last executing test programs:

18m1.410687765s ago: executing program 2 (id=1442):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x204050, &(0x7f0000000540)=ANY=[], 0x1, 0x6da, &(0x7f0000002240)="$eJzs3c1vHGcZAPBn1uu1N00TN03bgCrVaiRARDT+kAvmQkAIGalCKBw4W4nTWNmkxXHBrRB1+Lz20D+gF18QJyROXCIVDlzg1hvygUMlJC69YE6DZnZmd7Ler3x5bfj9otn3nfedeeeZZz52diNrA/i/tXYp6vcjibVLb+xk8/t7y639veXbZT0iZiJiN6IeEbWISP6dpunHEVciks4wSU95yIebq1c/+Wz/0/ZcvZjy5WvD1utRLLfb07xbts1HxFRRPoYHxrv22OMlncivRMTFooSJm46INJ2OtONHfzl9uuzJOs+2y2a/tWePMFLgaUna75vZm3Gt2j4Xcaq40LPngPKdtzaRIMcwM+ZyvU8QAAAAcNKM8xn47EEcxE5y5gjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP8Ju93f/0+KqVbW5yMpf/+/UbRFUT9eXnm4xe8/rTgAAAAAAAAA4Ai9chAHsRNnyvk0yf/P/9V85nz++ky8E3djI7bitdiJ9diO7diKxYiYqwzU2Fnf3t5aHGPNpb5rLo0IdKYom09mvwEAAAAAAADgBPnJ1U51d9AyP4+17v//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAcZBETLWLSO5VmueiVo+I2XrRsBvxt4hoTCrOJ+X+pAMAAACAxzE13mJnD+IgduJMOZ8mcT4iXsy/A5iNd+JObMdmbEcrNuJ6/r1A+1N/bX9vubW/t3w7mw6P+81/PTA7OyKMfMRO1P22fCFfohk3YjNveS2uxVvRiutRy9fMXCjiKUftieteFlPyjcJ4+YnrRZnt+QdFecj7Yw42XO+XKc3hX7DM5RmZ7mRkoYgty8Zz5ZHpf4R6js4ovVtajFonsPM9W+oJ+JFyfqoos/359aCcT0RvJpYqZ9+Lw3Me8cU//O6HC0X9+OzSaLVKPc1fm1km/vFAJpYrmXhpnEzcbN25dfPGqBvDCbCQp+iFzvxafCd+EJdiPr4fW7EZP4712I6NmI9v57X14uAnlct7QKautIvpfptd655CZd4bxRk6VbQ+TEyv5uueic34XrwV12MjXs//LcVifDVWYiVWK0e4UY35cNz5VV/LAuxc9d0DnT7bN40Xv1RUstveb4qyr4EdT0u2t89V8lq9587lfdWWbpbODb8OsixlaZmp3hv/ODyU+ueLSraNX/RcnJPVm4nFSiaeH5aJ8kS+27pza+vm+tvjbe7cB5XVf3WsbqnZ+XIuO1hRHqDu2ZH1PV/29eQr6zvf6asd6nuh09e+UncHXqmN4hnu8EhLed9LffuW82Av5H3pwOet0U9zAEzYqS+fajT/2fxr86PmL5s3m2/MfmvmazMvN2L6T9Nfry9MfaH2cvL7+Ch+1v38DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLq77753a73V2tjqqaRp+v6ArlZ6NmJA16NVagPDyCr1EaEeqsT835/JVihb0uh0lb+O+ASDH1X53OmIIctMP9hS/DpPtFvqTzbPE6z8J03ToiUZsMxv/3w4Uc8OS12n0hj/3BhRmS3O8MKxSF1RqR/xRid0QwKOzOXt229fvvvue1/ZvL3+5sabG3dWV1ZWF1ZXXl++fGOztbHQfp10lMDT0H3Tn3QkAAAAAAAAAAAAwLjG+3uAeKw/J5j0PgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn29qlqN+PJBYXYjab399bbmVTWe8uWY+IWkQkP41IPo64Eu0p5irDJYO28+Hm6tVPPtv/tDtWNsV3rw1ZrzH2XuwWU8xHxFS7vDf22iPGu1aUQyWDd729d+3uLGEXy8TBpP03AAD//4ry/Bg=")
truncate(&(0x7f0000000000)='./file1\x00', 0xbc8b)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x50)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="0f20d835080000000f22d836f30f09660f38808dd400000067660f38818b05800f01c9b9800000c00f3235001000000f3067660f01dfb805000000b9300000000f01d966baf80cb8759d9988ef66bafc0cb012eeb810baf2160f23c80f21f835080070000f23f8", 0x67}], 0x1, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text16={0x10, &(0x7f0000000080)="0f491381a100000000f30f30660f3a44340066ff62000f882f4fb8c8008ee0baf80c66b849990e8a66efbafc0cecbaf80c66b87c95678f66efbafc0ced8fca78102b00000000", 0x46}], 0x1, 0x59, 0x0, 0x0)

17m58.337449017s ago: executing program 2 (id=1449):
r0 = socket$packet(0x11, 0x2, 0x300)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
syz_open_dev$I2C(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil)
shmat(r4, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
shmctl$IPC_RMID(r4, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0xfd9, 0x4000000)
setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000080), 0x4)
r5 = syz_open_procfs(0x0, 0x0)
r6 = memfd_create(0x0, 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0x972, &(0x7f0000000300))
fstatfs(r6, 0x0)
lseek(r5, 0x1, 0x2)
r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r7, &(0x7f00000003c0)={0x24, @none={0x0, 0x2}}, 0x14)

17m56.249534861s ago: executing program 2 (id=1454):
bind$bt_hci(0xffffffffffffffff, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
ptrace$ARCH_SET_GS(0x1e, r0, &(0x7f0000000080), 0x1001)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
socket$xdp(0x2c, 0x3, 0x0)

17m49.973003611s ago: executing program 2 (id=1467):
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
syz_open_dev$dri(&(0x7f00000000c0), 0x7, 0x202401)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x109040, 0x0)
r2 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0xf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x28}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)
ioctl$COMEDI_CMD(r1, 0x80506409, &(0x7f0000000180)={0x1, 0x30000, 0x80, 0x800, 0x10, 0x3e8, 0x2, 0x1, 0x20, 0x1, 0x20, 0xffffffff, &(0x7f0000000600)=[0x7], 0x1, 0x0})
syz_usb_connect(0x2, 0x36, &(0x7f0000000a40)=ANY=[@ANYBLOB="12010000022fb040d80408fdb15900"], 0x0)

17m44.109535871s ago: executing program 2 (id=1480):
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c61)
creat(0x0, 0x28)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000009240)={{{@in6=@private1, @in6=@remote, 0x4e24, 0x0, 0x4e21, 0xb, 0x2, 0xa0, 0x80, 0x29}, {0x0, 0x3, 0x7, 0x6, 0x10000, 0x60000000, 0xe04d, 0x2}, {0x6, 0x1, 0x9}, 0x3ff, 0x6e6bb2, 0x2, 0x0, 0x1, 0x2}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0x33}, 0xd, @in=@local, 0x3505, 0x0, 0x1, 0xff, 0x1, 0x8, 0x10001}}, 0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r2, 0x1, &(0x7f0000000180)=0x3)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000005b1953e7203b3833b487e3c4bd4540e4b6e87b7891e0f159182f542be18de00d9d95e1c4a6b62a3c065fc1a7b4c144cc2508eba2540e3425abc138dbaf9f6da59d9c77cbe2a8a9666a08ed1704c6bb2e422f01d64cae3050d7bd3c10b0e80d9483a2e36568cf0c6a1b78d9ca2f8065a1d7b4b0eeeecaa3c865de68042c9ab36e8a43b97955b04e5351f99c682a939832582c0dfd64028580c33fca4ca652f4c4e116c16e0f76fd9379599b54e06a8662f81fe375751e06007efabbd87b82d35367257d1bc15f92370261aace269013bc00b86daae71e253200000000b1467c86aff0ee8ff6c53939acb3866e8247eff7c10f000200000e6bd59e5b4dbc12ce8f0a5f816382fc66bcf14bb83ce2336b93b90594b78301e696503eea3404fe7dc3a8a5f9fde10f53e458e9efbe57fb52e85ea5346ed9f42418aefc6052afd588f8ae73eaab3af38936bfdadc91cda3983de6513ef3c2e58a54ffb1921aab1df971cdc2b2ab17bc9e421b5991b6036f845313a4a5f9d8a36472d7d758d73e9be967ca3fdae7d7ba03a8d9e5962c67ca30e5b6eb3c524c22632e47f18c879f0564361ef35aba5ed3f2d1b0bc6954e7e2dc49106ce8a49b48812ad3f5f8391c14ecde831be42d15bdc797c2b9ab30a8e90d7d53784e7add8e5bd5b6797a63e48efa0eb4d1df88ea8b388e94c6a15ac4e22447dad331244a38a5a2e294905611bfeadcac35f6ccf6af94191954c6b840a3092ef94d1e0e23019fbbdcd5b47e4a565ce42d0bbd7b14f9df1139c15ee4d687fe0861a8210071ebeb63606d28dcb5404e077400bd04453c49d0e2e0bb2700000046a4e564ba31c3d62f2d0fb6b7630f66f086e36885c3634a522888f1c4049361cfb8914f59073ba6a8a6ea283acfa3d3bc40e7a70f71b27686ac5307918ac06f1a"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport}, 0x94)
r6 = socket(0x10, 0x800000000080002, 0x9)
setsockopt$sock_attach_bpf(r6, 0x1, 0x34, &(0x7f00000000c0)=r5, 0x4)
r7 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4e20, 0x0, 0x4e22, 0x0, 0xa, 0x0, 0x20}, {0x9, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x4}, 0x0, 0x0, 0x1, 0x0, 0x5, 0x1}, {{@in6=@rand_addr=' \x01\x00', 0x800, 0x33}, 0xa, @in=@multicast1, 0x3506, 0x4, 0x0, 0x4, 0xfffffffc, 0x4, 0x401}}, 0xe8)
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)

17m42.651761733s ago: executing program 2 (id=1484):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x9}, {0x3, 0x3ff}]}, 0x18, 0x1)
r3 = socket(0x10, 0x803, 0x0)
write(r3, &(0x7f0000000300)="fc0000004a000700ab092500090007000aab80ff020000000000369321000100fc0000000000000000ff000000000000008656aaa79bb94b46fe00000007ec020800008c0100036c6c256f1a272f2e117c22ebc205214000000080008934d07326ade01720e6cd5ed6e4e9bfcd772c74fb32c56ce1f0f156272f5b00000005defd5a32e3082038f4f8b29d3e2a73325c6d167c7594978f7bc711fdf3d92c8334b2ccd243f295ed94e0ad91bd073457d43d3f0000000000000000000000000073bfe35951f2d728a1e09c8dcd13323236b0fbe7c61b1bf53cdec0961355f00ca63ff6c90da1dc9f8f594d033472cb97e3b5f3395aa0a4a827", 0xf8)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

17m27.3565948s ago: executing program 32 (id=1484):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x9}, {0x3, 0x3ff}]}, 0x18, 0x1)
r3 = socket(0x10, 0x803, 0x0)
write(r3, &(0x7f0000000300)="fc0000004a000700ab092500090007000aab80ff020000000000369321000100fc0000000000000000ff000000000000008656aaa79bb94b46fe00000007ec020800008c0100036c6c256f1a272f2e117c22ebc205214000000080008934d07326ade01720e6cd5ed6e4e9bfcd772c74fb32c56ce1f0f156272f5b00000005defd5a32e3082038f4f8b29d3e2a73325c6d167c7594978f7bc711fdf3d92c8334b2ccd243f295ed94e0ad91bd073457d43d3f0000000000000000000000000073bfe35951f2d728a1e09c8dcd13323236b0fbe7c61b1bf53cdec0961355f00ca63ff6c90da1dc9f8f594d033472cb97e3b5f3395aa0a4a827", 0xf8)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

14m54.425490388s ago: executing program 4 (id=1750):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xd)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x200000000000000)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000001580)=ANY=[@ANYBLOB="74696d655f6f66667365743d3078303030303030303030303030303466362c646f74732c646f74732c666c7573682c616c6c6f775f7574696d653d30303030303030303030303030303030303037373737352c6e6f646f74732c6e6f636173652c636865636b3d7374726963742c71756965742c666d61736b3d30303030303030303030303030303030303030303737362c7379735f696d6d757461626c652c757365667265652c646f74732c7379735f696d6d757461626c652c6572726f72733d72656d6f756e742d726f2c73686f77657865632c005530906363a9696b9e7a5ed1e1fdd8e80b9c8871e81ff8251b37bdde89710c3d4b74ff313381025bab8f4a076362fe7bfe6f0fa96c0edee5487ca3e2b00eaa188c94fb91efbd9b9d1f05f57ce05f47f407049e530b09525852783dc271f4f0bfd1076cb05f75ca8a56cd182ebfe31538bb529a14b1151072beab8a6eeebb25948a5993cc5648bada83c7dac555ea2676f8983b67152a01d86bf596f38e9add5211b588e4154a0b959ce973a67f8a25e8f98a9c607f1864c7a4fb0211388f592661be3d94"], 0x21, 0x23d, &(0x7f0000000a40)="$eJzs3cFqE0EcBvB/27Td9mLP4mHBi6eivkGQCOKCENmDnlyoXloR0svqKY/hM/hIPkZPva3YXZq6UQ+yySbu7wdhP/IxMHPJ5DCTvHvw8fzs0+WH6vvXSJI0RhHzuI44id3Yi9pO89y9yQdx1zwAgG0znRbjvudAh3aW3jmKiGI/Ig6XqvzbmmYFAAAAAAAAAABAx5z/B4Dhcf7//zebjYvj5vvbr5z/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpzXVX3qr+8+p4fANA9+z8ADI/9HwCGx/4PAMPz+s3bl+Msm0zTNIm4mpd5mdfPun/+Ips8Tm+cLEZdlWW+3+Rs8qTu03Z/3Ix/+tv+IB49rPuf3bNXWas/jLNVLx4AAAAAAAAAAAAAAAAAAAA2xGl6q3W/f6/uT//U1+nO7wO07u+P4v5obcsAAAAAAAAAAAAAAAAAAACArXb5+ct5cXHxfiYIt+Eo/mFUEpsxeaGT0PcnEwAAAAAAAAAAAAAAAAAADM/i0m/fMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/iz+/391oe81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMPwIwAA//++jJCI")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x200000, &(0x7f0000000200)={[{@block_validity}, {}, {@nombcache}, {@inode_readahead_blks}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@grpjquota}]}, 0x3, 0x57b, &(0x7f0000000800)="$eJzs3d1rW+UfAPDvSZu9/37rYAz1Qgq7cDKXrq0vE4TNS9HhQO9naLMymi6jScdaB9su3I03MgQRB+If4L2Xw3/Av2KggyGj6IUXVk56smV56Uua2cx8PnC25znnpN/z5DnPk+/JSUgAQ2s8/ScX8XJEfJVEHG7aNhrZxvH1/VYf35hJlyTW1j75PYkkW9fYP8n+P5hVXoqIn7+IOJlrj1tdXpkvlsulxaw+UVu4OlFdXjl1eaE4V5orXZmanj7z1vTUu++83WPL2oO+fuHPbz++/8GZL4+vfvPjwyN3kzgXh7JtTe1IegyYutVcGY/x7I/l41zLjpM7CDKIdvKksXtGsnGej3QOOBwj2agH/vtuRsQaMJxGTAAwrBp5QOPavvl6fiN/Nz32Rfbo/fULoPb2j66/NxL76tdGB1aTZ66M0uvdsT7ET2P89Nu9u+kSLe+ntLrZh3gADbduR8Tp0dH2+S/J5r/ene70JmyL1hhbff0Bdu5+mv+80Sn/yT3Jf6JD/nOww9jtxebjP/ewD2G6SvO/9zrmv0+mrrGRrPa/es6XTy5dLpdOR8T/I+JE5Pem9Y3u55xZfdA1V27O/9Iljd/IBbPjeDi699nHzBZrxZ20udmj2xGvPM1/k2ib//fVc93W/k+fjwtbjHGsdO/Vbts2b3+z/mfAaz9EvNax/5/e0Uo2vj85UT8fJhpnRbs/7hz7pVv87bW//9L+P7Bx+8eS5vu11e3H+H7fX6Vu23o9//ckn9bLe7J114u12uJkxJ7ko/b1U08f26g39k/bf+L4xvNfp/N/f0R8tsX23zl6p+uug9D/s9vq/2cK+bY1HQoPPvz8u27xt9b/b9ZLJ7I1W5n/tnJcvZ3NAAAAAAAAMLhyEXEoklzhSTmXKxTWP99xNA7kypVq7eSlytKV2ah/V3Ys8rnGne7DTZ+HmMw+D9uoT7XUpyPiSER8PbK/Xi/MVMqzu914AAAAAAAAAAAAAAAAAAAAGBAHu3z/P/XryG4fHfDc+clvGF6bjv9+/NITMJC8/sPwMv5heBn/MLyMfxhexj8ML+MfhpfxD8PL+AcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+unD+fLqsrT6+MZPWZ68tL81Xrp2aLVXnCwtLM4WZyuLVwlylMlcuFWYqC5v9vXKlcnVyKpauT9RK1dpEdXnl4kJl6Urt4uWF4lzpYin/r7QKAAAAAAAAAAAAAAAAAAAAXizV5ZX5YrlcWlToWjgbA3EYPReSzXr5bHYy9BRidPcbqPAcCrs8MQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAk38CAAD//2iMNWI=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x149)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f0000000000)='3', 0x1, 0x4fed0)
fallocate(r2, 0x10, 0xffff, 0x8001)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x0)
writev(r4, 0x0, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x440, 0x164)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r5, 0x40047211, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000140)={'vxcan1\x00'})

14m54.148444302s ago: executing program 4 (id=1757):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@noload}, {@stripe={'stripe', 0x3d, 0xdc}}, {@nomblk_io_submit}, {@noload}, {@abort}, {@auto_da_alloc}]}, 0xff, 0x459, &(0x7f00000004c0)="$eJzs3MtvVNUfAPDvvTMtlMev/Sk+QNAqGomPlpbnwg1GExeamOgC46q2hSADVVoTIUTRBS4NiXvj0sS/wJVujLoycat7Q0IMG9DEZMy9c28ZhpnSoQODzOeTXDhn7pne873nnplzz5mZAAbWePZPErEpIn6LiNFG9voC443/rl4+O/vX5bOzSdTrb/yZ5OWuXD47WxYtn7exkanXi/y6Nsc9/3bETK02f6rITy6deG9y8fSZ54+dmDk6f3T+5PTBg3v37BjeP72vJ3FmcV3Z9tHC9q2vvHXhtdnDF9756ZusvpuK/c1x9MjIeOPstvVUjw/Wb5ub0km1jxWhK5WIyJprKO//o1GJkeV9o/Hyp32tHHBb1ev1erv358K5OnAPS6LfNQD6o3yjz+5/y+0ODT3uCpcORbx/oBH/1WJr7KlGWpQZarm/7aXxiDh87u8vsy1uzzwEAMB1vjsUEc+1G/+l8WBTuf8VayhjEfH/iLgvIu6PiC0R8UBEXvahiHi4y+O3rpDcOP5JL95SYKuUjf9eKNa2lsd//9Tz+AtjlSK3OY9/KDlyrDa/uzgnu2JoXZafWuEY37/06+ed9jWP/7ItO345FmxIL1ZbJujmZpZm1hj2skufRGyrtsSfS6JcxkkiYmtEbOvqL1+7wzj2zNfbO5W6efwr6ME6U/2riKcb7X8uWuIvJR3XJ6cO7J/eN7k+avO7J8ur4kY//3L+9U7HX1P8PZC1/4bW6z+3HP9Ysj5i8fSZ4/l67WK0rhDf1PnfP+t4T3Or1/9w8maeHi4e+3BmaenUVMRw8uqNj09fe26RrzbHv2tnu/jT/DWujPaRiMgu4h0R8WhEPFbU/fGIeCIidq4Q/48vPvlu9/GvMCvfQ1n8czdr/2hu/+4TleM/fNt9/KWs/ffmqV3FI6t5/VttBddy7gAAAOC/Is0/A5+kE8vpNJ2YaHyGf0tsSGsLi0vPHln44ORc47PyYzGUljNdo03zoVPF3HCZn27J7ynmjb+ojOT5idmF2ly/g4cBt7FD/8/8Uel37YDbzve1YHDp/zC49H8YXPo/DC79HwZXu/7/cR/qAdx53v9hcOn/MLj0fxhc+j8MpI7fjU/X9JV/iXs+EWn3z6pGX+ucrPTDECN3xVltk6iu+scsbjGxru2ufr8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Ma/AQAA//+nZunQ")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x8916, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x12, 0x4}, 0x9, 0xfffffffffffffffe, 0x80, 0x290761e6, r0, r0, 0x4})
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x11)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
sendfile(r3, r3, 0x0, 0xe3aa6ea)
r4 = getpid()
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r5, &(0x7f0000000080)=""/1, 0x1)
write$cgroup_pid(r5, &(0x7f00000000c0)=r4, 0x12)
close(r5)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/devices.allow\x00', 0x1, 0x0)

14m48.266324313s ago: executing program 4 (id=1770):
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, '\x00', 0x22}, 0x20000008}]}, &(0x7f0000000140)=0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000040)='wg2\x00', 0x4)
ioctl$SIOCPNGETOBJECT(r4, 0x89e0, &(0x7f0000000480))
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000080)={0x84, @local, 0x15, 0x3, 'lblcr\x00', 0x28, 0x5, 0x72}, 0x2c)
r6 = socket$kcm(0xa, 0x2, 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e24, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x10000, 0xc, 0x2}}, 0x44)
sendmsg$sock(r6, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

14m46.664711932s ago: executing program 4 (id=1773):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
setresgid(0xee00, 0xee01, 0x0)
setregid(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000014c0)=@nat={'nat\x00', 0x62, 0x5, 0x430, 0x398, 0x2a0, 0xffffffff, 0xe0, 0x188, 0x398, 0x398, 0xffffffff, 0x398, 0x398, 0x5, 0x0, {[{{@ip={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_bond\x00', 'wg1\x00'}, 0x0, 0xa8, 0xe0, 0x0, {0x22e}, [@common=@unspec=@statistic={{0x38}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast1, @remote, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast1, @empty, @gre_key, @icmp_id}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_hsr\x00', 'ipvlan0\x00'}, 0x0, 0xe0, 0x118, 0x0, {}, [@common=@socket0={{0x20}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @private, @multicast2, @gre_key}}}}, {{@ip={@remote, @empty, 0x0, 0x0, 'veth1_to_batadv\x00', 'pim6reg\x00', {0xff}}, 0x0, 0xc0, 0xf8, 0x0, {}, [@common=@ttl={{0x28}}, @common=@inet=@tcpmss={{0x28}, {0xf}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x16, @remote, @broadcast, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x490)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x9)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000015a80)=ANY=[@ANYBLOB="14005054111f3209bd354c313f00005304010000000000000000000500000a14000000f70301"], 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000)
syz_clone3(0x0, 0x0)
setns(0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x44, &(0x7f0000000000)={0x0, 0x0}, 0xa)

14m45.562148177s ago: executing program 4 (id=1776):
r0 = syz_kvm_add_vcpu$x86(0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
setresgid(0xee00, 0x0, 0x0)
setresgid(0x0, 0x0, 0xffffffffffffffff)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r5, 0x541c, &(0x7f0000000180))
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x3)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00')

14m44.744778667s ago: executing program 4 (id=1777):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
ftruncate(r0, 0xc17a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x16)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xfac7})
r3 = syz_open_dev$sndpcmc(&(0x7f0000000340), 0x1, 0x80)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r3, 0x4161, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)}], 0x1, 0x0, 0x0, 0x40044}}], 0x1, 0x4008014)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f00000002c0)=0x8001, 0x4)
splice(r4, 0x0, r6, 0x0, 0x39000, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="6c0000001000ffff28bd7000f8dbdf250000395c", @ANYRES32=0x0, @ANYBLOB="0000000000000000440012800b000100697036746e6c000034000280140002002001000000000000000000000000000014000300ff02007a0d00000000000000000000010500280029000000080004"], 0x6c}, 0x1, 0x0, 0x0, 0x24004845}, 0x40014)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)

14m29.663578414s ago: executing program 33 (id=1777):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
ftruncate(r0, 0xc17a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x16)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xfac7})
r3 = syz_open_dev$sndpcmc(&(0x7f0000000340), 0x1, 0x80)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r3, 0x4161, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)}], 0x1, 0x0, 0x0, 0x40044}}], 0x1, 0x4008014)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f00000002c0)=0x8001, 0x4)
splice(r4, 0x0, r6, 0x0, 0x39000, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="6c0000001000ffff28bd7000f8dbdf250000395c", @ANYRES32=0x0, @ANYBLOB="0000000000000000440012800b000100697036746e6c000034000280140002002001000000000000000000000000000014000300ff02007a0d00000000000000000000010500280029000000080004"], 0x6c}, 0x1, 0x0, 0x0, 0x24004845}, 0x40014)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)

13m20.034641519s ago: executing program 6 (id=1800):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000003200)='./file1\x00', 0x2204206, &(0x7f0000003240)=ANY=[], 0x1, 0x334, &(0x7f0000000880)="$eJzs3M9rI2UYwPEnP5uktMlBFAXpi170MrTRsxikBTFgaRuxFYRpO9GQMSmZUImIbU9exbsnwUPpsbeC+g/04k0vXvbWy8IetofdnWV+NckkadNsuum23w+UefO87zOZH2/KM0MmZ1/+8l21bGllvSnRlJKIiMi5SE6iEoj4y6jbTkqnfXl/+tG/b6+ub3xWKBYXV5RaKqx9kFdKzc79+f2PaX/YyZSc5r4+e5h/cPr66Ztnz9a+rViqYqlaval0tVn/v6lvmobarlhVTall09AtQ1VqltHw+utef9ms7+y0lF7bnsnsNAzLUnqtpapGSzXrqtloKf0bvVJTmqapmYzgKqXDlRW9MGLy1pg3BmMw1SfWaBT0mIike3pKhy9lowAAwK0Srv+jTkk/Uv0vs2797wxu1/9H7/zdnP7ieNav/0+S/er/D//z1tVV/6dEZJT6/ze5Rv3fWxHdLy9U/+N2mEv2hCJdr5z6P+N/fl0HXx3Nuw3qfwAAAAAAAAAAAAAAAAAAAAAAXgXntp21bTsbLIO/9iME/mvcSYPO/5SIpJyzb3P+77LV9Q1JuQ/uOefY/Hm3tFvylk7vU9sjhsxLVp648yGIiW0HTx4pR07+Mvf8/L3dUsztKZSlIqYYsiBZyYXzbXvp0+LigvL4+RePKWU68/OSldf65+e78/33T8p773bka5KVf7akLqZsu/O6nf/TglKffF4M5afdcQAAAAAA3AWautD3+l3TBvV7vzJSKLu3iQbcH/Cur+f7Xp/Hs2/FJ733AAAAAADcD1brh6pumkbjkkZarh4zeiM+3OBkKJK4bHCsYw+H3Z6keyNDZNCYWOiIJQas+fchj2pXI/giRVdXyg+OdniD/R/b+drvjERliKx4eOPnnIC65rsf+DtyEQluGyUHHGdZ7l1P9JKZkBjbfH7j1z8ej+8D8tFxMAOuHnzQERk0M/s2UuFZ5zYSN/k/BwAAAMBktIv+IPJxZ3dkIhsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA9cyM/6RdqTHofAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNvieQAAAP//lI75aw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs(0x0, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2adc0, 0x1c1}, 0x18)
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000440)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x2, 0x3a, 'M', 0x3a, '\xcb\x94-\xa8|55a', 0x3a, './file0', 0x3a, [0x4f, 0x50, 0x46]}, 0x33)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f0000000340)={'\x00\f\x00', 0x0, 0x5, 0x2, 0x200000, 0x9, "00000000020000000900", "00004702", "03000800", "97ad3700", ["fdffffff84a438dfc5d5c010", "d78cb8b0211a83be12ff0bff"]})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f0000000140)={"4497acf4", 0xb, 0x5, 0x0, 0x3, 0x1000006, 'U\x00', "1575a859", "0725eade", '\'q6O', ["aabe8459c62224475793e8a7", "7f9ce2d2c4f439ff80e1d1c8", "fa0700f22b42a3023be516d1"]})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x11, r0, 0x0)
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r7, 0x40045010, &(0x7f00000000c0)=0x5)

13m16.093508744s ago: executing program 6 (id=1900):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x1)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4, 0x1}, 0x3, 0x800})
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x195)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000020000000000f400040000000000000020"], 0x1c, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=@base={0x13, 0x80000001, 0x35b3, 0x2, 0x800, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x2}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001180)={r4, 0x58, &(0x7f0000001100)}, 0x10)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
chown(&(0x7f0000000240)='./file1\x00', 0xee00, 0x0)

13m4.725593406s ago: executing program 6 (id=1930):
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x801)
syz_io_uring_setup(0x25b3, &(0x7f0000000480)={0x0, 0x8a73, 0x80, 0x2, 0x376}, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
pipe2$9p(&(0x7f00000001c0), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$igmp(0x2, 0x3, 0x2)
socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2$9p(&(0x7f0000000300), 0x80)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = syz_io_uring_setup(0x60b1, &(0x7f0000000280)={0x0, 0x69b3, 0x800, 0x6, 0x800034f}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x43, 0x0, @fd, 0x11e, 0x5, 0x0, 0x5, 0x0, {0x3}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x42, 0x4, r3, 0x0, 0x0, 0x0, 0x80000, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

13m4.530363816s ago: executing program 34 (id=1930):
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x801)
syz_io_uring_setup(0x25b3, &(0x7f0000000480)={0x0, 0x8a73, 0x80, 0x2, 0x376}, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
pipe2$9p(&(0x7f00000001c0), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$igmp(0x2, 0x3, 0x2)
socket(0x400000000010, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2$9p(&(0x7f0000000300), 0x80)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = syz_io_uring_setup(0x60b1, &(0x7f0000000280)={0x0, 0x69b3, 0x800, 0x6, 0x800034f}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITE_FIXED={0x5, 0x43, 0x0, @fd, 0x11e, 0x5, 0x0, 0x5, 0x0, {0x3}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x42, 0x4, r3, 0x0, 0x0, 0x0, 0x80000, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

10.566137277s ago: executing program 3 (id=4103):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f000001eec0)=""/102389, &(0x7f0000000000)=0xc74)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="ee04010000200010"], 0x8)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
writev(r5, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
socket(0x22, 0xa, 0x0)
unshare(0x20000400)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r6, 0x4008b100, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

9.077475381s ago: executing program 3 (id=4113):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x6}]}, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x3, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000004340), 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0x0, 0xd0, 0xd0, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @empty, [], [], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x1}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@private0, @empty, [], [], 'sit0\x00', 'vxcan1\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x2, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f65318776d8001e770b667f173dfa40b58c10327e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)
setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000001580)=ANY=[@ANYRESDEC=r4, @ANYRES64=r3, @ANYRES8=r5, @ANYBLOB, @ANYBLOB="8458141fd960d81fccc41c63264321340efc56756cbf84755f7c8a7664b09b9f9b9ecef6ef6c0c862843c74a", @ANYBLOB="d9f0ab178d12a2171bd638ab248651b072be13d1ca9f87aecbae77bdafcfe86b98c932c988597f447141d1b61bb03b41118b7e66a49d24b42e0bf0b084be945d5c72b686fd3d86fa815e88c4c8328bf4a41e86d02165ead54c346f290cc22eea7a8da41664418c63fabfe20e43340732ec75ceb70d0c529f50ace5391c59130f2388ddd80385765c422b24cfdbb958a3b115edd0a9f391d7dc58e54dd3b32556836b748f007c89b6059c70fe1bf24b25a3b81c892927d85216aa18622cd84959e122627c4525413201eb090a4d9e7c2fbcd18dd6f6f97ab3fa37c34eb1d753b0f9448c9a59901a39f8266f4fff131fde486645f67f85f9c9ef4fb6c51423ae221850a010e63b820fd7eab3e49cfa84bf566cae34924b26a61ea071945f7c702975a3c92090c4e5db769fac6cd939fea68ceb5f3b4ec34afe27473e666b9dfb4d258fc8ee9e87158238739d50ea934db3261aa919402d71d931850cb8f7fd5510406158202c8e8a3185b0282c50c78c20711260eea72f8820d55c3e36a9aaaeb456b79b778abeb6bac7e3bba7db383d5a05144c6280ce635306c34ecc427d2b6d24536ac184e18de43b1d0957f60b643fde33d461cb58e03b4a44825d8912b72a3afb72d85c7989a9a2b3875e9eb27f51c4774c04795cd39997888ae4e0057c6104bf546ed9de9f5799423bf2d30aeb728a591dab671ead7e5f3c47a35dfb69954b08ebbb55fb0f6f2e9feb5560b2f1a512855d27392903cc0cef93567996488c67183f062d6e56ccd81aa98e9c6aa4483fdfaacc5a4f3ed700fd2386622417af0801ecd6c99d28852fca9d9402e5a59a84893f7658cd5dd6f17a2b29234e7f27a4d232372ce3458daf6a31313e49adc7cf533223c0b43d55e0fd6dd7fb393224e9a3dce8472673fa61a7125ae7e5ecbf40d51d3f14ae72e4c6b8943f656f9699cdbb9b499f06c9e5b18e8816fecd71d08baa238c276eb6da18aa47151a24f5decd834938a258bcdafb2c52c5919044a4a009b27fe5af19d95687eca3b8b1c2a2d9a250508af0b915c4bc58659d38a92e77f190fe626bb57caf7f8f0ea6f8606fdefee81d27f0d4b21acf3a6395a9210c4d689115e22e4e26194601182ea90cd3c87401a34c7a5c05b716fae1f4f6c5045df4ee35ffa72250049c685b65ef1b9d8dcc7a045d758937fd704d2399820360164ef76b5bc36617d5e58fb1b7b108bdeb249a26b2dbdd34c1a45ec724a70ed6935306c482528a632e21fe91adaf72236a9874c3e7a58fb3f48c6a4610f9dfbf1049df2aac92259b429f0d7df7e333124f09c3bcc62a31aa5763087fd3b323bdb377d5dc7711e0fb6abd47801453ddb231e4cb501ab19f3c8a41d797dca64466f12e71f1672b7892363963fc7040459b5b3b803d3d9c69e0bd112ec8dcf50cc7b72604d11eed43bfd912889ae3c9a6cd81e1b314dfef4ff09ab8d6851a0a383fa2b260b376072b1ef79d2cc4764dd45b07c040ed8e6bd7f0d9a0a59fcbadfbd04b14797bff2014f48d41fadae67157c9c4b163c8149ffebc923f8f3b655161a5f7aa77e1220af3e9734513aa1e02174f6801094d676b3295b7c03bf064a9561a43484bd350b6a7ea2455fad85d6d3376eed2593333d81f627ed7af9bfb52f7b2021564cf13257d90b11813cd6b28a9e8c0fc20a9c8d5175466df3410639c7db79b8f7f1c8a24002224838d2ccd52dac78fe6af01bfbc9e8f659cee86c9c21bac0664078b0457078039f718d2d10fcb2e0acd17b918db26da3949944ae25d008670797b95ecaf802f9851519437738eda835270a4d7e8d3f54e6129866754993177a46dda8296ca689be1cef1aa0fe905c3ecea030b32e2264b4a62be54bbf27464ba3f269da8452d77c6445d518e50d5739b64036bb835d9b0e6a79713909fcfbb54b0c533c91bae3b214e3534c6c040a4dfc79fd2f6bd0eb9aea8a954400f65b7f916eb7bb6914cdbb8d9699a707c1f8f44eb984dadbb5f001e36efce2372916bdc0858da562923fee632158a16ef857e7d19c2449d5d7b00fe3bac4f6e88bf36b8687b6c2feded3af590ecc26b5a68dc36b531f76758c1c7834bb1d4dc286d1b95ab3254491fccb1642d9c353be586457a28ee31940afc0ca43e29ccb0cedc78e9f7c34c3e77687a47c78b2d156f4f8f343641bf1d5ad893a1d024475b304252592ee7b5b7e33eb395e23eda4407cb1642f5888c22d254aa7279aa97ee76da3335dd522f84c41960ae46d2ff9a564db0e5f87cc20688023ea68e21525e5508fb776c83f1ae780feb38808b61b95d20b06e6890b583bab56712a768406c0663f205933da7fe15b5abe6721ff6289b1725f7e7a55752a66aed8158a4179541c73308bfebb962a149a1fbf81d6026ed3643cfa51cf7d912bb638d229867ecbce72ff55e3bcc3886d1c014a95aaf66bdf1c13f05d0e79fc4a4ad75e6f59619869db1280906e79f527d16c25ba91f0853174074c8de0b74ab9da460ff29ee2deee89ba9493b14ae24bc142071aa5275998fd89892c0986393dd48af582a28abcc0bdf0e51c066c03f7f5c20cd9e762223bf28025beea3534749daa21cab01f5f10d301ecef9df94a20c4cc2454aba631d80a84aeef62e565ffe63f4f92830ff20c7c72b7be42c43362154903bc694e139d95a6b1c446bc4a3c77115bfe7dffaead5c51e49eb2680ec5596350351782971c94fdd089f70892461ff0ea5c7dae99d00d2641e844d9d801e3031deaa32676ab463980b2ba4ef3b522f49920badfff5a88bf395d8e613874dddb1c3565e272c60c7f79531328a473f8069bdfd9abfcc74ead82b808678eb9f5d86df8065133815e29dc157b3a3ff529b4cb12acc9199bef449cda3353498aa84d776893fdeb26c65b56b8ed8722a25ba50cdc019da35d0474114feef8550cdd3d99b1a968214a94195404828be820702a7d2a27b9f8f3e54d434b037c320f8ad083e51e7e67b3687580d008eea90afb08bec12fb883f9569a00e3a34a5bfd9462a80273d9f4faffbfd6d3a01861bcac225b48321c4238c338952d1fc4f03565c5354992ce6c50118bba6d60df8d596c80fe09b40ee04a5fe2d30372435a3851045e1a46130364de6cae1e08bd6a0bfc5bf533109886f662cd01cfcd91cfe278aafd4f3c50b20a617f3834b5ca0c8ef5f851a03c3648b1f655a353c2f483ff225f288b42536d6f16cd27d83d32de3d820b62bf616a7db6b1da2887ab955eca04d946a1150b9c8dc8e9966c57c47f0fc38a76fdd76fcc6e262c4f138c65f44ea3964aa7c27d7ccf6104d12fb9eb32afe43b9ce32331c1fc5d14a9b28e87a3c98c95e50f1aaceb6d0b31db34024e361c559ac312d7fd5ce17e0d19422afb3a6a4cf22353e889418182efc60a69ec78207889e55a8d20aab2fbe4dbdd3fa410677ea90c42ba545844c8e8e77f6254398ddf879fe558e1ef3f61fe6b5866ab00422590e5a9afe5d6facf0ed245e8d83330779096e11a482f8fe7961ae0e24c2f7f54f0085e7134362cad1481588c17de36f3d4a97b4eeb0e0e6c561dfa9cb48f65f2463d6922d352edafd6efaa5c654aa3e01cbba629dc237a8558b56cb21544b140aff615d5e805b3e0429cd2c69f5a71ceae0a01711456253d023724cd80495cdadfcfece05a35c8dd9f7f523c30d9fc454f661453bf34cb7ce3bce987489528785223934456c32026292a14ecce7cdd7e57b881d83448daa1980c1e874bd8ee59cd036710c324134cc4c5f6d95d9d861f49ce34e19bd64605a42fb4f2cef9556e024b9eb2ae6b3ecc4fe95e6927d48081fbd323fcb3583d920c33fafb9463c46e537cbe53b0a557b4e2de74370fa5fb5ad452055233ef3d84cfe2758034c5d7931f930abb1f431f4fbe79cb0943f8cb91a0384a6ac36d09553241a11d7c4d440c291e3c49bb4b1f8a16c37eda2a0debf6f05fe168032db2c082da51fdb69d9ba84e26f1c93d4101d72376be2a1c11310d35d316ae6cee6870f2026a649671c32ccbfd4652232ec7947536eceeda0f3f452c700c13390c2c2e80f33246c0200c5b7dcab877b12e5b8894cbfa2c55862733db0184fdb20d850a4eb0c5ba4b9881b6c4f8dd8d64c211b4480453e2f64b9c68d0caead6dd214a3f8bd8525ccd9c411c59f190a25e5b374ad6c3e990256eed80faf56ed084aac843760277e61ce1511666fafdd0e810637f6d30364921a0b96f317654abb0a21354ce34f96f6179f2fd7e383a9e93b5621d5ada5c61f8654e61886a202b65c23ef41b9bb97f19ab7774adf2f29eb30835e24cb1b3f5570a2cdbac1e672e38faad1df56f2a19da7c237cec99ffc74efdfcb192c8b33a20e7053c3f2f3149e8cd28a7f21458fa499b76310584544ae4898b8d024a8e7242dd7597c6473c3150318b1da26fd3916e4001857295a2df6616bbf30e2b4f97816410190723f4849b3ba3a44df17e1f6116c6d739f0e77d0365fdc79711875504bd573fc0d679f1e399ff13fb6cc1e43c43267c38bdbb350ca5fee9beee148336b9e180827e454fe729c82b07c05b22355dd73fa49e39c593a4c0f17d9aff3652ea6fb8def8d32219c2c20b8b8bc78212000a8662a88727cfc3fee82ab50e46fce7994cbbb329d664e9cb063d0fcd1b6b4dc340ad172cce96948e8eed79f4e1439a3d7347c1ffa5f6f09a422637ad48591b7870585a7227c380af8fec799639cfd5d6f7def1ec33a67c82bca41848e800088a24df49ea408cf80ce721bd1dacf3053d26694fff17b7eddecdcea3580abf86e99ea5f290f77c7fbba1e1213a0d9f5a36f1e5640da5fd28e73edd6028f6352d1c5e4ff8ed31d5ad12d72b0c2b9a309213fcba409f445b7be6ffd9f1862dd6d7da132d17389d10bb3e7"], 0xa8)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0x80)
socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SET_KEEPCAPS(0x8, 0x1)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="d80000001e0081054e81f782dbe8abd22d267e8e1c007c09e8fe08a104000e800a00142603600e1208000fc01e000402a80016c008000e400400027c035c0461c1d67f6f94007134cff6d26efb8000a0ffa290457f0189c129f509c1c9d8c87017eeadc9c809b316277ce06bba0000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccce9500360db7e5167fda40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x40400)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000080)=0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0xfc}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

4.537652826s ago: executing program 3 (id=4138):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2710, &(0x7f000001eec0)=""/102389, &(0x7f0000000000)=0xc74)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x94)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="ee04010000200010"], 0x8)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
socket(0x22, 0xa, 0x0)
unshare(0x20000400)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x50)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r6, 0x4008b100, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

4.269611789s ago: executing program 1 (id=4141):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x10}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x0)

4.25025998s ago: executing program 1 (id=4142):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f000001eec0)=""/102389, &(0x7f0000000000)=0xc74)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="ee04010000200010"], 0x8)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
writev(r5, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
socket(0x22, 0xa, 0x0)
unshare(0x20000400)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r6, 0x4008b100, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

3.455169049s ago: executing program 3 (id=4144):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fcdbdf2517000000480006804400040067636d2861657329000000705d34f900000000000000000000000000000000001c"], 0x5c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)

3.274992708s ago: executing program 1 (id=4146):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x3, 0x82040)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000040)=0x1)

2.318191695s ago: executing program 1 (id=4148):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2710, &(0x7f000001eec0)=""/102389, &(0x7f0000000000)=0xc74)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x94)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="ee04010000200010"], 0x8)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
socket(0x22, 0xa, 0x0)
unshare(0x20000400)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x50)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r6, 0x4008b100, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

2.185628952s ago: executing program 3 (id=4150):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_ep_write(r0, 0x81, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

2.072678228s ago: executing program 5 (id=4151):
r0 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000400)={0x1, @pix_mp={0x8, 0x401, 0x34524742, 0x4, 0x7, [{0x7306, 0x1000}, {0x2, 0x3}, {0x8, 0x401}, {0x1, 0xfffffff8}, {0x15, 0xdc}, {0xffffff68, 0x5}, {0x5c, 0xa100000}, {0x9, 0x1}], 0x9, 0x5, 0x8, 0x2, 0x1}})

2.007842751s ago: executing program 7 (id=4153):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000002440)=0xd)

1.922752415s ago: executing program 7 (id=4154):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000240)={[{@noblock_validity}, {@noblock_validity}, {@nobh}, {@nodioread_nolock}, {@data_err_ignore}, {@usrjquota, 0x2e}, {@resuid}, {@quota}, {@jqfmt_vfsv0}, {@nodiscard}], [], 0x2c}, 0x1, 0x477, &(0x7f0000000480)="$eJzs289vFFUcAPDvbFt+YyviDxC1ij8af7S0oHLwgtGEi4mJHvBYSyFIoYbWRAiR6gGPhpNH9WjiX+BJLkY9abzq3ZgQw0U0kYyZ3ZllaXeX7W63C+znk0x33uybed83M6998940gL41mv1IIrZFxG8RMRwRA8szjFY+rl09P/PP1fMzSaTpW38l2W7x99XzM0XWJP/cmifGStVNKyycPXdyem5u9kyenlg89f7EwtlzL5w4NX189vjs6amDBw/sn3z5pakX16Se27NYd380v2fX4XcuvTFz5NK7P36TBbct/762HhUjHZc5GqMNT8BTHR/99rI9/2x4wbktZW19MCKGyu1/OAbKqYrheP2TngYHdFWapunGFVurPYClFLiLJdHrCIDeKP7QZ8+/xbKO3Y+eu3Ko8gCU1ftavlS+GYxSnmeo5vl2rY1GxJGlf7/Ilqg7DgEAsLa+y/o/z9fr/5XigZp89+RzQyMRcW9E7IiI+yJiZ0TcH1HO+2BEPLTK8keXpW+Ufz0fhPplc/u1u7UrhyJ5JZ/burn/V/T+YmQgT20v138oOXZibnZffk7GYmhjlp5sUsbl1379rNF3tf2/bMnKL/qCeRx/Di4boDs6vTjdSZ1rXfm4PAZ4YWX9k+pMQBIRuyJidxvH3xQRJ579ek91w4aag+aa17+JwTYCWib9KuKZyvVfimX1j5pQm8xPTmyKudl9E8VdsdJPP198s1H5t77+3ZVd/y117/9q/UeS2vnahdWXcfH3Txs+07R7/29I3i6vF7fTh9OLi2cmIzYkSyu3T93Yt0gX+bP6j+2t3/53RFz/Mt/v4YjIbuJHIuLRiHgsj/3xiHgiIvY2qf8Prz75Xvv1766s/kdXdf1XvzJw8vtvG5Xf2vU/UF4by7e08vuv1QA7OXcAAABwpyiV34FPSuPV9VJpfLzyDv/O2FKam19YfO7Y/Aenj1belR+JoVIx0jVcMx46mY+5FOmpfKy4SO8vjxunaZpuLqfHZ+bnujWnDrRma4P2n/ljoNfRAV1Xnkc7+Hlrmf2HF9xVbppHH+pdHMD6W4P3aIA7lPYP/Uv7h/5Vr/1fiLjWg1CAdebvP/Qv7R/6l/YP/Uv7h77Uyf/1N1vZcbhbR74TVy5HRKM8A20feWNEdBrh01vb3T1KvT6rra8U77RVt5TqZP6vVxFm17HVzBdivQLr8S8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANfJ/AAAA///tr+cS")
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x68, &(0x7f0000000040)=ANY=[@ANYBLOB='max=73709551611,\x00'])

1.922151945s ago: executing program 5 (id=4155):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001a80)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_remount}, {@nodiscard}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@init_itable}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@subj_type={'subj_type', 0x3d, '/)/-:$//('}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x586, &(0x7f0000001e80)="$eJzs3UtrW8ceAPD/ka28nHvtQAj33sUlkEVTQuTY7iOFQtJlaUMD7T4VtmKC5ShYcojdQJNFs+mmhEIpDZR+gO67DP0C/RSBNhBKMO2iFFyOdOQo1sOPyJFj/35wrBkdSTOjOTOaOSP5BLBvnUz/5CL+GxFfJRGjLfuGI9t5svG4lae3p9MtidXVj39P4sK610qy25Es8p+I+PmLiDO59nSrS8tzxXK5tJDFx2vzN8arS8tnr80XZ0uzpeuTU1Pn35yafOftt/pW1tcv//ntRw/fP//lqZVvfnx87H4SF+Noti8tVx+SuNMaOVn8Owvl4+K6B070IbHdJBl0BtiWoayd5yPtA0ZjKGv1wN73eUSsAvtUspX2n9NZwN7RHAc05/Z9mge/Mp6815gAtZd/uHFuJA7V50ZHVpLnZkbpfHesD+mnafz024P76Ra9z0Mc3iAOsCV37kbEueHh9v4vyfq/7TtXP3nc2/o09tvnDwzSw3T8k9yJaGv/ubXxT3QY/4x0aLvb8ew1GisI7e0/97gPyXSVjv/e7Tj+Xeu6xoay2L/qY758cvVauXQuIv4dEacjfzCN91rPOb/yaLXbvtbxX7ql6TfHglk+Hg8ffP45M8Va8UXK3OrJ3Yj/dRz/Jmv1n3So//T9uLzJNE6UHvy/276Ny7+zVn+IeK1j/T9b0Up6r0+O14+H8eZR0e6Peyd+6Zb+oMuf1v+R3uUfS1rXa6tbT+P7Q3+Vuu3b7vF/IPmkHj6Q3XcrnwWSD4dHWu8v1moLk8+e24zXbyca5T99qnP773X8p5OvTzdZ/nvH73V96G6o/5kt1f/WA48++Oy7bulvrv7fqIdOZ/dspv/bbAZf5L0DAAAAAACA3SYXEUcjyRXWwrlcodD4fsfxOJIrV6q1M1cri9dnov5b2bHI55or3aMt34eYyL4P24xProtPRcSxiPh66HA9XpiulGcGXXgAAAAAAAAAAAAAAAAAAADYJUa6/P4/9evQoHMH7Lj6hQ0ODjoXwCBseMn/Hld6OtrnvAAv14btH9iztt7+nRmAvWL7n/9OGsCrzvgf9i/tH/avzbb//OgOZwR46Xz+w/6l/QMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfXb50Kd1WV57enk7jMzeXFucqN8/OlKpzhfnF6cJ0ZeFGYbZSmS2XCtOV+Y1er1yp3JiYjMVb47VStTZeXVq+Ml9ZvF67cm2+OFu6Usr7Z8MAAAAAAAAAAAAAAAAAAADQprq0PFcsl0sLAl0DF2JXZGMnC9iwracP75ZSCPQ1MOCOCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa/BMAAP//y+kvew==")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)

1.806069611s ago: executing program 7 (id=4156):
r0 = io_uring_setup(0x7d3, &(0x7f0000000580)={0x0, 0xddf7, 0x2, 0xfffffffe, 0x181})
close_range(r0, r0, 0x0)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040))

1.642889009s ago: executing program 0 (id=4158):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x6024b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x0)

1.63590602s ago: executing program 5 (id=4159):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfc409000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0xd, 0x8, 0x0)
mremap(&(0x7f00009d1000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f00002a0000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, 0x0)
io_submit(0x0, 0x0, 0x0)

1.552967523s ago: executing program 0 (id=4160):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'pcl812\x00', [0x4f27, 0xf, 0x3, 0xfffffffe, 0x1, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x7537e112, 0x2, 0x9, 0x6, 0x40000003, 0x89, 0x2, 0xf28, 0x20001e57, 0xb, 0x6, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})

1.390585242s ago: executing program 0 (id=4161):
r0 = syz_clone(0x23940200, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="600000001300010026bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="9010000081820000140003006261746164765f736c6176655f30000008001300", @ANYRES32=r0], 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

1.367181072s ago: executing program 3 (id=4162):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f00000002c0), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000002d00)={0x2, 0x3, {0xd3, @usage=0xd2, 0x0, 0x2, 0x8, 0x5, 0x6, 0x81, 0x8, @usage=0x4, 0x7, 0x2, [0x2, 0x29, 0x6, 0x3ff, 0x0, 0x7]}, {0x800, @struct={0xfffffe00, 0x1}, 0x0, 0x4e9c, 0x1, 0xbb, 0x0, 0x6, 0x0, @struct={0x4, 0xf}, 0x1, 0x2, [0x6, 0xe0000000000000, 0x0, 0x3, 0x1]}, {0x2, @struct={0x74, 0x3}, 0x0, 0x9, 0xa67d, 0x8, 0x5, 0x2, 0xd38a301b2a0d09a2, @usage=0x1, 0x4, 0xce, [0x7, 0x2, 0xd2, 0xd45, 0x8, 0x7ff]}, {0x1, 0x46fc, 0x8}})

705.592066ms ago: executing program 1 (id=4163):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4, &(0x7f00000000c0)=0x80000001, 0x4)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)

555.160173ms ago: executing program 7 (id=4164):
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x3214212, &(0x7f00000000c0)=ANY=[], 0x7, 0xf45, &(0x7f00000077c0)="$eJzs3U1sHNUdAPA36+/YxGs+DZSQQisCBTskkZregkA9Ii69g0JCIwxFDT0Q8RF6QFRCFAlxqjhQcaFUSpFaCVS1Qj21PbXqrSfUC72kUqJeGilxFec9e/fZk11P7Nmv30/6++2bNzv//2QtZ2Z29m0ARlZj7eeRI4tFCB988f4Trz1b/O7qsnvX19i/9rOIvWYIYaKlX2Tb+youuHzh1eNbtUU4tPYz9cOT59efOxtCOBv2hy9DM3y6vHLxkw8fP/DZW9O3v3vm+dd3affX5fsBAADD6NxfV/754L//8vDCpXP7joWp9eXp+LwZ+7PxuP9gPFBOx8uN0N4vWqLVZLbeWIxGtt5Ytt54lme8JN9Etp2JkvUmN+Wb2pR/rKWf7ycAAAAMonRe2wxFY6mt32gsLV0777/qq/nJYunFUysnT/eoUAAAAKCy/76xdtOtEEIIIYQQQggxItHogxrqj9X5Xl+BAAAAAEZNPl/YJmd3dqau9a01u8t//rHG1s+HHVD377/8g5X/4zf9xQEAoLphPZpM+5WOo9M8Bvk8gmPt3W0f/zfat7OxoS6VzSs4KPMNltU5VnMdVZXVv93XsVfK6s/nw+xXZfXn83T2q7L6p2quo6qy+qdrrqOqsvpnaq6jqrL699RcR1Vl9c/WXEdVZfXP1VxHVWX131RzHVWV1b+35jqqKqt/UG6rLau/WXMdVZXVv1BzHVWV1X9zzXVUVVb/LTXXUVVZ/bfWXEev3BPb9O+wLxtvPX/Oz+kG5RwPAAAARt3/zP8nhiNm+qAGIYQQoodxWx/U0Fex8TZf72sRQgxEFNfuI+95HbsXb/Ty4gMAAADQF9KF0/Sp99UojY91GB/vMD7RYXyyw/hUh3EAAAAghN+/ffLO94qNz/nnn+nf7nx4ad6oNP/Sducxyucj3G7+G533rH1rF7edf1DmLQMAAGC0FN//8spDT3z08sKlc/uOtZz9Xonnu2ke0PF4beDz2E/3Bcxl/SKdQx9rz9MoWS+/PnBT2faeusEdBQAAgBGWzt+boVg75W6s9xuNpaWN8/HFMFGcPLVy4mDsp+9n+fP8xNTV5Y/WWzYAAACwDRvn+0VjaYvz//Q9vothslh68dTKydPX+nPryycardcF5jeWF63XBZrZ8kMlyw/Hfvr+zh/Oz6wtXzr+o5Vnd3rnAQAAYEScfuXM88+srJz48ZYP0qfZr7fOdh6kzxds51khFGFnsnsw4A/SxI79Us9QP+jd3yQAAGB3fP31+xM/OTz3x2uf/9+Y/y59/n9/7Dfj3H5/iyuk+wTS5wA2fV7/6fY882XrvdS+XjNbbyzGVFb3dMt2Qst8g+l5C2X5mu3bmSzJN5vlm8vy5fMUjGfrp3wz2fJ8fsK03ny2PJ+HcTzLUWT57wsAAABQbvnlF15aPv3KmUdOvfDMcyeeO/Hi4UNHv3f06MFHv/vo8tp9/cutd/cDAAAAg2jjpt9eVwIAAAAAAAAAAAAAAAAAAACjq46vE+v1PgIAAMCo+88bIYSzQoiSuPYVmDu/3Y1vouz9PorhjZk+qEGIEY2iD2oQQxuXrjM21gf1CTEE8Yfx4TxWX13Nv2keAAAAYHddvvDq8dZ2k7PFjuZb31p8N/ZKzJvauUf+sXA10mrnH2u/XrJnR6th1NX9+y//YOX/+M2dzT+dHnT996/RvoFj1fI+sPyrxdb8d413mT/f/6eq5T+Q5X8gdJd/9aMs/9PV8j+Y5d/TZf5N+/9StfwPxfyLsX/g/m7zt7/+U7FN+zHTZf7vZPv/bOg2f7b/zS4TZh6O+QFgFDU6rzJVRx07LR0lpOPo2dhP+5tu58jvftju8X8j2874DVfevt10HHRH7Kfjpbksb7Ld+mez7d1Usc7coNxVUlb/Tr2Ou62s/oma66iqrP7Jmuuoqqz+QfmjWVb/dM11VFVWf7fnob1WVv+gXFcuq3+25jqqKqt/ruY6qiqrf7v/j/dKWf17a66jqrL652uuo6qy+iteVqtdWf0LNddRVVn9N9dcR1Vl9d9Scx1VldV/a8119MrdsS07H07nn/NxLPWbWX9qi3/LLq4tAAAAADVYe5+kD+YhEKJjHJnrfQ1CVI7pPqhB9FfM9EENYrQjvvvT8zqEGI5YXb2yelWv6xDierG62uMLEPTU7n6aGYB+5e//aPP6jzav/2jz+nM96R7+IusnYx3GxzuMT3QYn8zG89/XqQ7jt2TbXY3S+K2t4zObx2/b6vmNjfG9HbZ/R4fxxQ7jd3YYv6vD+N0dxgEAABgNt8fW+SEAAAAMr9d+/fk7v33g6QsLl87tOxYmN807fzD2p+J762/Hfj7vfTIR3/P/aez/MrZ/iu2/svXdfwIAAAC7L31PjPf/AQAAYHil7yl1/g8AAADDayG2zv8BAABgeN0cW+f/AAAAMMSK6a0XxzZdF7gvtt3O6wcA9L9vxPae2O6L7b2x/WZs03HA/bH9Vk31AQA75xc/+NnR94qN+f4PZ+OX4/LUbnL22pWCotE+k/9MbPfE9ttd1pN/H0C3+ZO9XebZrfzzN5gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgejbWfR44sFiF88MX7T/x88p2/X1127/oa+9d+FrHXDCFMrD8vjW70fxNXvHzh1eOt7ZXYFuFQKEKxvjw8eX4902wI4WzYH74MzfDp8srFTz58/MBnb03f/u6Z51/fxX+Ctv0DAACAYfT/AAAA///90hkC")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)

554.417473ms ago: executing program 5 (id=4165):
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x804818, &(0x7f0000000100)={[{@check_relaxed}, {@check_strict}, {@hide}, {}, {@unhide}, {@nojoliet}, {@check_relaxed}, {@nocompress}]}, 0x2, 0x553, &(0x7f0000000b00)="$eJzs3dtuE0kawPGvQ7JYXim7WlYIRQGKsCsFKZi2DUYWV73tslNgd1vdbZRcoYg4KMKBFWGlTW7Y3LAz0sxDMJfzEPNGaB5hRn1wjj4AOU70/1lQ5e5y1deO1Z8qcVcLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQy63ZdtGSpvE6S2o4txb4rb2n2auPbJB7B4oR44pY8T/J5eRGuunG3/d2X4//m5PZ9Nms5OIiJ9t/vv7XJ9cmJ/qvHxHwV/npG3va3Np+vdLrdd+dVCAX0M2rw/c1tGdC37SchlYm9FW1UrEfLNZDVTdNHS6HkW4pN9BO5Adq3r2nitVqWenCst/xGjWnqfsbH98v2XZFPS20tROEvvfgaSF0F02zabxG0ibeHbd5HH8Qn5lIRdppKbW23uuWxx1A3Kj4JY1K4xqV7FKpWCyVipVH1UePbXvyyAb7EDnS4uQ+tPhjOsGzN3A8E1n+l6YY8aQjS6IGPlypSSC+tIbsz/Tz/z8f6JHj7s///Sx/Y2/3jCT5/1b67Naw/D8klrN7bMqWbMtrWZGe9KQr7849orN9NESLJ0ZC8cVIS5xki8q2KKlKRSpiywtZlPpU/EOsi5GmaAllWUKJRCefKFcC0eJIJL4EomReXLknSopSlaqURYmWgiyLLx3xpCE1cZJe1mQ9ed/LoqxhMe42Kg49jHz/c9eV0oijJf/j+E7y9A0cy2/9/A8AAAAAAC4tK/ntezz/n5KbSa1umto+77AAAAAAAMAJSv7yPxsXybezborF/B8AAAAAgMvGSq6xs0QkL7fT2ppYyeVS/BIAAAAAAIBLIvn7/624SNZAuS3W7nIpzP8BAAAAALgkvhu7xn7Yvmr98qsEwZS10176h7WRrM3rbFxJX3flcI9RfcaazjpJikpaTE66etbKpY12F8H8nBVr4+Kw9gJwdgP439cEcG1SfpA7aZs7q2m5mu35SzpKvm6auuD6zSdFcZzpiUgvRf95s/5fSQ7/e681beVkvdctvHzbW01i2Yl72dnIFlA8so7iiFjeJ+stJNdcDDziqeRCjGzcvCVr672u3V66mvXsbEyklYmDI36YHjHmR5lLW81lK97m+3vSMXPxmMXCsKPPoige88g/yt20zd35u2kxIIrSuChK+6MY/F4cP4ryuCjKx4wCAM7L2pgsZMmRvPsNZ7lvy+7yldn9o8ynbeZnkhPr5MyAM7o97oxuHzO7/XzkHkjDcmw87o+Hsuqn+AWfho4bNktW/BZeeb/xb7m+ubV9f31j5VX3VfdNqVSu2A9t+1FJppLDyApyDwBggP332LEG5v+xd+GxHmaz6p3Ds+os4/1t9ysFBXkpb6Unq7KQXG2QfONgYK/5fV9DWBgza80naTK9w8vCiFndn5KrHPr9lka2PRhD+Sx+FAAAnJm5MXn4S/L/wph598FcPnp2nN93tzYAAHA6dPDZykf/t4LAtF8Uq9WiEy1qFfjuMxWYWkMr40U6cBcdr6FVO/Aj3/WbceW5qelQhZ122w8iVfcD1fZDs5QsH6iyW7+HuuV4kXHDdlM7oVau70WOG6maCV3V7vyracJFHSQvDtvaNXXjOpHxPRX6ncDVBaVCrfc1NDXtRaZu4qqn2oFpOUFOPfebnZZWNR26gWlHftphfyzj1f2glXRbOO83GwCAC2Jza/v1Sq/XfXeKlYED5878UAEAQGZMlgYAAAAAAAAAAAAAAAAAAAAAABfAWVz/R+WSV/pLQV+UeKicQGXsqePDqZ+cAJyq3wMAAP//5sZO5Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x40040, 0x6ab858183a7ef6ba)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000100)=0x8)

473.860547ms ago: executing program 0 (id=4166):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x3, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0)

464.394077ms ago: executing program 1 (id=4167):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000100)='./file1\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=000000006,coherency=full,localflocks,coherency=full,noacl,\x00'/136], 0x1, 0x4435, &(0x7f000000cd80)="$eJzs3c9PVNcCB/BzL6jgUx/4XPiSl7xJnsl7eW0IuGqLSRFRBKU2tpqmm3GAUWkHxsDQdOGC7ky6atJF04Vpk+5YGRbd2j+hmy7t2qRddNOkiSnNzNwB7mUmjJSBaj6fRC73/Lpn+M69c+5ivHGicnduKTe3lCss5Mozt5fO5j4ql5bniyHeJwd9fNrTLKfDoW4vx5T9/rh24dI7N8+G8N3sD0/X19fXa0F2h6aGtvz+6y/3Z7ZuG+JMn+q4zUfbK++HEE5tm1dVVwjhvW9DiEII55Oy0WTbG0I4Eep1N+9/eivX4jU/r0dPiufyz6YerA2fmVx9uNb6tUchfFn656t35n/6T9fwj//fm6MDAAAAAAAAAAAAAAAAAPCiG79+7cbbg0PhcRS6V6Pt39cdT7a5Fv3X98y/O/9iAQAAAAAAAAAAAAAAAAAA4C9q8/v/uehkk+//jyXbkRb919/s/BzpnIm3ro1dHBxKnv8ebat/LSn6+XxX6G/y3Pfs89/PZ/o3f/779uPsVmN+jeP2hSgeSO3H8cBACF8nD34/HR2NS+Wlyiu3y8sLs3s2jRdWOv/60/tT6SQP9G83/9HM+J1//v8/tr2bqvu39u4t9lJL59/Vst03n0Rt5X8h028/8mf30vl318p6tzYYqV8Aqvl/1r1z/mOZ8TuV/4kQQi6qzjWXugJU1zDV8lbrFdLS+R+qlaUunckfstX5/1sm/4uZ8Q/q+r+S/SCiqXT+h2tlPakWm+d/f7zz+X8pM/5B5F+d/4rP/7ak8z9SL+xONan9Jdu9/o9nxu9U/jfiZJ4notQ7YDWql7f6/+pIS+ffs61+8/4vbmv9dznTf7/u/xrHbdz/NS7//4vq9380l86/t2W7ds//iUy/Tl//R2rrP3Yrnf/RWll67dxX+9lu/pOZ8f9U/odaV9VWJT2N/DevJ78fqZd/Zf3XlnT+f6sXxltbrNR+1tZ/0c7r/yuZ8Q9i/Ved/0rc2aO+LNL5H2vZrpr/9218/l/N9Ot8/iEMWuvvWjr/4y3b1c7/np3zn8r063T+/+3k4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvgNFk2xeieCC1H8cDAyFcSPZPh6PRdGE2P10qz3y4FMJYUp4LJ6M7pfJ0oZSfWyjPFvOFUqk8E8LFpP5U6ImWSuVKfr5w79LGWL3R3WJhsTJdLFRCCONJ+b/C8cZY03OV+cK9EMLljbq/x+XFe3cLC/nZucU3BgcHB8PExhz6o+LHleJCpX70em0Ikxt9+6Itk6tVX9mYy7Hog/Ly4kKhVCu/uqVPqTxTKG3pM5XUfR76o8ri8sJMoVLMl8p3Gsc7SCPJdmzi+rvXrw5tq78V1bej+zstAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7T4+HXvwghdNf34hBCLkp+iZJ/KY+eFM/ln009WBs+M7n6cO1pszYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzBDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbp2KZhIAoD8LujgJIxqCy7ozUCISgwQmICGINhYBSWYAeKFGlTJFFiW7IsR3GTVN/XPMm/fPek+wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5nt8a95fyyoixdX6MuL38+9/mD938/tu+v+LM+zI6Ty9NPcPZdW9e9p92gzz29TORZ336Wr59RETs/cz6sm4T610dK9DfRvr9+vvvY6Ui4iou/wm5VwU884CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiyAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRd8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//xu4fEQ==")
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)

277.111146ms ago: executing program 0 (id=4168):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0xfffe, 0x7, @mcast2}, {0xa, 0x0, 0xb, @mcast1}, r1}}, 0x48)

225.670929ms ago: executing program 5 (id=4169):
r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_notify(r0, &(0x7f00000000c0)={0x0, 0xc, 0x1, @thr={0x0, 0x0}})
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/251, 0x10}], 0x59)

195.436241ms ago: executing program 7 (id=4170):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000780)={0x0, 0x80, 0x1, 'queue0\x00', 0x9})

103.658455ms ago: executing program 0 (id=4171):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a5c000000060a010400000000000000000a0000040900010073797a31000000000900020073797a3200000000300004802c0001800a0001006d6174636800c9211c0002800800024000000002080003000000200008000100736574"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)

37.596628ms ago: executing program 5 (id=4172):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000200), &(0x7f0000000180)=@udp, 0x2}, 0x20)

0s ago: executing program 7 (id=4173):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2710, &(0x7f000001eec0)=""/102389, &(0x7f0000000000)=0xc74)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x94)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="ee04010000200010"], 0x8)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
socket(0x22, 0xa, 0x0)
unshare(0x20000400)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x5, 0x0, 0x2}, 0x50)
r6 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r6, 0x4008b100, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

kernel console output (not intermixed with test programs):

 ready
[ 1042.678513][T12611] loop6: detected capacity change from 0 to 128
[ 1042.717946][T12612] loop5: detected capacity change from 0 to 1024
[ 1042.757822][   T26] audit: type=1800 audit(2000000011.840:224): pid=12611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1800" name="file1" dev="loop6" ino=1049277 res=0 errno=0
[ 1042.769568][T12612] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1043.999352][T12626] batman_adv: batadv0: Adding interface: dummy0
[ 1044.005899][T12626] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1044.032016][T12626] batman_adv: batadv0: Interface activated: dummy0
[ 1045.620036][T10472] Bluetooth: hci2: command 0x040f tx timeout
[ 1045.727770][T12612] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1045.820323][T12612] EXT4-fs: failed to create workqueue
[ 1045.845779][T12612] EXT4-fs (loop5): mount failed
[ 1046.256861][   T26] audit: type=1800 audit(2000000015.340:225): pid=12630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1800" name="file1" dev="loop6" ino=1049277 res=0 errno=0
[ 1046.529534][T12525] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[ 1046.541926][T12525] FAT-fs (loop6): Filesystem has been set read-only
[ 1048.789707][ T4283] Bluetooth: hci5: command 0x0406 tx timeout
[ 1054.642117][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.648602][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1058.349579][ T4422] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1059.450534][T12760] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1059.450534][T12760] The task syz.1.1932 (12760) triggered the difference, watch for misbehavior.
[ 1061.307063][ T4422] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.583756][ T4422] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.892127][T10472] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1062.893991][ T4422] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.911957][ T4285] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1064.510177][ T4285] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1064.560262][T10472] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1064.647886][T10472] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1064.656976][T10472] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1064.778770][T12796] lo speed is unknown, defaulting to 1000
[ 1067.120386][T12818] overlayfs: failed to clone upperpath
[ 1068.068984][ T4283] Bluetooth: hci2: command 0x0409 tx timeout
[ 1068.849886][T12837] overlayfs: failed to clone upperpath
[ 1070.121054][T10472] Bluetooth: hci2: command 0x041b tx timeout
[ 1070.149895][T12833] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1945'.
[ 1072.172992][T10472] Bluetooth: hci2: command 0x040f tx timeout
[ 1072.303148][T12848] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1947'.
[ 1072.444345][T12796] chnl_net:caif_netlink_parms(): no params data found
[ 1074.453375][T10472] Bluetooth: hci2: command 0x0419 tx timeout
[ 1074.638301][T12796] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1074.666351][T12796] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1074.731220][T12796] device bridge_slave_0 entered promiscuous mode
[ 1074.801827][T12796] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1074.808949][T12796] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1074.864822][T12796] device bridge_slave_1 entered promiscuous mode
[ 1075.115629][T12896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1956'.
[ 1075.166572][T12796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1075.436690][T12796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1076.194352][T12796] team0: Port device team_slave_0 added
[ 1076.234201][T12796] team0: Port device team_slave_1 added
[ 1076.439847][T12909] device geneve1 entered promiscuous mode
[ 1076.464998][T12909] device macsec1 entered promiscuous mode
[ 1076.811764][T12909] device geneve1 left promiscuous mode
[ 1077.688589][T12796] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1077.706353][T12796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1078.652565][T12796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1080.773463][T12796] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1080.800574][T12796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1080.888237][T12948] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1962'.
[ 1081.189307][T12796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1081.766056][T12956] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1082.593272][T12796] device hsr_slave_0 entered promiscuous mode
[ 1082.601103][T12796] device hsr_slave_1 entered promiscuous mode
[ 1082.910248][T12796] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1083.260120][T12796] Cannot create hsr debugfs directory
[ 1084.650821][ T4422] device hsr_slave_0 left promiscuous mode
[ 1085.420152][ T4422] device hsr_slave_1 left promiscuous mode
[ 1085.444630][ T4422] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1085.487958][ T4422] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1085.512069][ T4422] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1085.526850][ T4422] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1085.659841][T12989] loop5: detected capacity change from 0 to 1024
[ 1085.670566][ T4422] device bridge_slave_1 left promiscuous mode
[ 1085.676801][ T4422] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1085.825241][   T26] audit: type=1800 audit(2000000054.870:226): pid=12989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1971" name="file1" dev="loop5" ino=20 res=0 errno=0
[ 1086.212003][ T4422] device bridge_slave_0 left promiscuous mode
[ 1086.218420][ T4422] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1086.338363][ T4422] device veth1_macvtap left promiscuous mode
[ 1086.358082][ T4422] device veth0_macvtap left promiscuous mode
[ 1086.380332][ T4422] device veth1_vlan left promiscuous mode
[ 1086.399602][ T4422] device veth0_vlan left promiscuous mode
[ 1088.520246][ T4283] Bluetooth: min 0 < 6
[ 1090.640317][T10472] Bluetooth: hci5: command 0x2021 tx timeout
[ 1094.696010][ T4422] team0 (unregistering): Port device team_slave_1 removed
[ 1094.762665][ T4422] team0 (unregistering): Port device team_slave_0 removed
[ 1094.829517][ T4422] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1094.911176][ T4422] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1095.435478][ T4422] bond0 (unregistering): Released all slaves
[ 1095.560649][T13036] batman_adv: batadv0: Adding interface: dummy0
[ 1095.567234][T13036] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1095.593488][T13036] batman_adv: batadv0: Interface activated: dummy0
[ 1096.118359][T13062] overlayfs: failed to clone upperpath
[ 1096.816240][T13065] loop5: detected capacity change from 0 to 256
[ 1096.949787][T13065] FAT-fs (loop5): Directory bread(block 64) failed
[ 1096.956885][T13065] FAT-fs (loop5): Directory bread(block 65) failed
[ 1096.964053][T13065] FAT-fs (loop5): Directory bread(block 66) failed
[ 1096.970996][T13065] FAT-fs (loop5): Directory bread(block 67) failed
[ 1096.978069][T13065] FAT-fs (loop5): Directory bread(block 68) failed
[ 1096.984978][T13065] FAT-fs (loop5): Directory bread(block 69) failed
[ 1096.992793][T13065] FAT-fs (loop5): Directory bread(block 70) failed
[ 1096.999617][T13065] FAT-fs (loop5): Directory bread(block 71) failed
[ 1097.007460][T13065] FAT-fs (loop5): Directory bread(block 72) failed
[ 1097.014484][T13065] FAT-fs (loop5): Directory bread(block 73) failed
[ 1097.231716][T13067] ax25_connect(): syz.5.1985 uses autobind, please contact jreuter@yaina.de
[ 1099.598459][T12796] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1100.440332][T12796] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1100.506223][T12796] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1100.588697][T12796] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1101.156988][T12796] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1101.270614][T12796] 8021q: adding VLAN 0 to HW filter on device team0
[ 1101.277741][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1101.286443][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1101.428672][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1101.477023][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1101.540359][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1101.547898][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1101.590615][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1101.628262][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1102.190660][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1102.197866][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1102.381132][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1102.447905][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1102.501204][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1102.531417][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1102.558847][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1102.596173][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1102.717365][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1102.794876][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1102.828517][T12796] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1103.310569][T12796] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1103.446185][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1103.461889][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1103.471524][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1103.500742][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1103.564589][T13114] batman_adv: batadv0: Adding interface: dummy0
[ 1103.571237][T13114] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1103.598589][T13114] batman_adv: batadv0: Interface activated: dummy0
[ 1103.630188][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1104.091659][T13130] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1990'.
[ 1104.659370][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1104.681262][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1104.725539][T12796] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1105.321537][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1105.336337][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1105.949197][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1106.030880][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1106.083294][T12796] device veth0_vlan entered promiscuous mode
[ 1106.091034][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1106.100903][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1106.115672][T12796] device veth1_vlan entered promiscuous mode
[ 1106.188506][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1106.233073][   T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1106.279725][T12796] device veth0_macvtap entered promiscuous mode
[ 1106.301821][T12796] device veth1_macvtap entered promiscuous mode
[ 1106.345041][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.370081][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.381259][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.392332][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.403057][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.414644][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.425636][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.437262][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.462792][T12796] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1106.496010][T12682] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1106.512527][T12682] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1106.536474][T12682] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1106.545616][T12682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1106.558399][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.166496][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.733993][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.769256][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.793591][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.828389][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.843242][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1107.877375][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1107.898773][T12796] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1108.419099][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1108.458320][ T4425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1109.399288][T12796] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.409458][T12796] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.419995][T12796] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.428988][T12796] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1110.806604][ T4425] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1110.819089][ T4425] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1110.862520][T13182] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1110.927056][ T4425] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1110.969725][ T4425] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1110.991470][ T4422] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1111.923810][T13219] loop5: detected capacity change from 0 to 128
[ 1116.083982][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.092391][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.347217][ T4283] Bluetooth: hci5: Malformed Event: 0x02
[ 1118.156488][T13276] vivid-004: kernel_thread() failed
[ 1122.943575][T13316] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2029'.
[ 1124.845677][ T4384] libceph: connect (1)[c::]:6789 error -101
[ 1124.855709][ T4384] libceph: mon0 (1)[c::]:6789 connect error
[ 1124.875490][T13338] ceph: No mds server is up or the cluster is laggy
[ 1125.172938][T10599] libceph: connect (1)[c::]:6789 error -101
[ 1125.179348][T10599] libceph: mon0 (1)[c::]:6789 connect error
[ 1127.498213][T13368] overlayfs: failed to clone upperpath
[ 1132.380902][T13409] overlayfs: failed to clone upperpath
[ 1143.175406][T13508] loop5: detected capacity change from 0 to 1024
[ 1143.323178][   T26] audit: type=1800 audit(2000000368.405:227): pid=13508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2067" name="file1" dev="loop5" ino=20 res=0 errno=0
[ 1145.397310][T13539] loop5: detected capacity change from 0 to 256
[ 1145.547504][T13539] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1151.818966][T13581] loop7: detected capacity change from 0 to 1024
[ 1152.245101][   T26] audit: type=1800 audit(2000000377.325:228): pid=13581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2084" name="file1" dev="loop7" ino=20 res=0 errno=0
[ 1155.641029][T13616] loop7: detected capacity change from 0 to 512
[ 1156.627327][T13616] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2088: bg 0: block 473: padding at end of block bitmap is not set
[ 1157.590297][T13616] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6179: Corrupt filesystem
[ 1157.735017][T13616] EXT4-fs (loop7): 1 orphan inode deleted
[ 1157.790462][ T4333] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1157.906853][T13616] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1158.088811][ T4333] EXT4-fs error (device loop7): ext4_release_dquot:6871: comm kworker/u4:7: Failed to release dquot type 1
[ 1159.459136][T13616] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1159.723706][T13652] loop5: detected capacity change from 0 to 1024
[ 1159.859470][   T26] audit: type=1800 audit(2000000384.935:229): pid=13655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2099" name="file1" dev="loop5" ino=20 res=0 errno=0
[ 1160.366160][T12796] EXT4-fs (loop7): unmounting filesystem.
[ 1160.599251][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2102'.
[ 1160.616040][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2102'.
[ 1160.625337][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2102'.
[ 1160.635895][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2102'.
[ 1160.646217][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2102'.
[ 1162.105736][T13668] siw: device registration error -23
[ 1162.128574][T13668] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1163.711104][T13687] netlink: 84 bytes leftover after parsing attributes in process `syz.7.2108'.
[ 1169.505029][   T26] audit: type=1326 audit(2000000394.585:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1169.633638][   T26] audit: type=1326 audit(2000000394.615:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1170.490046][   T26] audit: type=1326 audit(2000000394.615:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1170.521180][   T26] audit: type=1326 audit(2000000394.615:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1170.544603][   T26] audit: type=1326 audit(2000000394.615:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1170.567852][   T26] audit: type=1326 audit(2000000394.625:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1170.660285][   T26] audit: type=1326 audit(2000000394.625:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1170.752516][   T26] audit: type=1326 audit(2000000394.645:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1171.070315][   T26] audit: type=1326 audit(2000000394.645:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1171.128221][   T26] audit: type=1326 audit(2000000394.645:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.0.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1171.343307][T13717] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[ 1171.353645][T13717] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[ 1171.365406][T13717] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[ 1171.609686][T13744] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1176.008186][T13775] loop7: detected capacity change from 0 to 16
[ 1176.067248][T13775] erofs: (device loop7): erofs_read_inode: unsupported datalayout 6 of nid 36
[ 1176.855952][T13790] loop7: detected capacity change from 0 to 512
[ 1177.351265][T13790] EXT4-fs (loop7): 1 truncate cleaned up
[ 1177.356975][T13790] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1177.452204][   T26] kauditd_printk_skb: 33 callbacks suppressed
[ 1177.452901][   T26] audit: type=1800 audit(2000000402.535:273): pid=13784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2131" name="file1" dev="loop7" ino=13 res=0 errno=0
[ 1177.750377][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.756912][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.871406][T13798] loop5: detected capacity change from 0 to 128
[ 1178.229418][T13798] syz.5.2135: attempt to access beyond end of device
[ 1178.229418][T13798] loop5: rw=2049, sector=138, nr_sectors = 112 limit=128
[ 1178.338496][T12796] EXT4-fs (loop7): unmounting filesystem.
[ 1178.624533][T13802] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2133'.
[ 1180.610137][ T4312] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1180.815034][ T4312] usb 8-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1180.850288][ T4312] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1180.907768][ T4312] usb 8-1: config 0 descriptor??
[ 1181.138583][ T4312] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[ 1181.226371][ T4312] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 1181.270086][ T4312] [drm:udl_init] *ERROR* Selecting channel failed
[ 1181.938600][ T4312] [drm] Initialized udl 0.0.1 20120220 for 8-1:0.0 on minor 2
[ 1181.959992][ T4312] [drm] Initialized udl on minor 2
[ 1181.987712][ T4312] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1182.019591][ T4312] udl 8-1:0.0: [drm] Cannot find any crtc or sizes
[ 1182.146869][ T4312] usb 8-1: USB disconnect, device number 2
[ 1182.195677][T13280] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[ 1182.224236][T13280] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[ 1182.238419][T13280] udl 8-1:0.0: [drm] Cannot find any crtc or sizes
[ 1182.574528][T13857] overlayfs: failed to clone upperpath
[ 1182.797701][T13860] overlayfs: failed to clone upperpath
[ 1185.633860][T13884] netlink: 'syz.3.2153': attribute type 1 has an invalid length.
[ 1185.641803][T13884] netlink: 'syz.3.2153': attribute type 2 has an invalid length.
[ 1189.840483][ T4283] Bluetooth: hci2: command 0x0406 tx timeout
[ 1190.285088][T13933] loop7: detected capacity change from 0 to 16
[ 1190.481977][T13933] erofs: (device loop7): mounted with root inode @ nid 36.
[ 1190.540730][T13932] syz.7.2164: attempt to access beyond end of device
[ 1190.540730][T13932] loop7: rw=524288, sector=1056, nr_sectors = 16 limit=16
[ 1190.642946][T13932] syz.7.2164: attempt to access beyond end of device
[ 1190.642946][T13932] loop7: rw=524288, sector=16, nr_sectors = 40 limit=16
[ 1190.673952][T13932] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1190.744206][   T26] audit: type=1800 audit(2000000415.775:274): pid=13932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2164" name="file2" dev="loop7" ino=89 res=0 errno=0
[ 1195.144264][T13956] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1195.194958][T13956] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1195.265236][T13956] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1196.978549][T13999] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[ 1196.986416][T13999] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1196.996849][T13999] vhci_hcd vhci_hcd.0: Device attached
[ 1197.300278][ T4384] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[ 1197.853442][T14006] overlayfs: failed to clone upperpath
[ 1198.361546][T14000] vhci_hcd: connection reset by peer
[ 1198.472373][T12874] vhci_hcd: stop threads
[ 1198.572917][T12874] vhci_hcd: release socket
[ 1198.684496][T12874] vhci_hcd: disconnect device
[ 1199.524422][T14018] overlayfs: missing 'lowerdir'
[ 1205.335559][ T4384] vhci_hcd: vhci_device speed not set
[ 1208.019965][T14075] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2194'.
[ 1208.847077][T14084] ptrace attach of "./syz-executor exec"[14085] was attempted by "./syz-executor exec"[14084]
[ 1212.074533][T14109] IPVS: rr: FWM 3 0x00000003 - no destination available
[ 1221.886548][T14203] Illegal XDP return value 4294967274 on prog  (id 107) dev N/A, expect packet loss!
[ 1224.111640][T14229] loop5: detected capacity change from 0 to 128
[ 1224.147867][T14229] FAT-fs (loop5): Directory bread(block 414) failed
[ 1224.242607][T14229] FAT-fs (loop5): Directory bread(block 415) failed
[ 1225.044856][T14229] FAT-fs (loop5): Directory bread(block 416) failed
[ 1225.192110][T14229] FAT-fs (loop5): Directory bread(block 417) failed
[ 1225.778610][T14229] FAT-fs (loop5): Directory bread(block 418) failed
[ 1225.910569][T14229] FAT-fs (loop5): Directory bread(block 419) failed
[ 1225.941915][T14229] FAT-fs (loop5): Directory bread(block 420) failed
[ 1225.948971][T14229] FAT-fs (loop5): Directory bread(block 421) failed
[ 1227.433940][T14248] FAT-fs (loop5): Directory bread(block 414) failed
[ 1227.441703][T14248] FAT-fs (loop5): Directory bread(block 415) failed
[ 1227.791293][T14252] lo speed is unknown, defaulting to 1000
[ 1230.016497][T14270] tipc: Started in network mode
[ 1230.022872][T14270] tipc: Node identity 2, cluster identity 4711
[ 1230.057280][T14270] tipc: Node number set to 2
[ 1233.793139][T14328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1234.183045][T14328] device batadv_slave_0 entered promiscuous mode
[ 1234.581577][T14316] loop5: detected capacity change from 0 to 256
[ 1237.854865][T14377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2249'.
[ 1237.866289][T14377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2249'.
[ 1237.875776][T14377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2249'.
[ 1237.886245][T14377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2249'.
[ 1237.895356][T14377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2249'.
[ 1238.034044][T14375] xt_CT: No such helper "pptp"
[ 1238.966461][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.974274][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1245.734361][T14457] overlayfs: missing 'lowerdir'
[ 1247.889176][T14471] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2279'.
[ 1250.605903][T14481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2272'.
[ 1252.590246][T14524] overlayfs: missing 'workdir'
[ 1257.166166][T14567] fuse: Bad value for 'fd'
[ 1257.739813][T14576] loop7: detected capacity change from 0 to 256
[ 1257.807041][T14576] FAT-fs (loop7): Directory bread(block 64) failed
[ 1257.814407][T14576] FAT-fs (loop7): Directory bread(block 65) failed
[ 1257.821538][T14576] FAT-fs (loop7): Directory bread(block 66) failed
[ 1257.828649][T14576] FAT-fs (loop7): Directory bread(block 67) failed
[ 1257.836032][T14576] FAT-fs (loop7): Directory bread(block 68) failed
[ 1257.842829][T14576] FAT-fs (loop7): Directory bread(block 69) failed
[ 1257.850073][T14576] FAT-fs (loop7): Directory bread(block 70) failed
[ 1257.856841][T14576] FAT-fs (loop7): Directory bread(block 71) failed
[ 1257.863996][T14576] FAT-fs (loop7): Directory bread(block 72) failed
[ 1257.870681][T14576] FAT-fs (loop7): Directory bread(block 73) failed
[ 1258.392769][T14586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2292'.
[ 1259.459404][T14598] overlayfs: missing 'workdir'
[ 1260.779726][T14612] overlayfs: missing 'workdir'
[ 1262.480101][ T4316] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1262.970470][T14639] lo speed is unknown, defaulting to 1000
[ 1264.317751][T14647] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1264.514040][T14647] device batadv_slave_0 entered promiscuous mode
[ 1264.780052][ T4316] usb 6-1: Using ep0 maxpacket: 32
[ 1264.791228][ T4316] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1264.921948][ T4316] usb 6-1: config 0 has no interfaces?
[ 1264.954200][ T4316] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1265.034920][ T4316] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1265.333423][ T4316] usb 6-1: config 0 descriptor??
[ 1265.647795][ T4316] usb 6-1: can't set config #0, error -71
[ 1267.256133][ T4316] usb 6-1: USB disconnect, device number 2
[ 1269.199526][T14679] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1269.208542][T14679] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1270.270251][   T26] audit: type=1326 audit(2000000751.203:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1270.490198][   T26] audit: type=1326 audit(2000000751.203:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1270.577560][   T26] audit: type=1326 audit(2000000751.203:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1270.610672][   T26] audit: type=1326 audit(2000000751.203:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1270.638806][   T26] audit: type=1326 audit(2000000751.213:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1270.703277][   T26] audit: type=1326 audit(2000000751.213:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1270.731935][T14697] loop5: detected capacity change from 0 to 512
[ 1270.767001][   T26] audit: type=1326 audit(2000000751.213:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1271.056571][   T26] audit: type=1326 audit(2000000751.213:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1271.196889][   T26] audit: type=1326 audit(2000000751.213:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1271.527605][   T26] audit: type=1326 audit(2000000751.213:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.1.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1271.755134][T14697] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1271.762623][T14697] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1272.487576][T14697] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.2316: bad orphan inode 131083
[ 1272.503051][T14697] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1272.891446][T14732] hugetlbfs: syz.0.2320 (14732): Using mlock ulimits for SHM_HUGETLB is obsolete
[ 1273.584309][T14737] netlink: 'syz.0.2324': attribute type 13 has an invalid length.
[ 1273.629492][T14696] fscrypt (loop5): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[ 1273.718471][T14737] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1273.786184][T14753] vivid-007: disconnect
[ 1274.484919][T14730] vivid-007: reconnect
[ 1274.664243][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1274.746816][T14762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2321'.
[ 1275.619449][T14787] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1275.628677][T14787] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1276.812452][T14794] loop5: detected capacity change from 0 to 16
[ 1276.865489][T14794] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1276.886350][T14794] syz.5.2327: attempt to access beyond end of device
[ 1276.886350][T14794] loop5: rw=524288, sector=1056, nr_sectors = 16 limit=16
[ 1276.905606][T14794] syz.5.2327: attempt to access beyond end of device
[ 1276.905606][T14794] loop5: rw=524288, sector=16, nr_sectors = 40 limit=16
[ 1276.931813][T14794] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1276.963011][T14794] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1276.979991][T14794] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1277.000684][T14794] 9pnet_fd: Insufficient options for proto=fd
[ 1277.030413][   T26] kauditd_printk_skb: 58 callbacks suppressed
[ 1277.030499][   T26] audit: type=1800 audit(2000000758.033:343): pid=14794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2327" name="file2" dev="loop5" ino=89 res=0 errno=0
[ 1277.786215][T14802] loop5: detected capacity change from 0 to 512
[ 1277.796206][T14802] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1278.936682][T14802] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8817e02c, mo2=0002]
[ 1278.976463][T14802] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.2328: invalid indirect mapped block 2683928664 (level 1)
[ 1279.001355][T14802] EXT4-fs (loop5): Remounting filesystem read-only
[ 1279.014729][T14802] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.2328: bg 0: block 361: padding at end of block bitmap is not set
[ 1279.034902][T14802] EXT4-fs (loop5): Remounting filesystem read-only
[ 1279.041757][T14802] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6179: Corrupt filesystem
[ 1279.051994][T14802] EXT4-fs (loop5): Remounting filesystem read-only
[ 1279.066998][T14802] EXT4-fs (loop5): 1 truncate cleaned up
[ 1279.073370][T14802] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1279.115158][T14801] EXT4-fs error (device loop5): ext4_empty_dir:3145: inode #2: block 5: comm syz.5.2328: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[ 1279.135839][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1279.152038][T14801] EXT4-fs (loop5): Remounting filesystem read-only
[ 1279.158756][T14801] EXT4-fs warning (device loop5): ext4_empty_dir:3147: inode #2: comm syz.5.2328: directory missing '.'
[ 1279.460832][T14767] netlink: 'syz.1.2321': attribute type 4 has an invalid length.
[ 1280.155111][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1280.366954][T14819] overlayfs: failed to clone upperpath
[ 1280.376919][T14819] overlayfs: failed to clone upperpath
[ 1282.038122][ T4283] Bluetooth: hci5: Malformed Event: 0x02
[ 1283.330983][T14851] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1283.340353][T14851] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1284.092569][T14855] loop5: detected capacity change from 0 to 512
[ 1284.152489][T14855] EXT4-fs (loop5): DAX unsupported by block device.
[ 1289.104140][T14901] 9pnet_fd: Insufficient options for proto=fd
[ 1289.344568][T14888] block device autoloading is deprecated and will be removed.
[ 1290.746635][T14915] overlayfs: missing 'lowerdir'
[ 1293.343324][T14948] overlayfs: failed to clone upperpath
[ 1293.359122][T14955] loop5: detected capacity change from 0 to 128
[ 1293.386293][T14955] FAT-fs (loop5): bogus number of reserved sectors
[ 1293.393071][T14955] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[ 1293.402491][T14955] FAT-fs (loop5): Can't find a valid FAT filesystem
[ 1296.677123][T14970] xt_NFQUEUE: number of total queues is 0
[ 1296.703564][T14970] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2359'.
[ 1297.681553][T14987] overlayfs: missing 'lowerdir'
[ 1300.421003][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.433370][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.948454][T15000] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.956200][T15000] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1301.234669][T15000] batman_adv: batadv0: Interface deactivated: dummy0
[ 1301.339645][T15026] overlayfs: failed to clone upperpath
[ 1303.796293][   T26] audit: type=1804 audit(2000001040.879:344): pid=15046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.2372" name="/newroot/61/file1" dev="fuse" ino=1 res=1 errno=0
[ 1304.777780][T15000] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1304.939793][T15000] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1306.896960][T15072] overlayfs: missing 'lowerdir'
[ 1308.604866][T15000] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1308.621800][T15000] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1308.651997][T15000] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1308.674056][T15000] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1309.755171][T15059] veth0: Caught tx_queue_len zero misconfig
[ 1310.208069][T15067] bridge0: Device is already in use.
[ 1310.222012][T15081] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2378'.
[ 1312.142820][T15119] overlayfs: failed to clone upperpath
[ 1312.527976][T15122] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[ 1312.536908][T15122] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[ 1312.545899][T15122] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[ 1312.547568][T14780] Bluetooth: hci4: Frame reassembly failed (-90)
[ 1312.991372][T15126] overlayfs: failed to clone upperpath
[ 1313.899050][T15137] Trying to write to read-only block-device nullb0
[ 1314.596783][T10472] Bluetooth: hci4: command 0x1003 tx timeout
[ 1314.605167][ T4283] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1318.965401][ T4425] Trying to write to read-only block-device nullb0
[ 1319.320493][ T4425] Trying to write to read-only block-device nullb0
[ 1319.327471][ T4425] Trying to write to read-only block-device nullb0
[ 1319.419697][ T4425] Trying to write to read-only block-device nullb0
[ 1319.470495][ T4425] Trying to write to read-only block-device nullb0
[ 1319.477293][ T4425] Trying to write to read-only block-device nullb0
[ 1320.220099][ T4425] Trying to write to read-only block-device nullb0
[ 1320.227193][ T4425] Trying to write to read-only block-device nullb0
[ 1320.275632][T15114] Trying to write to read-only block-device nullb0
[ 1320.311417][T15114] Trying to write to read-only block-device nullb0
[ 1320.495072][T15189] veth1_to_bridge: Caught tx_queue_len zero misconfig
[ 1320.502337][T15189] netlink: 'syz.0.2398': attribute type 12 has an invalid length.
[ 1321.063226][T15202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2400'.
[ 1322.705173][   T26] audit: type=1804 audit(2000001059.789:345): pid=15220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.2405" name="/newroot/69/file1" dev="fuse" ino=1 res=1 errno=0
[ 1322.801695][T15225] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead
[ 1322.812450][T15225] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1323.354417][T15228] overlayfs: failed to clone upperpath
[ 1324.153721][T15238] loop5: detected capacity change from 0 to 1024
[ 1324.161314][T15238] EXT4-fs: Ignoring removed bh option
[ 1324.166795][T15238] EXT4-fs: Ignoring removed oldalloc option
[ 1324.172945][T15238] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1324.200923][T15238] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1324.316121][T15240] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1324.342997][T15240] usb usb9: usbfs: process 15240 (syz.7.2408) did not claim interface 3 before use
[ 1325.762379][T15238] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c01c, mo2=0003]
[ 1325.771260][T15238] System zones: 0-1, 3-36
[ 1326.618200][T15238] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1328.038515][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1328.164166][   T26] audit: type=1326 audit(2000001065.249:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.278488][   T26] audit: type=1326 audit(2000001065.249:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.546201][   T26] audit: type=1326 audit(2000001065.269:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.595042][   T26] audit: type=1326 audit(2000001065.269:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.621672][   T26] audit: type=1326 audit(2000001065.269:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.644915][   T26] audit: type=1326 audit(2000001065.269:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.676588][   T26] audit: type=1326 audit(2000001065.269:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.713046][   T26] audit: type=1326 audit(2000001065.269:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.764086][   T26] audit: type=1326 audit(2000001065.269:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.0.2406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1329.982639][T15270] loop5: detected capacity change from 0 to 2048
[ 1330.671319][T15270] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1332.406555][T15296] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2419'.
[ 1332.487057][T15296] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2419'.
[ 1336.558743][T15341] netlink: 'syz.7.2429': attribute type 4 has an invalid length.
[ 1337.093440][T15352] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2417'.
[ 1337.319739][T15351] netlink: 165 bytes leftover after parsing attributes in process `syz.7.2429'.
[ 1337.354717][T15344] netlink: 'syz.7.2429': attribute type 4 has an invalid length.
[ 1338.994602][T15372] device bridge1 entered promiscuous mode
[ 1340.551190][T15379] overlayfs: missing 'lowerdir'
[ 1344.355501][T15440] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2447'.
[ 1344.987247][T15453] overlayfs: conflicting options: nfs_export=on,index=off
[ 1345.990593][T15465] overlayfs: failed to resolve './file1': -2
[ 1346.436274][T15468] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1348.713904][T15490] siw: device registration error -23
[ 1349.239060][T15493] loop5: detected capacity change from 0 to 40427
[ 1349.276592][T15493] F2FS-fs (loop5): invalid crc value
[ 1349.299350][T15493] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1349.338495][T15493] F2FS-fs (loop5): Start checkpoint disabled!
[ 1349.367698][T15493] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[ 1349.630853][T15498] openvswitch: netlink: EtherType 0 is less than min 600
[ 1350.323835][T12682] kworker/u4:5: attempt to access beyond end of device
[ 1350.323835][T12682] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[ 1351.322997][T15519] ptrace attach of "./syz-executor exec"[12796] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
[ 1353.392397][T15517] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1354.356471][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1355.258069][T15539] overlayfs: failed to clone upperpath
[ 1358.160204][T15581] overlayfs: failed to clone upperpath
[ 1363.259429][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1363.265965][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1363.783212][T15607] overlayfs: failed to clone upperpath
[ 1363.978304][T15615] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2480'.
[ 1363.993556][T15615] Timeout policy `syz1' can only be used by L3 protocol number 34825
[ 1367.080484][T15647] ALSA: mixer_oss: invalid OSS volume 'LI'
[ 1367.091092][T15647] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2488'.
[ 1373.154468][T15688] overlayfs: failed to clone upperpath
[ 1374.802004][   T26] audit: type=1326 audit(2000001110.061:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1374.945203][   T26] audit: type=1326 audit(2000001110.089:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1375.043202][   T26] audit: type=1326 audit(2000001110.089:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1375.076835][   T26] audit: type=1326 audit(2000001110.089:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1375.251774][   T26] audit: type=1326 audit(2000001110.089:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1375.411414][   T26] audit: type=1326 audit(2000001110.089:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1375.508627][T15708] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1375.556108][T15708] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1375.565210][T15708] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1375.700417][   T26] audit: type=1326 audit(2000001110.089:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1375.867399][T15721] loop5: detected capacity change from 0 to 1764
[ 1376.385195][   T26] audit: type=1326 audit(2000001110.089:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1376.409170][   T26] audit: type=1326 audit(2000001110.098:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1376.624619][   T26] audit: type=1326 audit(2000001110.520:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15705 comm="syz.3.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1376.974774][T15733] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead
[ 1376.985352][T15733] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1379.811370][T15746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2509'.
[ 1379.989354][T15746] netlink: 'syz.0.2509': attribute type 4 has an invalid length.
[ 1382.324109][T15783] loop5: detected capacity change from 0 to 1764
[ 1383.530758][T15788] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[ 1383.677192][T15788] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[ 1383.686057][T15788] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[ 1387.130192][T15819] overlayfs: failed to clone upperpath
[ 1388.312642][T15827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2526'.
[ 1388.362390][T15827] netlink: 'syz.3.2526': attribute type 4 has an invalid length.
[ 1388.672530][ T4312] lo speed is unknown, defaulting to 1000
[ 1390.645806][T15853] ALSA: mixer_oss: invalid OSS volume 'LI'
[ 1390.653858][T15853] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2532'.
[ 1394.190611][T15879] device bridge0 entered promiscuous mode
[ 1397.930868][T15901] tipc: Started in network mode
[ 1397.936009][T15901] tipc: Node identity 2, cluster identity 4711
[ 1397.942684][T15901] tipc: Node number set to 2
[ 1398.525599][   T26] kauditd_printk_skb: 35 callbacks suppressed
[ 1398.525692][   T26] audit: type=1326 audit(2000001132.230:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1398.695087][T15916] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2558'.
[ 1399.060438][   T26] audit: type=1326 audit(2000001132.230:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1399.083420][   T26] audit: type=1326 audit(2000001132.230:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1399.107210][   T26] audit: type=1326 audit(2000001132.230:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1399.385180][   T26] audit: type=1326 audit(2000001132.230:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1399.607579][   T26] audit: type=1326 audit(2000001132.230:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1399.636143][   T26] audit: type=1326 audit(2000001132.230:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1399.793792][T15922] netlink: 168 bytes leftover after parsing attributes in process `syz.7.2546'.
[ 1400.016240][   T26] audit: type=1326 audit(2000001132.230:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1400.203026][   T26] audit: type=1326 audit(2000001132.230:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1400.610830][   T26] audit: type=1326 audit(2000001132.230:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15907 comm="syz.3.2545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1402.197953][T15946] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2551'.
[ 1402.257305][T15946] netlink: 'syz.5.2551': attribute type 4 has an invalid length.
[ 1402.934575][T15945] xt_NFQUEUE: number of total queues is 0
[ 1408.361771][T15990] xt_CT: No such helper "pptp"
[ 1408.658921][   T26] kauditd_printk_skb: 61 callbacks suppressed
[ 1408.659647][   T26] audit: type=1326 audit(2000001141.672:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1409.265844][   T26] audit: type=1326 audit(2000001141.672:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1409.289421][   T26] audit: type=1326 audit(2000001141.672:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1409.312722][   T26] audit: type=1326 audit(2000001141.672:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1409.343426][   T26] audit: type=1326 audit(2000001141.672:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1410.009568][   T26] audit: type=1326 audit(2000001141.672:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1410.040731][   T26] audit: type=1326 audit(2000001141.672:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1410.170444][T16012] netlink: 4508 bytes leftover after parsing attributes in process `syz.0.2566'.
[ 1410.189528][   T26] audit: type=1326 audit(2000001141.672:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1410.274790][   T26] audit: type=1326 audit(2000001141.682:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1410.382391][   T26] audit: type=1326 audit(2000001141.682:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15995 comm="syz.7.2565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c5d9c799 code=0x7ffc0000
[ 1410.760296][T16015] overlayfs: missing 'lowerdir'
[ 1410.803863][T16015] loop5: detected capacity change from 0 to 512
[ 1414.717834][T16050] xt_NFQUEUE: number of total queues is 0
[ 1416.680122][T16063] xt_CT: No such helper "pptp"
[ 1418.134568][T16081] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2584'.
[ 1419.612532][T16090] siw: device registration error -23
[ 1420.400077][   T26] kauditd_printk_skb: 63 callbacks suppressed
[ 1420.400097][   T26] audit: type=1326 audit(2000001152.733:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1421.742427][   T26] audit: type=1326 audit(2000001152.733:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1421.897542][   T26] audit: type=1326 audit(2000001152.762:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1422.013150][   T26] audit: type=1326 audit(2000001152.762:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1422.456769][T16112] loop5: detected capacity change from 0 to 256
[ 1422.520761][T16112] FAT-fs (loop5): Directory bread(block 64) failed
[ 1422.528546][T16112] FAT-fs (loop5): Directory bread(block 65) failed
[ 1422.535482][T16112] FAT-fs (loop5): Directory bread(block 66) failed
[ 1422.542047][T16112] FAT-fs (loop5): Directory bread(block 67) failed
[ 1422.548811][T16112] FAT-fs (loop5): Directory bread(block 68) failed
[ 1422.555365][T16112] FAT-fs (loop5): Directory bread(block 69) failed
[ 1422.561940][T16112] FAT-fs (loop5): Directory bread(block 70) failed
[ 1422.568874][T16112] FAT-fs (loop5): Directory bread(block 71) failed
[ 1422.575487][T16112] FAT-fs (loop5): Directory bread(block 72) failed
[ 1422.582401][T16112] FAT-fs (loop5): Directory bread(block 73) failed
[ 1422.740276][   T26] audit: type=1326 audit(2000001152.762:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1422.766529][   T26] audit: type=1326 audit(2000001152.762:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1422.928348][   T26] audit: type=1326 audit(2000001152.762:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1423.045984][   T26] audit: type=1326 audit(2000001152.771:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1423.269267][   T26] audit: type=1326 audit(2000001152.771:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1423.626689][   T26] audit: type=1326 audit(2000001152.771:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16072 comm="syz.0.2583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f56f339c799 code=0x7ffc0000
[ 1423.791808][T16126] loop5: detected capacity change from 0 to 512
[ 1424.438870][T16126] EXT4-fs: Mount option(s) incompatible with ext3
[ 1426.502823][T16143] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1427.079223][T16155] loop5: detected capacity change from 0 to 64
[ 1428.563069][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.569525][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1428.774896][T16156] xt_NFQUEUE: number of total queues is 0
[ 1432.442349][T16193] loop5: detected capacity change from 0 to 1764
[ 1435.979064][T16208] tmpfs: Unknown parameter 'usrquota'
[ 1436.575078][T16208] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2611'.
[ 1445.696903][T16294] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1450.053284][T16334] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1451.459071][T16347] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1451.506957][T16347] kernel read not supported for file /cpuacct.usage_percpu (pid: 16347 comm: syz.1.2644)
[ 1451.518946][   T26] kauditd_printk_skb: 58 callbacks suppressed
[ 1451.518961][   T26] audit: type=1800 audit(2000001181.846:612): pid=16347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2644" name="cpuacct.usage_percpu" dev="mqueue" ino=64319 res=0 errno=0
[ 1451.839232][T16352] tmpfs: Unknown parameter 'fscontext'
[ 1452.311719][T16357] lo: Caught tx_queue_len zero misconfig
[ 1453.145916][T16366] loop5: detected capacity change from 0 to 256
[ 1455.429736][T16370] overlayfs: missing 'lowerdir'
[ 1456.212789][T16394] loop5: detected capacity change from 0 to 1764
[ 1461.457641][T16423] loop5: detected capacity change from 0 to 1764
[ 1464.102343][   T26] audit: type=1326 audit(2000001193.628:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1464.174423][   T26] audit: type=1326 audit(2000001193.647:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1464.230635][   T26] audit: type=1326 audit(2000001193.647:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1464.446580][   T26] audit: type=1326 audit(2000001193.647:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1464.489112][T16467] loop5: detected capacity change from 0 to 4096
[ 1464.495775][   T26] audit: type=1326 audit(2000001193.647:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1465.666173][   T26] audit: type=1326 audit(2000001193.647:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1466.021916][   T26] audit: type=1326 audit(2000001193.647:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1467.910451][   T26] audit: type=1326 audit(2000001193.647:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1467.938491][   T26] audit: type=1326 audit(2000001193.647:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f353779c799 code=0x7ffc0000
[ 1467.964141][   T26] audit: type=1326 audit(2000001193.647:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16463 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f353775cfce code=0x7ffc0000
[ 1468.124710][T11466] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22.
[ 1468.843557][T16503] 9pnet_fd: Insufficient options for proto=fd
[ 1468.985212][T11466] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[ 1472.236237][T16539] ubi31: attaching mtd0
[ 1472.247505][T16539] ubi31: scanning is finished
[ 1472.252844][T16539] ubi31: empty MTD device detected
[ 1472.317369][T16539] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1472.325439][T16539] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1472.333059][T16539] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1472.340216][T16539] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1472.348265][T16539] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1472.355687][T16539] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1472.364144][T16539] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3999779710
[ 1472.374537][T16539] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1472.390096][T16542] ubi31: background thread "ubi_bgt31d" started, PID 16542
[ 1478.726241][T16606] loop5: detected capacity change from 0 to 16
[ 1480.152831][T16606] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1480.169724][T16604] syz.5.2705: attempt to access beyond end of device
[ 1480.169724][T16604] loop5: rw=524288, sector=1056, nr_sectors = 16 limit=16
[ 1480.187914][T16604] syz.5.2705: attempt to access beyond end of device
[ 1480.187914][T16604] loop5: rw=524288, sector=16, nr_sectors = 40 limit=16
[ 1480.201859][T16604] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1480.213445][   T26] kauditd_printk_skb: 48 callbacks suppressed
[ 1480.213461][   T26] audit: type=1800 audit(2000001208.704:671): pid=16604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2705" name="file2" dev="loop5" ino=89 res=0 errno=0
[ 1480.240314][T16604] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1480.253635][T16604] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1481.867544][T16620] loop5: detected capacity change from 0 to 1764
[ 1483.583250][T16633] No such timeout policy "syz1"
[ 1483.590285][T16633] autofs4:pid:16633:autofs_fill_super: called with bogus options
[ 1483.741364][T16639] xt_NFQUEUE: number of total queues is 0
[ 1484.573838][T16639] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2713'.
[ 1485.091357][T16653] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2717'.
[ 1485.808308][T16655] overlayfs: missing 'lowerdir'
[ 1485.967478][T16657] lo speed is unknown, defaulting to 1000
[ 1485.973602][T16657] lo speed is unknown, defaulting to 1000
[ 1485.988218][T16657] lo speed is unknown, defaulting to 1000
[ 1486.094924][T16659] netlink: 'syz.0.2718': attribute type 10 has an invalid length.
[ 1486.130013][T16657] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1486.319198][T16657] lo speed is unknown, defaulting to 1000
[ 1486.492125][T16666] SET target dimension over the limit!
[ 1487.164761][T16657] lo speed is unknown, defaulting to 1000
[ 1487.171555][T16657] lo speed is unknown, defaulting to 1000
[ 1487.179080][T16657] lo speed is unknown, defaulting to 1000
[ 1487.188458][T16657] lo speed is unknown, defaulting to 1000
[ 1491.721813][T16711] overlayfs: missing 'lowerdir'
[ 1491.969182][T16713] IPv6: sit1: Disabled Multicast RS
[ 1492.592087][T16717] loop5: detected capacity change from 0 to 32768
[ 1493.373066][T16717] XFS (loop5): Mounting V5 Filesystem
[ 1494.220645][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1494.227091][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1494.244444][T16717] XFS (loop5): Ending clean mount
[ 1494.271648][T16717] XFS (loop5): Quotacheck needed: Please wait.
[ 1494.452504][T16742] overlayfs: failed to clone upperpath
[ 1494.510634][T16748] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2737'.
[ 1494.563341][T16748] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2737'.
[ 1494.725820][T16717] XFS (loop5): Quotacheck: Done.
[ 1495.343766][T16754] netlink: 168 bytes leftover after parsing attributes in process `syz.5.2731'.
[ 1495.371733][   T26] audit: type=1800 audit(2000001222.816:672): pid=16756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2731" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=4430 res=0 errno=0
[ 1497.774059][T11466] XFS (loop5): Unmounting Filesystem
[ 1498.818523][T16784] lo speed is unknown, defaulting to 1000
[ 1498.830390][T16784] lo speed is unknown, defaulting to 1000
[ 1499.208358][T16788] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2746'.
[ 1499.220311][T16788] siw: device registration error -23
[ 1503.104481][T16826] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1504.090224][T16833] 9p: Unknown Cache mode readahead
[ 1507.139087][T16851] xt_socket: unknown flags 0xd0
[ 1516.759411][T16930] 9pnet_fd: Insufficient options for proto=fd
[ 1521.403221][T16962] xt_NFQUEUE: number of total queues is 0
[ 1521.506163][T16968] loop5: detected capacity change from 0 to 164
[ 1522.110274][T16966] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2785'.
[ 1522.130022][T16962] netlink: 140 bytes leftover after parsing attributes in process `syz.7.2783'.
[ 1523.768499][T16981] loop5: detected capacity change from 0 to 1764
[ 1527.026269][T17002] netlink: 'syz.3.2794': attribute type 10 has an invalid length.
[ 1527.034393][T17002] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2794'.
[ 1527.458889][T17003] loop5: detected capacity change from 0 to 1764
[ 1527.467013][T17002] batman_adv: batadv0: Adding interface: vlan1
[ 1527.473531][T17002] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[ 1527.503675][T17002] batman_adv: batadv0: Interface activated: vlan1
[ 1527.836501][T17011] sctp: [Deprecated]: syz.1.2796 (pid 17011) Use of int in max_burst socket option deprecated.
[ 1527.836501][T17011] Use struct sctp_assoc_value instead
[ 1528.024032][T17014] overlayfs: missing 'lowerdir'
[ 1531.835618][T17050] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2805'.
[ 1532.404943][T17048] loop5: detected capacity change from 0 to 256
[ 1532.444522][T17050] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1537.521314][T17093] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2817'.
[ 1537.531020][T17093] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2817'.
[ 1537.540189][T17093] tc_dump_action: action bad kind
[ 1537.840949][T17094] xt_NFQUEUE: number of total queues is 0
[ 1538.785844][T17094] netlink: 140 bytes leftover after parsing attributes in process `syz.7.2816'.
[ 1539.678298][T17114] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1539.688161][T17114] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1539.712241][T17114] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1539.720425][T17114] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1539.814007][T17114] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1539.881965][ T4312] lo speed is unknown, defaulting to 1000
[ 1540.299344][T17124] xt_NFQUEUE: number of total queues is 0
[ 1540.307693][T17124] netlink: 'syz.3.2822': attribute type 5 has an invalid length.
[ 1540.315731][T17124] netlink: 15 bytes leftover after parsing attributes in process `syz.3.2822'.
[ 1542.205986][T17139] overlayfs: missing 'workdir'
[ 1544.426799][T17154] loop5: detected capacity change from 0 to 1764
[ 1545.894351][T17166] xt_NFQUEUE: number of total queues is 0
[ 1545.922842][T17157] xt_NFQUEUE: number of total queues is 0
[ 1545.936549][T17166] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2831'.
[ 1546.005139][T17171] xt_socket: unknown flags 0xd0
[ 1546.018796][T17157] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2828'.
[ 1547.359080][T17189] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2835'.
[ 1548.191828][T17188] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2834'.
[ 1554.604873][T17238] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2847'.
[ 1554.637327][T17238] netlink: 'syz.1.2847': attribute type 6 has an invalid length.
[ 1555.114777][   T26] audit: type=1326 audit(2000001278.505:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.197676][   T26] audit: type=1326 audit(2000001278.505:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.222168][   T26] audit: type=1326 audit(2000001278.505:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.247460][   T26] audit: type=1326 audit(2000001278.505:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.272465][   T26] audit: type=1326 audit(2000001278.505:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.378217][   T26] audit: type=1326 audit(2000001278.505:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.527271][   T26] audit: type=1326 audit(2000001278.505:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.615562][   T26] audit: type=1326 audit(2000001278.505:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf00d5cfce code=0x7ffc0000
[ 1555.916198][   T26] audit: type=1326 audit(2000001278.505:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf00d9c799 code=0x7ffc0000
[ 1555.944914][   T26] audit: type=1326 audit(2000001278.505:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17237 comm="syz.1.2847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf00d5cfce code=0x7ffc0000
[ 1556.356651][T17253] overlayfs: missing 'workdir'
[ 1556.380698][T17255] xt_NFQUEUE: number of total queues is 0
[ 1556.426576][T17256] loop5: detected capacity change from 0 to 512
[ 1556.470437][T17255] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2849'.
[ 1556.488248][T17256] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1556.497684][T17256] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1556.746270][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1557.668251][T17273] xt_NFQUEUE: number of total queues is 0
[ 1557.696970][T17273] netlink: 140 bytes leftover after parsing attributes in process `syz.7.2852'.
[ 1557.749670][T17281] netlink: 'syz.1.2856': attribute type 10 has an invalid length.
[ 1557.757896][T17281] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2856'.
[ 1557.767822][T17281] batman_adv: batadv0: Adding interface: vlan1
[ 1557.774077][T17281] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1557.799653][T17281] batman_adv: batadv0: Interface activated: vlan1
[ 1560.435105][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1560.441923][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1562.548968][T17316] xt_NFQUEUE: number of total queues is 0
[ 1562.564740][T17316] netlink: 'syz.0.2861': attribute type 5 has an invalid length.
[ 1562.573609][T17316] netlink: 15 bytes leftover after parsing attributes in process `syz.0.2861'.
[ 1563.467839][T17324] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1563.477033][T17324] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1564.980425][T17340] netlink: 'syz.7.2868': attribute type 10 has an invalid length.
[ 1564.988642][T17340] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2868'.
[ 1564.998373][T17340] batman_adv: batadv0: Adding interface: vlan1
[ 1565.004815][T17340] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1565.030230][T17340] batman_adv: batadv0: Interface activated: vlan1
[ 1565.406623][T17351] xt_NFQUEUE: number of total queues is 0
[ 1565.480737][T17354] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2878'.
[ 1568.981533][T17380] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1568.990873][T17380] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1569.836250][T17383] xt_NFQUEUE: number of total queues is 0
[ 1569.847964][T17383] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2879'.
[ 1570.103851][T17393] xt_NFQUEUE: number of total queues is 0
[ 1570.111558][T17393] netlink: 'syz.5.2882': attribute type 5 has an invalid length.
[ 1570.119715][T17393] netlink: 15 bytes leftover after parsing attributes in process `syz.5.2882'.
[ 1571.221495][T17402] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2893'.
[ 1572.122776][T17403] netlink: 'syz.5.2883': attribute type 10 has an invalid length.
[ 1572.131604][T17403] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2883'.
[ 1573.743579][T17414] vivid-000: kernel_thread() failed
[ 1574.662115][T17430] xt_NFQUEUE: number of total queues is 0
[ 1574.675071][T17430] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2900'.
[ 1575.452708][T17440] loop5: detected capacity change from 0 to 1024
[ 1575.464056][T17440] ext2: Unknown parameter 'smackfsdef'
[ 1575.782203][T17389] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1576.564351][T17450] loop5: detected capacity change from 0 to 512
[ 1576.781537][T17450] EXT4-fs error (device loop5): ext4_iget_extra_inode:4756: inode #15: comm syz.5.2895: corrupted in-inode xattr
[ 1576.847476][T17450] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2895: couldn't read orphan inode 15 (err -117)
[ 1576.872306][T17450] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1578.018988][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1578.119964][T17465] netlink: 'syz.0.2898': attribute type 10 has an invalid length.
[ 1578.127965][T17465] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2898'.
[ 1578.137712][T17465] batman_adv: batadv0: Adding interface: vlan1
[ 1578.144092][T17465] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1578.169795][T17465] batman_adv: batadv0: Interface activated: vlan1
[ 1579.632231][T17489] xt_NFQUEUE: number of total queues is 0
[ 1579.652628][T17489] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2905'.
[ 1579.668516][T17493] loop5: detected capacity change from 0 to 128
[ 1579.692119][T17493] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1581.798153][T17510] openvswitch: netlink: EtherType 0 is less than min 600
[ 1581.800532][ T4285] Bluetooth: hci2: command 0x0409 tx timeout
[ 1582.840855][T17515] UDF-fs: error (device loop5): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[ 1583.091093][   T26] kauditd_printk_skb: 62 callbacks suppressed
[ 1583.091170][   T26] audit: type=1800 audit(2000001304.764:745): pid=17517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2908" name="file1" dev="loop5" ino=94 res=0 errno=0
[ 1584.217361][ T4387] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1584.347727][ T4285] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[ 1584.437214][ T4387] usb 6-1: Using ep0 maxpacket: 32
[ 1584.444379][ T4387] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1584.491447][ T4387] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1584.512871][ T4387] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1584.550057][ T4387] usb 6-1: New USB device found, idVendor=0c72, idProduct=0011, bcdDevice= 9.75
[ 1584.559357][ T4387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1584.573945][ T4387] usb 6-1: Product: syz
[ 1584.580038][ T4387] usb 6-1: Manufacturer: syz
[ 1584.584843][ T4387] usb 6-1: SerialNumber: syz
[ 1584.790968][ T4387] usb 6-1: config 0 descriptor??
[ 1585.078413][ T4387] peak_usb 6-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[ 1585.089466][ T4387] peak_usb 6-1:0.0: unable to read PCAN-USB Pro FD firmware info (err -71)
[ 1585.154033][ T4387] peak_usb: probe of 6-1:0.0 failed with error -71
[ 1585.184556][ T4387] usb 6-1: USB disconnect, device number 3
[ 1585.539713][T17565] overlayfs: missing 'lowerdir'
[ 1589.258309][T17614] tipc: Started in network mode
[ 1589.263311][T17614] tipc: Node identity 4, cluster identity 4711
[ 1589.269634][T17614] tipc: Node number set to 4
[ 1591.520620][T17629] xt_NFQUEUE: number of total queues is 0
[ 1591.666780][T17629] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2944'.
[ 1591.814694][ T4285] Bluetooth: hci5: Malformed MSFT vendor event: 0x02
[ 1592.509765][T17642] tmpfs: Unknown parameter 'quota'
[ 1593.044481][T17647] loop5: detected capacity change from 0 to 8192
[ 1593.118605][T17647] REISERFS warning (device loop5): super-6509 reiserfs_parse_options: nolargeio option is no longer supported
[ 1596.662822][T17683] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2960'.
[ 1597.578517][T15149] Bluetooth: hci5: command 0x0409 tx timeout
[ 1597.769100][T17702] loop5: detected capacity change from 0 to 1024
[ 1599.303973][T17700] device wireguard0 entered promiscuous mode
[ 1599.431336][T17708] xt_NFQUEUE: number of total queues is 0
[ 1599.463931][T17708] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2966'.
[ 1599.549933][   T30] hfsplus: b-tree write err: -5, ino 25
[ 1599.565572][   T30] hfsplus: b-tree write err: -5, ino 4
[ 1599.593091][   T30] hfsplus: b-tree write err: -5, ino 2
[ 1599.609831][   T30] hfsplus: b-tree write err: -5, ino 26
[ 1599.790694][T15149] Bluetooth: hci2: unexpected cc 0x0402 length: 61 > 1
[ 1599.798204][T15149] Bluetooth: hci2: Ignoring error of Inquiry Cancel command
[ 1600.416630][T17721] loop5: detected capacity change from 0 to 512
[ 1600.428495][T17721] EXT4-fs: Ignoring removed i_version option
[ 1600.434664][T17721] EXT4-fs: Ignoring removed oldalloc option
[ 1601.232432][T17721] EXT4-fs (loop5): 1 truncate cleaned up
[ 1601.238676][T17721] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1601.692361][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1603.115151][T17746] loop5: detected capacity change from 0 to 128
[ 1603.196175][T17624] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1604.287782][T17754] loop5: detected capacity change from 0 to 1764
[ 1604.737365][T17768] tipc: Started in network mode
[ 1604.742471][T17768] tipc: Node identity 4, cluster identity 4711
[ 1604.748804][T17768] tipc: Node number set to 4
[ 1606.012294][ T4387] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1606.803248][ T4387] usb 6-1: Using ep0 maxpacket: 32
[ 1606.815599][ T4387] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1606.877464][ T4387] usb 6-1: New USB device found, idVendor=084f, idProduct=0001, bcdDevice= b.8c
[ 1606.997704][ T4387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1607.145762][ T4387] usb 6-1: Product: syz
[ 1607.157982][ T4387] usb 6-1: Manufacturer: syz
[ 1607.165710][ T4387] usb 6-1: SerialNumber: syz
[ 1607.901278][ T4387] empeg 6-1:1.0: empeg converter detected
[ 1608.603496][ T4387] empeg: probe of 6-1:1.0 failed with error -71
[ 1608.627226][ T4387] usb 6-1: USB disconnect, device number 4
[ 1610.350119][T17820] device wireguard0 entered promiscuous mode
[ 1612.257553][T17849] xt_NFQUEUE: number of total queues is 0
[ 1612.274887][T17849] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3010'.
[ 1614.429653][T17871] loop5: detected capacity change from 0 to 1764
[ 1616.418328][T17883] tmpfs: Unknown parameter 'usrquota'
[ 1616.453092][T17883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3018'.
[ 1617.069320][T17888] loop5: detected capacity change from 0 to 128
[ 1617.155310][T17888] vxfs: unable to set final block size
[ 1618.536993][T17903] xt_NFQUEUE: number of total queues is 0
[ 1619.086389][T17915] openvswitch: netlink: EtherType 0 is less than min 600
[ 1619.960893][T17917] xt_NFQUEUE: number of total queues is 0
[ 1620.000703][T17917] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3027'.
[ 1620.737969][    C1] icmp: detected local route for 172.20.20.11 during ICMP sending, src 172.20.20.0
[ 1623.085629][T17956] loop5: detected capacity change from 0 to 512
[ 1624.205242][T17956] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1624.321761][T17956] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.3038: iget: bad i_size value: 38620345925642
[ 1624.336896][T17956] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.3038: couldn't read orphan inode 15 (err -117)
[ 1624.352551][T17956] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1624.526901][T17955] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.3038: bg 0: block 5: invalid block bitmap
[ 1624.597906][T17955] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1624.611630][T17955] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1624.611630][T17955] 
[ 1624.622006][T17955] EXT4-fs (loop5): Total free blocks count 0
[ 1624.628218][T17955] EXT4-fs (loop5): Free/Dirty block details
[ 1624.634180][T17955] EXT4-fs (loop5): free_blocks=0
[ 1624.639268][T17955] EXT4-fs (loop5): dirty_blocks=2112
[ 1624.644593][T17955] EXT4-fs (loop5): Block reservation details
[ 1624.650686][T17955] EXT4-fs (loop5): i_reserved_data_blocks=2112
[ 1625.248231][T14780] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 56 with error 28
[ 1625.506790][T17954] tmpfs: Unknown parameter 'quota'
[ 1625.527707][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1625.534251][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1626.149187][T17973] loop5: detected capacity change from 0 to 512
[ 1626.474088][T17973] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1626.484276][T17973] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1627.027333][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1627.432136][T17982] openvswitch: netlink: EtherType 0 is less than min 600
[ 1628.008242][T17984] tmpfs: Unknown parameter 'fscontext'
[ 1629.501290][T15149] Bluetooth: hci5: Malformed MSFT vendor event: 0x02
[ 1632.539220][T18025] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3051'.
[ 1632.637023][T18026] No such timeout policy "syz1"
[ 1633.403102][T18036] loop5: detected capacity change from 0 to 512
[ 1633.495728][T18038] xt_NFQUEUE: number of total queues is 0
[ 1633.537510][T18038] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3054'.
[ 1634.278040][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1636.138944][T18047] netlink: 'syz.0.3059': attribute type 4 has an invalid length.
[ 1637.798621][T18083] loop5: detected capacity change from 0 to 1764
[ 1639.706294][T18097] netlink: 'syz.1.3074': attribute type 4 has an invalid length.
[ 1640.015515][T18112] loop5: detected capacity change from 0 to 16
[ 1640.040041][T18112] erofs: (device loop5): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 25144)
[ 1644.944229][T15149] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1644.959513][T15149] Bluetooth: hci5: Injecting HCI hardware error event
[ 1645.194418][T15149] Bluetooth: hci5: hardware error 0x00
[ 1645.800539][T18159] loop5: detected capacity change from 0 to 1764
[ 1647.508378][T15149] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1647.616230][T18173] SET target dimension over the limit!
[ 1650.669520][T18188] ALSA: mixer_oss: invalid OSS volume 'LI'
[ 1650.677809][T18188] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3102'.
[ 1654.826549][T18229] lo speed is unknown, defaulting to 1000
[ 1654.833424][T18229] lo speed is unknown, defaulting to 1000
[ 1659.403217][T18251] ALSA: mixer_oss: invalid OSS volume 'LI'
[ 1659.411403][T18251] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3117'.
[ 1660.425806][T15149] Bluetooth: hci2: Malformed LE Event: 0x0b
[ 1662.018577][T18297] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3133'.
[ 1662.861467][T18307] loop5: detected capacity change from 0 to 512
[ 1662.903980][T18307] EXT4-fs: Ignoring removed oldalloc option
[ 1662.968685][T18307] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[ 1663.017345][T18307] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[ 1663.065180][T18307] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[ 1663.149027][T18307] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1663.179422][T18307] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e01c, mo2=0000]
[ 1663.884983][T18307] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1664.067463][T18307] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.3138: bg 0: block 34: padding at end of block bitmap is not set
[ 1664.243187][T18307] Quota error (device loop5): write_blk: dquota write failed
[ 1664.503763][T18307] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 1664.561583][T18307] EXT4-fs error (device loop5): ext4_acquire_dquot:6835: comm syz.5.3138: Failed to acquire dquot type 1
[ 1664.616654][T18307] EXT4-fs (loop5): 1 truncate cleaned up
[ 1664.640235][T18307] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1664.740488][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1665.126802][T18347] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3147'.
[ 1665.669068][T18349] loop5: detected capacity change from 0 to 512
[ 1665.862087][T18349] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[ 1665.938293][T18349] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[ 1666.198993][T18349] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[ 1667.014727][T18349] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1667.029615][T18349] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[ 1667.061943][T18349] EXT4-fs (loop5): failed to initialize system zone (-117)
[ 1667.069406][T18349] EXT4-fs (loop5): mount failed
[ 1670.962462][ T4401] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1671.242826][ T4401] usb 6-1: config 6 has an invalid interface number: 104 but max is 0
[ 1671.273730][ T4401] usb 6-1: config 6 has no interface number 0
[ 1671.280045][ T4401] usb 6-1: config 6 interface 104 has no altsetting 0
[ 1671.297059][ T4401] usb 6-1: New USB device found, idVendor=1199, idProduct=68aa, bcdDevice=23.79
[ 1671.306942][ T4401] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1671.418829][ T4401] usb 6-1: Product: syz
[ 1671.436197][ T4401] usb 6-1: Manufacturer: syz
[ 1671.465068][ T4401] usb 6-1: SerialNumber: syz
[ 1671.577784][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1672.103173][ T4401] sierra 6-1:6.104: Sierra USB modem converter detected
[ 1672.229412][ T4401] usb 6-1: Sierra USB modem converter now attached to ttyUSB0
[ 1672.429879][ T4401] usb 6-1: USB disconnect, device number 5
[ 1673.722573][ T4401] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 1673.734379][ T4401] sierra 6-1:6.104: device disconnected
[ 1673.754801][T18435] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1675.590918][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1680.015459][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1680.308169][T18533] loop5: detected capacity change from 0 to 16
[ 1680.367088][T18533] MTD: Attempt to mount non-MTD device "/dev/loop5"
[ 1682.510281][T18569] loop5: detected capacity change from 0 to 8
[ 1682.553297][T18569] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1683.270912][T18569] SQUASHFS error: Failed to read block 0x91: -5
[ 1683.304982][T18569] SQUASHFS error: Unable to read metadata cache entry [8f]
[ 1683.334427][T18569] SQUASHFS error: Unable to read inode 0x11f
[ 1685.174810][ T4387] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[ 1685.412336][ T4387] usb 6-1: config 0 has an invalid interface number: 120 but max is 0
[ 1685.420633][ T4387] usb 6-1: config 0 has no interface number 0
[ 1685.426770][ T4387] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1685.442986][ T4387] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1685.452117][ T4387] usb 6-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[ 1685.461827][ T4387] usb 6-1: Manufacturer: syz
[ 1685.484167][ T4387] usb 6-1: config 0 descriptor??
[ 1685.507576][ T4387] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input7
[ 1685.794949][ T4387] usb 6-1: USB disconnect, device number 6
[ 1687.161439][T18637] loop5: detected capacity change from 0 to 2048
[ 1687.501537][T18637] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1688.049424][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1689.609317][ T4387] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1689.901809][ T4387] usb 6-1: config 0 has an invalid interface number: 153 but max is 0
[ 1690.096668][ T4387] usb 6-1: config 0 has no interface number 0
[ 1690.106040][ T4387] usb 6-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34
[ 1690.123521][ T4387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1690.137261][ T4387] usb 6-1: Product: syz
[ 1690.143082][ T4387] usb 6-1: Manufacturer: syz
[ 1690.158210][ T4387] usb 6-1: SerialNumber: syz
[ 1690.646087][ T4387] usb 6-1: config 0 descriptor??
[ 1690.658627][ T4387] sierra 6-1:0.153: Sierra USB modem converter detected
[ 1690.935857][ T4387] usb 6-1: USB disconnect, device number 7
[ 1690.984496][ T4387] sierra 6-1:0.153: device disconnected
[ 1691.183178][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1691.189853][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1692.043900][T18713] loop5: detected capacity change from 0 to 1024
[ 1692.155238][T18713] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[ 1692.196716][T18713] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1692.213595][T18713] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1692.366823][T18713] EXT4-fs error (device loop5): ext4_read_inode_bitmap:168: comm syz.5.3274: Inode bitmap for bg 0 marked uninitialized
[ 1692.925730][T18713] EXT4-fs (loop5): Remounting filesystem read-only
[ 1692.970512][T18713] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1693.166844][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1695.945539][T18766] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1696.811191][T18794] netlink: 'syz.1.3302': attribute type 12 has an invalid length.
[ 1698.863519][ T4401] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[ 1699.149493][ T4401] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1699.165144][ T4401] usb 6-1: not running at top speed; connect to a high speed hub
[ 1699.209080][ T4401] usb 6-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice= 0.40
[ 1699.882261][ T4401] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1699.893737][ T4401] usb 6-1: Product: syz
[ 1700.051361][ T4401] usb 6-1: Manufacturer: syz
[ 1700.056623][ T4401] usb 6-1: SerialNumber: syz
[ 1701.154543][ T4401] usb 6-1: USB disconnect, device number 8
[ 1701.674337][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1701.823537][ T4401] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1702.081384][ T4401] usb 6-1: Using ep0 maxpacket: 16
[ 1702.103786][ T4401] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1702.141677][ T4401] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1702.193255][ T4401] usb 6-1: Product: syz
[ 1702.305358][ T4401] usb 6-1: Manufacturer: syz
[ 1702.310403][ T4401] usb 6-1: SerialNumber: syz
[ 1702.319091][ T4401] r8152-cfgselector 6-1: config 0 descriptor??
[ 1702.803338][ T4401] r8152-cfgselector 6-1: Unknown version 0x0000
[ 1702.821959][T18873] udevd[18873]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1702.822962][ T4401] r8152-cfgselector 6-1: USB disconnect, device number 9
[ 1704.050652][T18928] netlink: 'syz.3.3347': attribute type 21 has an invalid length.
[ 1704.058760][T18928] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1704.104551][T18932] loop5: detected capacity change from 0 to 128
[ 1704.549356][T18932] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1704.588343][T18932] ext4 filesystem being mounted at /291/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1704.640048][T18932] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.3350: No space for directory leaf checksum. Please run e2fsck -D.
[ 1704.855923][T18932] EXT4-fs error (device loop5): __ext4_find_entry:1696: inode #2: comm syz.5.3350: checksumming directory block 0
[ 1704.939086][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1705.426153][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1705.494042][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1705.562805][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1705.576579][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1705.584382][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1705.593139][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1705.601541][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1705.610167][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1705.618099][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1705.630952][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1705.645916][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1705.656526][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1705.664717][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1705.672780][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1705.692147][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1705.702904][T18936] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1705.715908][T18936] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1705.732749][ T4387] lo speed is unknown, defaulting to 1000
[ 1705.808079][T18957] loop5: detected capacity change from 0 to 1764
[ 1707.617467][ T4387] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1707.861466][ T4387] usb 6-1: Using ep0 maxpacket: 16
[ 1707.882762][ T4387] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=81.0c
[ 1707.938773][ T4387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1707.973480][ T4387] usb 6-1: Product: syz
[ 1707.977732][ T4387] usb 6-1: Manufacturer: syz
[ 1708.001429][ T4387] usb 6-1: SerialNumber: syz
[ 1708.038151][ T4387] r8152-cfgselector 6-1: config 0 descriptor??
[ 1708.495727][ T4387] r8152-cfgselector 6-1: Unknown version 0x0000
[ 1708.983097][ T4387] r8152-cfgselector 6-1: USB disconnect, device number 10
[ 1710.601557][T19023] xt_NFQUEUE: number of total queues is 0
[ 1710.690469][T19023] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3379'.
[ 1710.983036][T19041] loop5: detected capacity change from 0 to 1764
[ 1713.245290][T19047] loop5: detected capacity change from 0 to 32768
[ 1713.993314][T19047] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.3388 (19047)
[ 1714.329003][T19047] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1714.611313][T19047] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[ 1714.680758][T19047] BTRFS info (device loop5): using free space tree
[ 1714.769872][T19047] BTRFS error (device loop5): open_ctree failed: -12
[ 1717.391075][T18411] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by udevd (18411)
[ 1719.530423][ T4387] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1719.738684][ T4387] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1719.772006][ T4387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1719.861872][ T4387] usb 6-1: Product: syz
[ 1719.866095][ T4387] usb 6-1: Manufacturer: syz
[ 1719.931688][ T4387] usb 6-1: SerialNumber: syz
[ 1720.028567][ T4387] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1720.319960][T19184] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1720.371456][T19184] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1720.823861][ T4387] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1721.282888][T19144] usb 6-1: USB disconnect, device number 11
[ 1721.681298][T19219] netlink: 'syz.0.3433': attribute type 1 has an invalid length.
[ 1721.709561][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1722.273724][ T4387] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 1722.352428][ T4387] ath9k_htc: Failed to initialize the device
[ 1722.416471][T19144] usb 6-1: ath9k_htc: USB layer deinitialized
[ 1722.907877][T19244] xt_NFQUEUE: number of total queues is 0
[ 1722.926124][T19244] netlink: 140 bytes leftover after parsing attributes in process `syz.7.3440'.
[ 1724.020893][T19259] xt_NFQUEUE: number of total queues is 0
[ 1724.095685][T19259] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3447'.
[ 1725.134385][T19291] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3460'.
[ 1725.183742][T19291] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[ 1725.376345][T19298] loop5: detected capacity change from 0 to 1764
[ 1725.899473][T19305] xt_NFQUEUE: number of total queues is 0
[ 1725.910549][T19305] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3464'.
[ 1727.919152][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1728.482291][T19345] xt_NFQUEUE: number of total queues is 0
[ 1728.627045][T19347] netlink: 140 bytes leftover after parsing attributes in process `syz.5.3479'.
[ 1729.139723][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1730.693389][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1732.470314][T19394] xt_NFQUEUE: number of total queues is 0
[ 1732.481402][T19394] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3495'.
[ 1733.476686][T19407] netlink: 'syz.7.3503': attribute type 21 has an invalid length.
[ 1733.531238][T19410] netlink: 'syz.3.3505': attribute type 3 has an invalid length.
[ 1734.945634][T19429] netlink: 'syz.5.3510': attribute type 21 has an invalid length.
[ 1734.957093][T19429] netlink: 128 bytes leftover after parsing attributes in process `syz.5.3510'.
[ 1734.969482][T19429] netlink: 'syz.5.3510': attribute type 4 has an invalid length.
[ 1734.993018][T19429] netlink: 'syz.5.3510': attribute type 3 has an invalid length.
[ 1735.008244][T19429] netlink: 3 bytes leftover after parsing attributes in process `syz.5.3510'.
[ 1735.374094][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1736.187637][T19445] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3516'.
[ 1736.611552][T19455] xt_NFQUEUE: number of total queues is 0
[ 1736.629281][T19455] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3518'.
[ 1737.689965][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1737.714505][T19470] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3526'.
[ 1737.727777][T19470] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3526'.
[ 1737.961532][T19476] xt_AUDIT: Audit type out of range (valid range: 0..2)
[ 1738.326734][T19494] xt_NFQUEUE: number of total queues is 0
[ 1738.346632][T19494] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3533'.
[ 1739.285216][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1739.709333][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1741.977605][T19541] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3552'.
[ 1742.525712][T19558] xt_NFQUEUE: number of total queues is 0
[ 1743.231166][T19558] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3554'.
[ 1743.608673][T19573] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3561'.
[ 1746.084452][T19594] comedi comedi0: Minor 2 could not be opened
[ 1746.410647][T19600] loop5: detected capacity change from 0 to 64
[ 1751.519503][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1752.141105][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1752.155619][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1752.164911][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1752.173422][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1752.182517][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1752.192192][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1752.201029][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1752.217781][T19683] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1752.518564][T19683] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1753.641831][T19712] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3608'.
[ 1753.657476][T19712] netlink: 48 bytes leftover after parsing attributes in process `syz.7.3608'.
[ 1755.531163][T19749] netlink: 'syz.3.3622': attribute type 21 has an invalid length.
[ 1756.201566][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1757.303892][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1757.310557][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1758.552603][T19793] netlink: 'syz.7.3635': attribute type 21 has an invalid length.
[ 1758.657492][T19793] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1758.680054][T19793] netlink: 'syz.7.3635': attribute type 1 has an invalid length.
[ 1758.706708][T19795] netlink: 'syz.3.3637': attribute type 7 has an invalid length.
[ 1759.154242][T19818] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3645'.
[ 1759.981250][T19831] netlink: 'syz.3.3654': attribute type 3 has an invalid length.
[ 1759.994842][T19831] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3654'.
[ 1761.502431][T19877] netlink: 'syz.7.3675': attribute type 8 has an invalid length.
[ 1761.832773][T19890] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1762.443343][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1763.372546][T19920] device team0 entered promiscuous mode
[ 1763.389194][T19920] device team_slave_0 entered promiscuous mode
[ 1763.400093][T19920] device team_slave_1 entered promiscuous mode
[ 1763.415533][T19920] 8021q: adding VLAN 0 to HW filter on device team0
[ 1763.457252][T19920] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1764.865956][T19933] loop5: detected capacity change from 0 to 32768
[ 1764.941370][T19933] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1766.226028][T19933] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[ 1766.302783][T19933] BTRFS info (device loop5): force clearing of disk cache
[ 1766.341272][T19933] BTRFS info (device loop5): metadata ratio 0
[ 1766.347995][T19973] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1766.399916][T19933] BTRFS info (device loop5): enabling ssd optimizations
[ 1766.563785][T19933] BTRFS info (device loop5): using spread ssd allocation scheme
[ 1766.613261][T19933] BTRFS info (device loop5): using free space tree
[ 1767.233382][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1768.036728][T19933] BTRFS error (device loop5): open_ctree failed: -22
[ 1769.288779][T20029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3721'.
[ 1775.055139][T20141] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3765'.
[ 1776.357780][T20156] loop5: detected capacity change from 0 to 64
[ 1777.641151][T20168] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3774'.
[ 1777.678568][T20168] device hsr0 entered promiscuous mode
[ 1777.704617][T20168] device macsec2 entered promiscuous mode
[ 1777.896752][T20178] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3779'.
[ 1779.112425][T20196] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[ 1780.283242][T20231] loop5: detected capacity change from 0 to 128
[ 1780.388516][T20231] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1780.397624][T20231] ext4 filesystem being mounted at /361/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1780.577419][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1781.926570][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1783.772171][T20325] sp0: Synchronizing with TNC
[ 1784.270389][T20342] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1785.313561][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1788.442664][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1788.452326][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1788.460142][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1788.467644][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1788.475243][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1788.483507][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1788.491568][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1788.501858][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1788.511881][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[ 1788.519903][T20394] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[ 1788.587450][T20394] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1792.266233][T20450] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3878'.
[ 1792.276785][T20450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3878'.
[ 1792.923477][T20463] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1794.437653][T20488] loop5: detected capacity change from 0 to 1024
[ 1795.501595][T20504] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3895'.
[ 1795.614605][T20510] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3899'.
[ 1797.238698][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1797.252801][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[ 1797.260630][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[ 1797.268075][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[ 1797.275799][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[ 1797.283638][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[ 1797.292260][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[ 1797.302698][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1797.312004][T20534] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[ 1797.859322][T20534] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1798.266212][T20549] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3908'.
[ 1799.475621][T20571] netlink: 'syz.7.3920': attribute type 29 has an invalid length.
[ 1799.509672][T20571] netlink: 'syz.7.3920': attribute type 29 has an invalid length.
[ 1799.535573][T20575] netlink: 'syz.7.3920': attribute type 29 has an invalid length.
[ 1799.832107][T20578] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1799.844940][T20578] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1800.472454][T20578] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1802.119437][T20615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3935'.
[ 1802.133292][T20025] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1802.141037][T20615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3935'.
[ 1802.161335][T20615] netlink: 'syz.3.3935': attribute type 13 has an invalid length.
[ 1802.359865][T20025] usb 6-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[ 1802.394989][T20025] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 204
[ 1802.432579][T20025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1802.480073][T20025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1802.518095][T20025] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1802.539415][T20025] usb 6-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[ 1802.560780][T20025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1802.581756][T20025] usb 6-1: config 0 descriptor??
[ 1803.097453][T20025] input: HID 28bd:0909 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:28BD:0909.0001/input/input8
[ 1803.312219][T20025] uclogic 0003:28BD:0909.0001: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.5-1/input0
[ 1803.394427][T20025] usb 6-1: USB disconnect, device number 12
[ 1803.604187][T20629] fido_id[20629]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1804.327095][T20641] loop5: detected capacity change from 0 to 24
[ 1804.355276][T20642] netlink: 'syz.0.3945': attribute type 33 has an invalid length.
[ 1804.362533][T20641] MTD: Attempt to mount non-MTD device "/dev/loop5"
[ 1804.394610][T20642] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3945'.
[ 1804.423299][T20641] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1804.804071][T20653] loop5: detected capacity change from 0 to 1024
[ 1805.800333][T20664] loop5: detected capacity change from 0 to 1024
[ 1806.351107][T20673] loop5: detected capacity change from 0 to 1024
[ 1806.417067][T20673] hfsplus: bad catalog entry type
[ 1806.500875][    T9] hfsplus: b-tree write err: -5, ino 25
[ 1806.526616][    T9] hfsplus: b-tree write err: -5, ino 4
[ 1806.555975][    T9] hfsplus: b-tree write err: -5, ino 2
[ 1807.459566][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1810.574866][T20705] loop5: detected capacity change from 0 to 32768
[ 1811.332808][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1813.896049][T20778] loop5: detected capacity change from 0 to 32768
[ 1814.124432][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1815.356619][T20815] loop5: detected capacity change from 0 to 32768
[ 1815.415759][T20815] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 scanned by syz.5.4010 (20815)
[ 1815.661789][T20815] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[ 1815.672239][T20815] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[ 1816.296427][T20815] BTRFS info (device loop5): using free space tree
[ 1817.445555][T20815] BTRFS info (device loop5): enabling ssd optimizations
[ 1817.902168][T11466] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[ 1819.466566][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1820.147680][T20434] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 9 /dev/loop5 scanned by udevd (20434)
[ 1821.436255][T20915] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1822.180853][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1822.702161][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1822.717950][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1825.542274][T20990] netlink: 156 bytes leftover after parsing attributes in process `syz.7.4067'.
[ 1825.678197][T20990] netlink: 64 bytes leftover after parsing attributes in process `syz.7.4067'.
[ 1825.700916][T20990] tipc: Invalid UDP bearer configuration
[ 1825.700979][T20990] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1827.175657][T21017] xt_recent: Unsupported userspace flags (000000b1)
[ 1827.187385][T20994] loop5: detected capacity change from 0 to 32768
[ 1830.473289][T21042] loop5: detected capacity change from 0 to 32768
[ 1830.500889][T21042] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.4086 (21042)
[ 1830.758706][T21042] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1830.785851][T21042] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[ 1830.798231][T21042] BTRFS info (device loop5): using free space tree
[ 1830.954245][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1832.049723][T21042] BTRFS error (device loop5): open_ctree failed: -22
[ 1832.275678][T20434] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by udevd (20434)
[ 1832.325320][T21111] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4105'.
[ 1832.749770][ T9995] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1833.422984][ T9995] usb 6-1: Using ep0 maxpacket: 8
[ 1833.521037][ T9995] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1833.534235][ T9995] usb 6-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[ 1833.544178][ T9995] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1833.582034][ T9995] usb 6-1: Product: syz
[ 1833.590347][ T9995] usb 6-1: Manufacturer: syz
[ 1833.601152][ T9995] usb 6-1: SerialNumber: syz
[ 1833.639870][ T9995] usb 6-1: config 0 descriptor??
[ 1833.675156][ T9995] cdc_phonet 6-1:0.0: skipping garbage
[ 1833.702306][ T9995] cdc_phonet 6-1:0.0: invalid descriptor buffer length
[ 1833.750602][ T9995] cdc_phonet: probe of 6-1:0.0 failed with error -22
[ 1833.874722][T19113] usb 6-1: USB disconnect, device number 13
[ 1834.048038][T21145] xt_NFQUEUE: number of total queues is 0
[ 1834.069167][T21145] netlink: 140 bytes leftover after parsing attributes in process `syz.3.4113'.
[ 1836.286431][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1837.951648][T21198] xt_NFQUEUE: number of total queues is 0
[ 1837.980350][T21198] netlink: 140 bytes leftover after parsing attributes in process `syz.5.4132'.
[ 1839.191838][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1840.565715][T21244] vim2m vim2m.0: vidioc_s_fmt queue busy
[ 1840.715525][T21252] loop5: detected capacity change from 0 to 1024
[ 1840.723329][T21252] EXT4-fs: Ignoring removed orlov option
[ 1840.731850][T21252] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1840.816395][T21252] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1840.847558][T21252] EXT4-fs error (device loop5): ext4_iget_extra_inode:4756: inode #15: comm syz.5.4155: corrupted in-inode xattr
[ 1840.866356][T21252] EXT4-fs (loop5): Remounting filesystem read-only
[ 1840.887449][T21252] EXT4-fs error (device loop5): ext4_iget_extra_inode:4756: inode #15: comm syz.5.4155: corrupted in-inode xattr
[ 1840.900927][T21252] EXT4-fs (loop5): Remounting filesystem read-only
[ 1840.959635][T11466] EXT4-fs (loop5): unmounting filesystem.
[ 1841.966137][T21270] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4161'.
[ 1842.159598][T21281] loop5: detected capacity change from 0 to 164
[ 1842.578960][T21294] 
[ 1842.581433][T21294] ======================================================
[ 1842.588551][T21294] WARNING: possible circular locking dependency detected
[ 1842.595611][T21294] syzkaller #0 Not tainted
[ 1842.600169][T21294] ------------------------------------------------------
[ 1842.607283][T21294] syz.0.4171/21294 is trying to acquire lock:
[ 1842.613367][T21294] ffffffff9701ff38 (nfnl_subsys_ipset){+.+.}-{3:3}, at: ip_set_nfnl_get_byindex+0x63/0x230
[ 1842.623822][T21294] 
[ 1842.623822][T21294] but task is already holding lock:
[ 1842.631479][T21294] ffff88802d90b6b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x37/0x100
[ 1842.642327][T21294] 
[ 1842.642327][T21294] which lock already depends on the new lock.
[ 1842.642327][T21294] 
[ 1842.652767][T21294] 
[ 1842.652767][T21294] the existing dependency chain (in reverse order) is:
[ 1842.661905][T21294] 
[ 1842.661905][T21294] -> #2 (&nft_net->commit_mutex){+.+.}-{3:3}:
[ 1842.670218][T21294]        __mutex_lock+0x12d/0xaf0
[ 1842.675695][T21294]        nf_tables_dumpreset_obj+0x6e/0x90
[ 1842.681602][T21294]        netlink_dump+0x6a3/0xd00
[ 1842.686717][T21294]        __netlink_dump_start+0x537/0x6f0
[ 1842.692562][T21294]        nft_netlink_dump_start_rcu+0xdb/0x1a0
[ 1842.698941][T21294]        nf_tables_getobj_reset+0x1cb/0x610
[ 1842.704872][T21294]        nfnetlink_rcv_msg+0x8a0/0x12b0
[ 1842.710829][T21294]        netlink_rcv_skb+0x1fb/0x450
[ 1842.716257][T21294]        nfnetlink_rcv+0x2b0/0x2480
[ 1842.721586][T21294]        netlink_unicast+0x74d/0x8d0
[ 1842.726933][T21294]        netlink_sendmsg+0x8ad/0xbd0
[ 1842.732310][T21294]        ____sys_sendmsg+0x5be/0x970
[ 1842.737828][T21294]        ___sys_sendmsg+0x2a2/0x360
[ 1842.743063][T21294]        __se_sys_sendmsg+0x1bb/0x2a0
[ 1842.748914][T21294]        do_syscall_64+0x4c/0xa0
[ 1842.753924][T21294]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1842.760479][T21294] 
[ 1842.760479][T21294] -> #1 (nlk_cb_mutex-NETFILTER){+.+.}-{3:3}:
[ 1842.768864][T21294]        __mutex_lock+0x12d/0xaf0
[ 1842.774024][T21294]        __netlink_dump_start+0x11f/0x6f0
[ 1842.779974][T21294]        ip_set_dump+0x152/0x1e0
[ 1842.785031][T21294]        nfnetlink_rcv_msg+0xbec/0x12b0
[ 1842.790614][T21294]        netlink_rcv_skb+0x1fb/0x450
[ 1842.795960][T21294]        nfnetlink_rcv+0x2b0/0x2480
[ 1842.801319][T21294]        netlink_unicast+0x74d/0x8d0
[ 1842.806645][T21294]        netlink_sendmsg+0x8ad/0xbd0
[ 1842.811994][T21294]        ____sys_sendmsg+0x5be/0x970
[ 1842.817316][T21294]        ___sys_sendmsg+0x2a2/0x360
[ 1842.822550][T21294]        __se_sys_sendmsg+0x1bb/0x2a0
[ 1842.828501][T21294]        do_syscall_64+0x4c/0xa0
[ 1842.833569][T21294]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1842.840113][T21294] 
[ 1842.840113][T21294] -> #0 (nfnl_subsys_ipset){+.+.}-{3:3}:
[ 1842.847989][T21294]        __lock_acquire+0x2d07/0x7d10
[ 1842.853529][T21294]        lock_acquire+0x1bb/0x4a0
[ 1842.858680][T21294]        __mutex_lock+0x12d/0xaf0
[ 1842.864016][T21294]        ip_set_nfnl_get_byindex+0x63/0x230
[ 1842.870244][T21294]        set_match_v1_checkentry+0x6d/0x220
[ 1842.876282][T21294]        xt_check_match+0x425/0xaf0
[ 1842.881622][T21294]        __nft_match_init+0x663/0x890
[ 1842.887374][T21294]        nf_tables_newrule+0x1731/0x2810
[ 1842.893130][T21294]        nfnetlink_rcv+0x1124/0x2480
[ 1842.898442][T21294]        netlink_unicast+0x74d/0x8d0
[ 1842.903914][T21294]        netlink_sendmsg+0x8ad/0xbd0
[ 1842.909338][T21294]        ____sys_sendmsg+0x5be/0x970
[ 1842.914847][T21294]        ___sys_sendmsg+0x2a2/0x360
[ 1842.920170][T21294]        __se_sys_sendmsg+0x1bb/0x2a0
[ 1842.925636][T21294]        do_syscall_64+0x4c/0xa0
[ 1842.930590][T21294]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1842.937038][T21294] 
[ 1842.937038][T21294] other info that might help us debug this:
[ 1842.937038][T21294] 
[ 1842.947381][T21294] Chain exists of:
[ 1842.947381][T21294]   nfnl_subsys_ipset --> nlk_cb_mutex-NETFILTER --> &nft_net->commit_mutex
[ 1842.947381][T21294] 
[ 1842.961987][T21294]  Possible unsafe locking scenario:
[ 1842.961987][T21294] 
[ 1842.969459][T21294]        CPU0                    CPU1
[ 1842.975035][T21294]        ----                    ----
[ 1842.980662][T21294]   lock(&nft_net->commit_mutex);
[ 1842.985694][T21294]                                lock(nlk_cb_mutex-NETFILTER);
[ 1842.993256][T21294]                                lock(&nft_net->commit_mutex);
[ 1843.000906][T21294]   lock(nfnl_subsys_ipset);
[ 1843.005543][T21294] 
[ 1843.005543][T21294]  *** DEADLOCK ***
[ 1843.005543][T21294] 
[ 1843.013698][T21294] 1 lock held by syz.0.4171/21294:
[ 1843.019735][T21294]  #0: ffff88802d90b6b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x37/0x100
[ 1843.030577][T21294] 
[ 1843.030577][T21294] stack backtrace:
[ 1843.036524][T21294] CPU: 1 PID: 21294 Comm: syz.0.4171 Not tainted syzkaller #0
[ 1843.044188][T21294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1843.054363][T21294] Call Trace:
[ 1843.057673][T21294]  <TASK>
[ 1843.061187][T21294]  dump_stack_lvl+0x188/0x24e
[ 1843.066115][T21294]  ? load_image+0x400/0x400
[ 1843.070699][T21294]  ? show_regs_print_info+0x12/0x12
[ 1843.076119][T21294]  ? print_circular_bug+0x12b/0x1a0
[ 1843.081373][T21294]  check_noncircular+0x296/0x330
[ 1843.086443][T21294]  ? add_chain_block+0x940/0x940
[ 1843.091641][T21294]  ? lockdep_lock+0xf1/0x1f0
[ 1843.096272][T21294]  ? _find_first_zero_bit+0xcf/0x100
[ 1843.101642][T21294]  __lock_acquire+0x2d07/0x7d10
[ 1843.106626][T21294]  ? mark_lock+0x94/0x320
[ 1843.110958][T21294]  ? verify_lock_unused+0x140/0x140
[ 1843.116181][T21294]  ? __lock_acquire+0x12f4/0x7d10
[ 1843.121349][T21294]  lock_acquire+0x1bb/0x4a0
[ 1843.125888][T21294]  ? ip_set_nfnl_get_byindex+0x63/0x230
[ 1843.131512][T21294]  ? __might_sleep+0xd0/0xd0
[ 1843.136213][T21294]  ? read_lock_is_recursive+0x10/0x10
[ 1843.141611][T21294]  __mutex_lock+0x12d/0xaf0
[ 1843.146123][T21294]  ? ip_set_nfnl_get_byindex+0x63/0x230
[ 1843.151771][T21294]  ? ip_set_pernet+0x23/0x230
[ 1843.156459][T21294]  ? ip_set_nfnl_get_byindex+0x63/0x230
[ 1843.162027][T21294]  ? mutex_lock_nested+0x10/0x10
[ 1843.167373][T21294]  ? __flush_work+0x10d/0xae0
[ 1843.172357][T21294]  ? ip_set_pernet+0x23/0x230
[ 1843.177074][T21294]  ? ip_set_pernet+0x23/0x230
[ 1843.181787][T21294]  ip_set_nfnl_get_byindex+0x63/0x230
[ 1843.187351][T21294]  set_match_v1_checkentry+0x6d/0x220
[ 1843.193102][T21294]  xt_check_match+0x425/0xaf0
[ 1843.197874][T21294]  ? flush_work+0x20/0x20
[ 1843.202226][T21294]  ? xt_check_proc_name+0x270/0x270
[ 1843.207668][T21294]  ? __stack_depot_save+0x35/0x460
[ 1843.213048][T21294]  __nft_match_init+0x663/0x890
[ 1843.217996][T21294]  ? ___sys_sendmsg+0x2a2/0x360
[ 1843.222949][T21294]  ? nft_match_large_dump+0x40/0x40
[ 1843.228251][T21294]  ? __kmem_cache_alloc_node+0x140/0x260
[ 1843.234520][T21294]  ? nf_tables_newrule+0x1503/0x2810
[ 1843.239941][T21294]  ? rcu_is_watching+0x11/0xa0
[ 1843.244803][T21294]  ? nf_tables_newrule+0x1503/0x2810
[ 1843.250115][T21294]  ? __kmalloc+0xe1/0x240
[ 1843.254671][T21294]  nf_tables_newrule+0x1731/0x2810
[ 1843.260029][T21294]  ? nf_tables_delchain+0xf00/0xf00
[ 1843.265594][T21294]  ? __lock_acquire+0x7d10/0x7d10
[ 1843.270730][T21294]  ? mutex_unlock+0x10/0x10
[ 1843.275338][T21294]  ? __nla_parse+0x3c/0x50
[ 1843.279768][T21294]  nfnetlink_rcv+0x1124/0x2480
[ 1843.284826][T21294]  ? nfnetlink_net_exit_batch+0xa0/0xa0
[ 1843.290596][T21294]  ? ref_tracker_free+0x68c/0x840
[ 1843.295884][T21294]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1843.301173][T21294]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1843.306563][T21294]  netlink_unicast+0x74d/0x8d0
[ 1843.311369][T21294]  netlink_sendmsg+0x8ad/0xbd0
[ 1843.316157][T21294]  ? netlink_getsockopt+0x550/0x550
[ 1843.321405][T21294]  ? aa_sock_msg_perm+0x94/0x150
[ 1843.326493][T21294]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[ 1843.331858][T21294]  ? security_socket_sendmsg+0x7c/0xa0
[ 1843.337697][T21294]  ? netlink_getsockopt+0x550/0x550
[ 1843.342899][T21294]  ____sys_sendmsg+0x5be/0x970
[ 1843.347665][T21294]  ? __sys_sendmsg_sock+0x30/0x30
[ 1843.352767][T21294]  ? __import_iovec+0x315/0x500
[ 1843.357733][T21294]  ? import_iovec+0x6f/0xa0
[ 1843.362252][T21294]  ___sys_sendmsg+0x2a2/0x360
[ 1843.367020][T21294]  ? try_to_wake_up+0x67c/0x1080
[ 1843.372138][T21294]  ? __sys_sendmsg+0x290/0x290
[ 1843.377012][T21294]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1843.381879][T21294]  ? __x64_sys_sendmsg+0x80/0x80
[ 1843.386951][T21294]  ? lockdep_hardirqs_on+0x94/0x140
[ 1843.392270][T21294]  do_syscall_64+0x4c/0xa0
[ 1843.396818][T21294]  ? clear_bhb_loop+0x60/0xb0
[ 1843.401538][T21294]  ? clear_bhb_loop+0x60/0xb0
[ 1843.406252][T21294]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1843.412266][T21294] RIP: 0033:0x7f56f339c799
[ 1843.416787][T21294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1843.436757][T21294] RSP: 002b:00007f56f4280028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1843.445371][T21294] RAX: ffffffffffffffda RBX: 00007f56f3615fa0 RCX: 00007f56f339c799
[ 1843.453368][T21294] RDX: 0000000024044010 RSI: 0000200000000100 RDI: 0000000000000003
[ 1843.461353][T21294] RBP: 00007f56f3432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1843.469696][T21294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1843.477779][T21294] R13: 00007f56f3616038 R14: 00007f56f3615fa0 R15: 00007fff5540e468
[ 1843.485866][T21294]  </TASK>
[ 1843.493841][T21294] set match dimension is over the limit!
[ 1843.643692][T15149] Bluetooth: hci2: Malformed MSFT vendor event: 0x02