb+Xa1nl26vnxmzv5wnXwzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCB/blHARAGYwD6Kf5u0vvf1EGJ6NjV6T0ohIRSCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0DO+p8QtPc1TVlDZhTt2qasmUsGZK2DIn7LnQOo+c159fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+5ne//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+edsowwCAPz773D+ACAFlCKAiMcBCE7e0dIQBFDHwEZCi1CmhLoU2A40iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQXe+S66tS00hdy75/aTX72Pf5d7nvXOiPHnPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO28Ey8lRdzOHqaGcfnard31pazfvq/P3Ni8PZu1LG49aqCv3/7vk59sL1efnJipPPmy/mQAAAA4HNplfR8Rd9KthaxPpvL6Py33yWr+754ZxmU9f3/dv727frTYNFvW/7/+cveFvYGmhuNkB11eGfTnH0ylc0BTnHjPPnKPTn7m87+9tPMLkry/8fxOmp/P1jc3b77bzcMjdWQLADyOk2WfBUf3fx/K+l7DuQFwOHQqhXdZ/7enms0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoA47G/FUGbciYrazH2e2d9eXRvU3Nm/Plu3s9eub1WNmh0gjYnll0E9rnMuku3pt7eLiYNC/MjKIeOimfx+ciIiDOfJDghix6cMxvjzi7/cp3p5RzyzWLi52xt+5Vd/pndggKa5P8Uo3qft6HWCQvfeOjfW9/E+DBn4YAQDwv5YWLavr76RbC9lrremIP7+/t/5/rRLHmPX/3Y/O3qqOVa3/e7XNcPLNrV76dO7qtbU3Vi4tXuhf6H/y5qneW73T586cOTeXnav5ueVI+vNNpwkAAMATrFu0av2fTD+4/n+8EseY9f9n3/a+qI7VVv+PtL/o13QmAAAAh1F3L3rulT9+b43Yo9XtxueLq6tXesPHveenho+1pvuYjhStWv+3p5vOCgAAAKjDzkbrnvX/85U4xlz/f/qHF3+qHrM9/Jzs5Yjon1y6PDhf33QmWh0fVM4H6jY9UwAAAJpyrGjV9f80v/8/2bvlIYmI118dxuX/WRun/m+/99WP1bGq9/+frm+KEymZGZ6PvJ+J6Mw0nREAAABPonGXeo8WLSv2f0u3Fj7++fgHXff/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtrwAAAP//GLYzgw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000080)=ANY=[], 0x1, 0x0, 0x0)
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
socket$inet(0x2, 0x2, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r0, 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

1m37.597039632s ago: executing program 37 (id=4429):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', 0x450, &(0x7f00000015c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b46e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998247856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f0b00f694c5bef739aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c425179b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404c669485a2e714ec9bb31ae0f201ca2e5b9ece2b035fbe2ee8d90aa87a986a307fe4fe90b7b2a48217f79001e60692c", @ANYRES64], 0x2, 0x5587, &(0x7f0000009cc0)="$eJzs3MuLW2UUAPCTyfT9cBAX7nqhiDPQhGb6QHdVW3xgS/GxcFUzSRrSJrnDJE3HrkRdigv/E1FwJbjxb3Dh2p24UNwJI/cx1dqHDkknffx+cHPu/fLl3O9cwoSTOySAp9ZS8sdvlTgaByKiGhGHK5HvV8otd64Iz0fEsYhY+MdWKcdvD+yNiIMRcTRLHvH9qJiTPfXlicnxM7++9ft3P+5bPPTVtz/Nr2pg3l6IiMF6sX9zUMS0W8Rr5Xhz0svj4PSkjMUTg+vlcVrEm521PMPN5va8Zh5PdYv56fqNURav9putLHZ7V/Px9WFxwtGku50nf8G15kZ+3O6s5bE3SvPYvVWsa/NW8ffy1mhc5GmX+T7K08d4vB2L8c5mp6hn/XoeW8NxOV7kTdudzSxOylieLlppv52vY22aK/1oe7s3vLGZTDobo146TM7UGy/VG2drjY203Rl3Tteag/bZ08lyt59Nq714pTk4103Tbr9Tb6WDlWS522rVGo1k+XxnrdccJo1G/VT9ZO3MSrl3Inn90vtJv50sZ/HV3vDG3l5/lFxNN5LiFSvJav3UyyvJ8Uby7sXLyeV3Lly4ePm9K+c/uPTKxTdfKyfdtaxkefXk6mqtcbK22ljZxfrHnXvXn33u/s/6x9PU/1m56B3UX5nu8sCDeYMB7Nhd/X/Mtv+vhv4fuNtj2/9vbW1tlTXMrP/PWqoH9v/7p7nUj7Qd9b8L9+l/d9D/T9X/Pqr9/yzrLz/vY5fqh6no/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnlo/7/n6jXxnqTg+VI4fKYeeLY8rEbEQEVv3UI29d+Sslnn23Gf+nn+t4YdK5Bmyc+wrt4MRca7c/nzmYV8FAAAAeHJ98/GxL4puvXhYmveC2E3F1zALhz+cUb5KlnPplxllW8genptRsvz9vRibM8qWX7n9M0pWfOW2GBGf7JtVyv9S3Q6fHvl7MC+oUoSF3VoJAACwe6p3hMW5rgUAAICH6fN5L4D5qMTtm8Db/8Bf3oAsb20euOM5AAAA4DFUmfcCAAAAgIcu7//9/h8AAAA82Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv9i5nxu1gSgOwM8GA/mnoCj3tJIblJEScswRKCBNUAJpIQ1QA7nlnksEK+wRkndBWi3jtUDfJ9lmbPSbGeDyxsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJf+VJv5r8WXn7G4Lmd/uE6u+QAAAABP7arNvH4xbdrv0vkP6dSn1C4iooyIc7X7IEatzEHKqS68v3o0ht8RdcKxj3Ha3kbE17T9/9j1pwAAAAD3a7taz5pqvdlN+x4Qr6lZtCnff8uUV0RENf2bKa087j5nCqt/38P4kSmtXsCaZAprltyG56+NcnXSNmgd0kwmy/pLrFtlN/0CAAB9alcCF6oQAAAA7sD3vgdAP4rT7nSfcdwc0g3BN60WAAAAcIOKvgcAAAAAdK6u/2/h+X///C0BAAAAXqx5/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lWb+Xa1nl26vnxmzv5wnXwzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCB/blHARAGYwD6Kf5u0vvf1EGJ6NjV6T0ohIRSCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0DO+p8QtPc1TVlDZhTt2qasmUsGZK2DIn7LnQOo+c159fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+5ne//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+edsowwCAPz773D+ACAFlCKAiMcBCE7e0dIQBFDHwEZCi1CmhLoU2A40iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQXe+S66tS00hdy75/aTX72Pf5d7nvXOiPHnPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO28Ey8lRdzOHqaGcfnard31pazfvq/P3Ni8PZu1LG49aqCv3/7vk59sL1efnJipPPmy/mQAAAA4HNplfR8Rd9KthaxPpvL6Py33yWr+754ZxmU9f3/dv727frTYNFvW/7/+cveFvYGmhuNkB11eGfTnH0ylc0BTnHjPPnKPTn7m87+9tPMLkry/8fxOmp/P1jc3b77bzcMjdWQLADyOk2WfBUf3fx/K+l7DuQFwOHQqhXdZ/7enms0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoA47G/FUGbciYrazH2e2d9eXRvU3Nm/Plu3s9eub1WNmh0gjYnll0E9rnMuku3pt7eLiYNC/MjKIeOimfx+ciIiDOfJDghix6cMxvjzi7/cp3p5RzyzWLi52xt+5Vd/pndggKa5P8Uo3qft6HWCQvfeOjfW9/E+DBn4YAQDwv5YWLavr76RbC9lrremIP7+/t/5/rRLHmPX/3Y/O3qqOVa3/e7XNcPLNrV76dO7qtbU3Vi4tXuhf6H/y5qneW73T586cOTeXnav5ueVI+vNNpwkAAMATrFu0av2fTD+4/n+8EseY9f9n3/a+qI7VVv+PtL/o13QmAAAAh1F3L3rulT9+b43Yo9XtxueLq6tXesPHveenho+1pvuYjhStWv+3p5vOCgAAAKjDzkbrnvX/85U4xlz/f/qHF3+qHrM9/Jzs5Yjon1y6PDhf33QmWh0fVM4H6jY9UwAAAJpyrGjV9f80v/8/2bvlIYmI118dxuX/WRun/m+/99WP1bGq9/+frm+KEymZGZ6PvJ+J6Mw0nREAAABPonGXeo8WLSv2f0u3Fj7++fgHXff/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtrwAAAP//GLYzgw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000080)=ANY=[], 0x1, 0x0, 0x0)
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
socket$inet(0x2, 0x2, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r0, 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

58.537782285s ago: executing program 9 (id=4430):
socket$pppl2tp(0x18, 0x1, 0x1)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f0000000080)={0x0, 0x86, 0x7f, {0xfffffff8, 0x800}, 0x7, 0x5c3})
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f00000000c0)={0x1d, r4}, 0x18)
connect$can_j1939(r3, &(0x7f0000000140)={0x1d, r4}, 0x18)
sendmmsg(r3, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="b875a1431a05b9319c", 0x9}], 0x1}}], 0xa19afd5e7047374e, 0x4)
ioctl$IOMMU_IOAS_UNMAP(0xffffffffffffffff, 0x3b86, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r5 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
kexec_load(0x0, 0x0, &(0x7f0000000180), 0x0)
syz_open_procfs(0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

56.281246008s ago: executing program 9 (id=4519):
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0)

55.360318528s ago: executing program 9 (id=4523):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000ac0)={0x0, 0x0})
r4 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
dup3(r3, r4, 0x80000)

52.528158008s ago: executing program 9 (id=4531):
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0)

50.679810667s ago: executing program 38 (id=4531):
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000280)='./file0/file1\x00', 0xb)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2243005, 0x0)

17.962664015s ago: executing program 0 (id=4666):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='/'], 0x20)

17.797438316s ago: executing program 0 (id=4667):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
setreuid(0x0, 0xee00)
write$RDMA_USER_CM_CMD_BIND(r0, 0x0, 0x0)

17.39719095s ago: executing program 0 (id=4670):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000040100000800000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3}, 0x0, &(0x7f0000001d40)=r2}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
close(0x3)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000000), 0xcbb6, 0x218203)
ioctl$USBDEVFS_CLAIM_PORT(r6, 0x80045518, &(0x7f0000000040)=0xee6e)
r7 = fsmount(r5, 0x0, 0x1)
fchdir(r7)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00')
socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)

16.418970981s ago: executing program 0 (id=4671):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e21, @broadcast}, 0x2, 0x9800, 0xfffffffd}}, 0x2e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x202, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000200)=0x1)
writev(r3, &(0x7f0000000500)=[{&(0x7f0000000480)="9e1bff8ead93d0a6f8", 0x9}], 0x1)

16.142689133s ago: executing program 0 (id=4672):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="180000002500010324bd5f02ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000580)=""/4089, 0xff9}, {&(0x7f0000000300)=""/91, 0x5b}, {&(0x7f00000001c0)=""/42, 0x2a}], 0x3}, 0x2000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)

15.993379135s ago: executing program 0 (id=4673):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r0 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0xee01, &(0x7f0000000300)={0xfffffffffffffffc, 0x5, 0x1, 0x2})
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, 0x0, 0x0)
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

9.159162416s ago: executing program 8 (id=4687):
r0 = syz_open_dev$vcsn(&(0x7f0000000080), 0x80, 0x3)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_mr_vif\x00')
preadv(r1, &(0x7f0000000380)=[{&(0x7f0000000540)=""/190, 0xbe}], 0x1, 0x47, 0x548)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x40}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r5}, &(0x7f0000000700), &(0x7f0000000740)=r4}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000002c0)={r5, &(0x7f0000000180), &(0x7f0000000000), 0x2}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x100000}, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$getregset(0x4205, r6, 0x2, &(0x7f0000000380)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r6, 0x2, &(0x7f0000000740)={0x0})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, r1, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r7, 0x29, 0x12, 0x0, 0x0)
sendmsg$TIPC_NL_KEY_FLUSH(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)={0x14, r3, 0x1, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f00000007c0)={0x16c, r3, 0x8, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3e52}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}, @TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x10000}, @TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_NODE={0xa8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0x14, 0x3, "e08e9a3a3c01e154f42e42b9bb314eb3"}, @TIPC_NLA_NODE_ID={0x8c, 0x3, "5092de05ba74aec34bf9d8e3dc3c753f674c8de7f040f6e83a99b1bb288a4187650ef537ab27cbd966b0725a04ff0ae92032a7900dba62df2475a7b39121054bc3a46bb646ebb9202c1b66b488c3b44131d3f937cafc294815b98852ba00f22574dbd9a6cb790eb49eb12f528ba6e86c6b816bc5564909011cc34e74e32a051f715632b192a13813"}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x27}]}, @TIPC_NLA_MEDIA={0x4}]}, 0x16c}, 0x1, 0x0, 0x0, 0x4c085}, 0x8005)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="60000000020605000000000000000000000000001400078008000640200000000800134000000000050001"], 0x60}}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0xc0042, 0x1)

4.117335957s ago: executing program 8 (id=4692):
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
migrate_pages(0x0, 0x5, &(0x7f0000000040)=0x9, &(0x7f0000000080)=0x272)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000937fed)=""/16, &(0x7f0000000080)=0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x24040084)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffff9})
r1 = gettid()
timer_create(0x2, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, r1)
unshare(0x6020400)
lseek(0xffffffffffffffff, 0xfffffffffffffffd, 0x0)
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_disconnect(r2)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$HIDIOCGUSAGE(r3, 0xc0105b08, &(0x7f0000000340)={0x1, 0x200, 0x3cf3, 0x200000, 0x110001})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)

3.799198281s ago: executing program 6 (id=4694):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xfc, 0x7fff0029}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)

3.565320054s ago: executing program 6 (id=4695):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x76, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x18410, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES64=0x0], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r2 = open(&(0x7f00000001c0)='./file2\x00', 0x86442, 0x0)
ftruncate(r2, 0x0)

3.455577544s ago: executing program 1 (id=4696):
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000cc0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x10, &(0x7f00000010c0)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES16=0x0, @ANYRESOCT, @ANYRESDEC, @ANYRESDEC, @ANYRES8=0x0], 0x6, 0x1fb, &(0x7f00000011c0)="$eJzskr1rFEEYxp/ZndvsBWMOiYIiBDVomuT2LnJ+FAo2HmohEiEGBI/N5lzc+JE90DtSrCCI2AgGIUEsBEkQC/EfcAurdArBLgRSp0ghgiSuzOy76xzpU82veWbeeef9mrkbPgp7AOxszblACQKOAXxnDBzAIJMmTJmp2qTXSC06v2ykGpP+Id0505mYBJh/fK1mxFFqxK+Vdbjov41z765++nGjML96YPPDV3Fy5Wb7C9ipqf73bz+/urTQJ8OzW5NqHDM+umgfY7LY19sTa+v8MAayWP786kH776GVZ0sfay9EB2+mwZxFG8Dot5GFC07fS4Nihu3OvUYQeLPhxacGNmWqn1tzrljcAZAkSSJ7B1AHoPqI9pcVnyMcGAdgIsl9OP5Tbs08LIftzog/02h6Te9+tTpWc07TFOE55Wk/8BympKAJwgB+iyzimYrKeQHANnBd7HvRjXBKetPS6Jypdy3l6YZPdN818rYG8/YY4vxuD/mJ2sdxEmK0jyOmWIdkFA7ZUh1FmLSpcKW+NFcTQOCNug9sMglPq6hsAq+ygUIesKpuxs5mXwrPSYdI66RLpBuk2Y/OfiqXEQx6ieEIsPCk0WrNVixgeR/dIltVDC5dlSJ1YCJryexu7ryJXezfbdJoNBqNRqPRaDSaPeFfAAAA///DM5jn")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

3.034259259s ago: executing program 1 (id=4697):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f00000001c0)=[@wrmsr={0x1e, 0x20, {0x401, 0x8}}], 0x20})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x25})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.737503742s ago: executing program 1 (id=4698):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000840)="a6", 0x1, 0x200080c0, &(0x7f00000001c0)={0xa, 0x2, 0x8000, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='illinois', 0x8)
shutdown(r0, 0x1)

2.639521013s ago: executing program 1 (id=4699):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)={0x38, r3, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r4}}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x38}}, 0x20000000)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000011}, 0x4000810)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
r6 = socket(0x40000000015, 0x5, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x4e23, 0xfffffffc, @empty, 0xe79}, 0x1c)
r7 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
unshare(0x40000800)
sendmsg$netlink(r7, 0x0, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, <r9=>0x0}, &(0x7f0000000400)=0xc)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r11}, 0xc)
r12 = accept4$packet(r4, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000480)=0x14, 0x0)
r13 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r13, 0x800448f0, &(0x7f0000000040)={0x2, 0x0, "b86b2d", 0x74, 0x6})
r14 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f00000004c0)='devices.deny\x00', 0x2, 0x0)
sendmsg$netlink(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)={0x6c, 0x2e, 0x100, 0x70bd2b, 0x25dfdbff, "", [@nested={0x4c, 0x90, 0x0, 0x1, [@nested={0x4, 0x150}, @generic="846fe6c9c6acd19d4ed95b804dbc93ce490d021aa63637b309877cc70532cde8b264cc712f711aa2a0409b00bc6a70fe90d18742f99b007cab396a4255b52d2a846ff9eb"]}, @generic="86f7cc6859e643cb950bd9f7f71eda"]}, 0x6c}], 0x1, &(0x7f0000000500)=[@cred={{0x18, 0x1, 0x2, {0x0, r8, r9}}}, @rights={{0x20, 0x1, 0x1, [r11, r4, r12, r13, r0]}}, @rights={{0x24, 0x1, 0x1, [r0, r4, r5, r5, r5, r14]}}], 0x5c, 0xba2a575878df09a9}, 0x20000000)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x730)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3000003, 0x204031, 0xffffffffffffffff, 0xffffd000)
getsockopt$X25_QBITINCL(0xffffffffffffffff, 0x106, 0x1, &(0x7f0000000040), &(0x7f0000000180)=0x4)

2.311680196s ago: executing program 6 (id=4700):
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)

1.93737241s ago: executing program 6 (id=4701):
syz_emit_vhci(&(0x7f0000000580)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x4}}, 0x9)

1.713547213s ago: executing program 8 (id=4702):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

1.707597822s ago: executing program 6 (id=4703):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000007c0)='westwood', 0x8)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

1.481202745s ago: executing program 8 (id=4704):
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "081f20", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x200, 0x0, 0x4, 0x2, 0x3}, 0x20)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000e00)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa000000000000007000000080000002d1501000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000003000000160302000ee60060bf350000000000001f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dc725f431bcab0ef59b8f0e431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa0100000000000000b93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4ffcae1a8a793a7795a9214a92f66e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc3086936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154baa8e51489a614e69722bac30000000000000000000000000000a006b178438e930b2494db1bf624a70a19a45b8b71869afb13cb2ac1d2f3ec0d93a3e4fd0ad076c7d826f218aa6ba8ec5e58b7c64dc8616127087901dc65418a4b25bfa7ae8b5ad9642815f319230425e8bd89c6983d816d97d81a739917eecd26f9a3aecaf0acdaf6cffab38eae3b10b122b4bf521a46bf01a0c136f745113b589459fbe1666087a7c554a55e2b42ab7e405a77f405a348a64e356b7fb61e48ea9c87bf13f97052c51fdd49f3dbccf9874cf61807ae4b1665ccdd026d4580a068395e8cb851eeadb1da6d1009513ca73a685c66fb15f27eb74a7a4eb5966e3ef4be3ca8ba81b2d17d797265390ce616c3d7b566fe956fb93c6a43f4dc6bfc194daeb7b998d550773bc14aca"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

1.441594385s ago: executing program 1 (id=4705):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f00000001c0)=[@wrmsr={0x1e, 0x20, {0x401, 0x8}}], 0x20})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, 0x0, 0x25})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x2, 0x9, 0xfffffffffffffffd, 0x6, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

311.259537ms ago: executing program 8 (id=4706):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
close(0x4)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a300000000030000380"], 0xfc}}, 0x0)

272.658437ms ago: executing program 1 (id=4707):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r1, 0x1)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', 0x0, 0x0)
r6 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
tkill(r6, 0xb)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x55fdb4595c3d8036)
mkdir(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r8 = openat$cgroup_netprio_ifpriomap(r7, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r8, &(0x7f0000000200)=ANY=[@ANYBLOB='gretap0 8'], 0xa)
fsopen(0x0, 0x1)
sendmsg$nl_route(r0, 0x0, 0x0)

272.252517ms ago: executing program 6 (id=4708):
r0 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000340)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac2(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000040)="1e70e51e", 0x4}], 0x1)

0s ago: executing program 8 (id=4709):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
fstatfs(r0, &(0x7f0000000140)=""/32)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYRES32=r3], 0x1c}}, 0x4008054)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000001c0)={[{@data_err_ignore}, {@dioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@grpid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x3c}}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq")

kernel console output (not intermixed with test programs):

to 7
[ 1129.739878][ T5857] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1129.762354][ T5857] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1129.797819][ T5857] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1129.816175][ T5857] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1129.847315][ T5857] usb 1-1: Manufacturer: syz
[ 1129.858861][ T5857] usb 1-1: config 0 descriptor??
[ 1130.301326][ T5857] appleir 0003:05AC:8243.000C: unknown main item tag 0x0
[ 1130.331796][ T5857] appleir 0003:05AC:8243.000C: No inputs registered, leaving
[ 1130.393189][ T5857] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[ 1130.889817][ T5857] usb 1-1: USB disconnect, device number 41
[ 1132.480993][T17767] kvm: kvm [17766]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x80
[ 1134.947943][T17795] fuse: Bad value for 'rootmode'
[ 1141.319834][T17826] fuse: Bad value for 'rootmode'
[ 1145.526946][ T5763] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1145.809044][ T5763] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1145.837021][ T5763] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1145.875098][ T5763] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1145.906956][ T5763] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1145.952091][ T5763] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1145.966211][ T5763] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1145.986003][ T5763] usb 3-1: Manufacturer: syz
[ 1145.996763][ T5763] usb 3-1: config 0 descriptor??
[ 1146.428252][ T5763] appleir 0003:05AC:8243.000D: unknown main item tag 0x0
[ 1146.440612][ T5763] appleir 0003:05AC:8243.000D: No inputs registered, leaving
[ 1146.466357][ T5763] appleir 0003:05AC:8243.000D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1147.002191][ T5843] usb 3-1: USB disconnect, device number 14
[ 1147.161039][T17865] fuse: Unknown parameter 'use00000000000000000000'
[ 1152.513904][T17907] fuse: Unknown parameter 'use00000000000000000000'
[ 1152.972376][T10737] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1153.277063][T10737] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1153.297296][T10737] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1153.377252][T10737] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1153.443750][T10737] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1153.468579][T10737] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1153.496901][T10737] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1153.511887][T10737] usb 5-1: Manufacturer: syz
[ 1153.540601][T10737] usb 5-1: config 0 descriptor??
[ 1153.958251][T10737] appleir 0003:05AC:8243.000E: unknown main item tag 0x0
[ 1153.997061][T10737] appleir 0003:05AC:8243.000E: No inputs registered, leaving
[ 1154.180090][T10737] appleir 0003:05AC:8243.000E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[ 1154.529809][  T786] usb 5-1: USB disconnect, device number 18
[ 1154.750301][T17928] fido_id[17928]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[ 1156.171427][T17942] netlink: 232 bytes leftover after parsing attributes in process `syz.2.3343'.
[ 1156.983200][T17947] fuse: Unknown parameter 'use00000000000000000000'
[ 1159.244732][T14108] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1159.588293][T14108] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1159.634746][T14108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1159.687136][T14108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1159.706895][T14108] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1159.770372][T14108] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1159.792310][T14108] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1159.825108][T14108] usb 1-1: Manufacturer: syz
[ 1159.835925][T14108] usb 1-1: config 0 descriptor??
[ 1160.327064][T14108] appleir 0003:05AC:8243.000F: unknown main item tag 0x0
[ 1160.365948][T14108] appleir 0003:05AC:8243.000F: No inputs registered, leaving
[ 1160.379546][T14108] appleir 0003:05AC:8243.000F: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[ 1160.847965][T17978] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1160.897347][ T5763] usb 1-1: USB disconnect, device number 42
[ 1164.837192][   T23] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1165.156542][   T23] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1165.185874][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1165.277239][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1165.310301][T18030] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1165.357004][   T23] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1166.056626][   T23] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1166.066670][   T23] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1166.075380][   T23] usb 3-1: Manufacturer: syz
[ 1166.110177][   T23] usb 3-1: config 0 descriptor??
[ 1166.588883][   T23] appleir 0003:05AC:8243.0010: unknown main item tag 0x0
[ 1166.654424][   T23] appleir 0003:05AC:8243.0010: No inputs registered, leaving
[ 1166.715456][   T23] appleir 0003:05AC:8243.0010: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1167.380379][   T23] usb 3-1: USB disconnect, device number 15
[ 1169.712918][T18062] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1172.025374][T18088] fuse: Bad value for 'fd'
[ 1172.506973][ T5763] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1172.797993][ T5763] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1172.851735][ T5763] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1172.873288][ T5763] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1172.916913][ T5763] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1173.007400][ T5763] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1173.037948][ T5763] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1173.057083][ T5763] usb 7-1: Manufacturer: syz
[ 1173.073311][ T5763] usb 7-1: config 0 descriptor??
[ 1173.520587][T18102] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1173.601998][ T5763] appleir 0003:05AC:8243.0011: unknown main item tag 0x0
[ 1173.622741][ T5763] appleir 0003:05AC:8243.0011: No inputs registered, leaving
[ 1173.733253][ T5763] appleir 0003:05AC:8243.0011: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[ 1174.121161][T18111] pim6reg1: entered promiscuous mode
[ 1174.147055][T18111] pim6reg1: entered allmulticast mode
[ 1175.006930][ T5843] usb 7-1: reset high-speed USB device number 12 using dummy_hcd
[ 1177.588960][T14108] usb 7-1: USB disconnect, device number 12
[ 1177.713828][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.726025][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.727609][T18128] fuse: Bad value for 'fd'
[ 1178.528895][T18136] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1178.817097][T14108] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1178.919452][T18146] pim6reg1: entered promiscuous mode
[ 1178.976508][T18146] pim6reg1: entered allmulticast mode
[ 1179.023002][T14108] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1179.233009][T14108] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1179.415910][T14108] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1179.486952][T14108] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1179.518914][T14108] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1179.533421][T14108] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1179.553383][T14108] usb 3-1: Manufacturer: syz
[ 1179.566301][T14108] usb 3-1: config 0 descriptor??
[ 1180.016295][T14108] appleir 0003:05AC:8243.0012: unknown main item tag 0x0
[ 1180.041556][T14108] appleir 0003:05AC:8243.0012: No inputs registered, leaving
[ 1180.087395][T14108] appleir 0003:05AC:8243.0012: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1180.590320][ T5857] usb 3-1: USB disconnect, device number 16
[ 1181.125562][T18159] fuse: Bad value for 'fd'
[ 1181.802611][T18172] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1182.907196][T14108] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 1183.113194][T14108] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1183.124718][T14108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1183.138895][T14108] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1183.149699][T14108] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1183.165154][T14108] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1183.187080][T14108] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1183.196665][T14108] usb 1-1: Manufacturer: syz
[ 1183.214533][T14108] usb 1-1: config 0 descriptor??
[ 1183.572791][T18193] pim6reg1: entered promiscuous mode
[ 1183.637148][T18193] pim6reg1: entered allmulticast mode
[ 1183.693009][T14108] appleir 0003:05AC:8243.0013: unknown main item tag 0x0
[ 1183.744815][T14108] appleir 0003:05AC:8243.0013: No inputs registered, leaving
[ 1183.826443][T14108] appleir 0003:05AC:8243.0013: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[ 1184.201960][ T5857] usb 1-1: USB disconnect, device number 43
[ 1184.273406][T18201] fuse: Bad value for 'fd'
[ 1185.815467][T18228] fuse: Bad value for 'fd'
[ 1185.852095][T18230] fuse: Unknown parameter 'grou00000000000000000000'
[ 1186.296978][ T5857] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1186.502954][ T5857] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1186.516424][ T5857] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1186.528382][ T5857] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1186.538547][ T5857] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1186.554280][ T5857] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1186.564303][ T5857] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1186.572937][ T5857] usb 3-1: Manufacturer: syz
[ 1186.582231][ T5857] usb 3-1: config 0 descriptor??
[ 1187.031331][ T5857] appleir 0003:05AC:8243.0014: unknown main item tag 0x0
[ 1187.044534][ T5857] appleir 0003:05AC:8243.0014: No inputs registered, leaving
[ 1187.081985][ T5857] appleir 0003:05AC:8243.0014: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1187.651029][T14108] usb 3-1: USB disconnect, device number 17
[ 1188.638522][T18257] fuse: Bad value for 'fd'
[ 1188.811994][T18261] fuse: Unknown parameter 'grou00000000000000000000'
[ 1191.096998][T14108] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1191.339497][T14108] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1191.352423][T14108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1191.377198][T14108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1191.394273][T14108] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1191.412055][T14108] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1191.421299][T14108] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1191.430386][T18283] fuse: Unknown parameter '0x0000000000000005'
[ 1191.436711][T14108] usb 5-1: Manufacturer: syz
[ 1191.448132][T14108] usb 5-1: config 0 descriptor??
[ 1191.568986][T18285] fuse: Unknown parameter 'grou00000000000000000000'
[ 1191.901368][T14108] appleir 0003:05AC:8243.0015: unknown main item tag 0x0
[ 1191.934946][T14108] appleir 0003:05AC:8243.0015: No inputs registered, leaving
[ 1191.971712][T14108] appleir 0003:05AC:8243.0015: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[ 1193.122049][   T23] usb 5-1: USB disconnect, device number 19
[ 1193.912753][T18304] trusted_key: encrypted_key: insufficient parameters specified
[ 1194.459733][T18315] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1194.515528][T18317] fuse: Unknown parameter '0x0000000000000005'
[ 1197.097359][ T5763] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1197.320140][ T5763] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1197.341964][ T5763] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1197.383865][ T5763] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1197.406318][ T5763] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1197.460910][ T5763] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1197.486885][ T5763] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1197.512449][ T5763] usb 5-1: Manufacturer: syz
[ 1197.557693][ T5763] usb 5-1: config 0 descriptor??
[ 1198.004351][ T5763] appleir 0003:05AC:8243.0016: unknown main item tag 0x0
[ 1198.025952][ T5763] appleir 0003:05AC:8243.0016: No inputs registered, leaving
[ 1198.038495][T18342] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1198.050189][ T5763] appleir 0003:05AC:8243.0016: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[ 1198.361984][T18347] fuse: Unknown parameter '0x0000000000000005'
[ 1198.858294][T10740] usb 5-1: USB disconnect, device number 20
[ 1199.329120][T18361] loop6: detected capacity change from 0 to 256
[ 1199.566710][T18367] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1199.855660][T18376] fuse: Unknown parameter '0x0000000000000005'
[ 1201.796964][ T5843] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1201.966991][ T5843] usb 5-1: device descriptor read/64, error -71
[ 1202.380830][ T5843] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1202.556908][ T5843] usb 5-1: device descriptor read/64, error -71
[ 1202.681309][ T5843] usb usb5-port1: attempt power cycle
[ 1202.687084][T18115] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1202.893381][T18115] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1202.932139][T18115] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1202.984567][T18115] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1203.008290][T18115] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1203.079288][T18115] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1203.096454][T18115] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1203.117489][T18115] usb 3-1: Manufacturer: syz
[ 1203.139096][T18115] usb 3-1: config 0 descriptor??
[ 1203.166708][T18387] loop4: detected capacity change from 0 to 256
[ 1203.439872][T18389] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1203.565420][T18115] appleir 0003:05AC:8243.0017: unknown main item tag 0x0
[ 1203.588252][T18115] appleir 0003:05AC:8243.0017: No inputs registered, leaving
[ 1203.606595][T18115] appleir 0003:05AC:8243.0017: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1203.955201][T18401] fuse: Unknown parameter '0x0000000000000005'
[ 1204.335121][   T23] usb 3-1: USB disconnect, device number 18
[ 1206.555420][T18417] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1206.951472][T18427] fuse: Unknown parameter '0x0000000000000005'
[ 1207.477207][   T23] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1207.709264][   T23] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1207.736328][   T23] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1207.759531][T18439] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1207.800234][   T23] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1207.828602][   T23] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1207.888089][   T23] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1207.897316][   T23] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1207.911606][   T23] usb 7-1: Manufacturer: syz
[ 1207.935863][   T23] usb 7-1: config 0 descriptor??
[ 1208.300861][T18450] fuse: Unknown parameter 'fd0x0000000000000005'
[ 1208.380495][   T23] appleir 0003:05AC:8243.0018: unknown main item tag 0x0
[ 1208.402536][   T23] appleir 0003:05AC:8243.0018: No inputs registered, leaving
[ 1208.438111][   T23] appleir 0003:05AC:8243.0018: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[ 1209.143907][T18115] usb 7-1: USB disconnect, device number 13
[ 1210.687830][T18464] fuse: Bad value for 'user_id'
[ 1213.736966][ T5857] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1213.967158][ T5857] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1213.987389][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1214.045330][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1214.097368][ T5857] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1214.199015][ T5857] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1214.233766][ T5857] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1214.295044][ T5857] usb 5-1: Manufacturer: syz
[ 1214.318366][ T5857] usb 5-1: config 0 descriptor??
[ 1214.666449][T18494] fuse: Bad value for 'user_id'
[ 1215.637278][ T5857] appleir 0003:05AC:8243.0019: unknown main item tag 0x0
[ 1215.645260][ T5857] appleir 0003:05AC:8243.0019: No inputs registered, leaving
[ 1215.681347][ T5857] appleir 0003:05AC:8243.0019: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[ 1215.769871][T18499] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1216.759440][T18115] usb 5-1: USB disconnect, device number 24
[ 1217.695665][T18525] fuse: Bad value for 'user_id'
[ 1218.235726][T18532] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1218.252961][T18115] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1218.631156][T18115] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1218.772547][T18115] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1218.790451][T18115] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1218.807382][T18115] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1218.835126][T18115] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1218.844776][T18115] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1218.866346][T18115] usb 7-1: Manufacturer: syz
[ 1218.877772][T18115] usb 7-1: config 0 descriptor??
[ 1219.297459][T18115] appleir 0003:05AC:8243.001A: unknown main item tag 0x0
[ 1219.309733][T18115] appleir 0003:05AC:8243.001A: No inputs registered, leaving
[ 1219.352129][T18115] appleir 0003:05AC:8243.001A: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[ 1220.032936][T18115] usb 7-1: USB disconnect, device number 14
[ 1220.753517][T18556] fuse: Bad value for 'fd'
[ 1221.550399][T18564] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1222.987000][ T5857] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1223.180300][ T5857] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1223.208348][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1223.224133][T18582] fuse: Bad value for 'fd'
[ 1223.238414][ T5857] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1223.267123][ T5857] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1223.296673][ T5857] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1223.313223][ T5857] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1223.325930][ T5857] usb 5-1: Manufacturer: syz
[ 1223.348832][ T5857] usb 5-1: config 0 descriptor??
[ 1223.772369][ T5857] appleir 0003:05AC:8243.001B: unknown main item tag 0x0
[ 1223.814801][ T5857] appleir 0003:05AC:8243.001B: No inputs registered, leaving
[ 1223.864090][ T5857] appleir 0003:05AC:8243.001B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[ 1223.921552][T18588] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1224.786173][T18594] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1224.808373][T18594] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1224.873758][T18594] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1224.900908][T18594] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1224.930153][T18594] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1224.957490][T18594] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1225.026003][T18594] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1225.098329][T18594] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1225.540776][T18614] fuse: Bad value for 'fd'
[ 1225.929770][ T5763] usb 5-1: USB disconnect, device number 25
[ 1226.206675][ T5083] Bluetooth: hci0: command tx timeout
[ 1226.333613][T18622] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1226.977283][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[ 1226.986322][ T5083] Bluetooth: hci2: command 0x0406 tx timeout
[ 1227.057408][ T5083] Bluetooth: hci1: command 0x0406 tx timeout
[ 1228.151253][T18644] fuse: Bad value for 'fd'
[ 1228.257127][T18633] Bluetooth: hci0: command tx timeout
[ 1228.297057][ T5763] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1228.584610][ T5763] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1228.620157][ T5763] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1228.676904][ T5763] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1228.706949][ T5763] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1229.299407][ T5763] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1229.308755][ T5763] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1229.317604][ T5763] usb 7-1: Manufacturer: syz
[ 1229.343484][ T5763] usb 7-1: config 0 descriptor??
[ 1229.357047][T18633] Bluetooth: hci2: command 0x0406 tx timeout
[ 1229.363323][T18633] Bluetooth: hci3: command 0x0406 tx timeout
[ 1229.370089][T18633] Bluetooth: hci1: command 0x0406 tx timeout
[ 1230.158637][ T5763] appleir 0003:05AC:8243.001C: unknown main item tag 0x0
[ 1230.197864][ T5763] appleir 0003:05AC:8243.001C: No inputs registered, leaving
[ 1230.280854][ T5763] appleir 0003:05AC:8243.001C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[ 1231.158137][T18653] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1232.167685][T18677] fuse: Bad value for 'fd'
[ 1232.839692][T10737] usb 7-1: USB disconnect, device number 15
[ 1234.984935][T18705] fuse: Bad value for 'fd'
[ 1236.437540][T18712] tipc: Started in network mode
[ 1236.442501][T18712] tipc: Node identity 7e7e65ad7c97, cluster identity 4711
[ 1236.487669][T18712] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1236.496066][T18712] syzkaller0: entered promiscuous mode
[ 1236.506991][T18712] syzkaller0: entered allmulticast mode
[ 1236.557312][T18711] tipc: Resetting bearer <eth:syzkaller0>
[ 1236.738877][T18711] tipc: Disabling bearer <eth:syzkaller0>
[ 1236.886977][T10737] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 1237.099588][T10737] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1237.118304][T10737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1237.148770][T10737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1237.200607][T10737] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1237.251262][T10737] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1237.285409][T10737] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1237.339789][T10737] usb 3-1: Manufacturer: syz
[ 1237.378794][T10737] usb 3-1: config 0 descriptor??
[ 1237.988784][T10737] appleir 0003:05AC:8243.001D: unknown main item tag 0x0
[ 1237.996467][T10737] appleir 0003:05AC:8243.001D: No inputs registered, leaving
[ 1238.141067][T10737] appleir 0003:05AC:8243.001D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1238.950582][T18731] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3601'.
[ 1239.148970][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.156160][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.754844][T18741] fuse: Invalid rootmode
[ 1239.983489][T18743] tipc: Started in network mode
[ 1239.997252][T18743] tipc: Node identity 84e, cluster identity 4711
[ 1240.012900][T18743] tipc: Node number set to 2126
[ 1240.092231][ T5857] usb 3-1: USB disconnect, device number 19
[ 1241.360834][T18760] netlink: 232 bytes leftover after parsing attributes in process `syz.6.3611'.
[ 1241.874041][T18771] fuse: Invalid rootmode
[ 1243.450496][T18791] netlink: 232 bytes leftover after parsing attributes in process `syz.6.3621'.
[ 1244.081144][T18805] fuse: Invalid rootmode
[ 1245.360456][T18824] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3632'.
[ 1245.529861][T18826] loop6: detected capacity change from 0 to 512
[ 1245.570089][T18826] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1245.692676][T18826] EXT4-fs error (device loop6): ext4_iget_extra_inode:4739: inode #15: comm syz.6.3631: corrupted in-inode xattr: e_value size too large
[ 1245.940335][T18826] EXT4-fs error (device loop6): ext4_orphan_get:1409: comm syz.6.3631: couldn't read orphan inode 15 (err -117)
[ 1245.968346][T18826] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1246.099632][T18826] EXT4-fs: Ignoring removed bh option
[ 1246.110519][T18826] System zones: 1-12
[ 1246.115942][T18826] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 1246.203417][T18833] fuse: Bad value for 'rootmode'
[ 1246.209443][T15152] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1246.531859][T18840] loop4: detected capacity change from 0 to 4096
[ 1246.596419][T18846] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1247.554521][T18860] loop4: detected capacity change from 0 to 4096
[ 1247.569464][T18860] EXT4-fs: inline encryption not supported
[ 1247.595258][T18860] EXT4-fs: Ignoring removed bh option
[ 1247.615652][T18860] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1247.626075][T18860] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1247.642692][T18860] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[ 1247.653393][T18860] System zones: 0-5
[ 1247.667953][T18860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1248.010962][T18855] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1248.029509][T18855] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1248.058576][T18855] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1248.077414][T18855] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1248.231193][T18866] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1248.363953][T14243] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1249.076411][T18876] fuse: Bad value for 'rootmode'
[ 1249.217047][ T5785] Bluetooth: hci0: command tx timeout
[ 1250.097167][T18633] Bluetooth: hci2: command 0x0406 tx timeout
[ 1250.103348][T18633] Bluetooth: hci3: command 0x0406 tx timeout
[ 1250.110080][ T5785] Bluetooth: hci1: command 0x0406 tx timeout
[ 1250.629667][T18889] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3649'.
[ 1251.834444][T18895] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1251.845980][T18895] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1251.852953][T18895] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1251.863124][T18895] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1251.882870][T18898] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1252.008891][T18904] syzkaller0: entered promiscuous mode
[ 1252.055914][T18904] syzkaller0: entered allmulticast mode
[ 1252.191207][T18909] fuse: Bad value for 'rootmode'
[ 1253.218035][T18885] Bluetooth: hci0: command tx timeout
[ 1253.854234][T18926] loop4: detected capacity change from 0 to 40427
[ 1253.857201][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[ 1253.866895][T18885] Bluetooth: hci2: command 0x0406 tx timeout
[ 1253.894987][T18926] F2FS-fs (loop4): invalid crc value
[ 1253.913265][T18926] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1253.942469][T18885] Bluetooth: hci1: command 0x0406 tx timeout
[ 1253.974057][T18926] F2FS-fs (loop4): Start checkpoint disabled!
[ 1253.995286][T18926] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1254.641443][   T49] kworker/u4:3: attempt to access beyond end of device
[ 1254.641443][   T49] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1254.759992][T18936] fuse: Unknown parameter 'use00000000000000000000'
[ 1254.764258][   T49] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1257.974502][T18965] fuse: Unknown parameter 'use00000000000000000000'
[ 1258.484763][T10740] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 1258.655352][T18977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3677'.
[ 1258.742532][T18971] can: request_module (can-proto-4) failed.
[ 1259.153323][T10740] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1259.206898][T10740] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1259.218381][T10740] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1259.228685][T10740] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1259.257070][T10740] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1259.317489][T18975] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1259.365681][T10740] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1259.373926][T10740] usb 1-1: Manufacturer: syz
[ 1259.387766][T10740] usb 1-1: config 0 descriptor??
[ 1259.826482][T10740] appleir 0003:05AC:8243.001E: unknown main item tag 0x0
[ 1259.837382][T10740] appleir 0003:05AC:8243.001E: No inputs registered, leaving
[ 1259.873913][T10740] appleir 0003:05AC:8243.001E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[ 1260.119610][T18992] netlink: 232 bytes leftover after parsing attributes in process `syz.4.3680'.
[ 1261.967827][T18115] usb 1-1: USB disconnect, device number 44
[ 1261.981052][T19007] fuse: Unknown parameter 'use00000000000000000000'
[ 1262.549283][T19012] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1264.004890][ T5843] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[ 1264.452659][ T5843] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1264.517292][ T5843] usb 7-1: not running at top speed; connect to a high speed hub
[ 1264.559212][ T5843] usb 7-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1264.592785][ T5843] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1264.619935][ T5843] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1264.657029][ T5843] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1264.712558][ T5843] usb 7-1: Product: syz
[ 1264.727114][ T5843] usb 7-1: Manufacturer: syz
[ 1264.731995][ T5843] usb 7-1: SerialNumber: syz
[ 1264.762861][T19030] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1264.839360][T19038] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1265.055729][ T5843] cdc_ether: probe of 7-1:1.0 failed with error -22
[ 1265.103120][ T5843] usb 7-1: USB disconnect, device number 16
[ 1265.387672][T19045] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3692'.
[ 1267.305847][T19045] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1270.727133][T19072] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1272.067356][T10737] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[ 1272.272153][T10737] usb 7-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 1272.305488][T10737] usb 7-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1272.323981][T10737] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1272.342490][T10737] usb 7-1: Product: syz
[ 1272.372887][T10737] usb 7-1: Manufacturer: syz
[ 1272.385799][T10737] usb 7-1: SerialNumber: syz
[ 1272.400301][T10737] usb 7-1: config 0 descriptor??
[ 1272.416295][T19085] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1272.443361][T10737] streamzap 7-1:0.0: streamzap_probe: Unexpected desc.bNumEndpoints (0)
[ 1272.617760][T19099] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1272.865147][   T23] usb 7-1: USB disconnect, device number 17
[ 1273.971539][T19111] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1274.295361][T19115] loop6: detected capacity change from 0 to 512
[ 1274.368403][T19115] EXT4-fs: Ignoring removed bh option
[ 1274.403709][T19115] EXT4-fs: Mount option(s) incompatible with ext2
[ 1274.548352][T19121] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1274.907227][   T35] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 1275.119108][   T35] usb 1-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[ 1275.154103][   T35] usb 1-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b
[ 1275.164048][   T35] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1275.230192][   T35] usb 1-1: Product: syz
[ 1275.255254][   T35] usb 1-1: Manufacturer: syz
[ 1275.287083][   T35] usb 1-1: SerialNumber: syz
[ 1275.546550][   T35] gspca_main: pac207-2.14.0 probing 093a:2476
[ 1275.558616][   T35] gspca_pac207: Failed to read a register (index 0x0000, error -71)
[ 1275.570856][   T35] usb 1-1: USB disconnect, device number 45
[ 1276.565526][T19138] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1277.119911][T19148] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1278.244612][T19163] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1278.764192][T19174] loop4: detected capacity change from 0 to 512
[ 1278.772276][T19174] EXT4-fs: Ignoring removed bh option
[ 1278.799550][T19174] EXT4-fs: Mount option(s) incompatible with ext2
[ 1278.808791][T19175] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1280.494808][T19186] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1282.478590][T19214] fuse: Bad value for 'fd'
[ 1283.777511][T19227] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1285.330572][T19246] fuse: Bad value for 'fd'
[ 1285.666650][T19218] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1286.964904][T19279] fuse: Bad value for 'fd'
[ 1287.097932][T19283] Bluetooth: MGMT ver 1.22
[ 1287.122414][T19285] tipc: Started in network mode
[ 1287.127638][T19285] tipc: Node identity 84e, cluster identity 4711
[ 1287.134102][T19285] tipc: Node number set to 2126
[ 1288.341811][T19306] fuse: Unknown parameter '0x0000000000000003'
[ 1288.564686][T19314] tipc: Started in network mode
[ 1288.570167][T19314] tipc: Node identity 84e, cluster identity 4711
[ 1288.577382][T19314] tipc: Node number set to 2126
[ 1288.804051][T19323] syzkaller0: entered promiscuous mode
[ 1288.810033][T19323] syzkaller0: entered allmulticast mode
[ 1289.238693][T19331] fuse: Unknown parameter '0x0000000000000003'
[ 1290.462188][T19353] syzkaller0: entered promiscuous mode
[ 1290.473525][T19353] syzkaller0: entered allmulticast mode
[ 1290.638932][T19362] fuse: Unknown parameter '0x0000000000000003'
[ 1293.318851][T19403] fuse: Unknown parameter '0xffffffffffffffff'
[ 1293.470422][T19387] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1293.476925][T19387] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1293.489140][T19387] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1293.495394][T19387] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1293.809120][T19415] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1294.852052][T18885] Bluetooth: hci0: command tx timeout
[ 1295.435908][T19428] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1295.477683][T19428] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1295.484145][T19428] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1295.512430][T19437] tipc: Cannot configure node identity twice
[ 1295.536926][T18885] Bluetooth: hci1: command 0x0406 tx timeout
[ 1295.564359][T19428] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1295.585411][T19439] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3834'.
[ 1295.663980][T19441] fuse: Unknown parameter '0x0000000000000003'
[ 1295.677235][T19443] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1295.912014][T19456] syzkaller0: entered promiscuous mode
[ 1295.917807][T19456] syzkaller0: entered allmulticast mode
[ 1296.172852][T19462] loop4: detected capacity change from 0 to 164
[ 1296.234530][T19462] iso9660: Corrupted directory entry in block 4 of inode 1792
[ 1296.401373][T19466] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3843'.
[ 1296.445342][T19468] fuse: Unknown parameter '0x0000000000000003'
[ 1296.781675][T19480] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1296.987032][T18885] Bluetooth: hci0: command tx timeout
[ 1297.267653][T19498] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1297.537375][T18885] Bluetooth: hci2: command 0x0406 tx timeout
[ 1297.543796][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[ 1297.617096][ T5083] Bluetooth: hci1: command 0x0406 tx timeout
[ 1298.129275][T19527] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1299.552421][T19554] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1300.593339][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.599887][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.610747][T19561] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1300.617153][T19561] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1300.645849][T19561] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1300.671968][T19561] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1301.937062][ T5083] Bluetooth: hci0: command tx timeout
[ 1302.767514][T18885] Bluetooth: hci3: command 0x0406 tx timeout
[ 1302.787103][ T5785] Bluetooth: hci1: command 0x0406 tx timeout
[ 1302.796941][ T5083] Bluetooth: hci2: command 0x0406 tx timeout
[ 1302.879738][T19599] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3893'.
[ 1313.552199][T19646] bridge0: port 3(syz_tun) entered blocking state
[ 1313.559361][T19646] bridge0: port 3(syz_tun) entered disabled state
[ 1313.565997][T19646] syz_tun: entered allmulticast mode
[ 1313.572919][T19646] syz_tun: entered promiscuous mode
[ 1313.579186][T19646] bridge0: port 3(syz_tun) entered blocking state
[ 1313.585719][T19646] bridge0: port 3(syz_tun) entered forwarding state
[ 1318.764574][T19660] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1318.771231][ T5083] Bluetooth: hci0: command tx timeout
[ 1318.789961][T19660] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1318.936302][T19660] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1318.967156][T19660] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1320.858995][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[ 1320.999316][ T5083] Bluetooth: hci1: command 0x0406 tx timeout
[ 1321.007522][T18885] Bluetooth: hci2: command 0x0406 tx timeout
[ 1322.920536][T19702] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3915'.
[ 1323.326917][T18115] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1323.516879][T18115] usb 5-1: Using ep0 maxpacket: 16
[ 1323.534653][T18115] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[ 1323.545609][T18115] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1323.558509][T18115] usb 5-1: Product: syz
[ 1323.564887][T18115] usb 5-1: Manufacturer: syz
[ 1323.571577][T18115] usb 5-1: SerialNumber: syz
[ 1323.815932][T18115] usb 5-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[ 1323.834273][T18115] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1323.845609][T18115] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[ 1323.854950][T18115] usb 5-1: media controller created
[ 1323.899227][T18115] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1324.127289][T18115] zl10353_read_register: readreg error (reg=127, ret==-110)
[ 1325.530018][T18115] dvb_usb_gl861: probe of 5-1:157.0 failed with error -5
[ 1325.549248][T18115] usb 5-1: USB disconnect, device number 26
[ 1326.306859][T19724] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1326.407254][T19724] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1326.432387][T19724] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1327.047233][T19724] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1328.866975][T18885] Bluetooth: hci0: command tx timeout
[ 1328.872591][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[ 1328.878763][T18885] Bluetooth: hci2: command 0x0406 tx timeout
[ 1329.136988][ T5785] Bluetooth: hci1: command 0x0406 tx timeout
[ 1333.777223][ T5843] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[ 1333.976977][ T5843] usb 1-1: Using ep0 maxpacket: 16
[ 1334.012310][ T5843] usb 1-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[ 1334.037084][ T5843] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1334.061319][ T5843] usb 1-1: Product: syz
[ 1334.073721][ T5843] usb 1-1: Manufacturer: syz
[ 1334.091736][ T5843] usb 1-1: SerialNumber: syz
[ 1334.330374][ T5843] usb 1-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[ 1334.352946][T19785] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1334.355104][ T5843] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1334.378814][ T5843] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[ 1334.389641][T19785] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1334.395774][T19785] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1334.415604][ T5843] usb 1-1: media controller created
[ 1334.427514][T19785] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1334.461471][ T5843] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1334.748799][ T5843] zl10353_read_register: readreg error (reg=127, ret==-110)
[ 1335.627380][ T5785] Bluetooth: hci0: command tx timeout
[ 1335.901784][ T5843] dvb_usb_gl861: probe of 1-1:157.0 failed with error -5
[ 1335.928091][ T5843] usb 1-1: USB disconnect, device number 46
[ 1336.428545][T18885] Bluetooth: hci3: command 0x0406 tx timeout
[ 1336.435076][ T5083] Bluetooth: hci2: command 0x0406 tx timeout
[ 1336.497497][ T5785] Bluetooth: hci1: command 0x0406 tx timeout
[ 1340.416891][T18115] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[ 1340.817018][T18115] usb 1-1: Using ep0 maxpacket: 16
[ 1340.995766][T18115] usb 1-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[ 1341.005750][T18115] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1341.016905][T18115] usb 1-1: Product: syz
[ 1341.021308][T18115] usb 1-1: Manufacturer: syz
[ 1341.026096][T18115] usb 1-1: SerialNumber: syz
[ 1341.693766][T18115] usb 1-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[ 1341.732439][T18115] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1341.767278][T18115] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[ 1341.806881][T18115] usb 1-1: media controller created
[ 1341.874068][T18115] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1342.155563][T18115] zl10353_read_register: readreg error (reg=127, ret==-32)
[ 1343.351669][T18115] dvb_usb_gl861: probe of 1-1:157.0 failed with error -5
[ 1343.415491][T18115] usb 1-1: USB disconnect, device number 47
[ 1362.697249][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.703648][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1371.391330][T20042] loop4: detected capacity change from 0 to 32768
[ 1371.420271][T20042] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[ 1371.592404][T20042] JBD2: Ignoring recovery information on journal
[ 1372.019535][T20042] JBD2: journal reset failed
[ 1372.074372][T20042] (syz.4.4010,20042,0):ocfs2_journal_load:1167 ERROR: Failed to load journal!
[ 1372.146926][T20042] (syz.4.4010,20042,1):ocfs2_check_volume:2432 ERROR: ocfs2 journal load failed! -4
[ 1381.923028][T20103] loop4: detected capacity change from 0 to 32768
[ 1382.004468][T20103] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[ 1382.191535][T20103] JBD2: Ignoring recovery information on journal
[ 1382.836959][T20103] JBD2: journal reset failed
[ 1382.841957][T20103] (syz.4.4030,20103,0):ocfs2_journal_load:1167 ERROR: Failed to load journal!
[ 1382.866821][T20103] (syz.4.4030,20103,0):ocfs2_check_volume:2432 ERROR: ocfs2 journal load failed! -4
[ 1390.114324][T20158] tipc: Cannot configure node identity twice
[ 1391.164119][T20155] loop4: detected capacity change from 0 to 32768
[ 1391.233045][T20155] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[ 1392.399396][T20155] JBD2: Ignoring recovery information on journal
[ 1392.632510][T20155] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1392.852703][   T27] audit: type=1800 audit(1778045502.720:78): pid=20155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4043" name="file1" dev="loop4" ino=17058 res=0 errno=0
[ 1393.359891][T14243] ocfs2: Unmounting device (7,4) on (node local)
[ 1411.290530][T20282] syzkaller0: entered promiscuous mode
[ 1411.337030][T20282] syzkaller0: entered allmulticast mode
[ 1418.488649][T20330] syzkaller0: entered promiscuous mode
[ 1418.509369][T20330] syzkaller0: entered allmulticast mode
[ 1423.122001][T20372] syzkaller0: entered promiscuous mode
[ 1423.470943][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.477436][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.652483][T20372] syzkaller0: entered allmulticast mode
[ 1427.814657][T20413] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4110'.
[ 1428.737858][T20419] syzkaller0: entered promiscuous mode
[ 1429.108234][T20419] syzkaller0: entered allmulticast mode
[ 1432.973362][T20442] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4120'.
[ 1439.475156][T20479] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4130'.
[ 1448.901491][T20560] fuse: Bad value for 'fd'
[ 1450.397062][T10685] IPVS: starting estimator thread 0...
[ 1450.430951][T20576] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4155'.
[ 1450.512656][T20576] block nbd0: not configured, cannot reconfigure
[ 1450.577086][T20578] IPVS: using max 18 ests per chain, 43200 per kthread
[ 1451.514711][T20586] loop4: detected capacity change from 0 to 4096
[ 1451.564124][T20586] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[ 1456.036909][T10737] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1456.415432][T10737] usb 7-1: Using ep0 maxpacket: 32
[ 1456.487130][T10737] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1456.800765][T10737] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1457.106820][T10737] usb 7-1: New USB device found, idVendor=0499, idProduct=1025, bcdDevice=9c.f6
[ 1457.116042][T10737] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1457.293406][T10737] usb 7-1: config 0 descriptor??
[ 1458.120038][T10737] usb 7-1: USB disconnect, device number 18
[ 1460.566860][T10740] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1460.893708][T10740] usb 3-1: Using ep0 maxpacket: 16
[ 1460.914178][T10740] usb 3-1: no configurations
[ 1460.924257][T10740] usb 3-1: can't read configurations, error -22
[ 1461.106971][T10740] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[ 1464.373322][T20703] loop4: detected capacity change from 0 to 256
[ 1464.449011][T20707] loop6: detected capacity change from 0 to 512
[ 1464.492025][T20707] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1464.607256][T20707] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1464.704770][T20703] FAT-fs (loop4): Directory bread(block 64) failed
[ 1464.758871][T20703] FAT-fs (loop4): Directory bread(block 65) failed
[ 1464.765621][T20703] FAT-fs (loop4): Directory bread(block 66) failed
[ 1464.811384][T20707] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 1464.876463][T20703] FAT-fs (loop4): Directory bread(block 67) failed
[ 1464.957081][T20707] EXT4-fs (loop6): 1 truncate cleaned up
[ 1464.962982][T20703] FAT-fs (loop4): Directory bread(block 68) failed
[ 1465.001063][T20703] FAT-fs (loop4): Directory bread(block 69) failed
[ 1465.010747][T20707] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1465.025707][T20703] FAT-fs (loop4): Directory bread(block 70) failed
[ 1465.066279][T20703] FAT-fs (loop4): Directory bread(block 71) failed
[ 1465.114467][T20703] FAT-fs (loop4): Directory bread(block 72) failed
[ 1465.214938][T20703] FAT-fs (loop4): Directory bread(block 73) failed
[ 1465.542863][T15152] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1465.667561][T20723] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4208'.
[ 1466.007915][T20727] overlayfs: failed to resolve './file0': -2
[ 1469.047107][T10685] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1469.246909][T10685] usb 3-1: Using ep0 maxpacket: 8
[ 1469.258677][T10685] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1469.361022][T10685] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1469.395790][T10685] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1469.419173][T10685] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1469.434343][T10685] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1469.444236][T10685] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1469.664635][T10685] usb 3-1: GET_CAPABILITIES returned 0
[ 1469.671753][T10685] usbtmc 3-1:16.0: can't read capabilities
[ 1469.925375][T10685] usb 3-1: USB disconnect, device number 22
[ 1470.029890][T20751] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4218'.
[ 1470.628516][T20764] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4223'.
[ 1473.628297][T20784] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4228'.
[ 1478.226421][T20812] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4238'.
[ 1478.837155][ T5857] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[ 1479.087332][ T5857] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1479.203905][ T5857] usb 3-1: not running at top speed; connect to a high speed hub
[ 1479.288167][ T5857] usb 3-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1479.397596][ T5857] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1479.484919][ T5857] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1479.585484][ T5857] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1479.691283][ T5857] usb 3-1: Product: syz
[ 1479.800965][ T5857] usb 3-1: Manufacturer: syz
[ 1479.819767][ T5857] usb 3-1: SerialNumber: syz
[ 1479.872547][T20823] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1480.137640][ T5857] cdc_ether: probe of 3-1:1.0 failed with error -22
[ 1480.171999][ T5857] usb 3-1: USB disconnect, device number 23
[ 1480.578684][T20842] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4243'.
[ 1480.680544][T20845] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4248'.
[ 1482.111123][T20554] udevd[20554]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1484.047361][T20878] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4258'.
[ 1484.933084][T20891] syzkaller0: entered promiscuous mode
[ 1484.938784][T20891] syzkaller0: entered allmulticast mode
[ 1485.642733][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.658334][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1488.365136][T20910] loop6: detected capacity change from 0 to 256
[ 1490.189728][T20910] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x596330fe, utbl_chksum : 0xe619d30d)
[ 1490.430146][T20915] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4267'.
[ 1492.064479][T20936] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4277'.
[ 1492.312247][T14172] bridge0: port 3(syz_tun) entered disabled state
[ 1492.481020][T14172] syz_tun (unregistering): left allmulticast mode
[ 1492.499615][T14172] syz_tun (unregistering): left promiscuous mode
[ 1492.506124][T14172] bridge0: port 3(syz_tun) entered disabled state
[ 1493.400416][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1493.626669][ T5843] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1493.813563][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1493.837187][ T5843] usb 5-1: Using ep0 maxpacket: 16
[ 1493.848693][ T5843] usb 5-1: config 157 has an invalid descriptor of length 0, skipping remainder of the config
[ 1493.890381][ T5843] usb 5-1: config 157 has 0 interfaces, different from the descriptor's value: 1
[ 1493.944563][ T5843] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[ 1493.965115][ T5843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1494.006821][ T5843] usb 5-1: Product: syz
[ 1494.021330][ T5843] usb 5-1: Manufacturer: syz
[ 1494.051860][ T5843] usb 5-1: SerialNumber: syz
[ 1494.142312][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1494.958177][ T5083] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1494.993664][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.004387][ T5083] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1495.020638][ T5083] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1495.034163][ T5083] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1495.045766][ T5083] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1495.055669][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1495.868765][T10740] usb 5-1: USB disconnect, device number 27
[ 1496.114054][T20971] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4287'.
[ 1496.313891][T20961] chnl_net:caif_netlink_parms(): no params data found
[ 1496.414120][   T49] tipc: Left network mode
[ 1496.869357][T20961] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1496.907528][T20961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1496.914853][T20961] bridge_slave_0: entered allmulticast mode
[ 1496.938518][T20961] bridge_slave_0: entered promiscuous mode
[ 1497.002634][T20961] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1497.057256][T20961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.095402][T20961] bridge_slave_1: entered allmulticast mode
[ 1497.132829][T20961] bridge_slave_1: entered promiscuous mode
[ 1497.137130][ T5785] Bluetooth: hci3: command tx timeout
[ 1497.802176][T20961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1497.986995][T20961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1498.061601][T20961] team0: Port device team_slave_0 added
[ 1498.071342][T20961] team0: Port device team_slave_1 added
[ 1498.118307][T20961] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1498.125394][T20961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1498.152635][T20961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1498.177371][T20961] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1498.185242][T20961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1498.211656][T20961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1499.216940][ T5785] Bluetooth: hci3: command tx timeout
[ 1499.567099][T20961] hsr_slave_0: entered promiscuous mode
[ 1499.621471][T20961] hsr_slave_1: entered promiscuous mode
[ 1499.650338][T20961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1499.676799][T20961] Cannot create hsr debugfs directory
[ 1500.358469][T21011] mmap: syz.0.4293 (21011) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1501.297054][ T5785] Bluetooth: hci3: command tx timeout
[ 1501.652707][T14243] bridge0: port 3(syz_tun) entered disabled state
[ 1501.719494][T14243] syz_tun (unregistering): left allmulticast mode
[ 1501.725978][T14243] syz_tun (unregistering): left promiscuous mode
[ 1501.737563][T14243] bridge0: port 3(syz_tun) entered disabled state
[ 1502.762096][T20961] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1502.947864][T20961] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1503.007601][T20961] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1503.034616][T20961] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1503.356245][ T5083] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1503.369367][ T5083] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1503.378490][T18885] Bluetooth: hci3: command tx timeout
[ 1503.396325][   T49] hsr_slave_0: left promiscuous mode
[ 1503.406309][ T5083] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1503.416489][   T49] hsr_slave_1: left promiscuous mode
[ 1503.431066][ T5083] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1503.439442][ T5083] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1503.447296][ T5083] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1503.447330][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1503.488113][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1503.519189][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1503.537182][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1503.565008][   T49] bridge_slave_1: left allmulticast mode
[ 1503.571358][   T49] bridge_slave_1: left promiscuous mode
[ 1503.577541][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1503.597892][   T49] bridge_slave_0: left allmulticast mode
[ 1503.603623][   T49] bridge_slave_0: left promiscuous mode
[ 1503.610337][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1503.653698][   T49] veth1_macvtap: left promiscuous mode
[ 1503.659927][   T49] veth0_macvtap: left promiscuous mode
[ 1503.665633][   T49] veth1_vlan: left promiscuous mode
[ 1503.672972][   T49] veth0_vlan: left promiscuous mode
[ 1504.633130][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 1504.701377][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 1504.773713][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1504.845447][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1505.678796][ T5785] Bluetooth: hci2: command tx timeout
[ 1505.769831][   T49] bond0 (unregistering): Released all slaves
[ 1506.301780][T20961] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1506.424193][T20961] 8021q: adding VLAN 0 to HW filter on device team0
[ 1506.508283][T10897] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1506.515549][T10897] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1506.642574][ T4322] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1506.649787][ T4322] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1506.696852][   T23] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1506.917589][   T23] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[ 1506.925955][   T23] usb 7-1: config 220 contains an unexpected descriptor of type 0x1, skipping
[ 1506.945888][T21041] chnl_net:caif_netlink_parms(): no params data found
[ 1506.946757][   T23] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1506.987286][   T23] usb 7-1: config 220 has no interface number 2
[ 1506.993725][   T23] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1507.026279][   T23] usb 7-1: config 220 interface 0 has no altsetting 0
[ 1507.036735][   T23] usb 7-1: config 220 interface 76 has no altsetting 0
[ 1507.043672][   T23] usb 7-1: config 220 interface 1 has no altsetting 0
[ 1507.368051][   T23] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1507.405837][   T23] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1509.287027][ T5785] Bluetooth: hci2: command tx timeout
[ 1509.296643][   T23] usb 7-1: Product: syz
[ 1509.301125][   T23] usb 7-1: Manufacturer: syz
[ 1509.305772][   T23] usb 7-1: SerialNumber: syz
[ 1510.329471][T21041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1510.586202][T21041] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1510.917444][T21041] bridge_slave_0: entered allmulticast mode
[ 1510.981486][T21041] bridge_slave_0: entered promiscuous mode
[ 1511.020829][T21041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1511.054707][   T23] usb 7-1: can't set config #220, error -71
[ 1511.066023][T21041] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1511.096116][   T23] usb 7-1: USB disconnect, device number 19
[ 1511.124793][T21041] bridge_slave_1: entered allmulticast mode
[ 1511.168497][T21041] bridge_slave_1: entered promiscuous mode
[ 1511.299381][ T5785] Bluetooth: hci2: command tx timeout
[ 1511.329090][T21041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1511.407981][T21041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1511.738156][T21041] team0: Port device team_slave_0 added
[ 1511.746931][   T23] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1511.760370][T20961] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1511.801360][T21041] team0: Port device team_slave_1 added
[ 1511.925796][   T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1511.976982][   T23] usb 7-1: Using ep0 maxpacket: 32
[ 1512.111089][   T23] usb 7-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[ 1512.126882][   T23] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1512.135310][   T23] usb 7-1: Product: syz
[ 1512.139688][T21041] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1512.139706][T21041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1512.139734][T21041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1512.237107][   T23] usb 7-1: Manufacturer: syz
[ 1512.242817][   T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.256398][   T23] usb 7-1: SerialNumber: syz
[ 1512.397343][T21041] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1512.404396][T21041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1512.442529][T21041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1512.547740][   T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.687453][   T23] usb 7-1: USB disconnect, device number 20
[ 1512.808361][   T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.929335][T21127] udevd[21127]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1513.013920][T21041] hsr_slave_0: entered promiscuous mode
[ 1513.057198][T21041] hsr_slave_1: entered promiscuous mode
[ 1513.074060][T21041] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1513.105841][T21041] Cannot create hsr debugfs directory
[ 1513.377428][ T5785] Bluetooth: hci2: command tx timeout
[ 1513.567657][T20961] veth0_vlan: entered promiscuous mode
[ 1513.636359][T20961] veth1_vlan: entered promiscuous mode
[ 1513.674496][T21146] loop6: detected capacity change from 0 to 1024
[ 1513.774096][   T49] tipc: Left network mode
[ 1513.813175][T21146] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1513.866187][T21146] ext4 filesystem being mounted at /414/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1513.897376][   T27] audit: type=1800 audit(1778045623.770:79): pid=21146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4317" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1513.986816][T21150] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[ 1514.118237][T15152] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1514.176182][T21041] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1514.234670][T21041] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1514.312003][T21041] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1514.337314][T21041] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1514.362373][T20961] veth0_macvtap: entered promiscuous mode
[ 1514.413702][T20961] veth1_macvtap: entered promiscuous mode
[ 1514.599841][T20961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1514.631177][T20961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.661382][T20961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1514.672373][T20961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.682791][T20961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1514.699006][T20961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.724145][T20961] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1515.387617][T20961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1515.411434][T20961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1515.427258][T20961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1515.437970][T20961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1515.449362][T20961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1515.461273][T20961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1515.473111][T20961] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1515.485174][T20961] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.497528][T20961] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.506483][T20961] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.515958][T20961] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.927576][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1515.935566][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1516.154921][T21041] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1516.200028][ T1083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1516.246813][ T1083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1516.333876][T21041] 8021q: adding VLAN 0 to HW filter on device team0
[ 1516.434679][   T49] hsr_slave_0: left promiscuous mode
[ 1516.447829][   T49] hsr_slave_1: left promiscuous mode
[ 1516.463959][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1516.481734][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1516.513073][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1516.526883][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1516.551555][   T49] bridge_slave_1: left allmulticast mode
[ 1516.575446][   T49] bridge_slave_1: left promiscuous mode
[ 1516.595740][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1516.619192][   T49] bridge_slave_0: left allmulticast mode
[ 1516.624981][   T49] bridge_slave_0: left promiscuous mode
[ 1516.636175][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1516.703210][   T49] veth1_macvtap: left promiscuous mode
[ 1516.713996][   T49] veth0_macvtap: left promiscuous mode
[ 1516.722670][   T49] veth1_vlan: left promiscuous mode
[ 1516.734680][   T49] veth0_vlan: left promiscuous mode
[ 1518.826388][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1518.921378][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1521.751458][   T49] bond0 (unregistering): Released all slaves
[ 1522.401483][ T1083] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1522.409011][ T1083] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1522.518839][ T1083] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1522.526257][ T1083] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1525.344097][T21041] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1526.490125][T21041] veth0_vlan: entered promiscuous mode
[ 1526.507513][   T35] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1526.538701][T21041] veth1_vlan: entered promiscuous mode
[ 1526.625352][T21041] veth0_macvtap: entered promiscuous mode
[ 1526.673086][T21041] veth1_macvtap: entered promiscuous mode
[ 1526.709255][   T35] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1526.720012][   T35] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1526.741431][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1526.756930][   T35] usb 7-1: config 0 has no interfaces?
[ 1526.767309][   T35] usb 7-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40
[ 1526.773578][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.776403][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1526.776428][   T35] usb 7-1: Product: syz
[ 1526.796834][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1526.836780][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.856902][   T35] usb 7-1: Manufacturer: syz
[ 1526.861583][   T35] usb 7-1: SerialNumber: syz
[ 1526.872138][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1526.883850][   T35] usb 7-1: config 0 descriptor??
[ 1526.913647][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.946152][T21041] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1526.964883][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.990458][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1527.007353][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1527.026848][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1527.048296][T21041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1527.076913][T21041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1527.100489][T21041] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1527.132491][ T5843] usb 7-1: USB disconnect, device number 21
[ 1527.154727][T21041] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.189052][T21041] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.205134][T21041] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.225613][T21041] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.447814][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.455724][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1527.547653][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.555551][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1530.040422][T21286] loop7: detected capacity change from 0 to 256
[ 1533.083236][T21286] FAT-fs (loop7): Directory bread(block 64) failed
[ 1533.693823][T21286] FAT-fs (loop7): Directory bread(block 65) failed
[ 1533.945861][T21286] FAT-fs (loop7): Directory bread(block 66) failed
[ 1533.980403][T21286] FAT-fs (loop7): Directory bread(block 67) failed
[ 1534.048625][T21286] FAT-fs (loop7): Directory bread(block 68) failed
[ 1534.089110][T21286] FAT-fs (loop7): Directory bread(block 69) failed
[ 1534.109857][T21286] FAT-fs (loop7): Directory bread(block 70) failed
[ 1534.146828][T21286] FAT-fs (loop7): Directory bread(block 71) failed
[ 1534.216961][T21286] FAT-fs (loop7): Directory bread(block 72) failed
[ 1534.288148][T21286] FAT-fs (loop7): Directory bread(block 73) failed
[ 1536.707703][T21341] loop7: detected capacity change from 0 to 512
[ 1539.212026][T21341] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1542.493134][T21360] loop8: detected capacity change from 0 to 32768
[ 1542.559031][T21360]  loop8: p1 p2 p3 < p5 p6 >
[ 1542.567015][T21360] loop8: p2 size 16775168 extends beyond EOD, truncated
[ 1542.578617][T21360] loop8: p5 start 4294970168 is beyond EOD, truncated
[ 1544.269586][T21385] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 1544.285502][T21387] netlink: 64 bytes leftover after parsing attributes in process `syz.8.4366'.
[ 1544.325171][T21095] udevd[21095]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[ 1544.326214][T21123] udevd[21123]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[ 1544.339704][T21129] udevd[21129]: inotify_add_watch(7, /dev/loop8p6, 10) failed: No such file or directory
[ 1544.362848][T21127] udevd[21127]: inotify_add_watch(7, /dev/loop8p3, 10) failed: No such file or directory
[ 1544.956887][T21394] loop7: detected capacity change from 0 to 40427
[ 1546.311291][T20960] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1546.341967][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.348718][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.781659][T21424] loop8: detected capacity change from 0 to 512
[ 1546.812744][T21434] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4377'.
[ 1546.867883][T21424] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1546.982599][T21424] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[ 1547.345279][T21424] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1547.494539][T21424] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[ 1547.552485][T21446] loop6: detected capacity change from 0 to 512
[ 1547.559328][T21424] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -2
[ 1547.593683][T21446] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1547.643419][T21424] EXT4-fs (loop8): 1 truncate cleaned up
[ 1547.686362][T21424] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1547.872107][T21446] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1547.944743][T21446] ext4 filesystem being mounted at /436/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1548.257635][T21041] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1548.338760][ T5785] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1548.508018][T15152] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1550.379691][T21485] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4386'.
[ 1554.470509][T21522] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4396'.
[ 1559.958290][T21574] netlink: 64 bytes leftover after parsing attributes in process `syz.7.4407'.
[ 1560.590706][T21582] ip6tnl1: entered allmulticast mode
[ 1561.637189][ T3490] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1561.704837][ T3490] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1561.715238][   T35] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1561.813713][T21588] loop7: detected capacity change from 0 to 16
[ 1561.910466][T21588] erofs: (device loop7): mounted with root inode @ nid 36.
[ 1562.017631][T21588] erofs: (device loop7): erofs_fill_dentries: bogus dirent @ nid 36
[ 1562.417120][   T35] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1562.507870][   T35] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1562.555923][T21597] loop7: detected capacity change from 0 to 1024
[ 1562.597906][T21597] EXT4-fs: Ignoring removed orlov option
[ 1562.749409][T21597] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1563.153817][T20961] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1563.457767][T21613] netlink: 64 bytes leftover after parsing attributes in process `syz.7.4416'.
[ 1564.974366][T21624] loop7: detected capacity change from 0 to 256
[ 1565.248793][T21624] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[ 1565.897094][T21624] loop7: detected capacity change from 256 to 64
[ 1565.956980][T21631] syz.7.4418: attempt to access beyond end of device
[ 1565.956980][T21631] loop7: rw=524288, sector=161, nr_sectors = 1 limit=64
[ 1566.001842][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.001842][T21631] loop7: rw=524288, sector=162, nr_sectors = 1 limit=64
[ 1566.083180][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.083180][T21631] loop7: rw=524288, sector=163, nr_sectors = 1 limit=64
[ 1566.096881][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1566.128372][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.128372][T21631] loop7: rw=524288, sector=164, nr_sectors = 1 limit=64
[ 1566.199218][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.199218][T21631] loop7: rw=524288, sector=165, nr_sectors = 1 limit=64
[ 1566.272452][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.272452][T21631] loop7: rw=524288, sector=166, nr_sectors = 1 limit=64
[ 1566.335947][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.335947][T21631] loop7: rw=524288, sector=167, nr_sectors = 1 limit=64
[ 1566.389139][T21631] syz.7.4418: attempt to access beyond end of device
[ 1566.389139][T21631] loop7: rw=0, sector=161, nr_sectors = 1 limit=64
[ 1566.744491][T20961] syz-executor: attempt to access beyond end of device
[ 1566.744491][T20961] loop7: rw=0, sector=161, nr_sectors = 1 limit=64
[ 1567.433938][T20961] syz-executor: attempt to access beyond end of device
[ 1567.433938][T20961] loop7: rw=0, sector=161, nr_sectors = 1 limit=64
[ 1567.976765][T21165] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1568.194022][T21653] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4425'.
[ 1568.309825][T21165] usb 9-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[ 1568.359640][T21165] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1568.939356][T21165] usb 9-1: Product: syz
[ 1568.971911][T21165] usb 9-1: Manufacturer: syz
[ 1569.216761][T21165] usb 9-1: SerialNumber: syz
[ 1570.005060][T21165] (unnamed net_device) (uninitialized): Assigned a random MAC address: 7e:7c:67:6c:1f:2f
[ 1570.143480][ T3490] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1573.357946][T21165] rtl8150 9-1:1.0: eth21: rtl8150 is detected
[ 1573.426276][T21165] usb 9-1: USB disconnect, device number 2
[ 1573.901914][ T3490] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.002097][T21685] loop8: detected capacity change from 0 to 256
[ 1574.050671][T21685] exfat: Deprecated parameter 'namecase'
[ 1574.074595][T21685] exfat: Deprecated parameter 'namecase'
[ 1574.100847][T21685] exfat: Deprecated parameter 'namecase'
[ 1574.283245][T21685] exFAT-fs (loop8): failed to load upcase table (idx : 0x0001fe89, chksum : 0x5174a95f, utbl_chksum : 0xe619d30d)
[ 1574.310647][ T3490] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.454648][T21687] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4435'.
[ 1574.686326][ T3490] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.772500][ T5083] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1574.785542][ T5083] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1574.863055][ T5083] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1574.882221][ T5083] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1575.716845][ T5083] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1575.726948][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1575.776918][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1576.510273][T21710] syzkaller0: entered promiscuous mode
[ 1576.515845][T21710] syzkaller0: entered allmulticast mode
[ 1577.151478][T21705] loop8: detected capacity change from 0 to 4096
[ 1577.382608][T21705] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1577.928727][ T5785] Bluetooth: hci3: command tx timeout
[ 1579.770823][T21041] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1580.017210][ T5785] Bluetooth: hci3: command tx timeout
[ 1582.097505][ T5785] Bluetooth: hci3: command tx timeout
[ 1582.117688][T21733] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4444'.
[ 1584.187242][ T5785] Bluetooth: hci3: command tx timeout
[ 1587.996965][T21762] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4451'.
[ 1588.217132][T21769] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4454'.
[ 1591.572016][T21694] chnl_net:caif_netlink_parms(): no params data found
[ 1591.755382][T10737] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1591.995874][T10737] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1592.034517][T10737] usb 9-1: unable to read config index 0 descriptor/start: -71
[ 1592.046914][T10737] usb 9-1: can't read configurations, error -71
[ 1592.417149][T21818] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[ 1592.425505][T21818] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1593.394602][T21694] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1593.409544][T21694] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1593.411457][T21821] loop6: detected capacity change from 0 to 256
[ 1593.423772][T21694] bridge_slave_0: entered allmulticast mode
[ 1593.431508][T21694] bridge_slave_0: entered promiscuous mode
[ 1593.464818][T21694] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1593.492858][T21694] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1593.518656][T21821] FAT-fs (loop6): Directory bread(block 64) failed
[ 1593.523324][T21694] bridge_slave_1: entered allmulticast mode
[ 1593.525259][T21821] FAT-fs (loop6): Directory bread(block 65) failed
[ 1593.558903][T21694] bridge_slave_1: entered promiscuous mode
[ 1593.572042][T21821] FAT-fs (loop6): Directory bread(block 66) failed
[ 1593.640052][T21821] FAT-fs (loop6): Directory bread(block 67) failed
[ 1593.653091][T21821] FAT-fs (loop6): Directory bread(block 68) failed
[ 1593.659875][T21821] FAT-fs (loop6): Directory bread(block 69) failed
[ 1593.672896][T21821] FAT-fs (loop6): Directory bread(block 70) failed
[ 1593.681423][T21821] FAT-fs (loop6): Directory bread(block 71) failed
[ 1593.692346][T21821] FAT-fs (loop6): Directory bread(block 72) failed
[ 1593.734273][T21821] FAT-fs (loop6): Directory bread(block 73) failed
[ 1594.758338][T21694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1594.771318][T21694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1594.877883][T21694] team0: Port device team_slave_0 added
[ 1594.893573][T21694] team0: Port device team_slave_1 added
[ 1594.998090][T21694] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1595.005221][T21694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1595.033970][T21694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1595.060783][T21694] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1595.086749][T21694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1595.137125][T21694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1596.962363][T21847] loop8: detected capacity change from 0 to 256
[ 1597.069233][T21847] exFAT-fs (loop8): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[ 1597.442457][T21694] hsr_slave_0: entered promiscuous mode
[ 1597.467796][T21694] hsr_slave_1: entered promiscuous mode
[ 1597.491244][T21694] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1597.506767][T21694] Cannot create hsr debugfs directory
[ 1597.975561][T21859] loop6: detected capacity change from 0 to 512
[ 1598.583501][ T3490] hsr_slave_0: left promiscuous mode
[ 1598.640716][ T3490] hsr_slave_1: left promiscuous mode
[ 1598.687245][ T3490] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1598.707021][ T3490] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1598.728285][ T3490] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1598.735957][ T3490] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1598.751895][ T3490] bridge_slave_1: left allmulticast mode
[ 1598.758507][ T3490] bridge_slave_1: left promiscuous mode
[ 1598.764383][ T3490] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1598.785325][ T3490] bridge_slave_0: left allmulticast mode
[ 1598.794027][ T3490] bridge_slave_0: left promiscuous mode
[ 1598.806686][ T3490] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1598.884538][ T3490] veth1_macvtap: left promiscuous mode
[ 1598.893010][ T3490] veth0_macvtap: left promiscuous mode
[ 1598.903460][ T3490] veth1_vlan: left promiscuous mode
[ 1598.915494][ T3490] veth0_vlan: left promiscuous mode
[ 1600.842210][ T3490] team0 (unregistering): Port device team_slave_1 removed
[ 1600.937332][ T3490] team0 (unregistering): Port device team_slave_0 removed
[ 1601.029574][ T3490] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1601.115981][ T3490] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1601.700766][ T3490] bond0 (unregistering): Released all slaves
[ 1603.371758][T21694] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1603.384332][T21694] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1603.412319][T21694] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1603.439729][T21694] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1603.695762][T21694] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1603.808415][T21694] 8021q: adding VLAN 0 to HW filter on device team0
[ 1603.863598][ T3490] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1603.870893][ T3490] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1603.980112][ T3490] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1603.987399][ T3490] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1605.551678][T21694] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1607.244923][T21694] veth0_vlan: entered promiscuous mode
[ 1607.330027][T21694] veth1_vlan: entered promiscuous mode
[ 1607.577375][T21694] veth0_macvtap: entered promiscuous mode
[ 1607.855428][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.862277][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.829799][T21694] veth1_macvtap: entered promiscuous mode
[ 1609.232051][T21694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.273336][T21694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.338395][T21694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.357585][T21694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.382065][T21694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1609.397745][T21694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.413310][T21694] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1609.427000][T21694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.438296][T21694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.462454][T21694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.482040][T21694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.506785][T21694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1609.522739][T21694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1609.535535][T21694] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1609.587204][T21694] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1609.607136][T21694] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1609.615937][T21694] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1609.654308][T21694] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1609.916878][ T1083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1609.924753][ T1083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1610.082781][T20960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1610.099148][T20960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1618.957472][T22105] kvm: kvm [22102]: vcpu0, guest rIP: 0x5474b Unhandled WRMSR(0x186) = 0xd637fe
[ 1620.388880][ T1083] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1621.066323][ T1083] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1621.460815][ T1083] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1621.736203][ T1083] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1621.776108][ T5083] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1621.793639][ T5083] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1621.818274][ T5083] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1621.860500][ T5083] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1621.870119][ T5083] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1621.878383][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1623.687638][T22197] kvm: kvm [22193]: vcpu3, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010002) = 0xffffff
[ 1623.882568][T22194] kvm: pic: single mode not supported
[ 1623.937232][ T5083] Bluetooth: hci3: command tx timeout
[ 1623.990378][T22194] kvm: pic: level sensitive irq not supported
[ 1623.990550][T22194] kvm: pic: single mode not supported
[ 1623.997632][T22194] kvm: pic: level sensitive irq not supported
[ 1624.009780][T22194] kvm: pic: single mode not supported
[ 1624.015989][T22194] kvm: pic: level sensitive irq not supported
[ 1624.036958][T22194] kvm: pic: single mode not supported
[ 1624.043182][T22194] kvm: pic: level sensitive irq not supported
[ 1624.097183][T22194] kvm: pic: single mode not supported
[ 1624.103901][T22194] kvm: pic: level sensitive irq not supported
[ 1624.152183][T22194] kvm: pic: single mode not supported
[ 1624.158968][T22194] kvm: pic: level sensitive irq not supported
[ 1624.200159][T22194] kvm: pic: single mode not supported
[ 1624.207371][T22194] kvm: pic: level sensitive irq not supported
[ 1624.234503][T22194] kvm: pic: single mode not supported
[ 1624.241093][T22194] kvm: pic: level sensitive irq not supported
[ 1624.274315][T22194] kvm: pic: level sensitive irq not supported
[ 1624.309802][T22194] kvm: pic: single mode not supported
[ 1624.316111][T22194] kvm: pic: level sensitive irq not supported
[ 1624.414481][T22156] chnl_net:caif_netlink_parms(): no params data found
[ 1624.442687][T22220] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1624.971556][T22156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1624.997212][T22156] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1625.004535][T22156] bridge_slave_0: entered allmulticast mode
[ 1625.029048][T22156] bridge_slave_0: entered promiscuous mode
[ 1625.173091][T22156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1625.193305][T22156] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1625.218265][T22156] bridge_slave_1: entered allmulticast mode
[ 1625.246718][T22156] bridge_slave_1: entered promiscuous mode
[ 1625.474999][T22156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1625.551224][T22156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1625.836061][T22264] overlayfs: failed to get inode (-116)
[ 1625.851474][T22156] team0: Port device team_slave_0 added
[ 1625.863666][T22264] overlayfs: failed to get inode (-116)
[ 1625.874698][T22156] team0: Port device team_slave_1 added
[ 1625.942097][ T1083] hsr_slave_0: left promiscuous mode
[ 1626.016742][ T5083] Bluetooth: hci3: command tx timeout
[ 1626.032278][ T1083] hsr_slave_1: left promiscuous mode
[ 1626.094949][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1626.116823][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1626.147634][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1626.162852][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1626.171315][ T1083] bridge_slave_1: left allmulticast mode
[ 1626.177707][ T1083] bridge_slave_1: left promiscuous mode
[ 1626.183567][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1626.208527][ T1083] bridge_slave_0: left allmulticast mode
[ 1626.224880][ T1083] bridge_slave_0: left promiscuous mode
[ 1626.241803][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1626.357347][   T35] usb 7-1: new full-speed USB device number 22 using dummy_hcd
[ 1626.383605][ T1083] veth1_macvtap: left promiscuous mode
[ 1626.392659][ T1083] veth0_macvtap: left promiscuous mode
[ 1626.411180][ T1083] veth1_vlan: left promiscuous mode
[ 1626.434104][ T1083] veth0_vlan: left promiscuous mode
[ 1626.612826][   T35] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1626.641233][   T35] usb 7-1: not running at top speed; connect to a high speed hub
[ 1626.661701][   T35] usb 7-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1626.677320][   T35] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1626.730377][   T35] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1626.772327][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1626.800896][   T35] usb 7-1: Product: syz
[ 1626.805301][   T35] usb 7-1: Manufacturer: syz
[ 1626.810122][   T35] usb 7-1: SerialNumber: syz
[ 1626.929407][T22273] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1627.297818][   T35] cdc_ether: probe of 7-1:1.0 failed with error -22
[ 1627.374549][   T35] usb 7-1: USB disconnect, device number 22
[ 1628.117490][ T5083] Bluetooth: hci3: command tx timeout
[ 1629.122714][ T1083] team0 (unregistering): Port device team_slave_1 removed
[ 1629.240446][ T1083] team0 (unregistering): Port device team_slave_0 removed
[ 1629.889029][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1629.985539][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1630.186024][ T5083] Bluetooth: hci3: command tx timeout
[ 1630.356373][ T5083] Bluetooth: hci2: command 0x0406 tx timeout
[ 1633.380674][T22348] loop6: detected capacity change from 0 to 256
[ 1633.896145][ T1083] bond0 (unregistering): Released all slaves
[ 1634.319288][T22156] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1634.326430][T22156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1634.364997][T22156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1634.523183][T22156] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1634.530561][T22156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1634.644577][T22156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1634.843197][T22300] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1635.122964][T22164] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1635.150688][T22156] hsr_slave_0: entered promiscuous mode
[ 1635.221304][T22156] hsr_slave_1: entered promiscuous mode
[ 1635.311910][T22156] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1635.319701][T22164] Bluetooth: hci2: unexpected event for opcode 0x1407
[ 1635.365973][T22156] Cannot create hsr debugfs directory
[ 1636.967868][T22399] overlayfs: failed to clone upperpath
[ 1637.703673][T22418] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4614'.
[ 1638.333465][T22433] loop6: detected capacity change from 0 to 2048
[ 1638.455290][T22433] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1638.516717][   T27] audit: type=1800 audit(1778045748.390:80): pid=22433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4618" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1638.837447][T22437] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[ 1639.103351][T22156] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1639.119606][T22432] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 524 with max blocks 204 with error 28
[ 1639.140572][T22156] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1639.171569][T22432] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1639.171569][T22432] 
[ 1639.190439][T22156] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1639.200123][T22432] EXT4-fs (loop6): Total free blocks count 0
[ 1639.206269][T22432] EXT4-fs (loop6): Free/Dirty block details
[ 1639.238289][T22156] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1639.273873][T22432] EXT4-fs (loop6): free_blocks=66060288
[ 1639.287416][T22432] EXT4-fs (loop6): dirty_blocks=224
[ 1639.292702][T22432] EXT4-fs (loop6): Block reservation details
[ 1639.301003][T22432] EXT4-fs (loop6): i_reserved_data_blocks=14
[ 1639.385427][T22433] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 728 with max blocks 2 with error 28
[ 1639.436293][T22447] loop8: detected capacity change from 0 to 64
[ 1639.502156][T22447] MINIX-fs: mounting file system with errors, running fsck is recommended
[ 1639.535548][T22156] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1639.674839][T22447] Trying to free block not in datazone
[ 1639.705430][T22447] Trying to free block not in datazone
[ 1639.763385][   T27] audit: type=1800 audit(1778045749.640:81): pid=22456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.4623" name="file1" dev="loop8" ino=5 res=0 errno=0
[ 1639.772591][T22447] Trying to free block not in datazone
[ 1639.797811][T22447] Trying to free block not in datazone
[ 1639.803342][T22447] Trying to free block not in datazone
[ 1639.822826][T22447] Trying to free block not in datazone
[ 1639.844331][T22156] 8021q: adding VLAN 0 to HW filter on device team0
[ 1639.864106][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1639.866794][T22447] Trying to free block not in datazone
[ 1639.871314][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1639.877231][T22447] Trying to free block not in datazone
[ 1639.904573][T22447] Trying to free block not in datazone
[ 1639.916441][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1639.921924][T22455] loop6: detected capacity change from 0 to 4096
[ 1639.923779][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1639.960138][T22447] Trying to free block not in datazone
[ 1640.812224][T22156] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1641.011568][T22156] veth0_vlan: entered promiscuous mode
[ 1641.049711][T22156] veth1_vlan: entered promiscuous mode
[ 1642.081079][T22156] veth0_macvtap: entered promiscuous mode
[ 1642.100776][T22156] veth1_macvtap: entered promiscuous mode
[ 1642.173828][T22156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1642.210335][T22156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1642.221407][T22156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1642.238547][T22156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1642.270836][T22156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1642.289835][T22156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1642.328591][T22156] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1642.352864][T22156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1642.406674][T22156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1642.416575][T22156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1642.450851][T22156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1642.477365][T22156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1642.506794][T22156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1642.533275][T22156] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1642.612844][T22156] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.650281][T22156] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.686782][T22156] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.695589][T22156] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1642.780296][T22500] loop8: detected capacity change from 0 to 128
[ 1642.846283][T22500] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1642.903779][T22500] ext4 filesystem being mounted at /68/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1643.192536][ T1083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1643.229289][ T1083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1643.309131][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1643.321024][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1644.524321][T21041] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1644.607511][T22517] syzkaller0: entered promiscuous mode
[ 1644.613086][T22517] syzkaller0: entered allmulticast mode
[ 1645.706804][   T23] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1645.992693][   T23] usb 7-1: Using ep0 maxpacket: 8
[ 1649.178650][   T23] usb 7-1: unable to read config index 0 descriptor/start: -71
[ 1649.186326][   T23] usb 7-1: can't read configurations, error -71
[ 1651.275359][T18115] usb 2-1: new full-speed USB device number 125 using dummy_hcd
[ 1651.577691][T22547] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4653'.
[ 1651.764574][T22547] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1651.824628][T22551] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1652.094317][T18115] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1652.146176][T18115] usb 2-1: not running at top speed; connect to a high speed hub
[ 1652.190827][T18115] usb 2-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1652.242777][T18115] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1652.265479][T18115] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1652.306775][T18115] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1652.337252][T18115] usb 2-1: Product: syz
[ 1652.341516][T18115] usb 2-1: Manufacturer: syz
[ 1652.346248][T18115] usb 2-1: SerialNumber: syz
[ 1652.407454][T22557] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1652.543556][T22574] loop6: detected capacity change from 0 to 64
[ 1652.636484][T18115] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1652.687249][T18115] usb 2-1: USB disconnect, device number 125
[ 1653.213608][T21889] usb 7-1: new low-speed USB device number 25 using dummy_hcd
[ 1653.421072][T21889] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1653.451110][T21889] usb 7-1: config 0 has no interface number 0
[ 1653.475848][T21889] usb 7-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[ 1653.553552][T21889] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1653.623446][T21889] usb 7-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[ 1653.722029][T21889] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1653.832142][T21889] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1653.912685][T21889] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1653.978679][T21889] usb 7-1: config 0 descriptor??
[ 1654.025525][T22584] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1654.099235][T22584] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1654.287891][T21889] ldusb 7-1:0.55: Interrupt in endpoint not found
[ 1654.691944][   T23] usb 7-1: USB disconnect, device number 25
[ 1655.511728][T22626] loop6: detected capacity change from 0 to 256
[ 1655.644638][T22625] syzkaller0: entered promiscuous mode
[ 1655.650558][T22625] syzkaller0: entered allmulticast mode
[ 1655.866891][T22626] FAT-fs (loop6): Directory bread(block 64) failed
[ 1655.927491][T22626] FAT-fs (loop6): Directory bread(block 65) failed
[ 1655.992130][T22626] FAT-fs (loop6): Directory bread(block 66) failed
[ 1656.055381][T22626] FAT-fs (loop6): Directory bread(block 67) failed
[ 1656.077116][   T23] usb 2-1: new full-speed USB device number 126 using dummy_hcd
[ 1656.108265][T22633] fuse: Bad value for 'fd'
[ 1656.133793][T22626] FAT-fs (loop6): Directory bread(block 68) failed
[ 1656.213962][T22626] FAT-fs (loop6): Directory bread(block 69) failed
[ 1656.266525][T22626] FAT-fs (loop6): Directory bread(block 70) failed
[ 1656.313230][T22633] loop8: detected capacity change from 0 to 512
[ 1656.327405][T22626] FAT-fs (loop6): Directory bread(block 71) failed
[ 1656.347056][   T23] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1656.387107][   T23] usb 2-1: not running at top speed; connect to a high speed hub
[ 1656.396110][T22626] FAT-fs (loop6): Directory bread(block 72) failed
[ 1656.452838][T22626] FAT-fs (loop6): Directory bread(block 73) failed
[ 1656.470395][   T23] usb 2-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1656.585477][   T23] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1656.600492][T22633] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1656.664528][   T23] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1656.705389][T22633] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1656.745134][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1656.783937][   T23] usb 2-1: Product: syz
[ 1656.821361][   T23] usb 2-1: Manufacturer: syz
[ 1656.826055][   T23] usb 2-1: SerialNumber: syz
[ 1656.903359][T22628] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1657.199894][   T23] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1657.237344][   T23] usb 2-1: USB disconnect, device number 126
[ 1659.662685][ T5083] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1659.663869][T22654] loop6: detected capacity change from 0 to 64
[ 1659.717051][ T5083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1659.732595][ T5083] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1659.741769][ T5083] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1659.757758][ T5083] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1659.801421][ T5083] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1659.818395][T22654] MINIX-fs: mounting file system with errors, running fsck is recommended
[ 1659.952440][T22654] Trying to free block not in datazone
[ 1659.977872][T22654] Trying to free block not in datazone
[ 1659.983523][T22654] Trying to free block not in datazone
[ 1659.989267][T22654] Trying to free block not in datazone
[ 1660.002216][T22654] Trying to free block not in datazone
[ 1660.008825][T22654] Trying to free block not in datazone
[ 1660.014474][T22654] Trying to free block not in datazone
[ 1660.035945][T22654] Trying to free block not in datazone
[ 1660.041765][T22654] Trying to free block not in datazone
[ 1660.049024][T22654] Trying to free block not in datazone
[ 1660.428799][   T23] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[ 1660.682582][   T23] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[ 1660.711107][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.719344][   T23] usb 2-1: Product: syz
[ 1660.723567][   T23] usb 2-1: Manufacturer: syz
[ 1660.732919][   T23] usb 2-1: SerialNumber: syz
[ 1660.773096][   T23] r8152-cfgselector 2-1: config 0 descriptor??
[ 1661.038503][T13772] bridge0: port 3(syz_tun) entered disabled state
[ 1661.176539][T13772] syz_tun (unregistering): left allmulticast mode
[ 1661.236707][T13772] syz_tun (unregistering): left promiscuous mode
[ 1661.243279][T13772] bridge0: port 3(syz_tun) entered disabled state
[ 1661.328808][T22657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1661.378835][T22657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1661.475389][T22657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1661.511087][T22657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1661.684122][T22664] syzkaller0: entered promiscuous mode
[ 1661.691270][T22664] syzkaller0: entered allmulticast mode
[ 1661.768788][T22657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1661.879346][T22657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1661.949808][T22164] Bluetooth: hci0: command tx timeout
[ 1662.021459][T22657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1662.087826][T22657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1662.222167][   T23] r8152-cfgselector 2-1: Unknown version 0x0000
[ 1662.291036][   T23] r8152-cfgselector 2-1: USB disconnect, device number 127
[ 1663.028712][T22687] netlink: 48 bytes leftover after parsing attributes in process `syz.8.4687'.
[ 1663.573155][   T23] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[ 1663.789808][   T23] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1663.803847][   T23] usb 2-1: not running at top speed; connect to a high speed hub
[ 1663.814045][   T23] usb 2-1: config 1 interface 0 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1663.858237][   T23] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1663.879855][   T23] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1663.895617][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1663.914093][   T23] usb 2-1: Product: syz
[ 1663.927044][   T23] usb 2-1: Manufacturer: syz
[ 1663.936951][   T23] usb 2-1: SerialNumber: syz
[ 1664.002672][T22692] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1664.036960][T22164] Bluetooth: hci0: command tx timeout
[ 1664.268170][   T23] cdc_ether: probe of 2-1:1.0 failed with error -22
[ 1664.297194][   T23] usb 2-1: USB disconnect, device number 2
[ 1665.369640][T22721] loop1: detected capacity change from 0 to 64
[ 1665.467452][T22721] MINIX-fs: mounting file system with errors, running fsck is recommended
[ 1665.521262][T22721] Trying to free block not in datazone
[ 1665.541969][T22721] Trying to free block not in datazone
[ 1665.552375][T22721] Trying to free block not in datazone
[ 1665.570853][T22721] Trying to free block not in datazone
[ 1665.601877][T22721] Trying to free block not in datazone
[ 1665.607972][T22721] Trying to free block not in datazone
[ 1665.649782][T22721] Trying to free block not in datazone
[ 1665.655585][T22721] Trying to free block not in datazone
[ 1665.689339][T22721] Trying to free block not in datazone
[ 1665.711329][T22721] Trying to free block not in datazone
[ 1666.106984][T22164] Bluetooth: hci0: command tx timeout
[ 1667.071734][T22651] chnl_net:caif_netlink_parms(): no params data found
[ 1667.446363][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.676878][   T23] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1667.701631][T22741] loop6: detected capacity change from 0 to 128
[ 1667.776947][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.779813][T22741] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[ 1667.837488][T22744] loop1: detected capacity change from 0 to 8
[ 1667.867119][   T23] usb 9-1: Using ep0 maxpacket: 8
[ 1667.876458][   T23] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[ 1667.885435][   T23] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1667.896866][   T23] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1667.907220][   T23] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1667.922421][   T23] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1667.940093][   T23] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1667.949543][   T23] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1667.995044][   T27] audit: type=1800 audit(1778045777.870:82): pid=22741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4695" name="file2" dev="loop6" ino=95 res=0 errno=0
[ 1668.184618][T22164] Bluetooth: hci0: command tx timeout
[ 1668.199983][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1668.215663][   T23] usb 9-1: usb_control_msg returned -32
[ 1668.222060][   T23] usbtmc 9-1:16.0: can't read capabilities
[ 1668.236468][T22651] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1668.300159][T22651] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1668.321945][T22651] bridge_slave_0: entered allmulticast mode
[ 1668.345306][T22651] bridge_slave_0: entered promiscuous mode
[ 1668.413076][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1668.428873][T22651] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1668.436319][T22651] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1668.455728][T22651] bridge_slave_1: entered allmulticast mode
[ 1668.463532][T22651] bridge_slave_1: entered promiscuous mode
[ 1668.637409][T22651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1668.668972][T22651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1668.745753][T22763] nbd1: detected capacity change from 0 to 63
[ 1668.787862][T18115] usb 9-1: USB disconnect, device number 5
[ 1668.801432][T22651] team0: Port device team_slave_0 added
[ 1668.804439][T22766] block nbd1: NBD_DISCONNECT
[ 1668.814987][T22737] usbtmc 9-1:16.0: usbtmc_ioctl_request failed -71
[ 1668.843559][T22766] block nbd1: Disconnected due to user request.
[ 1668.856415][T22651] team0: Port device team_slave_1 added
[ 1668.885045][T22766] block nbd1: shutting down sockets
[ 1668.958663][    C1] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1668.968202][    C1] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1668.976020][    C1] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1668.985440][    C1] Buffer I/O error on dev nbd1, logical block 1, async page read
[ 1668.993290][    C1] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1669.002420][    C1] Buffer I/O error on dev nbd1, logical block 2, async page read
[ 1669.010263][    C1] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1669.019405][    C1] Buffer I/O error on dev nbd1, logical block 3, async page read
[ 1669.073531][ T1057] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1669.075880][T22651] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1669.085311][ T1057] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1669.102593][ T1057] Buffer I/O error on dev nbd1, logical block 1, async page read
[ 1669.111015][ T1057] Buffer I/O error on dev nbd1, logical block 2, async page read
[ 1669.119267][ T1057] Buffer I/O error on dev nbd1, logical block 3, async page read
[ 1669.130278][ T1057] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1669.140091][ T1057] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1669.144305][T22651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1669.148665][ T1057] Buffer I/O error on dev nbd1, logical block 1, async page read
[ 1669.184111][ T1057] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1669.193567][ T1057] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1669.203211][ T1057] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1669.213107][ T1057] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1669.225922][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.232845][T21095] ldm_validate_partition_table(): Disk read failed.
[ 1669.239926][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.252012][T21095] Dev nbd1: unable to read RDB block 0
[ 1669.258832][T21095]  nbd1: unable to read partition table
[ 1669.273015][T21095] ldm_validate_partition_table(): Disk read failed.
[ 1669.282383][T21095] Dev nbd1: unable to read RDB block 0
[ 1669.290455][T21095]  nbd1: unable to read partition table
[ 1669.329216][T22651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1669.344393][T22651] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1669.351676][T22651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1669.379105][T22651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1669.399100][   T11] tipc: Left network mode
[ 1669.427106][T22164] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 1669.503986][T22651] hsr_slave_0: entered promiscuous mode
[ 1669.520755][T22651] hsr_slave_1: entered promiscuous mode
[ 1669.574067][T22651] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1669.594936][T22651] Cannot create hsr debugfs directory
[ 1671.073670][T22799] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4706'.
[ 1671.347189][T21062] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 1671.561747][T22811] loop8: detected capacity change from 0 to 512
[ 1671.636750][T21062] usb 7-1: Using ep0 maxpacket: 16
[ 1671.641118][T22811] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1671.649423][T21062] usb 7-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1671.703477][T21062] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1671.732161][T21062] usb 7-1: Product: syz
[ 1671.736439][T21062] usb 7-1: Manufacturer: syz
[ 1671.756498][T21062] usb 7-1: SerialNumber: syz
[ 1671.788049][T22811] 
[ 1671.790462][T22811] ======================================================
[ 1671.797602][T22811] WARNING: possible circular locking dependency detected
[ 1671.803932][T21062] usb 7-1: config 0 descriptor??
[ 1671.804717][T22811] syzkaller #0 Not tainted
[ 1671.804729][T22811] ------------------------------------------------------
[ 1671.804737][T22811] syz.8.4709/22811 is trying to acquire lock:
[ 1671.804748][T22811] ffff88805baa2c58 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1a4/0x350
[ 1671.837395][T22811] 
[ 1671.837395][T22811] but task is already holding lock:
[ 1671.844859][T22811] ffff88802f9a32c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[ 1671.854749][T22811] 
[ 1671.854749][T22811] which lock already depends on the new lock.
[ 1671.854749][T22811] 
[ 1671.865178][T22811] 
[ 1671.865178][T22811] the existing dependency chain (in reverse order) is:
[ 1671.874220][T22811] 
[ 1671.874220][T22811] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[ 1671.881797][T22811]        down_write+0x97/0x200
[ 1671.886685][T22811]        ext4_destroy_inline_data+0x28/0xe0
[ 1671.892607][T22811]        ext4_do_writepages+0x4f0/0x3990
[ 1671.898251][T22811]        ext4_writepages+0x1dd/0x350
[ 1671.903636][T22811]        do_writepages+0x3b3/0x630
[ 1671.908810][T22811]        filemap_fdatawrite_wbc+0x122/0x180
[ 1671.914725][T22811]        filemap_flush+0xe4/0x150
[ 1671.919770][T22811]        ext4_release_file+0x82/0x310
[ 1671.925159][T22811]        __fput+0x234/0x970
[ 1671.929783][T22811]        task_work_run+0x1d4/0x260
[ 1671.934928][T22811]        exit_to_user_mode_loop+0xe6/0x110
[ 1671.940897][T22811]        exit_to_user_mode_prepare+0xee/0x180
[ 1671.946983][T22811]        syscall_exit_to_user_mode+0x1a/0x50
[ 1671.953232][T22811]        do_syscall_64+0x61/0xa0
[ 1671.958199][T22811]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1671.964700][T22811] 
[ 1671.964700][T22811] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 1671.973139][T22811]        __lock_acquire+0x2df1/0x7d40
[ 1671.978525][T22811]        lock_acquire+0x19e/0x420
[ 1671.983646][T22811]        percpu_down_read+0x44/0x1a0
[ 1671.989012][T22811]        ext4_writepages+0x1a4/0x350
[ 1671.994344][T22811]        do_writepages+0x3b3/0x630
[ 1671.999516][T22811]        __writeback_single_inode+0x153/0xec0
[ 1672.005631][T22811]        writeback_single_inode+0x21f/0x760
[ 1672.011543][T22811]        write_inode_now+0x183/0x210
[ 1672.016845][T22811]        iput+0x5ae/0x920
[ 1672.021268][T22811]        ext4_xattr_block_set+0x249e/0x32b0
[ 1672.027199][T22811]        ext4_expand_extra_isize_ea+0x12c5/0x1e80
[ 1672.033630][T22811]        __ext4_expand_extra_isize+0x306/0x400
[ 1672.039802][T22811]        __ext4_mark_inode_dirty+0x45d/0x6e0
[ 1672.045802][T22811]        ext4_evict_inode+0x7f3/0xea0
[ 1672.051187][T22811]        evict+0x4ca/0x8d0
[ 1672.055616][T22811]        ext4_orphan_cleanup+0xbec/0x1420
[ 1672.061348][T22811]        ext4_fill_super+0x5eea/0x67b0
[ 1672.066819][T22811]        get_tree_bdev+0x3f3/0x520
[ 1672.072069][T22811]        vfs_get_tree+0x8c/0x280
[ 1672.077208][T22811]        do_new_mount+0x24b/0xa40
[ 1672.082262][T22811]        __se_sys_mount+0x2e7/0x3d0
[ 1672.087502][T22811]        do_syscall_64+0x55/0xa0
[ 1672.092668][T22811]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1672.099413][T22811] 
[ 1672.099413][T22811] other info that might help us debug this:
[ 1672.099413][T22811] 
[ 1672.109773][T22811]  Possible unsafe locking scenario:
[ 1672.109773][T22811] 
[ 1672.117239][T22811]        CPU0                    CPU1
[ 1672.122622][T22811]        ----                    ----
[ 1672.128016][T22811]   lock(&ei->xattr_sem);
[ 1672.132380][T22811]                                lock(&sbi->s_writepages_rwsem);
[ 1672.140203][T22811]                                lock(&ei->xattr_sem);
[ 1672.147117][T22811]   rlock(&sbi->s_writepages_rwsem);
[ 1672.152602][T22811] 
[ 1672.152602][T22811]  *** DEADLOCK ***
[ 1672.152602][T22811] 
[ 1672.160846][T22811] 3 locks held by syz.8.4709/22811:
[ 1672.166066][T22811]  #0: ffff88805baa00e0 (&type->s_umount_key#31){++++}-{3:3}, at: get_tree_bdev+0x353/0x520
[ 1672.176201][T22811]  #1: ffff88805baa0608 (sb_internal){++++}-{0:0}, at: ext4_evict_inode+0x2bf/0xea0
[ 1672.185822][T22811]  #2: ffff88802f9a32c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0
[ 1672.196162][T22811] 
[ 1672.196162][T22811] stack backtrace:
[ 1672.202068][T22811] CPU: 1 PID: 22811 Comm: syz.8.4709 Not tainted syzkaller #0
[ 1672.209556][T22811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1672.219718][T22811] Call Trace:
[ 1672.223013][T22811]  <TASK>
[ 1672.226049][T22811]  dump_stack_lvl+0x18c/0x250
[ 1672.230775][T22811]  ? load_image+0x420/0x420
[ 1672.235335][T22811]  ? show_regs_print_info+0x20/0x20
[ 1672.240560][T22811]  ? print_circular_bug+0x12b/0x1a0
[ 1672.245785][T22811]  check_noncircular+0x2fc/0x400
[ 1672.250803][T22811]  ? look_up_lock_class+0x75/0x140
[ 1672.255931][T22811]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1672.261153][T22811]  ? lockdep_lock+0xf5/0x230
[ 1672.265762][T22811]  ? _find_first_zero_bit+0xd3/0x100
[ 1672.271093][T22811]  __lock_acquire+0x2df1/0x7d40
[ 1672.276059][T22811]  ? mark_lock+0x94/0x320
[ 1672.280412][T22811]  ? verify_lock_unused+0x140/0x140
[ 1672.285727][T22811]  ? __lock_acquire+0x1347/0x7d40
[ 1672.290880][T22811]  lock_acquire+0x19e/0x420
[ 1672.295396][T22811]  ? ext4_writepages+0x1a4/0x350
[ 1672.300353][T22811]  ? __might_sleep+0xe0/0xe0
[ 1672.304958][T22811]  ? read_lock_is_recursive+0x20/0x20
[ 1672.310358][T22811]  ? mark_lock+0x94/0x320
[ 1672.314725][T22811]  ? __lock_acquire+0x1347/0x7d40
[ 1672.319779][T22811]  percpu_down_read+0x44/0x1a0
[ 1672.325856][T22811]  ? ext4_writepages+0x1a4/0x350
[ 1672.331271][T22811]  ext4_writepages+0x1a4/0x350
[ 1672.336081][T22811]  ? ext4_read_folio+0x2f0/0x2f0
[ 1672.341064][T22811]  ? __rwlock_init+0x150/0x150
[ 1672.345871][T22811]  ? do_raw_spin_unlock+0x121/0x230
[ 1672.351114][T22811]  ? ext4_read_folio+0x2f0/0x2f0
[ 1672.356087][T22811]  do_writepages+0x3b3/0x630
[ 1672.360747][T22811]  ? folio_clear_dirty_for_io+0xc30/0xc30
[ 1672.366681][T22811]  ? writeback_single_inode+0x214/0x760
[ 1672.372272][T22811]  ? __lock_acquire+0x7d40/0x7d40
[ 1672.377339][T22811]  ? do_raw_spin_lock+0x11f/0x2c0
[ 1672.382413][T22811]  __writeback_single_inode+0x153/0xec0
[ 1672.388007][T22811]  writeback_single_inode+0x21f/0x760
[ 1672.393583][T22811]  ? write_inode_now+0x210/0x210
[ 1672.398542][T22811]  ? ext4_xattr_inode_update_ref+0x468/0x590
[ 1672.404549][T22811]  write_inode_now+0x183/0x210
[ 1672.409332][T22811]  ? bdi_split_work_to_wbs+0x910/0x910
[ 1672.414816][T22811]  ? do_raw_spin_unlock+0x121/0x230
[ 1672.420063][T22811]  iput+0x5ae/0x920
[ 1672.423894][T22811]  ext4_xattr_block_set+0x249e/0x32b0
[ 1672.429295][T22811]  ? ext4_xattr_block_find+0x350/0x350
[ 1672.434785][T22811]  ? xattr_find_entry+0x2a6/0x2f0
[ 1672.439831][T22811]  ? ext4_xattr_block_find+0xea/0x350
[ 1672.445221][T22811]  ext4_expand_extra_isize_ea+0x12c5/0x1e80
[ 1672.451151][T22811]  __ext4_expand_extra_isize+0x306/0x400
[ 1672.456809][T22811]  __ext4_mark_inode_dirty+0x45d/0x6e0
[ 1672.462382][T22811]  ext4_evict_inode+0x7f3/0xea0
[ 1672.467332][T22811]  ? _raw_spin_unlock+0x28/0x40
[ 1672.472230][T22811]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1672.478162][T22811]  ? preempt_schedule_thunk+0x1a/0x30
[ 1672.483643][T22811]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1672.489567][T22811]  evict+0x4ca/0x8d0
[ 1672.493485][T22811]  ? proc_nr_inodes+0x230/0x230
[ 1672.498375][T22811]  ? do_raw_spin_unlock+0x121/0x230
[ 1672.503806][T22811]  ? _raw_spin_unlock+0x28/0x40
[ 1672.508682][T22811]  ? iput+0x706/0x920
[ 1672.512689][T22811]  ext4_orphan_cleanup+0xbec/0x1420
[ 1672.517911][T22811]  ? ext4_orphan_del+0xbf0/0xbf0
[ 1672.522962][T22811]  ? ext4_register_li_request+0x183/0x940
[ 1672.528701][T22811]  ? errseq_check_and_advance+0x66/0x120
[ 1672.534436][T22811]  ext4_fill_super+0x5eea/0x67b0
[ 1672.539412][T22811]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1672.545696][T22811]  ? __might_sleep+0xe0/0xe0
[ 1672.550331][T22811]  ? read_lock_is_recursive+0x20/0x20
[ 1672.555753][T22811]  ? snprintf+0xe9/0x140
[ 1672.560067][T22811]  ? down_read_killable+0x340/0x340
[ 1672.565294][T22811]  ? setup_bdev_super+0x56b/0x660
[ 1672.570360][T22811]  get_tree_bdev+0x3f3/0x520
[ 1672.575075][T22811]  ? vfs_parse_fs_string+0x170/0x170
[ 1672.581935][T22811]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1672.588206][T22811]  ? setup_bdev_super+0x660/0x660
[ 1672.593252][T22811]  ? apparmor_capable+0x137/0x1a0
[ 1672.598427][T22811]  ? bpf_lsm_capable+0x9/0x10
[ 1672.603139][T22811]  ? security_capable+0x89/0xb0
[ 1672.608009][T22811]  vfs_get_tree+0x8c/0x280
[ 1672.612447][T22811]  do_new_mount+0x24b/0xa40
[ 1672.616972][T22811]  __se_sys_mount+0x2e7/0x3d0
[ 1672.621760][T22811]  ? __x64_sys_mount+0xc0/0xc0
[ 1672.626625][T22811]  ? lockdep_hardirqs_on+0x98/0x150
[ 1672.631861][T22811]  ? __x64_sys_mount+0x20/0xc0
[ 1672.636640][T22811]  do_syscall_64+0x55/0xa0
[ 1672.641084][T22811]  ? clear_bhb_loop+0x40/0x90
[ 1672.645846][T22811]  ? clear_bhb_loop+0x40/0x90
[ 1672.650545][T22811]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1672.656498][T22811] RIP: 0033:0x7f748939e04a
[ 1672.660924][T22811] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1672.680722][T22811] RSP: 002b:00007f748a18be58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1672.689154][T22811] RAX: ffffffffffffffda RBX: 00007f748a18bee0 RCX: 00007f748939e04a
[ 1672.697139][T22811] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007f748a18bea0
[ 1672.705128][T22811] RBP: 0000200000000180 R08: 00007f748a18bee0 R09: 0000000000000000
[ 1672.713151][T22811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[ 1672.721187][T22811] R13: 00007f748a18bea0 R14: 000000000000047a R15: 00002000000001c0
[ 1672.729197][T22811]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1672.793734][T22811] ------------[ cut here ]------------
[ 1672.799769][T22811] EA inode 11 i_nlink=0
[ 1672.801736][T22811] WARNING: CPU: 0 PID: 22811 at fs/ext4/xattr.c:1059 ext4_xattr_inode_update_ref+0x53c/0x590
[ 1672.816818][T22811] Modules linked in:
[ 1672.821238][T22811] CPU: 0 PID: 22811 Comm: syz.8.4709 Not tainted syzkaller #0
[ 1672.829201][T22811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1672.839887][T22811] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590
[ 1672.846544][T22811] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 35 d5 98 ff 49 8b 37 48 c7 c7 20 d8 de 8a 89 da e8 74 54 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 be e5 3f 08
[ 1672.867424][T22811] RSP: 0018:ffffc9000473f1a0 EFLAGS: 00010246
[ 1672.873554][T22811] RAX: 14557f4d2a6e9b00 RBX: 0000000000000000 RCX: 0000000000080000
[ 1672.882421][T22811] RDX: ffffc9000d7cc000 RSI: 000000000007ffff RDI: 0000000000080000
[ 1672.890930][T22811] RBP: ffffc9000473f298 R08: ffff8880b8e28c13 R09: 1ffff110171c5182
[ 1672.899407][T22811] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000
[ 1672.907868][T22811] R13: ffff88802f8e04a8 R14: ffff88802f8e02b0 R15: ffff88802f8e0300
[ 1672.915892][T22811] FS:  00007f748a18c6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1672.925325][T22811] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1672.932464][T22811] CR2: 00007f5fb8783000 CR3: 0000000075cbf000 CR4: 00000000003506f0
[ 1672.940853][T22811] Call Trace:
[ 1672.944174][T22811]  <TASK>
[ 1672.947548][T22811]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 1672.953241][T22811]  ? ext4_xattr_inode_iget+0x3df/0x600
[ 1672.959786][T22811]  ext4_xattr_set_entry+0xcda/0x1e90
[ 1672.965141][T22811]  ext4_xattr_ibody_set+0x254/0x6a0
[ 1672.970799][T22811]  ext4_expand_extra_isize_ea+0x1398/0x1e80
[ 1672.977338][T22811]  __ext4_expand_extra_isize+0x306/0x400
[ 1672.983432][T22811]  __ext4_mark_inode_dirty+0x45d/0x6e0
[ 1672.989307][T22811]  ext4_evict_inode+0x7f3/0xea0
[ 1672.994481][T22811]  ? _raw_spin_unlock+0x28/0x40
[ 1672.999736][T22811]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1673.005690][T22811]  ? preempt_schedule_thunk+0x1a/0x30
[ 1673.011436][T22811]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1673.017431][T22811]  evict+0x4ca/0x8d0
[ 1673.021405][T22811]  ? proc_nr_inodes+0x230/0x230
[ 1673.026434][T22811]  ? do_raw_spin_unlock+0x121/0x230
[ 1673.031744][T22811]  ? _raw_spin_unlock+0x28/0x40
[ 1673.036697][T22811]  ? iput+0x706/0x920
[ 1673.040755][T22811]  ext4_orphan_cleanup+0xbec/0x1420
[ 1673.046028][T22811]  ? ext4_orphan_del+0xbf0/0xbf0
[ 1673.051962][T22811]  ? ext4_register_li_request+0x183/0x940
[ 1673.058249][T22811]  ? errseq_check_and_advance+0x66/0x120
[ 1673.064157][T22811]  ext4_fill_super+0x5eea/0x67b0
[ 1673.069583][T22811]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1673.075894][T22811]  ? __might_sleep+0xe0/0xe0
[ 1673.080611][T22811]  ? read_lock_is_recursive+0x20/0x20
[ 1673.086159][T22811]  ? snprintf+0xe9/0x140
[ 1673.090528][T22811]  ? down_read_killable+0x340/0x340
[ 1673.095804][T22811]  ? setup_bdev_super+0x56b/0x660
[ 1673.101011][T22811]  get_tree_bdev+0x3f3/0x520
[ 1673.105895][T22811]  ? vfs_parse_fs_string+0x170/0x170
[ 1673.111276][T22811]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1673.117646][T22811]  ? setup_bdev_super+0x660/0x660
[ 1673.122872][T22811]  ? apparmor_capable+0x137/0x1a0
[ 1673.128031][T22811]  ? bpf_lsm_capable+0x9/0x10
[ 1673.132781][T22811]  ? security_capable+0x89/0xb0
[ 1673.137895][T22811]  vfs_get_tree+0x8c/0x280
[ 1673.142501][T22811]  do_new_mount+0x24b/0xa40
[ 1673.147152][T22811]  __se_sys_mount+0x2e7/0x3d0
[ 1673.152002][T22811]  ? __x64_sys_mount+0xc0/0xc0
[ 1673.157628][T22811]  ? lockdep_hardirqs_on+0x98/0x150
[ 1673.163071][T22811]  ? __x64_sys_mount+0x20/0xc0
[ 1673.168057][T22811]  do_syscall_64+0x55/0xa0
[ 1673.172541][T22811]  ? clear_bhb_loop+0x40/0x90
[ 1673.177301][T22811]  ? clear_bhb_loop+0x40/0x90
[ 1673.182059][T22811]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1673.188057][T22811] RIP: 0033:0x7f748939e04a
[ 1673.192528][T22811] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1673.212525][T22811] RSP: 002b:00007f748a18be58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1673.221253][T22811] RAX: ffffffffffffffda RBX: 00007f748a18bee0 RCX: 00007f748939e04a
[ 1673.229500][T22811] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007f748a18bea0
[ 1673.237569][T22811] RBP: 0000200000000180 R08: 00007f748a18bee0 R09: 0000000000000000
[ 1673.245616][T22811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[ 1673.253708][T22811] R13: 00007f748a18bea0 R14: 000000000000047a R15: 00002000000001c0
[ 1673.262542][T22811]  </TASK>
[ 1673.265596][T22811] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1673.272918][T22811] CPU: 0 PID: 22811 Comm: syz.8.4709 Not tainted syzkaller #0
[ 1673.280502][T22811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1673.290593][T22811] Call Trace:
[ 1673.293907][T22811]  <TASK>
[ 1673.296861][T22811]  dump_stack_lvl+0x18c/0x250
[ 1673.301590][T22811]  ? show_regs_print_info+0x20/0x20
[ 1673.306852][T22811]  ? load_image+0x420/0x420
[ 1673.311410][T22811]  panic+0x2dc/0x730
[ 1673.315446][T22811]  ? bpf_jit_dump+0xd0/0xd0
[ 1673.320020][T22811]  __warn+0x2e0/0x470
[ 1673.324053][T22811]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1673.330350][T22811]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1673.336396][T22811]  report_bug+0x2be/0x4f0
[ 1673.340816][T22811]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1673.347127][T22811]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1673.353177][T22811]  ? ext4_xattr_inode_update_ref+0x53e/0x590
[ 1673.359219][T22811]  handle_bug+0xcf/0x120
[ 1673.363507][T22811]  exc_invalid_op+0x1a/0x50
[ 1673.368049][T22811]  asm_exc_invalid_op+0x1a/0x20
[ 1673.372926][T22811] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590
[ 1673.379626][T22811] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 35 d5 98 ff 49 8b 37 48 c7 c7 20 d8 de 8a 89 da e8 74 54 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 be e5 3f 08
[ 1673.399249][T22811] RSP: 0018:ffffc9000473f1a0 EFLAGS: 00010246
[ 1673.405325][T22811] RAX: 14557f4d2a6e9b00 RBX: 0000000000000000 RCX: 0000000000080000
[ 1673.413307][T22811] RDX: ffffc9000d7cc000 RSI: 000000000007ffff RDI: 0000000000080000
[ 1673.421392][T22811] RBP: ffffc9000473f298 R08: ffff8880b8e28c13 R09: 1ffff110171c5182
[ 1673.429480][T22811] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000
[ 1673.437476][T22811] R13: ffff88802f8e04a8 R14: ffff88802f8e02b0 R15: ffff88802f8e0300
[ 1673.445565][T22811]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 1673.451233][T22811]  ? ext4_xattr_inode_iget+0x3df/0x600
[ 1673.456714][T22811]  ext4_xattr_set_entry+0xcda/0x1e90
[ 1673.462029][T22811]  ext4_xattr_ibody_set+0x254/0x6a0
[ 1673.467257][T22811]  ext4_expand_extra_isize_ea+0x1398/0x1e80
[ 1673.473191][T22811]  __ext4_expand_extra_isize+0x306/0x400
[ 1673.478863][T22811]  __ext4_mark_inode_dirty+0x45d/0x6e0
[ 1673.484344][T22811]  ext4_evict_inode+0x7f3/0xea0
[ 1673.489211][T22811]  ? _raw_spin_unlock+0x28/0x40
[ 1673.494078][T22811]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1673.500001][T22811]  ? preempt_schedule_thunk+0x1a/0x30
[ 1673.505414][T22811]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1673.511344][T22811]  evict+0x4ca/0x8d0
[ 1673.515273][T22811]  ? proc_nr_inodes+0x230/0x230
[ 1673.520161][T22811]  ? do_raw_spin_unlock+0x121/0x230
[ 1673.525391][T22811]  ? _raw_spin_unlock+0x28/0x40
[ 1673.530260][T22811]  ? iput+0x706/0x920
[ 1673.534255][T22811]  ext4_orphan_cleanup+0xbec/0x1420
[ 1673.539467][T22811]  ? ext4_orphan_del+0xbf0/0xbf0
[ 1673.544412][T22811]  ? ext4_register_li_request+0x183/0x940
[ 1673.550151][T22811]  ? errseq_check_and_advance+0x66/0x120
[ 1673.555799][T22811]  ext4_fill_super+0x5eea/0x67b0
[ 1673.560767][T22811]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1673.567027][T22811]  ? __might_sleep+0xe0/0xe0
[ 1673.571629][T22811]  ? read_lock_is_recursive+0x20/0x20
[ 1673.577099][T22811]  ? snprintf+0xe9/0x140
[ 1673.581359][T22811]  ? down_read_killable+0x340/0x340
[ 1673.586569][T22811]  ? setup_bdev_super+0x56b/0x660
[ 1673.591605][T22811]  get_tree_bdev+0x3f3/0x520
[ 1673.596202][T22811]  ? vfs_parse_fs_string+0x170/0x170
[ 1673.601508][T22811]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1673.607768][T22811]  ? setup_bdev_super+0x660/0x660
[ 1673.612838][T22811]  ? apparmor_capable+0x137/0x1a0
[ 1673.617872][T22811]  ? bpf_lsm_capable+0x9/0x10
[ 1673.622562][T22811]  ? security_capable+0x89/0xb0
[ 1673.627425][T22811]  vfs_get_tree+0x8c/0x280
[ 1673.631855][T22811]  do_new_mount+0x24b/0xa40
[ 1673.636367][T22811]  __se_sys_mount+0x2e7/0x3d0
[ 1673.641054][T22811]  ? __x64_sys_mount+0xc0/0xc0
[ 1673.645829][T22811]  ? lockdep_hardirqs_on+0x98/0x150
[ 1673.651037][T22811]  ? __x64_sys_mount+0x20/0xc0
[ 1673.655828][T22811]  do_syscall_64+0x55/0xa0
[ 1673.660254][T22811]  ? clear_bhb_loop+0x40/0x90
[ 1673.664951][T22811]  ? clear_bhb_loop+0x40/0x90
[ 1673.669654][T22811]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1673.675565][T22811] RIP: 0033:0x7f748939e04a
[ 1673.679994][T22811] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1673.699781][T22811] RSP: 002b:00007f748a18be58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1673.708213][T22811] RAX: ffffffffffffffda RBX: 00007f748a18bee0 RCX: 00007f748939e04a
[ 1673.716211][T22811] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 00007f748a18bea0
[ 1673.724219][T22811] RBP: 0000200000000180 R08: 00007f748a18bee0 R09: 0000000000000000
[ 1673.732303][T22811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000000
[ 1673.740379][T22811] R13: 00007f748a18bea0 R14: 000000000000047a R15: 00002000000001c0
[ 1673.748369][T22811]  </TASK>
[ 1673.751921][T22811] Kernel Offset: disabled
[ 1673.756255][T22811] Rebooting in 86400 seconds..