last executing test programs:

6m55.896114119s ago: executing program 2 (id=153):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(0x0)
r5 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f00000005c0)='fd', 0x0, r4)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x22}]}}}]}]}], {0x14}}, 0x90}}, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x70bd25, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010026ca7000fbdbdf2505000000280001800d0001007564703a73797a320000000014000280080003008a"], 0x3c}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
syz_open_procfs(0x0, &(0x7f0000000140)='task\x00')

6m54.32689283s ago: executing program 2 (id=155):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x1)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4, 0x1}, 0x3, 0x800})
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x195)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000020000000000f4000400000000000000"], 0x1c, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=@base={0x13, 0x80000001, 0x35b3, 0x2, 0x800, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x2}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001180)={r4, 0x58, &(0x7f0000001100)}, 0x10)
socket$key(0xf, 0x3, 0x2)
chown(&(0x7f0000000240)='./file1\x00', 0xee00, 0x0)

6m50.594240402s ago: executing program 2 (id=160):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000340)='./file1\x00', 0x0, &(0x7f0000000000)={[{@space_cache_v1}, {@clear_cache}, {@compress_algo={'compress', 0x3d, 'zstd'}}]}, 0xff, 0x50d4, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PN61+vdDUHKQxYxL0N+ktdrOw7WLyCcVBEIpGQtov6DQtbYm9TxBhs/Co4s1RhUlCKEC66IQh+2RFSnEsgqbXmEEosqQVUtGoU2fziPpgWEKkGjFNclSiRX986c2bln9j78WNsbPh/Je8+933POzDn33vGcmblnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgt8PV373hy+3i7/jR1796U+8HXvjBbw6u/9I9ky+FMNV4vScL97zvzHNnrvvU7Ru+d/s3Hjk9fudDg3m5PB6W1v/05k8+F2v92bIQvt0TQn8aWDWSBQby5yOxvuUjIVwV5gJFiZnhrES64PDkUAhHwlygqOq7QyGMlAJ3PfPDJ75YTxweCuGdIYRauowXatkyhtLAysEsMJwGdvRngf89mykC3+nNAnDB4peh+NAfn2rOMD5/uRafv4GLtmKXV9q8vpgYb53vV7cu8EqVDKYvTF3Q21apjgVR+Xqc8G1bBN+2Sj8f8raVd6TyPZSzc6Fa6N06c+/mvbN74iu9YWKir1VNC/Q+n3pl/5ZzSS+az2FcgfGL8jm8//DNzw5+7I4XH3n98f2na19bfqGr2ap7F1ot5J+5RfM+RhttTxbB16+yl7TCTlcI4fSJk/vbxSvj//H24//4cY6PvU25Y62vjWZj8/jKSEy8PJqNzQEAAGDRWAxHTQdX/OtP29VXGf+v6O78fzzlnw/ms9aeCGFjI/HZsRCubbyeBR6Li/v4WAhvbaSmmgO3JoETIVzXSNxYVJWUWBJLrEgCvxjNAxuTwFMxMJUEHo2BQ0ngczFwPAlsiYETSeC2GAjbmtvx/0bzdnQdGIqB6awTj8erEH49GpeW9NVzRVUAAAAXST46HGh+WrrW4UIzxOHl8aFOGeIV2C0z1JIa0hFsMaxqWUN/pxp6O9VQtPtA++ZXau7pVHPlMoye5gz/c+qaHaGNyvh/sv34vzbPivRUzv+HyU2Nh5i7N4/MFhmmp5oyAAAAABfg9948vbldvDL+39jd9f/xmEhfKXM4GQ9DbB8LYbI5kFV7SzWQnfVemgcAAABgMSjOxxfnwrflj9kl2ul4upp/6hzzxxP/G+fNv+PH//J4u/WtjP+nurv+f7j5MVuJp+JafGUshCWlwI/iWtYDDSti4KX3Nwfy9j8VO+ALsar8woSiqi/EEtMxMJkEjrQq8XRR4trmQP5mFQv/bNGObXmJUgAAAAAuuXg4IJ6Xj9f/r/nbP3yyXbnK+H/63K7/b4yDK5f3zy4NYXV/CH3pDwNODmcTA8bASE+e+PvhrK6+tKqDwyHcUm9YWtV/5PP/96dzDP5kKKsqBq5927FXVtYTXx8KYXU58OxHj66vJ/YmgWLhvzsUwg311qYL/7sl2cIH0oU/vCSEt5QCRVVbloRQX9hgWtU/1PL7GKRVHa+FcHUpUFT1nloI+wIAi1X8v3Rr+cXd+x7cvnl2dmbXAibiQfyhcO+22ZmJLTtmt9ZarNPWZJ2b5jH6TLVN3d765vk4R9Hdx8a6SRc/FJwsLys/kF+5cjB/HneGBhrtXDvQ9HRd2uR3v726iFDalWrV5N4FbvJwuZK5N7FSf8w/GJaGJXt3z+ya+PTmPXt2rcn+dpt9bfY3nmfK+mpN2lfD861bFx+PltNlJc63r1aWK1m954Gdq3fve3DVtgc23zdz38wnNkyuW7vh5sn171ldb9Rk9rdDS1fOV3PS0rNHu2zWRWzp9f2lSi7FRkNCQmKxJQYH7jzVbvNTGf/vbD/+j1uduOHP52dodf5/PJ7mz16fO80/HQNHuj3/P97qbH5xYcCKJHAgBg44zQ8AAMAbQzwcGY9mxoPSB971wvvalauM/w909/v/izT/fzF1/YdaTfN/Yywx2Wr+/3Sa/2L+/wOt5v9Pp/kv5v8/chnm/99bBJIu+bX5/wEAgDeCSzf/f8fp/dMbBFQydJzeP71BQCVDx2n8u71BwDnP//83v1yzPrRRGf8f6m78b+J+AAAAuHJcc9sNP24Xr4z/j3Q3/r/08/+FVtf/r2gVmGo1MaD5/wAAAFikWs3/98xHdr6/XbnK+P94d+P/eNlFb1PuWOtro9mcdiGd0+7l0eInAwAAALA49IaJiYEu8zZNjHrr+S/zVJwKtE267NDnj53b7/9PdDf+b/pdxv2Hb3528GN3vPjaI68/vv907WvL587/AwAAAAun2+MSAAAAAAAAAAAAAADA5ffo1d+ad16AqPL7/7Cp8Xqr3//H+/413TTxTD4Z4IE4s/6XxkzzBwAAAAvroVtffTj+u+/Lf/Rf7fJWxv/j3Y3/4/0F8vvgZbfeOxHv//fZsRAat9YbzwKPxcV9fCyEtzZSU7FEdkO9D8USk1ngsThh4o2xxPRUc1VLYuB4EvjFaB44kQSeioH8KMWxeGPAPx4NYX0jtam5xM5YYjwJ3BkDK5LARAxMJoFlMbAxCfxyWR6YSgL/FAP5zQeLvvrWsryvAAAAzkU+zhpofhrScd7x/k4Zejpl6LiI4U4ZejtlqLXIEJ//dVyHgfJ8/HmG+NJAWutQUkslQ7wZ3vk3vZiu7+nmnGnByqL7YsHx5pwxw85/vukroY3K+H9Fd+P/y3j///Ru/htjYEUS2BkDG5PA9KY8cOSa5oD7/wMAAHBla3X//9G3/NWhduUq4//J7sb/8UDEm5tyx1o73/8/f37Xh7+5r7HKJ0dDeHs5sP3g9qvqiUdHQ3hXOfDE3Tc2Ru0H0xLff/G2n9cT96SBD65605l64r1JYDp20nVpIB5VObMsCcTu/UkaiP1xPA0M5oGHlmXt6En76j9Hsr7qSfvq1Eh2eUVP2lffHsmW0ZM28HASKBr4yTQQG3hHHuhN1+qbS7O1ioGRWPQvlhYXfQAAcGWKe4ED4d5tszOT6U94r+9vfoyabln+mWq1PV0u/vl4a/K7j411k+5L90VrRVUDoVZvwprK7mo5S0+jlRenlg5d9+YWTe50t/feFuVS59p1g61bNJS1aGLLjtmtAx0bvq5zlrX9HbOsqQx2yll6G13aRS1drEsXLeqyb7pY5fi8N0xM9CW5/n8MjocmnT4R3d6vr3yf/1afgnKeo5//91fb1VcZ/2/sbvwf27M0lD7On4u1/mxZCN/umTsaUQRWjWSB2NyRODxePhLCVaV+KErMDGclBpMFhyeHshHqYFrVd4eyYwzx+V3P/PCJL9YTh4dCeGfpvSqW8UItW8ZQGlg5mAWG08CO/iwQr/woAt/pzQJwwYqNQvxA5T91KYzPX67F5++Nck/QtHmVa6DmyTffNneh1NIX8muqCuf2tlWqY0FUvh4nfNsW47ct+LaVd6TyPZSzc6Fa6N06c+/mvbN74ivlPdmKBXqfy3up3aQvwufwwPmvbWe1dAUmk83H5Pzl5v8c9sTq7j9887ODH7vjxUdef3z/6drXlne9Gi3EgcKT//2mq8rdu9BqIf/MLbrtyZTtyWL8b2Dc2xZCOPTnQ59sF6+M/6e6G//3J48Nr8bO3D0WwrtLnXsydv/vjGXbwVIg20peXQ1kl9z/dLTllhMAAAAutuJwR3G8YFv+mP0gPB0nV/NPnWP+eLxi47z5u13v/U/+/mPt4pXx/3T78f+SZDWd/3f+nwXi/P+8rvRD0UvSFw5c0KHoSnUsCOf/53Wlf9uc/5+X8//O/8/H+f8OnP+f15X+tlX2knba6QohnL1+4OF28cr4f2d34//fsvn/09n8i/n/00n7i/n/p1vN/7+z1fz/B8z/DwAALKgWE82n47zK5PyVDOnk/JUMPUmGc7/FQMdp9M3/n87/f/DPbtkT2qiM/w90N/6PH4eR8tIXy/z/45talNi4qXl1i8ChGNjpjgEAAABcRvEAQbzovdsZJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhYd7x6ZnO7+Dt+9PWv3tT7gRd+8JuD6790z+RLIWxrvN6ThXved+a5M9d96vYN37v9G4+cHr/zoVpebiB/XN6UO9b62mgIR0qvjMTEy6P1J3OBuz78zX399cTJ0RDeXg5sP7j9qnri0dEQ3lUOPHH3jdfUEwfTEt9/8baf1xP3pIEPrnrTmXrivXmgJ13dP12WrW5PurpfXBbCWClQrO79y5qrKpbxgTzQmy7jL0eyZcTASCz68Ei2jBiYjSW2LQlhdX8IfWlV/1jLqupLq/peLauqL63qD2oh3BJC6E+r+rfBrKr+tOVPD2ZVxcC1bzv2ysp64uhgCKvLgWc/enR9PbErCRQL/8hgCDfUPzLpwr81kC18IF34nwyE8JZSoKhqeiCE+sIG06pO9GdVDaZVfaM/hKtLgaKqm/pD2Be4XOKGZGv5xd37Hty+eXZ2ZtcCJgbzZQ2Fe7fNzkxs2TG7tZasUys9pfTZz5x/259/Zf+WRuLuY2PdpIv1miyvy9NTlRfLz/vzpwONdq4daHq6brE0ebhcydybWKk/5h8MS8OSvbtndk18evOePbvWZH+7zb42+9uXR7O+WrNY+mpluZLVex7YuXr3vgdXbXtg830z9818YsPkurUbbp5c/57V9UZNZn8vRkuPXvqWXt9fquRSbDQkJCQWW6K3aes2eaVvxys7+nMrOhBqjQ10ZVhRztLTaOXFaPSt59Ha3Lk2ujIkqbRoTWXgUMmytnOWdZUxw1yWoSxLY1+wMjgs19Tb6NL4vDdMTPS16ofx5qfl7v3VBXTvqdh1XaYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//Qczu7Q==")
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x8, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x48, 0x48, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x3, 0x1}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0x1, 0x3}, {0xb, 0x1}, {0xc}, {0xf, 0x2}]}, @func_proto={0x2, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x2e, 0x2e]}}, 0x0, 0x64, 0x0, 0x2, 0x1}, 0x28)
socket$inet_sctp(0x2, 0x5, 0x84)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = io_uring_setup(0xd, &(0x7f0000000040)={0x0, 0xc89c, 0xc000, 0x2, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000", @ANYRES32, @ANYBLOB='\x00'/13], 0x48)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, &(0x7f00000000c0)={0xa, @pix={0x0, 0x0, 0x34565348, 0x0, 0x0, 0x0, 0x25}})
r6 = syz_open_dev$video4linux(0x0, 0x3fffffffc, 0x60000)
ioctl$VIDIOC_SUBDEV_G_FMT(r6, 0xc0585604, &(0x7f0000000cc0)={0x0, 0x0, {0xfffff982, 0x8, 0x300f, 0x3, 0x7, 0x0, 0x2, 0x4}})
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000100)=0x20)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x20008c0, &(0x7f00000002c0)={[{@data_ordered}, {@nouser_xattr}, {@dir_resv_level={'dir_resv_level', 0x3d, 0x3}}, {@nointr}, {@err_cont}, {@localflocks}, {@grpquota}, {@commit={'commit', 0x3d, 0x60262b80}}]}, 0x1, 0x4436, &(0x7f0000008940)="$eJzs3cFPHNUDB/A3A79fob+2P6g91MTETWyiUUOgJ5UmUkpLocWaqo3xsl1g26IL28BiPPTQ3pp4MvFgPDSaeOPUcPBo/RO8eKznJnrwYmLSiNndWWBmdwMSFqT5fJIyO2/ee/PY7870DcnsxInKrbml3NxSrrCQK8/cWDqd+7RcWp4vhniP7Pf+STnU7o3vRE6y3z9Xzl1479rpEH6c/fnJ2traWqjqDi0NbXr9x+93ZjYvG+JMm2q/rXvbLR+FEE40jauqK4Tw4fchRCGEs0nZaLLsDSEcS8Z77c7n13O7NJqHj4tn8k+n7q8On5pcebDa/nePQvi69PzrN+d/falr+JdXd2n3AAAAAAAAAAAAAAAAAAAccONXr3zw7uBQeBSF7pWo+X7d8WTZ7v7YtV3zYud/WQAAAAAAAAAAAAAAAAAAAPiX2rj/Pxcdb3H//1iyHGnTfu3tzo+Rzpl458rY+cGh5PnvUdP2N5Ki3852hf7Mc9/vtXj++9lM+9bPf2/ez041xtfYb1+I4oHUehwPDITwbfLg95PR4bhUXqq8dqO8vDC7a8M4sNL515/en0oneaB/q/xDi/xHM/13/vn/zzV9mqrr17f6iP2ng0M6QNL5d7Wt9929aFv5n8u024v82bl0/t21st7NFUbqJ4Bq/l90b53/WKb/TuV/LISQi6pjzaXOANU5TLW83XyFtHT+9ZNi6tSZvJHtjv8/M/mfz/S/X+f/7DhoLZ3/f2tlPakaG8d/f7z18X8h0/9+5F8d/93dm2I+09L5H6oXdqeq1N7J7Z7/xzP9dyD/xhfG1cd5LEp9Alai+vjbfV8daen8e5q2b1z/xdua/13MtN+r67/GfhvXf43rkFei+vUfraXz721bb7vH/0SmXafP/yO1+R87lc7/cK0sPXfuq/3cbv6Tmf47lX9tVtLTyL92EqheEoS/DtXLv8n+IYKW0vn/r14Yb65xt/azNv+Ltp7/X8r0v1/z/7txZ/f6rEjnf6RtvWr+P23j///LmXadzz+EQXP9HUvnf7Rtvdrx37N1/lMbL38Ie5D/y53sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAAGE2WfSGKB1LrcTwwEMK5ZP1kOBxNF2bz06XyzCdLIYwl5blwPLpZKk8XSvm5hfJsMV8olcozIZxPtp8IPdFSqVzJzxduX1jvqze6VSwsVqaLhUoIYTwpfyEcbfQ1PVeZL9wOIVxc3/b/uLx4+1ZhIT87t/jW4ODgYJhYH0N/VPysUlyo1Pde3xrC5HrbvmjT4GqbL62P5Uj0cXl5caFQqpVf3tSmVJ4plDa1mUq2fRn6o8ri8sJMoVLMl8o3G/vbTyPJcmzi6vtXLw81bb8e1ZejezssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6hR8NvfhVC6K6vxSGEXJS8iJJ/KQ8fF8/kn07dXx0+NbnyYPVJqzoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzNDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbpH6WBIIoD8Jux0NJjWC27ne2KIlq4IngCPYaH0aN4Ce9gkSJtihBIZiHsH9gmqb6veTA/Zt6DeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VtH0bcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//zjwJ8w=")

6m45.149812249s ago: executing program 2 (id=166):
syz_init_net_socket$nl_generic(0x9, 0x3, 0x10)
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x8, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newtaction={0x14, 0x30, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000881}, 0x2400c808)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47e8, 0x7721, 0x16, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc22, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r3, &(0x7f0000000580)={&(0x7f0000000340)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x3000c005)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0x6f5e, 0xa0001)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f0000000100)=r4, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="b9693e14ae39b9d4956589cd4383940ab3b40d07cb4c156f3ca6fc88de9cb8a4ecac59ed49fd2b216619907a0b6431db4058ea0fc81a8a2c0d90fe4a4d001cb9ee95d2753b07a7825250f7428fd1147c0143bfdaa681777e472c350000a1e49900194dc22df4c565e5e7dbf454da7e3171f9736ec5b31348bd11c559d531fc5ad17bb24275fe9a24f69f4c0d44458071aff8d3c4783a7f1ccd3442264f6416fda9da7fe6f999f956700335e3e6a034413af8c4ba7c00"/195, 0xc3}, {&(0x7f0000000380)="248d7ac09ae9afb8954f66838ae5bb401e1c656014c4c8af25db88b25065cb5a4c7073b230eb916c6ff171fd78611ff70f30b9e77db814a1d43c7fa7a70c0df21e728ed51b836e0ce6f3faf0e4817093867621b5e0c03cf4638bc53de55de11380d10ae2775154c1069ae25d99ff710f4bbf7b5e76282c2df5a2d1f289179a74a84d8aceef5d869e05cc5117f25cd1e4d2461a95237c2fa3ba38e181e3f23a3cde974dfa75aecc3b2ce33369ad52580a6cd143f10ac7e783955969b8bd05a524f919a2fd9d3cbd055b5d2f7f00ca58f6b770492f471dc3b6b3b101d10f157ec9f68dac9b8d18cf8b", 0xe8}, {&(0x7f0000000240)="a3df552cfd633a67", 0x8}], 0x3}, 0x4009800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
getpid()

6m38.33788982s ago: executing program 2 (id=171):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
mknod$loop(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r4 = socket(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r5, 0x29, 0xd4, &(0x7f00000001c0)=0x1, 0x4)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0xfffffffd, 0x1, 0x40000001, 0x0, 0x6, 0x2})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000200)={[{@nouid32}, {@dioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nodioread_nolock}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=")

6m35.893370579s ago: executing program 2 (id=172):
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000300)={0x1f, 0xc, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x8, 0x2}, 0xe)
clock_getres(0x3, &(0x7f0000000580))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x38, 0x1403, 0x1, 0x1070bd27, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x2400c000)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x9, 0x1000006, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
mkdir(0x0, 0x22)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x188)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x123280, 0x108)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000280)={0x5c73, 0x71, @name="bd4ab8a3001f4502051eeac28f1cd65f8deca203fcdeddfa347642f4edabcef8"})
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)
socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

6m16.542557366s ago: executing program 32 (id=172):
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000300)={0x1f, 0xc, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x8, 0x2}, 0xe)
clock_getres(0x3, &(0x7f0000000580))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x38, 0x1403, 0x1, 0x1070bd27, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x2400c000)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x9, 0x1000006, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
mkdir(0x0, 0x22)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x188)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x123280, 0x108)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000280)={0x5c73, 0x71, @name="bd4ab8a3001f4502051eeac28f1cd65f8deca203fcdeddfa347642f4edabcef8"})
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)
socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

27.291312746s ago: executing program 3 (id=617):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket(0x400000000010, 0x3, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x4, <r5=>r3})
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r5})
r7 = socket(0x15, 0x5, 0x0)
getsockopt(r7, 0x200000000114, 0x271b, 0x0, &(0x7f0000000000))
ioctl$sock_inet_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000000000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
r8 = syz_open_dev$vim2m(&(0x7f0000000100), 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000140)={0x8, 0x2f3d})
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000002b80)='system.posix_acl_access\x00', &(0x7f0000002cc0)={{}, {0x1, 0x7}, [], {}, [], {0x10, 0x6}, {0x20, 0x4}}, 0x4, 0x3)

26.156147802s ago: executing program 1 (id=619):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r1, 0x6, 0xd, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x2, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x3ff8)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_io_uring_setup(0x10e6, &(0x7f0000000b40)={0x0, 0xbdee, 0x8, 0x400002, 0x1ef}, &(0x7f0000000040), &(0x7f0000000280), &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000005580)=""/102392, 0x18ff8)
madvise(&(0x7f0000e56000/0x4000)=nil, 0x4000, 0x11)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x3394c2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_ENCAP(r5, 0x113, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r6 = socket$unix(0x1, 0x2, 0x0)
getsockopt$MRT6(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000000440), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b18, &(0x7f0000000140)={'wlan1\x00'})
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000030601020000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
sendmsg$inet(r6, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000180)="e222ac4edb1d82e6cedf907b7c74a9e91f80c04ef9ea0e6da44726a889cf74ff45c3b5d8a3e8b17a6b8f22491317b2932ae78b010829f51f86", 0x39}, {&(0x7f0000000380)="b033e2ab0323b5d83ec149e0abcece343368fe8445bb3feb29202b3a3e298ce6181271c5a094c88eb9105ecf0b1eb66ea51a0c124a91bf1e84", 0x39}], 0x2}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

24.416773259s ago: executing program 3 (id=621):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
mknod$loop(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r4 = socket(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r5, 0x29, 0xd4, &(0x7f00000001c0)=0x1, 0x4)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0xfffffffd, 0x1, 0x40000001, 0x0, 0x6, 0x2})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000200)={[{@nouid32}, {@dioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nodioread_nolock}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=")

24.261887274s ago: executing program 1 (id=622):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = semget$private(0x0, 0x6, 0x0)
semtimedop(r3, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="31072cbd70000000000038000000080001"], 0x60}, 0x1, 0x2, 0x0, 0x854}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000048000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000210c0009800800014000000005600000000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a300000000034000380300000802c000180250001002130404c6bfef3a31e2587ebd76200eb3ea056f39e3ab8a93c358099bf8cf3007d00000014000000110001"], 0xf0}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socket$netlink(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000040)='GPL\x00', 0x10000, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
semop(r3, &(0x7f00000000c0)=[{0x4, 0x4}], 0x1)
semop(r3, &(0x7f0000000000)=[{0x2, 0x0, 0x2000}, {0x3, 0x1, 0x1000}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x94)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3U9oVNsZAPDvTv5YY2LSUrHVFgItVrGdmESjQilmVRAtbS100T8Sk5iISSaYCagUahCLFCpddGFx1Y1ddBO6K9IiFB681Vu4eG8hCm/1njyfPHkuXOVxJ3d0jGPyYmLuY/z94DL3nEnmfHc+7p1zhnPPBPDW6o6IIxHRFBHFiOjM6gvZFpcWt/TvTvXPj6dbEgsLJx4lkUTE0f758eprJdnjluwFvpU+XInY2/xyuzMXLp4dmpgYPZeVe8qT0z0zFy7+6Mzk0Njo2OjUwMGDhw8dGDhweP2OdfP26ze//fdjd669M/fdbVuGJ9N427Pnao9jvXRHd/aetERH7RNJxKn1bixnX8s7AFbtk8LOW3nHAABsvELW92+u9P87oykWO+v37/72cWf8sS3v+AAAAIC1W1hoyh4BAACAxpUY+wMAAECDq84DONo/P17dNmruwYOfblRLvMrDwYjoWsx/9f7uxWean93T2/KG7u/9w9OI7uh48tFPvvH/dIs3dB82X03zH+YdAXlq3Z93BORpxy/yjoA8vXc17wi4NBcRt4/U6f8na+7ztS8pJ0vKxwfT/t9fZmrr9P/eHr88kXcE5OlnA3lHQJ5uPMo7Am4PRsS+et//FSrr91Vtjoi26tp+6+RQe/r5/+/7tXUvf/4XHqxjkyzxcDDixzVrO56qyX+mqykrdVS+KmxJTp+ZGN0XEVsjYne0bErLvcu00Ttw46/16r/zJM3/P5Pq93/plrZf/S4wi+NB86YX/29kqDy01uNm0cO5iB3N9fL/vP+fZLl+Xf8tXftzvfqBPZV1RXctn3/epIV/ROyqe/4/H60ly67P2lO5HPRULwp1/OuDz67Uq//+79P8n90j//lJz/+25fNfuf4/W693ZvVtXP7fzSf16p/eSvP/t0uvc/1vTX5VCbA1qzs/VC6f641oTY69XN+3+pgbVfX9qL5faf53f6/+53+1/5dk60J3RcTXX6PNuXvTd+rVXy+k+b/xO+d/ftL8j6xw/icvnP+r35l//4c/qNf2zqtp/rt+vfL5v78SzO6sRv9vZV82QXnHCQAAAAAAAMD6KFTu00kKxWf7hUKxuDjP95vRVpgozZT3ni7NTo0s3s/TFS2F6lSvzpr5oL3Z/JBquW9JuT+bO3K1c3OlXBwuTYzkffAAAADQ4Noj7v3m8n+2b3nF+D91tzPvKAEAAIC1SMf/HffaKst5fW6cDwAAAA0pHf8//tOn74bxPwAAADSs2vE/AAAA0Nh+fvx4ui1Uf/dvqjR25uz49OG+fcXJ2eHicOncdHGsVBqrrNg3ufLrTZRK0719MXu+pzw6U+6ZuXDx5GRpdqp8svK7sSdHWzbgmICVFbd+vC3vGAAAgI2zlt/1t2PHTqPu5H1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLb4IAAD//wws/WY=")

22.568656089s ago: executing program 1 (id=623):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
syz_pidfd_open(r3, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x3416, 0x13100, 0x2, 0x2aa}, 0x0, 0x0, &(0x7f0000000000))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000140)={0x80000000}, 0x8)
add_key$user(&(0x7f0000000240), &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000340)="e1b78d1d6b6ed704a65c8dce607e536b7f9553b5138864138fa46056d0f502bf40bfd36efb0d5e2b69d67922068102ed97ab30a25e3b9f81f136935e01a10ab738bfa3509397518f13295c0ec567bda2ba9086790aef93daa45e9f77f05f167bf28f26b20e4440dd498e8f1d797de74df2bdcec4d55d0f92df2eb7693e0ad78012bf2b39dd920d4d", 0x88, 0x0)
sendmsg$inet(r6, 0x0, 0x0)
select(0x2a, 0x0, 0x0, &(0x7f0000000400)={0xfefdffffffffffff, 0x1, 0x2, 0x300}, &(0x7f0000000440)={0x0, 0x2710})
bind$inet(r1, &(0x7f0000000480)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000280)='nv', 0x2)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000001c0)=0xa3, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x44850)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x161a82, 0x0)

20.470491307s ago: executing program 3 (id=624):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x10, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r1, 0x107, 0xf, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0xfffffffffffffffe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54b24f15655595860608d70ff6e425a6c36af37b33facd22dc8a9c7044410d324b03e654156762092a62fea8f13441431ce248bfc73a6726ee61b5191d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d100a05e97ed3dcad452db6e08a991e2c78b057f55deebde6f0b11ce65700c0a1ad7946ff7c355db87566e3e5abb7a37b52876fd9fa194c09273031900"})
unshare(0x4000280)
socket$kcm(0x10, 0x5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r6, 0x6, 0x3, &(0x7f0000000040)=0x24, 0x4)
setsockopt$inet_int(r6, 0x0, 0xf, &(0x7f0000000000)=0x1001, 0x4)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
migrate_pages(0x0, 0x0, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)

20.469147117s ago: executing program 1 (id=633):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
mknod$loop(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r4 = socket(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r5, 0x29, 0xd4, &(0x7f00000001c0)=0x1, 0x4)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0xfffffffd, 0x1, 0x40000001, 0x0, 0x6, 0x2})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000200)={[{@nouid32}, {@dioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nodioread_nolock}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=")

18.678605905s ago: executing program 4 (id=628):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000500)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
r1 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
fcntl$lock(r2, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5, r1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x102, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, 0x0)
r4 = fsopen(&(0x7f0000000340)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000140)='source', &(0x7f0000000600)='#:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xc7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6\x05W\xe2u\xb5\xbc\r\x81\xc6\x03Nm\x9al\x7fJ\x83\xf2\xc4\x1e\v\x83R\'\x87\xe0pV\x97gV;\xedx\x86k<O\x85\x94#\xdd\xc4P\xae\x8b\xe2\x03Lt\x97d\x89\xea\xae\xaac\xcc\x1e\xcd9l\x82\xb66\xa3l1\xe6%=\xe0(\x01)-\xe2\xda\xb0b\xae\xd4\xca\xc5}r\xcb', 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0xf, 0x8001, 0x0, 0x9, 0xfffffffffffffff9, 0xfffffe0000000001, 0x240ffb05, 0xffffffff}, 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r6=>0x0})
sendmsg$can_raw(r5, &(0x7f0000000140)={&(0x7f0000000e80)={0x1d, r6}, 0x10, &(0x7f00000005c0)={&(0x7f0000000180)=@canfd={{0x2, 0x1, 0x1, 0x1}, 0xd, 0x3, 0x0, 0x0, "38c3838ccb92c76b24f41b4d56cd93aa307e1f0f9140943d982f1f2d186ead6cf4577cf7ef18e4db50b39404a325cabc888d7e81ff429ceda7d2f9086fb039b2"}, 0x48}, 0x1, 0x0, 0x0, 0x8040}, 0x4080811)
read$FUSE(0xffffffffffffffff, &(0x7f0000002f00)={0x2020}, 0x2020)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000140)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4000000}, 0xc, &(0x7f00000004c0)=[{&(0x7f0000000000)=ANY=[], 0x10}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="562ea5f5bd6556d6f1361a9531b104000000ae4c103e6a1b38b028da93d4688d3e82", @ANYRES32=r3, @ANYRES32=r2], 0x14, 0x80}, 0xbba0e750fb86e37c)
ptrace$pokeuser(0x6, 0x0, 0x388, 0x7ffffffe)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0xffffffffffffffe4, &(0x7f0000000380)={&(0x7f00000002c0)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x4}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x240008c0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8)
sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)}, 0x0)

17.369935857s ago: executing program 3 (id=629):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x74}}, 0x0)
pipe(0x0)
r5 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f00000005c0)='fd', 0x0, r4)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x22}]}}}]}]}], {0x14}}, 0x90}}, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x70bd25, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010026ca7000fbdbdf2505000000280001800d0001007564703a73797a320000000014000280080003008a"], 0x3c}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
syz_open_procfs(0x0, &(0x7f0000000140)='task\x00')

17.239929901s ago: executing program 4 (id=630):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, 0x0, 0x0)
syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303030342c747970653d7763e6ef2c756d61736b3d30303030303030303030303030303030303030303030342c6469725f756d61736b3d30303030303030303030303030303030303030303030352c696f636861727365743d69736f383835392d382c004b35b28f8cad0b105adbf86df7514b180ea1cef9ef09ba2a82127ea3050d7fd500ad048b959efdb75029d8f93d07be1c27524bb0fe77621219a4745cac5531636761ca83f2412d1f607e9002fb41024932205e2176fc5b326c9542"], 0x1, 0x315, &(0x7f0000001f80)="$eJzs3U1PE08cB/Dvb9pC+UP4r4Ax8aKiJHohoh6MlxrTq3dPRqUlIWwwAibKxUo8Go8evPsWfBFeNL4B9eLJF8BtzczObvdhui2xy1L8fhLIdHYefsM+zaypCyL6Z91rf/9485f+EaCGGoA7gALQBOoAzuJc8/n23uae3+0UNVQzNfSPIKwpuTLr211XVV3P1LA8/amOuWQelSMIgrs/qg6CKmfOfgcFTNvz0GxvHnNc45IdXA+4UFEolUn+DeQQh3iB+QrDISKiE8De/5W9TcyZLIFSwIq97U/0/T/rsOoAxuuWn8sKCivo+38QemVKi96//5tN/fWeWcLp2Z+KVomjBNPIfJ5CeGSl5mDiXlX+tEHZWNTMxmYdq+uv0VE4QMtKVFgyvzvhoRsZEu3y1CjDcLbWyIz0/n/haPSMciZbMQppY9PvTuuEI/7FYT2Om3yWr/JQPHxAJ57/1QPRu8n8XbzMnlINHf/1wS3Omlq6FOyyv9VqqVSRM6aT87YHa8gom+4VSbLN6AFBL47AEedBlDB9LyD9WCEc3ZqrA+k3vuiq5cWf8nVNX0upWjV7JKyuP/ULH6WUIxqivJMHsozf+IR2Yv6vdHwrSJyZRZd6MSXtkRGOZ8A5VTclvdydoxenLsYRWNNHHhsBR3xa9hZPcBvzuy/3t2q+392Zwv7WY53QOYnEs7kdsTmNN4CzTPmJGgrKoNfPCe9oQRDnyIBx2URQZvDXxtqgvn7EOfr0cRXWZ1mco457N01UIpr+FBauw7Wp/QVFB2Spieix+lga1BOtAZtKuUbRCbMr0U63GblJLJ1yet4l4frPzOTtrM5cZ/Qvr2CeXrzIRKrFtXgFl54KLrjmLkPWBrOOf13M93hjwJrRrLkuXwWuJDIFhT16Js5TQ9r4hkd8/k9ERERERERERERERERERERERERENGn+/lsEkMR3IS69D5tNlal6jEREREREREREREREREREREREREREREREk2709//O9N/U5Po/4s37f72h7/9NvQDYvkyJ7/8lqsafAAAA//+PBIIk")
mount$binderfs(0x0, &(0x7f0000000140)='./binderfs\x00', &(0x7f0000000480), 0x1000000, &(0x7f00000004c0)={[{@max={'max', 0x3d, 0x17c4}}]})
socket$kcm(0x2, 0xa, 0x2)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
socket(0x1e, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="c50f1fd3", @ANYRES16=r6, @ANYRES32=r5, @ANYBLOB="14005a8010000180040001000600020007240000"], 0x30}}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x658, 0x0, 0x1b8, 0x428, 0x428, 0x0, 0x588, 0x588, 0x588, 0x588, 0x588, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x80}}}, {{@ipv6={@mcast1, @local, [0xffff00], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11, 0x0, 0x1}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@empty, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff], 0x10}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0xfd}}}, {{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x6, 0xa]}}, @common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x2f}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6b8)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r8, 0x110, 0x4, &(0x7f0000000040)=0x2, 0x4)
bind$rxrpc(r8, &(0x7f0000000000)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e22, 0x5, @private0, 0x1ff}}, 0x24)

13.098353276s ago: executing program 4 (id=635):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYRES8, @ANYRES32=0x0], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x40004)
fcntl$lock(r1, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x5})
fcntl$lock(r1, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9})
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd69010000001406fffe800000000000000000000039fe8000000000000000000000000000aa4e224e24000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB], 0x0)
r4 = dup(0xffffffffffffffff)
write$binfmt_elf64(r4, 0x0, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r6, 0x8048ae66, &(0x7f0000000000)={[{0x81fffffe, 0x4, 0xc1, 0x4f, 0x3, 0xbd, 0x80, 0x6, 0x1, 0x44, 0x8, 0x3, 0x100}, {0xb, 0xa6f2, 0x6, 0x8, 0x9, 0xfb, 0x44, 0x87, 0xa, 0x13, 0x4, 0x6, 0xffffffffffffffff}, {0x4c4d, 0x6, 0xd, 0x21, 0x25, 0x9, 0x0, 0x16, 0x95, 0x15, 0x0, 0x3, 0x4}], 0x2})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x67a, 0x6, 0x3fe, 0x0, 0x1000, 0x1, 0x4002004c4, 0x1000, 0x0, 0x97, 0x10, 0x3, 0x2, 0x4, 0x0, 0x1aa], 0xeeee8000, 0x400})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0x4, 0x1, 0x1, 0x7ff}, 'syz0\x00', 0x45})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003700), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000003b40)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r8, 0x0, 0x8c0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r9=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb10000a8880088ca4803", 0x1e0ff, 0x0, &(0x7f0000000140)={0x11, 0x0, r9}, 0x14)

13.012679818s ago: executing program 3 (id=636):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a64000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a31000000001400048008000240a04b3d02080001400000000308000540000000001c0008800c00014000000000000000090c000240000000000018ab6e14000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
fsopen(&(0x7f0000000040)='afs\x00', 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket(0x2c, 0x1, 0x9e)
setsockopt$sock_int(r2, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40408d1)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$unix(0x1, 0x2, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f0000000100)=0x3)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in6=@private0}}, {{@in6=@ipv4={""/10, ""/2, @local}}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8c, 0x870, 0x1, 0x2, 0xd59f82, 0x19f5, 0xacc, 0xb, 0x0, 0x8, 0x27fd, 0x2800, 0x440, 0x3, 0xd, 0x22, {0x45, 0x80}, 0xcd, 0x3}})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="c10e00001800", 0x6, 0x4000000, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000040c0)={0x2020}, 0x2020)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r5, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x1000)=nil)
socket$nl_netfilter(0x10, 0x3, 0xc)

11.633231453s ago: executing program 0 (id=637):
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x18, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000080)=0x1f6, 0x4)
sendmmsg$inet(r4, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000340)={'gretap0\x00', 0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x2f, 0x8, 0xe, 0xfffffffc, 0x10, @remote, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xdb00cf8c363082d, 0x1, 0x1, 0x81}})
setsockopt$inet_mreqn(r0, 0x0, 0x23, 0x0, 0x0)
r5 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000200)={r0})
sendmsg$nl_route_sched(r7, 0x0, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffa6010000000100000056000000250000001900040004000007fdd411efc4080004000000000000000000", 0x39}], 0x1)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[], 0x0)
socket(0x2, 0x80805, 0x0)

11.613004094s ago: executing program 1 (id=638):
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wg2\x00'})
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
rt_tgsigqueueinfo(0x0, 0x0, 0x2000007, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000000)={0x26d1, "fa02791d2a69a2610f0200000000000000110001000000010000800000000007", <r1=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = getpid()
syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x7de6, 0x10100, 0xfffffffd, 0x400170}, 0x0, 0x0, &(0x7f0000000000))
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
recvmmsg$unix(r3, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_pidfd_open(r5, 0x0)
ioctl$EXT4_IOC_MIGRATE(r6, 0xff03)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x42, 0x0)
syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYRES16=r0, @ANYRESHEX=r2, @ANYRESHEX=r1])
syz_pidfd_open(r2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

10.456136081s ago: executing program 0 (id=639):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000540)=@nat={'nat\x00', 0x670, 0x5, 0x418, 0x208, 0x208, 0xffffffff, 0x2b0, 0x168, 0x380, 0x380, 0xffffffff, 0x380, 0x380, 0x5, 0x0, {[{{@ip={@rand_addr=0x64010104, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff0000ff, 0xffffff00, 'veth1_to_bridge\x00', 'wg1\x00', {}, {0xff}, 0x16}, 0x0, 0x130, 0x168, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'kmp\x00', "48ae43e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xf, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @port=0x4e22, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xfffc, 0xd, 0x1}, {0x2, 0x4, 0x3}, 0x1000, 0x100}}}, {{@ip={@multicast2, @broadcast, 0xff, 0x0, 'virt_wifi0\x00', 'batadv_slave_1\x00', {}, {0xff}}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x2, @loopback, @empty, @icmp_id=0x68, @port=0x4e22}}}}, {{@uncond, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0x4, "1542", 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)
ioctl$INCFS_IOC_FILL_BLOCKS(0xffffffffffffffff, 0x80106720, &(0x7f0000000280)={0x0, 0x0})
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000dc0), 0x100, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r4, 0x0, 0x805)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x8801)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
syz_open_dev$dvb_dvr(&(0x7f0000000240), 0x0, 0x100)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x1816c1, 0x1ff)
close(r5)
execve(&(0x7f0000000380)='./file1\x00', 0x0, 0xfffffffffffffffe)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_type(r6, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r7, &(0x7f0000000280), 0x9)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x672a74fafc8c20f9, 0x0)

9.725152125s ago: executing program 3 (id=640):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000140)={[{@prjquota}, {@resuid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x800}}, {@mb_optimize_scan}, {@noacl}]}, 0x1, 0xbc8, &(0x7f0000002380)="$eJzs3M9rHNcdAPDvjH7alrtyKaXuxSql2FC6ll1kalOoXVx66aHQXgsW8soIrX8gqTiSdVgl/0BIcg7kEkhiEnyIz74kkGsuiXONySFggmIlEEKiMPtDWku7+mGtNIr8+cDTvDdvZt73q5F23oPdDeC5NZT9SCOOR8SVJKJQ359GRG+11h9RqR23tDg/9u3i/FgSy8v/+SqJJCKeLM6PNa6V1LdH6o3+iPj470n88qX1407Pzk2OlsulqXr79Mz1W6enZ+f+NHF99FrpWunGmXN/GTk7cm74/EjHcv3u84v3v/ndP7+ofP/2D3e/fvXNJC7GQL2vOY961js2FEMrv5Nm3REx2oHr7wdd9Xya80y6Nzkp3eWgAABoK22aw/06CtEVq5O3QnzwSa7BAQAAAB2x3BWxDAAAABxwifU/AAAAHHCN9wE8WZwfa5R835Gwtx5fiojBWv5L9VLr6Y5KddsfPRFx+EkSzR9rTWqn7dhQRDz67Px7WYkWn0PebZWFiPhNq/ufVPMfrH8Sem3+aUQMd2D8oTXtn1P+Fzswft75A/B8enCp9iBb//xLV+Y/0eL5193i2fUs8n7+NeZ/S+vmf6v5d7WZ//17i2Pceev12+36svz/ev8f7zZKNn623VFS2/B4IeK33a3yT1byT9rkf2WLYxR+vF1q15d3/stvRJyM1vk3JBt/P9Hp8Ylyabj2s+UYCx+NvNNu/Lzzz+7/4Tb5b3D/+7N9t566Uvsv9fnf5cv32vVtnn/6ZW/y32qtt77nhdGZmakzEb3Jv9bvP7txvo1jGtfI8j/1+43//1v9/WevCZX630aW+UJ9m7VfXDPm3+7eeX+j/LO1X573/+r2739138tbHOMPH75yql1f8/o3K9n4j5LaWhgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIgkLUZEUq2nabEYcSQifhWH0/LN6Zk/jt/8/42rWV/EYPSk4xPl0nBEFGrtJGufqdZX22fXtP8cEcci4rXCoWq7OHazfDXv5AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhxJCIGIkmLEZFGxFIhTYvFvKMCAAAAOm4w7wAAAACAXWf9DwAAAAef9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77NiJBw+TiKhcOFQtmd56X0+ukQG7Lc07ACA3XXkHAOSmO+8AgNxsc41vugAHULJJf3/bnr6OxwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/nXy+IOHSURULhyqlkxvva+n5Rkn9jA6YDeleQcA5KZro87uvYsD2HvP/C9+tLNxAHuv9RofeJ4km/T3rx5Tebqnb9diAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD/GaiWJC1GRFqtp2mxGHE0IgajJxmfKJeGI+IXEfFpoacva/flHTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNz07NzlaLpemnqWS7Ox0FRWVpkqyP8KoVfJ+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/Ts3OTo+VyaWo670gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvE3Pzk2OlsulqS1U7m3n4KZK3jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCfnwIAAP//198NMw==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000180)={@broadcast, @broadcast, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @rand_addr=0x64010102}}}}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00'}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001812", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsopen(&(0x7f0000000240)='configfs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000040)={[{@subsystem='memory'}]})
syz_emit_ethernet(0x4a, &(0x7f0000000300)=ANY=[], 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x8000002)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1, <r7=>0xffffffffffffffff}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0)=r2, 0x4)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r7}, &(0x7f0000000440), &(0x7f0000000480)=r8}, 0x20)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
listxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=""/16, 0xfffffffffffffe4c)

9.618206258s ago: executing program 4 (id=641):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_mount_image$erofs(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x810410, &(0x7f0000000040)=ANY=[], 0x0, 0x22f, &(0x7f0000000300)="$eJzsmT+P00wQxp9dJ3Yur/QiGgoaCoI4BJfYDqBrTrpDQlAiHX87Is4gwBCUM1LuJCQiGiigggKJli9AQXEVBR0dLRSAREfoKEBIRuvM2oudHLEU0TC/wnp2ZnZnvPZOYYNhmH+WTx+/fXh4bPH0IeBRHQ04ZK8ZMdLQ75/ePvhk6fizF++ev775/52t/HpzyfXu1PlV/KsVC5FSjyup/XscxwJAIxmJiqqiQb4zkDhA+pwQ2Ef6IiTOkg4gcIH0NUN350iEQfNSN1y7fDUMXHXZoSb5SrXN+lRFw4HAGu1JTHVp1jc2r3fCMOjlRTXWeQqusiK3ZbJQ34rEEo1VfSrg/P17AzVukt0d7d+y8nmQ8MjehsAq6UU4aDYF9JZ4xv3vrmTrW/oxb3f/5cWDk8AYlzUSP1ILvaLVP2ffuVCmDDku+xTCwfRP2spbvtLkGe3hJPEfMsvymJgTf6eMEqKW7aqN2aYQeYs60Kll13DrTXHW55K5BLVAwyVmf2SmE7qZd0J1nA3X2/r20/WbPSnGJn/B5ahcaX9S3Xu/0Z8qyPp8K7pxq7W+sblgo3MliB3Abx91D7vuEb+V9ObRFXl+pv2vlvSnurF+1ehPCl2mLWz0O1HU8/pA1PPSsd+Xv98JVl92v6TNdjiQmN87ChB6PadQUuoXNE8kat7SPmv8FIZhGIZhGIZhGIZhGIZhmEkknyOzf1J7IJKvoPSjKp6AfyqJ/hUAAP//JS5BIw==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x0, 0x0, &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
fadvise64(r3, 0xb4, 0x800001, 0x3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file1\x00', 0x4, &(0x7f0000000740)=ANY=[@ANYBLOB="646973636172642c6e66732c646f74732c636865636b3d7265b76c617865642c666d61736b3d30303030303030303030303030303030303030303032302c73636172642c646f74732c00000000000000000000edf9ad59d0b8c0ecfa450738297b5db582981243c34bd85676415b189a77c5f459a7f6ca378aeb1c06f119f601b53d4a8c2f"], 0x1, 0x22d, &(0x7f0000000300)="$eJzs3b2KE1EYBuDP3exu2MatxWLAxiqodzDICuKAEJlCKwdWm10RZpvRKpfhNXhJXsZW6UbMhPwZbTQes/M8EOaFl8B3mpwU5yRv73+4vPh4/b799iWGwywGEZOYRpzFQRxG5878eTDLx7FqEgDAvhmPqzz1DOxWXefVUUSc/NSUX5MMBAAAAAAAAAAAwB9z/h8A+sf5/9uvrvPqdP79bZ3z/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA607a92/7mlXo+AODvs/8DQP/Y/wGgf+z/ANA/r16/eZEXxfk4y4YRN5OmbMru2fXPnhfnj7KZs+W7bpqmPFz0j7s+W++P4nTeP9naH8fDB13/o3v6stjoT+Ji98sHAAAAAAAAAAAAAAAAAACA/8IoW9h6v380+lXfpZXfB9i4vz+Ie4N/tgwAAAAAAAAAAAAAAAAAAADYa9efPl9WV1fvakEQhEVI/ckEAAAAAAAAAAAAAAAAAAD9s7z0m3oSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEhn+f//uwup1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w/cAAAD//wu+k9A=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000000), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)
mlockall(0x2)
r4 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
shmat(r4, &(0x7f00002cc000/0x1000)=nil, 0x7000)
shmctl$SHM_UNLOCK(r4, 0xc)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
pipe2(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x800)
splice(r5, 0x0, r7, 0x0, 0xf, 0x8)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
tee(r6, r8, 0x53, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240))

8.040959869s ago: executing program 0 (id=642):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x4, 0x0, {{@in=@multicast2, @in6=@private0, 0x10, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0xfffffffffffffffe, 0x0, 0x4000000000000001, 0xffffffffffffffff}, {0x8000000000000, 0xa00, 0x40800000000000, 0x800000000000002}, 0x400, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@local, 0x0, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2, 0x4, 0x3, 0xff}]}]}, 0xfc}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
chroot(&(0x7f0000000040)='./file0\x00')
geteuid()
r4 = socket(0x10, 0x3, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040f0400016420"], 0x7)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r6, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)
setsockopt$MRT_DEL_MFC_PROXY(r6, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9", 0x0, 0x200}, 0x3c)
getsockopt(r2, 0x401, 0x7, &(0x7f0000000340)=""/73, &(0x7f0000000480)=0x49)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000300)={@empty, @local, 0xffffffffffffffff, "1d4646dcc9859178215f0aebf282e0ddfa97bb394ac9362bb0290066a73ef95e", 0x8, 0x1, 0x9fe3, 0x1}, 0x3c)
write(r4, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000000a600000000000000080008001d000000", 0x24)

7.056039551s ago: executing program 4 (id=643):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
mknod$loop(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r4 = socket(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r5, 0x29, 0xd4, &(0x7f00000001c0)=0x1, 0x4)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0xfffffffd, 0x1, 0x40000001, 0x0, 0x6, 0x2})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000200)={[{@nouid32}, {@dioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nodioread_nolock}]}, 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=")

5.143682583s ago: executing program 0 (id=644):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x74}}, 0x0)
pipe(0x0)
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000005c0)='fd', 0x0, 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x22}]}}}]}]}], {0x14}}, 0x90}}, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r4, 0x1, 0x70bd25, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026ca7000fbdbdf2505000000280001800d0001007564703a73797a320000000014000280080003008a"], 0x3c}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
syz_open_procfs(0x0, &(0x7f0000000140)='task\x00')

4.761867006s ago: executing program 0 (id=645):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000"], 0x7c}}, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x4)
setsockopt$inet6_int(r2, 0x29, 0x19, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@multicast2, 0x404d3, 0x32}, 0x0, @in=@empty}}, 0xe8)
r4 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f00000001c0), 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40090)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0x0, 0x5}}}, 0x24}}, 0x10)
sendmsg$inet(r6, 0x0, 0x4000040)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0)
sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xac800000}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)

4.64324917s ago: executing program 1 (id=646):
add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
setxattr$trusted_overlay_opaque(0x0, &(0x7f0000000180), 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800bd53a200000000009500000000000000000000000000000007000000"], &(0x7f0000000080)='syzkaller\x00', 0xfffffffd}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00'})
sysfs$2(0x2, 0x817fff, 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1cf90103", @ANYRES16=0x0, @ANYBLOB="c89045b2a6c0b186f6eb1f00000008003617"], 0x1c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b28, &(0x7f0000000000)={'wlan1\x00'})
r6 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r7=>0x0})
sendmsg$can_raw(r6, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r7}, 0x10, &(0x7f00000005c0)={&(0x7f0000000180)=@can={{0x0, 0x0, 0x1}, 0x6, 0x0, 0x4, 0x0, '\a\x00'}, 0x10}, 0x2, 0x0, 0x0, 0x4080}, 0x8040)
sendmmsg$inet6(r3, &(0x7f00000077c0)=[{{&(0x7f0000000980)={0xa, 0x4e21, 0x200000, @private2}, 0x1c, 0x0, 0x0, &(0x7f0000001340)=ANY=[], 0xa0}}], 0x1, 0x80)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, 0x0)
read$watch_queue(0xffffffffffffffff, &(0x7f0000000140)=""/4096, 0x1000)
request_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000080)='\x03\x05z\xcb\xce\xd8\x15yFM_\x03@Q-@\x00', 0xffffffffffffffff)

1.46934ms ago: executing program 0 (id=647):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r1 = syz_open_dev$video4linux(0x0, 0x7fff, 0x440381)
r2 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x3, 0x2)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r2, 0xc0305602, &(0x7f0000002800)={0x0, 0x21, 0x2015, 0x1})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$video4linux(0x0, 0x3, 0x3cf281)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f00000003c0))
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r6, 0x541c, &(0x7f0000000140))
r7 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r7, &(0x7f0000000240)={&(0x7f0000000000)=@in6={0xa, 0x41, 0x0, @loopback, 0x2}, 0x80, 0x0}, 0xe07e872424dfefca)
recvmsg$kcm(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000100)=""/199, 0xc7}], 0x1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r8, &(0x7f0000000900), 0x0, 0x4000840)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=648):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000010140)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964dee674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a7986cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25afd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e5706000", 0x1000}}, 0x1006)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB="8acdbc84849fa25adeb406dcaf15ad837715813e35a94a357dbae966a50b337db13207ffc0447520ebc2371d05bfa8d37aa5987d0c7ba631d38870eb87b6355a7021712c27aa9a18cbb71ef3f3cb4c8ed994ae6066cd8ef2b5e4", @ANYRES16=r0], 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
fanotify_init(0x40, 0x400)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80400, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)={0x18, 0x1, 0x2, 0x801, 0x0, 0x0, {0x2, 0x0, 0xfffc}, [@CTA_EXPECT_MASTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
openat$sndseq(0xffffff9c, &(0x7f0000000140), 0x400)
openat$mice(0xffffffffffffff9c, &(0x7f0000001400), 0x101)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x8001, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r3, 0x40383d0c, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x1000000, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x5, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010102, 0x4e1f, 0x3, 'lc\x00', 0x34, 0x83, 0x5}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcf, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_EDITDEST(r4, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'ovf\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e23, 0x2000, 0x8, 0x48001}}, 0x44)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x440088c4)

kernel console output (not intermixed with test programs):

551] netlink: 8 bytes leftover after parsing attributes in process `syz.3.142'.
[  227.137809][ T6539] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  227.191591][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.709285][ T6560] IPVS: set_ctl: invalid protocol: 20 0.0.0.0:256
[  229.972635][ T6577] loop2: detected capacity change from 0 to 512
[  230.058715][ T6577] EXT4-fs: Ignoring removed nobh option
[  230.748135][ T6577] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #15: comm syz.2.147: iget: bad i_size value: 38620345925642
[  230.880571][ T6577] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.147: couldn't read orphan inode 15 (err -117)
[  230.959144][ T6577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.246479][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.035216][ T6602] loop2: detected capacity change from 0 to 1024
[  234.056276][ T6600] loop0: detected capacity change from 0 to 512
[  234.063590][ T6602] hfsplus: unable to parse mount options
[  234.098183][ T6595] smb3: Unknown parameter 'drd'
[  234.171715][ T6600] EXT4-fs: Ignoring removed nobh option
[  235.262333][ T6600] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.152: iget: bad i_size value: 38620345925642
[  235.319098][ T6600] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.152: couldn't read orphan inode 15 (err -117)
[  235.549614][ T6600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.194585][ T6617] tipc: Started in network mode
[  236.210986][ T6617] tipc: Node identity ac14140f, cluster identity 4711
[  236.218381][ T6617] tipc: New replicast peer: 255.255.255.255
[  236.225238][ T6617] tipc: Enabled bearer <udp:syz2>, priority 10
[  236.233014][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.153'.
[  237.658695][ T5839] tipc: Node number set to 2886997007
[  237.720149][ T6624] loop2: detected capacity change from 0 to 512
[  237.902356][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.904642][ T6624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.027149][ T6624] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.140520][ T6637] loop0: detected capacity change from 0 to 16
[  238.687492][ T6642] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  238.702345][ T6642] Quota error (device loop2): write_blk: dquota write failed
[  238.710110][ T6642] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[  238.720057][ T6642] EXT4-fs error (device loop2): ext4_acquire_dquot:6949: comm syz.2.155: Failed to acquire dquot type 0
[  238.868716][ T6637] erofs: (device loop0): mounted with root inode @ nid 36.
[  242.066108][ T6646] loop1: detected capacity change from 0 to 512
[  242.115755][ T6646] EXT4-fs: Ignoring removed nobh option
[  242.174327][ T6646] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.159: iget: bad i_size value: 38620345925642
[  242.319822][ T6646] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.159: couldn't read orphan inode 15 (err -117)
[  242.332081][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.459184][ T6646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.591401][ T6656] loop0: detected capacity change from 0 to 1024
[  242.614662][ T6656] hfsplus: unable to parse mount options
[  243.130119][ T6659] loop2: detected capacity change from 0 to 32768
[  243.204727][ T6659] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.160 (6659)
[  243.462171][ T6359] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  243.484107][ T6659] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  243.496599][ T6659] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  243.505529][ T6659] BTRFS info (device loop2): enabling disk space caching
[  243.512737][ T6659] BTRFS info (device loop2): force clearing of disk cache
[  243.520426][ T6659] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  243.530402][ T6659] BTRFS info (device loop2): use zstd compression, level 3
[  243.537715][ T6659] BTRFS info (device loop2): disk space caching is enabled
[  243.572525][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.178182][ T6659] BTRFS info (device loop2): enabling ssd optimizations
[  244.185273][ T6659] BTRFS info (device loop2): auto enabling async discard
[  244.240763][ T6659] BTRFS info (device loop2): rebuilding free space tree
[  244.334819][ T6659] BTRFS info (device loop2): disabling free space tree
[  244.342485][ T6659] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  244.352631][ T6659] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  245.224059][ T6687] Unsupported ieee802154 address type: 0
[  245.810541][ T6697] loop1: detected capacity change from 0 to 1024
[  245.990931][ T5772] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  246.103040][ T6698] tipc: Started in network mode
[  246.108659][ T6698] tipc: Node identity ac14140f, cluster identity 4711
[  246.115757][ T6698] tipc: New replicast peer: 255.255.255.255
[  246.122667][ T6698] tipc: Enabled bearer <udp:syz2>, priority 10
[  246.131488][ T6698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.164'.
[  247.290762][ T5816] tipc: Node number set to 2886997007
[  247.779672][ T6706] loop3: detected capacity change from 0 to 512
[  247.792623][ T6706] EXT4-fs: Ignoring removed mblk_io_submit option
[  247.813293][   T23] IPVS: starting estimator thread 0...
[  247.910771][ T6706] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  248.039977][ T6706] block device autoloading is deprecated and will be removed.
[  248.048590][ T6706] EXT4-fs (loop3): external journal has bad superblock
[  248.219227][ T6703] IPVS: using max 15 ests per chain, 36000 per kthread
[  248.566995][ T6406] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 11 /dev/loop2 scanned by udevd (6406)
[  248.702588][ T3507] hfsplus: b-tree write err: -5, ino 25
[  248.780245][ T3507] hfsplus: b-tree write err: -5, ino 4
[  248.786072][ T3507] hfsplus: b-tree write err: -5, ino 2
[  248.826615][ T3507] hfsplus: b-tree write err: -5, ino 26
[  251.765539][ T6716] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  255.532890][ T6747] (null): rxe_set_mtu: Set mtu to 4096
[  255.576666][ T6747] lo speed is unknown, defaulting to 1000
[  255.619145][ T6747] lo speed is unknown, defaulting to 1000
[  255.699598][ T6747] lo speed is unknown, defaulting to 1000
[  256.269575][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  256.277848][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  258.163884][ T6748] netlink: 'syz.2.172': attribute type 39 has an invalid length.
[  260.758053][ T5816] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  260.991260][ T5816] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.021933][ T5816] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  261.198069][ T5816] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.218738][ T5816] usb 1-1: config 0 descriptor??
[  261.254645][ T6747] infiniband syz2: set active
[  261.270478][ T6747] infiniband syz2: added lo
[  261.950890][ T5816] usbhid 1-1:0.0: can't add hid device: -71
[  261.962922][ T6747] syz2: rxe_create_cq: returned err = -12
[  261.970307][ T5816] usbhid: probe of 1-1:0.0 failed with error -71
[  261.979762][ T5816] usb 1-1: USB disconnect, device number 3
[  261.990758][ T6747] infiniband syz2: Couldn't create ib_mad CQ
[  261.999809][ T6747] infiniband syz2: Couldn't open port 1
[  262.429194][ T6747] RDS/IB: syz2: added
[  263.185699][ T6747] smc: adding ib device syz2 with port count 1
[  263.218497][ T6747] smc:    ib device syz2 port 1 has pnetid 
[  263.381310][ T5849] lo speed is unknown, defaulting to 1000
[  263.427858][ T6787] netlink: 'syz.0.179': attribute type 10 has an invalid length.
[  263.482490][ T6790] loop1: detected capacity change from 0 to 512
[  263.569299][ T6787] team0: Device xfrm0 is of different type
[  263.641116][ T6790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.655329][ T5816] lo speed is unknown, defaulting to 1000
[  263.687107][ T6747] lo speed is unknown, defaulting to 1000
[  263.695999][ T6790] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.994665][ T6798] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  265.010924][ T6798] Quota error (device loop1): write_blk: dquota write failed
[  265.019095][ T6798] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  265.029289][ T6798] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.180: Failed to acquire dquot type 0
[  266.914551][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.312541][ T6821] netlink: 60 bytes leftover after parsing attributes in process `syz.3.186'.
[  268.870994][ T6747] lo speed is unknown, defaulting to 1000
[  274.548490][ T5816] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  275.087247][ T6840] loop0: detected capacity change from 0 to 512
[  275.886281][ T6840] EXT4-fs (loop0): 1 truncate cleaned up
[  275.893878][ T6840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.957984][ T6839] loop3: detected capacity change from 0 to 1024
[  276.045498][ T6839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.129809][ T6844] loop1: detected capacity change from 0 to 512
[  276.232991][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.313625][ T6844] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.359613][ T6844] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.594924][ T6747] lo speed is unknown, defaulting to 1000
[  278.219339][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.216455][ T6852] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  279.231745][ T6852] Quota error (device loop1): write_blk: dquota write failed
[  279.239362][ T6852] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  279.249483][ T6852] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.193: Failed to acquire dquot type 0
[  279.808128][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.479123][ T5777] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  280.888809][ T5777] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  280.920204][ T5777] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  280.929127][ T5777] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  280.938790][ T5777] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  280.946450][ T5777] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  281.232783][ T6747] lo speed is unknown, defaulting to 1000
[  283.059259][ T5787] Bluetooth: hci4: command tx timeout
[  283.313776][ T6859] lo speed is unknown, defaulting to 1000
[  283.407524][ T6900] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  283.416414][ T6900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.201'.
[  284.946768][ T6906] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  284.975311][   T27] IPVS: starting estimator thread 0...
[  285.179051][ T5787] Bluetooth: hci4: command tx timeout
[  285.361224][ T6910] IPVS: using max 17 ests per chain, 40800 per kthread
[  285.373730][ T6909] IPVS: sh: FWM 3 0x00000003 - no destination available
[  285.391676][    C0] IPVS: sh: FWM 3 0x00000003 - no destination available
[  285.792597][ T6916] loop0: detected capacity change from 0 to 4096
[  285.803155][ T6916] NILFS: invalid option "cp=0x0000000000000002": read-only option is not specified
[  287.217854][ T5787] Bluetooth: hci4: command tx timeout
[  287.942393][ T6406] I/O error, dev loop0, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  288.151115][ T6859] chnl_net:caif_netlink_parms(): no params data found
[  288.257859][ T5849] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  289.186929][ T5849] usb 4-1: unable to get BOS descriptor or descriptor too short
[  289.297953][ T5787] Bluetooth: hci4: command tx timeout
[  289.330855][ T5849] usb 4-1: unable to read config index 0 descriptor/start: -71
[  289.362910][ T5849] usb 4-1: can't read configurations, error -71
[  289.532936][ T6924] loop1: detected capacity change from 0 to 512
[  290.537851][ T6924] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.768058][ T6924] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.730642][ T6941] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  291.745492][ T6941] Quota error (device loop1): write_blk: dquota write failed
[  291.753181][ T6941] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  291.763260][ T6941] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.206: Failed to acquire dquot type 0
[  291.891788][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.925735][ T6859] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.965291][ T6859] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.991843][ T6859] bridge_slave_0: entered allmulticast mode
[  292.029678][ T6859] bridge_slave_0: entered promiscuous mode
[  292.045914][ T6859] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.053650][ T6859] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.079066][ T6859] bridge_slave_1: entered allmulticast mode
[  292.102727][ T6859] bridge_slave_1: entered promiscuous mode
[  292.314281][ T1087] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.340599][ T6859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  292.356352][ T6859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.455078][ T6948] input: syz0 as /devices/virtual/input/input7
[  293.774068][ T1087] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.963393][ T6859] team0: Port device team_slave_0 added
[  294.032623][ T6952] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  294.042464][ T6953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.211'.
[  294.052081][ T6946] netlink: 12 bytes leftover after parsing attributes in process `syz.1.210'.
[  294.287946][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.1.210'.
[  294.296877][ T6955] netlink: 24 bytes leftover after parsing attributes in process `syz.1.210'.
[  294.542307][ T1087] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.570590][ T6859] team0: Port device team_slave_1 added
[  294.802712][ T1087] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.811262][ T6859] batman_adv: batadv0: Adding interface: batadv_slave_0
[  295.830978][ T6859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.893119][ T6859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  295.907216][ T6972] loop3: detected capacity change from 0 to 128
[  296.056475][ T6972] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  296.086576][ T6859] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.096848][ T6972] ext4 filesystem being mounted at /60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  296.137175][ T6859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.325773][ T6859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.590401][ T5780] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  299.311385][ T6975] netlink: 'syz.1.215': attribute type 8 has an invalid length.
[  299.558636][ T6990] loop3: detected capacity change from 0 to 256
[  299.595968][ T6990] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  300.058555][ T6859] hsr_slave_0: entered promiscuous mode
[  300.066800][ T6859] hsr_slave_1: entered promiscuous mode
[  300.080162][ T6859] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  300.094081][ T6859] Cannot create hsr debugfs directory
[  300.127863][ T6994] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  300.144605][ T6996] netlink: 8 bytes leftover after parsing attributes in process `syz.0.218'.
[  301.074050][ T1087] tipc: Disabling bearer <udp:syz2>
[  301.550289][ T7010] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  301.567169][   T28] audit: type=1326 audit(1774878459.401:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  302.136709][   T28] audit: type=1326 audit(1774878459.411:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  302.311070][ T1087] tipc: Left network mode
[  302.367052][   T28] audit: type=1326 audit(1774878459.411:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  302.461484][ T7016] loop0: detected capacity change from 0 to 512
[  302.626858][ T7019] xt_cgroup: path and classid specified
[  302.790543][   T28] audit: type=1326 audit(1774878459.411:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  302.855883][ T7016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.079729][ T7016] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.121376][   T28] audit: type=1326 audit(1774878459.411:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  303.215840][   T28] audit: type=1326 audit(1774878459.411:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  303.238368][   T28] audit: type=1326 audit(1774878459.411:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  303.260970][   T28] audit: type=1326 audit(1774878459.411:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  303.283418][   T28] audit: type=1326 audit(1774878459.411:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  303.323166][   T28] audit: type=1326 audit(1774878459.411:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.1.219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e22b9c819 code=0x7ffc0000
[  303.933591][ T7025] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  303.950041][ T7025] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.222: Failed to acquire dquot type 0
[  304.216043][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.342924][ T5787] Bluetooth: hci3: command 0x0406 tx timeout
[  304.561695][ T7033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[  307.051875][ T7052] loop0: detected capacity change from 0 to 256
[  307.080746][ T7052] exfat: Deprecated parameter 'utf8'
[  307.156367][ T7052] exfat: Deprecated parameter 'namecase'
[  307.169772][ T7056] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  307.178698][ T7056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.228'.
[  307.257014][ T7052] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbcde3a0f, utbl_chksum : 0xe619d30d)
[  307.784832][ T6859] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  307.811027][ T6859] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  307.916202][ T6859] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  309.497118][ T6859] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  310.008023][  T787] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  311.072969][ T7079] loop3: detected capacity change from 0 to 40427
[  311.140078][ T7079] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  311.149127][ T7079] F2FS-fs (loop3): Image doesn't support compression
[  311.155931][ T7079] F2FS-fs (loop3): Image doesn't support compression
[  311.169644][ T7079] F2FS-fs (loop3): invalid crc value
[  311.230472][ T7079] F2FS-fs (loop3): Found nat_bits in checkpoint
[  311.329860][ T7079] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  311.719394][ T5780] syz-executor: attempt to access beyond end of device
[  311.719394][ T5780] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  311.728168][  T787] usb 2-1: device descriptor read/all, error -71
[  311.790169][ T5780] F2FS-fs (loop3): Remounting filesystem read-only
[  311.819554][ T6859] 8021q: adding VLAN 0 to HW filter on device bond0
[  312.031079][ T6859] 8021q: adding VLAN 0 to HW filter on device team0
[  312.127447][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.134741][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.175774][ T7084] loop1: detected capacity change from 0 to 512
[  312.195791][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.203166][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.361125][ T7084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.373991][ T7084] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.477965][ T1087] hsr_slave_0: left promiscuous mode
[  312.538198][ T1087] hsr_slave_1: left promiscuous mode
[  312.560317][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  312.583698][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_0
[  312.619825][ T1087] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  312.627426][ T1087] batman_adv: batadv0: Removing interface: batadv_slave_1
[  312.698504][ T1087] bridge_slave_1: left allmulticast mode
[  312.704237][ T1087] bridge_slave_1: left promiscuous mode
[  312.712419][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.723675][ T1087] bridge_slave_0: left allmulticast mode
[  312.729604][ T1087] bridge_slave_0: left promiscuous mode
[  312.735393][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.830289][ T7090] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  312.846168][ T7090] __quota_error: 106 callbacks suppressed
[  312.846207][ T7090] Quota error (device loop1): write_blk: dquota write failed
[  312.860337][ T7090] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  312.870777][ T7090] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.232: Failed to acquire dquot type 0
[  313.160816][ T1087] veth1_macvtap: left promiscuous mode
[  313.188402][ T1087] veth0_macvtap: left promiscuous mode
[  313.203723][ T1087] veth1_vlan: left promiscuous mode
[  313.238331][ T1087] veth0_vlan: left promiscuous mode
[  313.395088][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.955787][ T7095] loop0: detected capacity change from 0 to 512
[  315.316264][ T7103] loop1: detected capacity change from 0 to 512
[  316.241017][ T1087] infiniband syz2: set down
[  316.323449][ T7103] EXT4-fs (loop1): 1 truncate cleaned up
[  316.330927][ T7103] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.679975][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.421964][ T1087] team0 (unregistering): Port device team_slave_1 removed
[  317.473514][ T1087] team0 (unregistering): Port device team_slave_0 removed
[  317.537456][ T1087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  317.552872][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  317.559989][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  317.603532][ T1087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  318.001615][ T1087] bond0 (unregistering): Released all slaves
[  318.102920][ T2928] smc: removing ib device syz2
[  318.126227][ T7094] lo speed is unknown, defaulting to 1000
[  318.128774][    T9] lo speed is unknown, defaulting to 1000
[  318.138422][ T7094] lo speed is unknown, defaulting to 1000
[  318.145318][ T7094] lo speed is unknown, defaulting to 1000
[  318.156461][ T7094] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  318.171388][ T7094] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  318.198572][ T7094] lo speed is unknown, defaulting to 1000
[  318.205679][ T7094] lo speed is unknown, defaulting to 1000
[  318.212562][ T7094] lo speed is unknown, defaulting to 1000
[  318.219602][ T7094] lo speed is unknown, defaulting to 1000
[  318.658645][ T7112] loop0: detected capacity change from 0 to 512
[  318.688796][ T7112] EXT4-fs: Ignoring removed nobh option
[  318.948977][ T7112] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.235: iget: bad i_size value: 38620345925642
[  319.099778][ T7128] loop1: detected capacity change from 0 to 64
[  319.267364][ T7128] syz.1.238 uses obsolete (PF_INET,SOCK_PACKET)
[  319.385047][ T7112] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.235: couldn't read orphan inode 15 (err -117)
[  319.872253][ T7112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.395448][ T6859] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.661904][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.014625][ T5777] Bluetooth: hci0: unexpected event for opcode 0x1002
[  321.242277][ T7153] netlink: 12 bytes leftover after parsing attributes in process `syz.0.240'.
[  321.282243][ T7153] netlink: 12 bytes leftover after parsing attributes in process `syz.0.240'.
[  324.570112][ T6859] veth0_vlan: entered promiscuous mode
[  324.693194][ T6859] veth1_vlan: entered promiscuous mode
[  324.765580][ T6859] veth0_macvtap: entered promiscuous mode
[  324.781313][ T6859] veth1_macvtap: entered promiscuous mode
[  325.383083][ T6859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.471646][ T6859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.573013][ T6859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.599838][ T6859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.673912][ T6859] batman_adv: batadv0: Interface activated: batadv_slave_0
[  327.617023][ T6859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.924992][ T6859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  327.977820][ T6859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.037835][ T6859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.102056][ T6859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.131903][ T6859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.153738][ T6859] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.472952][ T6859] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.506042][ T6859] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.536748][ T6859] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.573128][ T6859] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.106515][ T3507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.140761][ T3507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.778322][ T3507] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.786221][ T3507] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.901027][ T7237] netlink: 'syz.3.250': attribute type 8 has an invalid length.
[  334.273717][ T7272] loop0: detected capacity change from 0 to 512
[  334.317138][ T7272] EXT4-fs: Ignoring removed nobh option
[  335.334944][ T7277] loop3: detected capacity change from 0 to 512
[  335.514324][ T7280] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  335.522962][ T7280] netlink: 8 bytes leftover after parsing attributes in process `syz.1.257'.
[  335.731922][ T7272] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.256: iget: bad i_size value: 38620345925642
[  335.753680][ T7277] EXT4-fs (loop3): 1 truncate cleaned up
[  335.761097][ T7277] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.820318][ T7272] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.256: couldn't read orphan inode 15 (err -117)
[  336.134895][ T7272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.187804][ T7283] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  336.476541][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.492925][ T7288] kernel profiling enabled (shift: 6)
[  336.635550][ T7289] loop1: detected capacity change from 0 to 256
[  337.700850][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.735598][ T7297] loop1: detected capacity change from 0 to 256
[  339.550069][ T7307] comedi comedi0: comedi_parport: I/O port conflict (0x3,3)
[  340.183544][ T7311] loop4: detected capacity change from 0 to 512
[  340.208946][ T7311] EXT4-fs: Ignoring removed nobh option
[  340.325430][ T7311] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.264: iget: bad i_size value: 38620345925642
[  340.353677][ T7300] netlink: 'syz.0.261': attribute type 8 has an invalid length.
[  340.469170][ T7311] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.264: couldn't read orphan inode 15 (err -117)
[  340.508731][ T7311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.356728][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.612446][ T7338] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  342.621158][ T7338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.268'.
[  342.957704][ T7341] trusted_key: encrypted_key: keylen parameter is missing
[  343.579277][ T7344] loop0: detected capacity change from 0 to 512
[  343.627377][ T7344] EXT4-fs: Ignoring removed nobh option
[  343.912932][ T7344] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.269: iget: bad i_size value: 38620345925642
[  343.932923][ T7344] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.269: couldn't read orphan inode 15 (err -117)
[  345.060802][ T7344] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.467047][ T7360] loop3: detected capacity change from 0 to 1024
[  345.684987][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.847807][  T788] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  346.058100][  T788] usb 5-1: device descriptor read/64, error -71
[  346.689669][ T7360] hfsplus: found bad thread record in catalog
[  346.807757][  T788] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  346.855078][ T1100] hfsplus: b-tree write err: -5, ino 25
[  346.861420][ T1100] hfsplus: b-tree write err: -5, ino 4
[  346.867200][ T1100] hfsplus: b-tree write err: -5, ino 2
[  346.878417][ T1100] hfsplus: b-tree write err: -5, ino 22
[  346.957720][  T788] usb 5-1: device descriptor read/64, error -71
[  347.045390][ T7384] loop3: detected capacity change from 0 to 512
[  347.085699][  T788] usb usb5-port1: attempt power cycle
[  347.159836][ T7384] EXT4-fs: Ignoring removed nobh option
[  347.264252][ T7384] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.275: iget: bad i_size value: 38620345925642
[  347.322116][ T7384] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.275: couldn't read orphan inode 15 (err -117)
[  347.379063][ T7384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.308129][  T788] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  348.384806][  T788] usb 5-1: device descriptor read/8, error -71
[  348.520180][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.555309][ T7403] loop0: detected capacity change from 0 to 512
[  348.576038][ T7402] loop1: detected capacity change from 0 to 256
[  348.597380][ T7403] EXT4-fs: Ignoring removed nobh option
[  348.691437][ T7402] exfat: Deprecated parameter 'namecase'
[  348.697318][ T7402] exfat: Deprecated parameter 'utf8'
[  348.804487][ T7403] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.284: iget: bad i_size value: 38620345925642
[  348.868677][ T7403] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.284: couldn't read orphan inode 15 (err -117)
[  348.882954][ T7402] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  348.947194][ T7403] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.927162][ T7409] loop3: detected capacity change from 0 to 2048
[  349.936974][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.011396][ T7416] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  350.360257][ T7409] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.465816][ T7409] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.650867][ T7423] syz.0.280 (7423): attempted to duplicate a private mapping with mremap.  This is not supported.
[  351.234343][ T7430] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  352.145183][   T28] audit: type=1326 audit(1774878509.391:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  352.339539][   T28] audit: type=1326 audit(1774878509.391:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  352.362957][   T28] audit: type=1326 audit(1774878509.391:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  352.489956][   T28] audit: type=1326 audit(1774878509.391:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  352.514241][   T28] audit: type=1326 audit(1774878509.391:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  352.547749][   T28] audit: type=1326 audit(1774878509.411:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7428 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f739055d04e code=0x7ffc0000
[  352.616655][   T28] audit: type=1326 audit(1774878509.411:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  352.770645][   T28] audit: type=1326 audit(1774878509.461:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  353.594984][   T28] audit: type=1326 audit(1774878509.461:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  354.023607][   T28] audit: type=1326 audit(1774878509.461:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f739059c582 code=0x7ffc0000
[  356.009263][ T7468] loop1: detected capacity change from 0 to 512
[  356.048288][ T7470] fuse: Unknown parameter '0x0000000000000007'
[  356.071424][ T7470] 9pnet_fd: Insufficient options for proto=fd
[  357.863373][ T5777] Bluetooth: hci4: command tx timeout
[  358.157167][ T7468] EXT4-fs: Ignoring removed nobh option
[  358.468741][ T7468] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.287: iget: bad i_size value: 38620345925642
[  358.497223][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.531928][ T7468] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.287: couldn't read orphan inode 15 (err -117)
[  358.602890][ T7481] loop0: detected capacity change from 0 to 512
[  358.618759][ T7468] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.670273][ T7481] EXT4-fs: Ignoring removed nobh option
[  358.742487][ T7481] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.289: iget: bad i_size value: 38620345925642
[  358.821470][ T7481] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.289: couldn't read orphan inode 15 (err -117)
[  358.915511][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.929825][ T7481] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.048557][ T7476] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  359.740042][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.694194][ T7501] loop1: detected capacity change from 0 to 1024
[  362.690054][ T3000] hfsplus: b-tree write err: -5, ino 25
[  362.695906][ T3000] hfsplus: b-tree write err: -5, ino 4
[  362.729198][ T3000] hfsplus: b-tree write err: -5, ino 2
[  363.107442][ T7509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.257804][ T7509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  363.347080][ T7509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  363.957833][ T7509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  364.052264][ T7509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  364.101443][ T7509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  364.142401][ T7509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  364.197656][ T7509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  364.207561][ T7509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  364.241090][ T7509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  364.399598][ T7507] syz.3.290 (7507) used greatest stack depth: 17896 bytes left
[  364.563333][ T7519] ntfs3: nullb0: Primary boot signature is not NTFS.
[  364.657425][ T7519] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[  365.253876][ T7526] loop1: detected capacity change from 0 to 512
[  365.677310][ T7527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.294'.
[  365.687517][ T7527] bridge_slave_1: left allmulticast mode
[  365.693677][ T7527] bridge_slave_1: left promiscuous mode
[  365.701583][ T7527] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.716068][ T7526] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.748434][ T7526] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  366.375610][ T7527] bridge_slave_0: left allmulticast mode
[  366.395117][ T7532] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  366.410056][ T7532] __quota_error: 58 callbacks suppressed
[  366.410072][ T7532] Quota error (device loop1): write_blk: dquota write failed
[  366.423852][ T7532] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  366.433978][ T7532] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.296: Failed to acquire dquot type 0
[  366.445587][ T7527] bridge_slave_0: left promiscuous mode
[  366.541419][ T7527] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.574578][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.861254][ T7538] loop0: detected capacity change from 0 to 256
[  366.889664][ T7538] FAT-fs (loop0): Directory bread(block 64) failed
[  366.916157][ T7538] FAT-fs (loop0): Directory bread(block 65) failed
[  366.925852][ T7538] FAT-fs (loop0): Directory bread(block 66) failed
[  366.935907][ T7538] FAT-fs (loop0): Directory bread(block 67) failed
[  366.945667][ T7538] FAT-fs (loop0): Directory bread(block 68) failed
[  366.957241][ T7538] FAT-fs (loop0): Directory bread(block 69) failed
[  366.978349][ T7538] FAT-fs (loop0): Directory bread(block 70) failed
[  366.994983][ T7538] FAT-fs (loop0): Directory bread(block 71) failed
[  367.004241][ T7538] FAT-fs (loop0): Directory bread(block 72) failed
[  367.016352][ T7538] FAT-fs (loop0): Directory bread(block 73) failed
[  367.214488][ T7540] lo speed is unknown, defaulting to 1000
[  367.395795][ T7540] lo speed is unknown, defaulting to 1000
[  367.403146][ T7540] lo speed is unknown, defaulting to 1000
[  367.421415][ T7540] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  367.449826][ T7540] lo speed is unknown, defaulting to 1000
[  367.457225][ T7540] lo speed is unknown, defaulting to 1000
[  367.472089][ T7540] lo speed is unknown, defaulting to 1000
[  368.242507][ T7540] lo speed is unknown, defaulting to 1000
[  368.419799][ T7546] loop4: detected capacity change from 0 to 512
[  368.429199][ T7546] EXT4-fs: Ignoring removed nobh option
[  368.442766][ T7546] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.300: iget: bad i_size value: 38620345925642
[  368.457842][ T7546] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.300: couldn't read orphan inode 15 (err -117)
[  368.536509][ T7546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.718850][ T7551] loop0: detected capacity change from 0 to 512
[  368.727193][ T7551] EXT4-fs: Ignoring removed nobh option
[  368.990107][ T7551] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.301: iget: bad i_size value: 38620345925642
[  369.039214][ T7551] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.301: couldn't read orphan inode 15 (err -117)
[  369.310902][ T7551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.324525][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.581062][ T7559] loop3: detected capacity change from 0 to 32768
[  370.622271][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.689366][ T7559] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  370.711759][ T7559] JBD2: Ignoring recovery information on journal
[  370.778938][ T7559] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  373.845118][ T7590] loop0: detected capacity change from 0 to 2048
[  373.865643][ T7590] UDF-fs: bad mount option "noadinicb@&°"w¤8¬êˆx7" or missing value
[  375.726125][ T7596] loop4: detected capacity change from 0 to 256
[  375.745836][ T7596] exfat: Deprecated parameter 'namecase'
[  375.751967][ T7596] exfat: Deprecated parameter 'utf8'
[  375.806726][ T5780] ocfs2: Unmounting device (7,3) on (node local)
[  375.825007][ T7596] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  376.590010][ T7608] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  376.828774][  T788] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  376.855237][ T7610] loop3: detected capacity change from 0 to 512
[  376.966417][ T7610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.015407][ T7610] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  377.026307][  T788] usb 2-1: Using ep0 maxpacket: 32
[  377.040410][  T788] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  377.055062][ T7618] loop4: detected capacity change from 0 to 256
[  377.059822][  T788] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  377.220147][ T7618] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  377.324764][  T788] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  377.334531][  T788] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  377.344385][  T788] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  377.354770][  T788] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  377.365780][  T788] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  377.376143][  T788] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  377.400797][  T788] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  377.756466][ T7623] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  377.772705][ T7623] Quota error (device loop3): write_blk: dquota write failed
[  377.781030][ T7623] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  377.852008][  T788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.958664][ T7623] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.307: Failed to acquire dquot type 0
[  378.389960][  T788] usb 2-1: config 0 descriptor??
[  378.393491][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.005567][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  379.014805][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  379.339837][  T788] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  379.526722][  T788] usb 2-1: USB disconnect, device number 4
[  379.657476][  T788] usblp0: removed
[  379.776903][   T28] audit: type=1326 audit(1774878538.021:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  379.857004][   T28] audit: type=1326 audit(1774878538.051:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  379.953562][   T28] audit: type=1326 audit(1774878538.051:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  380.056274][   T28] audit: type=1326 audit(1774878538.051:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  380.154458][ T7638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.175737][   T28] audit: type=1326 audit(1774878538.291:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  380.307795][   T28] audit: type=1326 audit(1774878538.291:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  380.453625][   T28] audit: type=1326 audit(1774878538.291:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7636 comm="syz.3.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739059c819 code=0x7ffc0000
[  380.495345][ T7638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.579124][ T7638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  382.382118][ T7638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.462794][ T7645] loop1: detected capacity change from 0 to 16
[  382.472970][ T7645] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  382.641562][ T7638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.739120][ T7638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.844234][ T7638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.888777][ T7638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  382.899089][ T7638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  382.909991][ T7638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  383.408138][ T7653] netlink: 104 bytes leftover after parsing attributes in process `syz.3.319'.
[  384.302266][ T7662] loop0: detected capacity change from 0 to 1024
[  384.882814][ T7669] loop1: detected capacity change from 0 to 512
[  384.936882][ T7664] loop4: detected capacity change from 0 to 4096
[  384.957171][ T7664] ext4: Unknown parameter 'noacl'
[  385.416917][ T7669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.571301][ T7684] overlayfs: failed to resolve './bus': -2
[  386.258118][ T7669] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  386.465729][ T7662] hfsplus: found bad thread record in catalog
[  386.604268][ T7688] SET target dimension over the limit!
[  387.338118][ T3000] hfsplus: b-tree write err: -5, ino 25
[  387.344122][ T7695] siw: device registration error -23
[  387.365687][ T3000] hfsplus: b-tree write err: -5, ino 4
[  387.466364][ T7697] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  387.482169][ T7697] Quota error (device loop1): write_blk: dquota write failed
[  387.490466][ T7697] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  387.500834][ T7697] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.322: Failed to acquire dquot type 0
[  387.850673][ T3000] hfsplus: b-tree write err: -5, ino 2
[  387.920687][ T3000] hfsplus: b-tree write err: -5, ino 22
[  388.063857][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.779610][ T7731] loop0: detected capacity change from 0 to 164
[  392.874140][ T7737] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  395.898259][ T7749] loop3: detected capacity change from 0 to 512
[  396.015234][ T7749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.119094][ T7749] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  396.306165][ T7758] loop1: detected capacity change from 0 to 512
[  396.370895][ T7758] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.448154][ T7758] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.366111][ T7765] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  397.381036][ T7765] Quota error (device loop1): write_blk: dquota write failed
[  397.388932][ T7765] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  397.399849][ T7765] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.335: Failed to acquire dquot type 0
[  397.576487][ T7768] loop0: detected capacity change from 0 to 256
[  397.605099][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.628663][ T7768] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  397.631668][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.782999][ T7772] loop1: detected capacity change from 0 to 512
[  397.875824][ T7772] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.003864][ T7772] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.835082][ T7779] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  398.851528][ T7779] Quota error (device loop1): write_blk: dquota write failed
[  398.859815][ T7779] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  398.870202][ T7779] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.339: Failed to acquire dquot type 0
[  400.766596][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.923245][ T7793] loop3: detected capacity change from 0 to 512
[  400.988794][ T7793] EXT4-fs: Ignoring removed nobh option
[  401.150160][ T7793] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.342: iget: bad i_size value: 38620345925642
[  401.256643][ T7793] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.342: couldn't read orphan inode 15 (err -117)
[  401.391381][ T7793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.692328][ T7801] loop1: detected capacity change from 0 to 1024
[  402.374254][ T7801] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  402.403518][ T7800] loop4: detected capacity change from 0 to 512
[  402.413339][ T7800] EXT4-fs: Ignoring removed nobh option
[  402.468116][ T7801] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.341: lblock 2 mapped to illegal pblock 2 (length 1)
[  402.488262][ T3000] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 1
[  402.679594][ T7801] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  402.687978][ T7801] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.341: lblock 0 mapped to illegal pblock 48 (length 1)
[  402.706604][ T7801] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  402.715929][ T7801] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.341: Failed to acquire dquot type 0
[  402.742802][ T7801] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  402.762113][ T7801] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.341: mark_inode_dirty error
[  403.016649][   T11] Bluetooth: hci1: Frame reassembly failed (-84)
[  403.026909][ T7801] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  403.037856][ T7801] EXT4-fs (loop1): 1 orphan inode deleted
[  403.045039][ T7801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.321668][ T2928] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  403.334750][ T7800] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.333: iget: bad i_size value: 38620345925642
[  403.397932][ T2928] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  403.439346][ T7800] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.333: couldn't read orphan inode 15 (err -117)
[  403.497299][ T2928] EXT4-fs error (device loop1): ext4_release_dquot:6985: comm kworker/u4:10: Failed to release dquot type 0
[  403.523989][ T7800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.599196][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.007926][ T7754] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  404.061715][ T5787] Bluetooth: hci1: command 0x1003 tx timeout
[  404.153568][ T5777] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  404.379291][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.493013][ T5779] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0
[  404.566201][ T5779] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  404.613114][ T5779] EXT4-fs error (device loop1): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error
[  404.647496][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.568941][   T28] audit: type=1326 audit(1774878563.791:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  405.645548][   T28] audit: type=1326 audit(1774878563.851:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  407.572325][ T5787] Bluetooth: hci4: command 0x0406 tx timeout
[  407.627954][   T28] audit: type=1326 audit(1774878563.851:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  408.692106][ T7833] loop3: detected capacity change from 0 to 512
[  408.698891][   T28] audit: type=1326 audit(1774878563.851:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.041617][   T28] audit: type=1326 audit(1774878563.881:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.122588][   T28] audit: type=1326 audit(1774878563.921:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.145081][   T28] audit: type=1326 audit(1774878563.921:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.167459][   T28] audit: type=1326 audit(1774878564.001:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.190902][   T28] audit: type=1326 audit(1774878564.001:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.213791][   T28] audit: type=1326 audit(1774878564.001:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.238088][   T28] audit: type=1326 audit(1774878564.001:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f46c979c819 code=0x7ffc0000
[  409.261150][   T28] audit: type=1326 audit(1774878564.011:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f46c979c582 code=0x7ffc0000
[  409.288960][   T28] audit: type=1326 audit(1774878564.011:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7818 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f46c979c582 code=0x7ffc0000
[  409.321363][ T7833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.438051][ T7833] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.474572][ T7842] netlink: 4 bytes leftover after parsing attributes in process `syz.4.348'.
[  409.507652][ T7842] netlink: 12 bytes leftover after parsing attributes in process `syz.4.348'.
[  410.676690][ T7845] loop0: detected capacity change from 0 to 512
[  412.782528][ T7838] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  412.874374][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.894465][ T7845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.955294][ T7845] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  413.204687][ T7859] loop3: detected capacity change from 0 to 512
[  413.279122][ T7859] EXT4-fs: Ignoring removed nobh option
[  413.406817][ T7862] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  413.423094][ T7862] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.349: Failed to acquire dquot type 0
[  413.692650][ T7859] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.351: iget: bad i_size value: 38620345925642
[  413.794823][ T7859] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.351: couldn't read orphan inode 15 (err -117)
[  413.959173][ T7859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.223851][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.964629][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.052142][ T7876] netlink: 8 bytes leftover after parsing attributes in process `syz.0.354'.
[  415.097814][ T7876] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  415.175671][ T7874] loop1: detected capacity change from 0 to 512
[  415.406134][ T7885] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  416.351104][ T7874] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  416.398128][ T7874] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  416.451739][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  416.451755][   T28] audit: type=1326 audit(1774878574.701:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7870 comm="syz.0.354" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f46c979c819 code=0x0
[  417.154654][ T7897] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  417.169938][ T7897] Quota error (device loop1): write_blk: dquota write failed
[  417.177488][ T7897] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  417.187468][ T7897] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.347: Failed to acquire dquot type 0
[  417.592810][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.735903][ T7905] No such timeout policy "syz1"
[  418.843338][ T7914] loop1: detected capacity change from 0 to 256
[  418.901325][ T7914] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  419.039265][ T7918] netlink: 64 bytes leftover after parsing attributes in process `syz.0.358'.
[  419.055495][ T7918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.358'.
[  419.064573][ T7918] netlink: 48 bytes leftover after parsing attributes in process `syz.0.358'.
[  419.092769][ T7918] vlan2: entered allmulticast mode
[  421.922727][ T7929] loop1: detected capacity change from 0 to 512
[  422.140556][ T7929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.190860][ T7929] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.346978][ T7940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.362'.
[  423.467013][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.411116][ T7951] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  424.716917][ T7952] SET target dimension over the limit!
[  426.382908][ T7970] netlink: 44 bytes leftover after parsing attributes in process `syz.1.367'.
[  428.664223][ T7981] loop4: detected capacity change from 0 to 512
[  428.689617][ T7981] EXT4-fs: Ignoring removed nobh option
[  428.748687][ T7981] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.369: iget: bad i_size value: 38620345925642
[  428.787219][ T7981] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.369: couldn't read orphan inode 15 (err -117)
[  428.842894][ T7981] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  429.103290][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.236057][ T7995] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  429.886106][ T8001] loop3: detected capacity change from 0 to 512
[  431.654643][ T8001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.744567][ T8001] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  432.691995][ T8018] bridge0: port 1(erspan0) entered blocking state
[  432.724995][ T8018] bridge0: port 1(erspan0) entered disabled state
[  432.740612][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.761215][ T8018] erspan0: entered allmulticast mode
[  433.070867][ T8025] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  433.704699][ T8018] erspan0: entered promiscuous mode
[  433.816510][ T8018] bridge0: port 1(erspan0) entered blocking state
[  433.823651][ T8018] bridge0: port 1(erspan0) entered forwarding state
[  434.173283][ T8036] loop1: detected capacity change from 0 to 512
[  434.184165][ T8036] EXT4-fs: Ignoring removed nobh option
[  434.382924][ T8036] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.378: iget: bad i_size value: 38620345925642
[  435.587807][ T8036] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.378: couldn't read orphan inode 15 (err -117)
[  436.315577][ T8048] loop0: detected capacity change from 0 to 512
[  436.330092][ T8036] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.379477][ T8048] EXT4-fs: Ignoring removed nobh option
[  436.390748][ T8050] loop4: detected capacity change from 0 to 512
[  436.409744][ T8050] EXT4-fs: Ignoring removed nobh option
[  436.426342][ T8048] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.380: iget: bad i_size value: 38620345925642
[  436.465446][ T8048] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.380: couldn't read orphan inode 15 (err -117)
[  436.480066][ T8048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.712002][ T8050] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.381: iget: bad i_size value: 38620345925642
[  437.244491][ T8050] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.381: couldn't read orphan inode 15 (err -117)
[  437.274774][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.398966][ T8050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.519567][ T8059] loop1: detected capacity change from 0 to 512
[  437.537483][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.650283][ T8059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.701444][ T8059] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  438.465278][ T8065] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  438.481496][ T8065] Quota error (device loop1): write_blk: dquota write failed
[  438.490092][ T8065] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  438.500949][ T8065] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.382: Failed to acquire dquot type 0
[  439.987888][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.202049][ T8072] loop4: detected capacity change from 0 to 512
[  440.280778][ T8072] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  440.304028][ T8072] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  440.421777][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  440.428334][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  441.523262][ T8039] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  441.615979][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.629319][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.373344][ T8090] loop4: detected capacity change from 0 to 512
[  442.624924][ T8090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  442.733912][ T8090] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  443.520249][ T8101] loop3: detected capacity change from 0 to 1024
[  443.880143][ T8101] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  443.893337][ T8101] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  444.356421][ T8111] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  444.371305][ T8111] Quota error (device loop4): write_blk: dquota write failed
[  444.378883][ T8111] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  444.388840][ T8111] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.387: Failed to acquire dquot type 0
[  445.099682][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  445.208518][ T5777] Bluetooth: hci4: command 0x0406 tx timeout
[  445.265221][ T8117] loop1: detected capacity change from 0 to 512
[  445.290341][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.630781][ T8117] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.838270][ T8117] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  447.005969][ T8133] loop0: detected capacity change from 0 to 512
[  447.135562][ T8133] EXT4-fs: Ignoring removed nobh option
[  447.248897][ T8133] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.394: iget: bad i_size value: 38620345925642
[  447.300452][ T8141] loop3: detected capacity change from 0 to 512
[  447.404709][ T8142] loop4: detected capacity change from 0 to 1024
[  447.484474][ T8133] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.394: couldn't read orphan inode 15 (err -117)
[  448.129024][ T8133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.198180][ T8141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.327956][ T8125] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  448.374587][ T8141] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  448.578416][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.145128][ T3507] hfsplus: b-tree write err: -5, ino 3
[  449.169464][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.468408][ T8125] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  449.623605][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.858933][ T8160] loop0: detected capacity change from 0 to 512
[  450.323515][ T8160] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  450.617796][ T8160] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  450.917228][ T8176] loop1: detected capacity change from 0 to 512
[  450.986861][ T8176] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.057853][ T8167] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  451.100332][ T8176] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  451.682146][ T8176] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  451.703582][ T8176] Quota error (device loop1): write_blk: dquota write failed
[  451.711511][ T8176] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  451.721942][ T8176] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.401: Failed to acquire dquot type 0
[  454.002555][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.151841][ T8193] loop4: detected capacity change from 0 to 512
[  454.376260][ T8193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  454.392564][ T8193] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  455.200808][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.137243][ T8211] loop3: detected capacity change from 0 to 2048
[  456.252047][ T8211] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  456.781004][ T8220] loop1: detected capacity change from 0 to 128
[  456.871589][ T8220] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  456.886015][ T8220] ext4 filesystem being mounted at /110/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  457.491401][ T5779] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  457.709442][ T8167] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  458.252629][ T8228] macvtap1: entered promiscuous mode
[  458.258878][ T8228] macvtap1: entered allmulticast mode
[  458.270955][ T8228] dummy0: entered promiscuous mode
[  458.276586][ T8228] dummy0: entered allmulticast mode
[  458.294605][ T8228] team0: Device macvtap1 failed to register rx_handler
[  459.074962][ T8228] dummy0: left allmulticast mode
[  459.084481][ T8228] dummy0: left promiscuous mode
[  459.144270][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.297344][ T8234] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  460.337889][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  460.936938][ T8244] loop3: detected capacity change from 0 to 512
[  460.970318][ T8241] loop0: detected capacity change from 0 to 512
[  461.116333][ T8247] loop4: detected capacity change from 0 to 1024
[  461.264873][ T8247] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  461.277620][ T8247] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  461.695698][ T8241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  461.804356][ T8241] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  461.815014][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  462.240595][ T8244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  462.398925][ T8244] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  462.948242][ T8260] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  462.963264][ T8260] Quota error (device loop0): write_blk: dquota write failed
[  462.970871][ T8260] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  462.980836][ T8260] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.413: Failed to acquire dquot type 0
[  463.209382][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.985071][ T8271] loop0: detected capacity change from 0 to 1024
[  464.969003][ T8250] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  464.995006][ T8279] tipc: Started in network mode
[  465.000184][ T8279] tipc: Node identity ac14140f, cluster identity 4711
[  465.007869][ T8279] tipc: New replicast peer: 255.255.255.255
[  465.014700][ T8279] tipc: Enabled bearer <udp:syz2>, priority 10
[  465.022698][ T8279] netlink: 8 bytes leftover after parsing attributes in process `syz.4.416'.
[  465.217861][ T8280] bridge0: port 3(gretap0) entered blocking state
[  465.224968][ T8280] bridge0: port 3(gretap0) entered disabled state
[  465.233292][ T8280] gretap0: entered allmulticast mode
[  465.251445][ T8280] gretap0: entered promiscuous mode
[  465.260671][ T8280] bridge0: port 3(gretap0) entered blocking state
[  465.267458][ T8280] bridge0: port 3(gretap0) entered forwarding state
[  466.531142][ T5877] tipc: Node number set to 2886997007
[  468.273315][ T8289] loop0: detected capacity change from 0 to 512
[  468.323182][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.583412][ T8292] loop4: detected capacity change from 0 to 40427
[  468.612511][ T8292] F2FS-fs (loop4): invalid crc value
[  468.688301][ T8292] F2FS-fs (loop4): Found nat_bits in checkpoint
[  468.740966][ T8292] F2FS-fs (loop4): Start checkpoint disabled!
[  468.766584][ T8289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  468.779441][ T8292] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  468.864173][ T8289] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  469.937864][ T8297] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  470.162341][   T59] kworker/u4:4: attempt to access beyond end of device
[  470.162341][   T59] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  470.202190][   T59] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  470.222735][   T59] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  470.237849][   T59] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  471.515408][ T8317] Quota error (device loop0): write_blk: dquota write failed
[  471.586522][ T8317] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  471.602566][ T8317] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.420: Failed to acquire dquot type 0
[  477.174675][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.426232][ T8346] loop4: detected capacity change from 0 to 16
[  477.468041][ T8346] erofs: (device loop4): mounted with root inode @ nid 36.
[  477.524560][ T8346] syz.4.431: attempt to access beyond end of device
[  477.524560][ T8346] loop4: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  477.651346][ T8347] 9pnet_fd: Insufficient options for proto=fd
[  478.818606][   T28] audit: type=1800 audit(1774878636.911:253): pid=8346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.431" name="file2" dev="loop4" ino=89 res=0 errno=0
[  480.034694][ T8365] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  480.043394][ T8365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.429'.
[  480.288488][ T8366] loop0: detected capacity change from 0 to 512
[  480.299614][ T8366] EXT4-fs: Ignoring removed mblk_io_submit option
[  480.383537][ T8366] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  480.395222][ T8366] EXT4-fs (loop0): external journal has bad superblock
[  481.411796][ T7298] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  483.946571][ T8381] netlink: 64 bytes leftover after parsing attributes in process `syz.3.436'.
[  483.966052][ T8381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.436'.
[  483.975235][ T8381] netlink: 48 bytes leftover after parsing attributes in process `syz.3.436'.
[  484.079452][ T8381] vlan0: entered allmulticast mode
[  484.084910][ T8381] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  486.784058][ T8386] loop0: detected capacity change from 0 to 512
[  486.929933][ T8389] bridge0: port 2(syz_tun) entered blocking state
[  486.938409][ T8389] bridge0: port 2(syz_tun) entered disabled state
[  486.950226][ T8389] syz_tun: entered allmulticast mode
[  486.976965][ T8389] syz_tun: entered promiscuous mode
[  487.025857][ T8389] bridge0: port 2(syz_tun) entered blocking state
[  487.032676][ T8389] bridge0: port 2(syz_tun) entered forwarding state
[  488.095384][ T8386] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  488.153491][ T8386] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  488.820500][ T8394] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  489.415053][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.756161][ T8410] loop0: detected capacity change from 0 to 1024
[  490.178849][ T5787] Bluetooth: hci4: command 0x0406 tx timeout
[  490.347927][ T8406] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  490.369216][ T8406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.444'.
[  490.798238][ T8419] loop1: detected capacity change from 0 to 32768
[  491.043706][ T8419] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  491.279519][ T8419] XFS (loop1): Ending clean mount
[  491.437690][ T5761] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  491.474095][ T8419] XFS (loop1): Quotacheck needed: Please wait.
[  491.601244][ T8419] XFS (loop1): Quotacheck: Done.
[  491.745017][ T5761] usb 5-1: Using ep0 maxpacket: 32
[  491.810325][ T5761] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  491.846589][ T5761] usb 5-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  491.904196][ T5761] usb 5-1: config 0 interface 0 has no altsetting 0
[  492.559552][ T5761] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  492.631666][ T5761] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.677711][ T5761] usb 5-1: Product: syz
[  492.680368][ T5779] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  492.688166][ T5761] usb 5-1: Manufacturer: syz
[  492.695929][ T5761] usb 5-1: SerialNumber: syz
[  492.792678][ T5761] usb 5-1: config 0 descriptor??
[  493.308228][ T5761] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  493.562370][ T8441] loop3: detected capacity change from 0 to 512
[  493.725412][ T8441] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  493.751478][ T8441] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  495.516986][ T5761] gs_usb 5-1:0.0: Couldn't get bit timing const for channel 0 (-ETIMEDOUT)
[  495.528114][ T5761] gs_usb: probe of 5-1:0.0 failed with error -110
[  495.873604][ T8449] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  496.527251][ T8458] vivid-000: kernel_thread() failed
[  497.266616][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.733397][    T9] usb 5-1: USB disconnect, device number 6
[  498.597253][ T8469] loop4: detected capacity change from 0 to 16
[  498.649960][ T8469] erofs: (device loop4): mounted with root inode @ nid 36.
[  498.674855][ T8469] syz.4.455: attempt to access beyond end of device
[  498.674855][ T8469] loop4: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  498.723129][ T8469] syz.4.455: attempt to access beyond end of device
[  498.723129][ T8469] loop4: rw=524288, sector=16, nr_sectors = 40 limit=16
[  498.757489][ T8469] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  498.792490][   T28] audit: type=1800 audit(1774878657.021:254): pid=8469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.455" name="file2" dev="loop4" ino=89 res=0 errno=0
[  501.732195][ T8484] netlink: 'syz.4.458': attribute type 4 has an invalid length.
[  501.748734][ T8484] netlink: 152 bytes leftover after parsing attributes in process `syz.4.458'.
[  501.865622][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  501.876766][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  501.887989][ T8484] .`: renamed from bond0 (while UP)
[  502.127996][ T8492] netlink: 64 bytes leftover after parsing attributes in process `syz.1.453'.
[  502.914082][ T8492] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'.
[  504.554084][ T8492] netlink: 48 bytes leftover after parsing attributes in process `syz.1.453'.
[  505.083058][ T8504] loop4: detected capacity change from 0 to 512
[  505.129015][ T8504] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.166448][ T8504] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.198843][ T8510] loop0: detected capacity change from 0 to 16
[  506.518203][ T8510] erofs: (device loop0): mounted with root inode @ nid 36.
[  506.536873][ T8509] syz.0.461: attempt to access beyond end of device
[  506.536873][ T8509] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  506.598699][ T8509] syz.0.461: attempt to access beyond end of device
[  506.598699][ T8509] loop0: rw=524288, sector=16, nr_sectors = 40 limit=16
[  506.612671][ T8509] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  506.624314][   T28] audit: type=1800 audit(1774878664.871:255): pid=8509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.461" name="file2" dev="loop0" ino=89 res=0 errno=0
[  507.990517][ T8513] Cannot find set identified by id 0 to match
[  508.150286][ T8508] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  508.801400][ T8524] loop0: detected capacity change from 0 to 2048
[  508.818466][ T8524] UDF-fs: bad mount option "noadinicb@&°"w¤8¬êˆx7" or missing value
[  510.065854][ T8532] loop1: detected capacity change from 0 to 1024
[  511.694886][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.340056][ T8540] (syz.1.470,8540,1):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  515.538071][ T8556] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  516.631647][ T8564] macvtap1: entered promiscuous mode
[  516.637105][ T8564] macvtap1: entered allmulticast mode
[  516.642987][ T8564] dummy0: entered promiscuous mode
[  516.648569][ T8564] dummy0: entered allmulticast mode
[  516.657752][ T8564] team0: Device macvtap1 failed to register rx_handler
[  516.671509][ T8564] dummy0: left allmulticast mode
[  516.676909][ T8564] dummy0: left promiscuous mode
[  516.870991][ T8559] ALSA: mixer_oss: invalid OSS volume ''
[  517.646720][ T8573] loop1: detected capacity change from 0 to 512
[  517.713946][ T8573] EXT4-fs (loop1): DAX unsupported by block device.
[  519.247693][ T8591] No such timeout policy "syz1"
[  519.568793][ T8592] autofs4:pid:8592:autofs_fill_super: called with bogus options
[  519.651976][ T8588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.478'.
[  519.668254][ T8594] ieee802154 phy0 wpan0: encryption failed: -22
[  519.681941][ T8594] comedi comedi0: pcl724: I/O port conflict (0x4000409,4)
[  520.090118][ T8600] loop1: detected capacity change from 0 to 2048
[  520.127396][ T8600] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  521.852735][ T8606] overlayfs: missing 'lowerdir'
[  523.575741][ T8619] loop3: detected capacity change from 0 to 512
[  523.952593][ T8619] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  524.037714][ T8619] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.174560][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.485'.
[  524.449160][ T8632] netlink: 4 bytes leftover after parsing attributes in process `syz.4.486'.
[  524.640810][ T8635] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  524.655477][ T8635] Quota error (device loop3): write_blk: dquota write failed
[  524.663245][ T8635] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  524.673212][ T8635] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.487: Failed to acquire dquot type 0
[  525.935996][ T8646] loop1: detected capacity change from 0 to 2048
[  526.023642][ T8646] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  526.033572][ T8644] No such timeout policy "syz1"
[  526.041125][ T8644] autofs4:pid:8644:autofs_fill_super: called with bogus options
[  526.052273][ T8644] netlink: 8 bytes leftover after parsing attributes in process `syz.0.491'.
[  527.953970][ T8658] ALSA: mixer_oss: invalid OSS volume ''
[  528.589448][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.964741][ T8662] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  528.973580][ T8662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[  529.331410][ T8674] loop4: detected capacity change from 0 to 256
[  529.338760][ T8674] exfat: Deprecated parameter 'utf8'
[  529.453441][ T8676] Error parsing options; rc = [-22]
[  529.536862][ T8677] loop0: detected capacity change from 0 to 64
[  529.826008][ T8674] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  530.079508][  T788] IPVS: starting estimator thread 0...
[  530.267789][ T8679] IPVS: using max 21 ests per chain, 50400 per kthread
[  530.544718][ T8685] loop0: detected capacity change from 0 to 2048
[  531.426653][ T8691] vivid-000: kernel_thread() failed
[  531.855849][ T8685] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  534.540872][   T28] audit: type=1800 audit(1774878691.841:256): pid=8698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.506" name="bus" dev="overlay" ino=737 res=0 errno=0
[  536.374963][ T8713] loop3: detected capacity change from 0 to 2048
[  536.410419][ T8713] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  538.264134][ T8727] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  539.246081][ T8733] loop0: detected capacity change from 0 to 512
[  539.850792][ T8733] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  539.883964][ T8733] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  540.220102][ T8744] loop4: detected capacity change from 0 to 512
[  540.253947][ T8730] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  540.288396][ T8746] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  540.303341][ T8746] Quota error (device loop0): write_blk: dquota write failed
[  540.310949][ T8746] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  540.320963][ T8746] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.507: Failed to acquire dquot type 0
[  540.513197][ T8744] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  540.566651][ T8744] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  541.361715][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.457916][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  542.084924][ T8757] Cannot find add_set index 0 as target
[  544.028700][ T8766] loop1: detected capacity change from 0 to 16
[  545.549333][ T8766] erofs: (device loop1): mounted with root inode @ nid 36.
[  545.560182][ T8766] syz.1.521: attempt to access beyond end of device
[  545.560182][ T8766] loop1: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  545.691700][ T8766] syz.1.521: attempt to access beyond end of device
[  545.691700][ T8766] loop1: rw=524288, sector=16, nr_sectors = 40 limit=16
[  545.706848][ T8766] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  545.718168][   T28] audit: type=1800 audit(1774878678.964:257): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.521" name="file2" dev="loop1" ino=89 res=0 errno=0
[  545.811839][ T8769] loop3: detected capacity change from 0 to 2048
[  545.829885][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  545.852402][ T8769] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  546.690275][ T8776] overlayfs: missing 'lowerdir'
[  549.544619][ T8789] loop3: detected capacity change from 0 to 512
[  549.647479][ T8789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  549.743550][ T8789] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  550.979288][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.175482][ T8811] netlink: 'syz.1.531': attribute type 3 has an invalid length.
[  552.183420][ T8811] netlink: 'syz.1.531': attribute type 1 has an invalid length.
[  553.195881][ T8819] loop0: detected capacity change from 0 to 64
[  554.917216][ T8836] loop0: detected capacity change from 0 to 16
[  555.277586][ T8838] pim6reg: entered allmulticast mode
[  556.987087][ T8836] erofs: (device loop0): mounted with root inode @ nid 36.
[  557.026072][ T8835] syz.0.535: attempt to access beyond end of device
[  557.026072][ T8835] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  557.076667][ T8835] syz.0.535: attempt to access beyond end of device
[  557.076667][ T8835] loop0: rw=524288, sector=16, nr_sectors = 40 limit=16
[  557.090649][ T8835] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  557.101932][   T28] audit: type=1800 audit(1774878690.344:258): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.535" name="file2" dev="loop0" ino=89 res=0 errno=0
[  557.135874][ T8835] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  557.149058][ T8835] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  557.167993][ T8840] loop3: detected capacity change from 0 to 512
[  557.592473][ T8840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  558.557931][ T8840] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  558.786517][ T8852] loop0: detected capacity change from 0 to 1024
[  559.549983][ T8852] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  559.562227][ T8852] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  560.053769][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  560.071697][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.285608][ T8860] loop4: detected capacity change from 0 to 512
[  560.316180][ T8863] loop0: detected capacity change from 0 to 512
[  560.382662][ T8863] EXT4-fs: Ignoring removed nobh option
[  560.561858][ T8863] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.541: iget: bad i_size value: 38620345925642
[  560.583532][ T8863] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.541: couldn't read orphan inode 15 (err -117)
[  560.592037][ T8860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.613651][ T8863] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.707805][ T8860] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  561.254519][ T8860] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  561.269441][ T8860] Quota error (device loop4): write_blk: dquota write failed
[  561.277245][ T8860] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  561.287235][ T8860] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.544: Failed to acquire dquot type 0
[  561.523174][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  563.186998][ T8872] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  563.304924][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  563.315219][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  563.463737][ T8886] bridge_slave_0: left allmulticast mode
[  563.476812][ T8886] bridge_slave_0: left promiscuous mode
[  563.483217][ T8886] bridge0: port 1(bridge_slave_0) entered disabled state
[  563.643740][ T8886] bridge_slave_1: left allmulticast mode
[  563.791787][ T8886] bridge_slave_1: left promiscuous mode
[  563.811919][ T8886] bridge0: port 2(bridge_slave_1) entered disabled state
[  563.857233][ T8886] bond0: (slave bond_slave_0): Releasing backup interface
[  563.895852][ T8886] bond0: (slave bond_slave_1): Releasing backup interface
[  563.908693][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.005547][ T8886] team0: Port device team_slave_0 removed
[  564.072443][ T8886] team0: Port device team_slave_1 removed
[  564.092571][ T8886] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  564.101973][ T8886] batman_adv: batadv0: Removing interface: batadv_slave_0
[  564.113367][ T8886] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  564.125978][ T8886] batman_adv: batadv0: Removing interface: batadv_slave_1
[  564.668278][ T8900] Cannot find set identified by id 0 to match
[  565.528461][ T8895] bond0: (slave sit0): Error: Device type is different from other slaves
[  566.359711][ T8914] loop0: detected capacity change from 0 to 1024
[  566.477967][ T8914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  566.495942][ T8914] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  566.561722][ T8910] lo speed is unknown, defaulting to 1000
[  566.600385][ T3507] Bluetooth: Error in BCSP hdr checksum
[  566.609390][ T8910] lo speed is unknown, defaulting to 1000
[  567.065859][ T8923] loop3: detected capacity change from 0 to 2048
[  567.194821][ T8925] netlink: 24 bytes leftover after parsing attributes in process `syz.4.554'.
[  567.558916][ T8917] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  567.728144][ T8923] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  568.017819][ T5787] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  568.825465][ T8933] loop4: detected capacity change from 0 to 16
[  569.550155][ T8933] erofs: (device loop4): mounted with root inode @ nid 36.
[  569.559730][ T8933] syz.4.556: attempt to access beyond end of device
[  569.559730][ T8933] loop4: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  569.711039][ T8934] 9pnet_fd: Insufficient options for proto=fd
[  569.897367][   T28] audit: type=1800 audit(1774878703.134:259): pid=8933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.556" name="file2" dev="loop4" ino=89 res=0 errno=0
[  571.131739][ T8947] pim6reg: entered allmulticast mode
[  571.879668][ T8957] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  572.229642][ T8961] loop3: detected capacity change from 0 to 256
[  572.241086][ T8961] exfat: Deprecated parameter 'utf8'
[  572.445836][ T8960] loop1: detected capacity change from 0 to 4096
[  573.943055][ T8961] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  574.432436][ T8965] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  575.042513][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  575.124087][ T8957] sctp: failed to load transform for md5: -2
[  575.762074][ T8972] loop3: detected capacity change from 0 to 2048
[  575.861328][ T8972] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  577.418011][ T8977] loop4: detected capacity change from 0 to 2048
[  577.649006][ T8977] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  578.645123][ T8995] can0: slcan on ttyS3.
[  579.992668][ T8996] loop0: detected capacity change from 0 to 2048
[  580.088292][ T8989] can0 (unregistered): slcan off ttyS3.
[  580.482168][ T8996] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  580.546969][ T9004] loop1: detected capacity change from 0 to 512
[  580.753362][ T9004] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  580.857352][ T9004] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  581.806413][ T9004] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  581.821144][ T9004] Quota error (device loop1): write_blk: dquota write failed
[  581.828655][ T9004] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  581.838668][ T9004] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.571: Failed to acquire dquot type 0
[  582.206975][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.859264][ T9027] loop1: detected capacity change from 0 to 16
[  584.393285][ T9027] erofs: (device loop1): mounted with root inode @ nid 36.
[  584.410578][ T9025] syz.1.573: attempt to access beyond end of device
[  584.410578][ T9025] loop1: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  584.426679][ T9025] syz.1.573: attempt to access beyond end of device
[  584.426679][ T9025] loop1: rw=524288, sector=16, nr_sectors = 40 limit=16
[  584.441794][ T9025] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  584.453898][   T28] audit: type=1800 audit(1774878717.694:260): pid=9025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.573" name="file2" dev="loop1" ino=89 res=0 errno=0
[  584.485015][ T9025] 9pnet_fd: Insufficient options for proto=fd
[  585.867415][ T9042] loop1: detected capacity change from 0 to 16
[  585.889706][ T9042] erofs: (device loop1): mounted with root inode @ nid 36.
[  585.900168][ T9042] syz.1.576: attempt to access beyond end of device
[  585.900168][ T9042] loop1: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  585.923335][ T9042] syz.1.576: attempt to access beyond end of device
[  585.923335][ T9042] loop1: rw=524288, sector=16, nr_sectors = 40 limit=16
[  585.937205][ T9042] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  585.962923][ T9042] 9pnet_fd: Insufficient options for proto=fd
[  585.970082][   T28] audit: type=1800 audit(1774878719.194:261): pid=9042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.576" name="file2" dev="loop1" ino=89 res=0 errno=0
[  586.684965][ T9055] loop0: detected capacity change from 0 to 2048
[  586.954548][ T9055] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  588.930285][ T9076] loop3: detected capacity change from 0 to 2048
[  588.982100][ T9076] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  589.078046][ T9073] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  590.255685][ T9087] loop0: detected capacity change from 0 to 16
[  590.793651][ T9087] erofs: (device loop0): mounted with root inode @ nid 36.
[  590.813102][ T9087] syz.0.582: attempt to access beyond end of device
[  590.813102][ T9087] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  590.905929][ T9088] 9pnet_fd: Insufficient options for proto=fd
[  591.087939][   T28] audit: type=1800 audit(1774878724.324:262): pid=9087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.582" name="file2" dev="loop0" ino=89 res=0 errno=0
[  591.744091][ T9102] netlink: 40 bytes leftover after parsing attributes in process `syz.4.585'.
[  591.796830][ T9098] loop0: detected capacity change from 0 to 2048
[  591.813929][ T9103] netlink: 'syz.4.585': attribute type 6 has an invalid length.
[  591.972733][ T9098] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  593.674226][ T9118] loop3: detected capacity change from 0 to 512
[  593.803068][ T9118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  593.908071][ T9128] loop0: detected capacity change from 0 to 16
[  594.168368][ T9118] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  594.199712][ T9128] erofs: (device loop0): mounted with root inode @ nid 36.
[  594.219079][ T9128] syz.0.588: attempt to access beyond end of device
[  594.219079][ T9128] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  594.312878][ T9130] 9pnet_fd: Insufficient options for proto=fd
[  594.329261][ T9128] syz.0.588: attempt to access beyond end of device
[  594.329261][ T9128] loop0: rw=524288, sector=16, nr_sectors = 40 limit=16
[  594.344140][ T9128] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  594.807616][   T28] audit: type=1800 audit(1774878727.604:263): pid=9128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.588" name="file2" dev="loop0" ino=89 res=0 errno=0
[  594.837106][ T9134] loop1: detected capacity change from 0 to 512
[  595.209602][ T9138] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  595.225051][ T9138] Quota error (device loop3): write_blk: dquota write failed
[  595.232658][ T9138] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  595.242620][ T9138] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.587: Failed to acquire dquot type 0
[  595.264041][ T9134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  595.391812][ T9134] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  595.709359][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.103387][ T9146] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  596.118657][ T9146] Quota error (device loop1): write_blk: dquota write failed
[  596.126578][ T9146] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  596.136665][ T9146] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.589: Failed to acquire dquot type 0
[  596.468337][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.851439][ T9158] loop3: detected capacity change from 0 to 16
[  597.022664][ T9160] loop1: detected capacity change from 0 to 1024
[  597.647247][ T9158] erofs: (device loop3): mounted with root inode @ nid 36.
[  597.667003][ T9158] syz.3.592: attempt to access beyond end of device
[  597.667003][ T9158] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  597.695321][ T9158] syz.3.592: attempt to access beyond end of device
[  597.695321][ T9158] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16
[  597.710437][ T9158] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  597.762032][ T9158] 9pnet_fd: Insufficient options for proto=fd
[  597.787739][   T28] audit: type=1800 audit(1774878730.974:264): pid=9158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.592" name="file2" dev="loop3" ino=89 res=0 errno=0
[  598.845097][ T9160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  598.857421][ T9160] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  598.915692][ T9155] netlink: 12 bytes leftover after parsing attributes in process `syz.4.593'.
[  599.748121][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  599.783704][ T9155] netlink: 56 bytes leftover after parsing attributes in process `syz.4.593'.
[  599.802530][ T9171] loop0: detected capacity change from 0 to 2048
[  599.896185][ T9171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  601.486391][ T9190] loop3: detected capacity change from 0 to 1024
[  602.354193][ T9190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  602.366554][ T9190] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  602.412856][ T9193] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  602.698074][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  603.788343][ T9208] ieee802154 phy0 wpan0: encryption failed: -22
[  603.814488][ T9208] binder: 9205:9208 ioctl 4008586f 200000000080 returned -22
[  604.995566][ T9215] loop3: detected capacity change from 0 to 16
[  606.280742][ T9215] erofs: (device loop3): mounted with root inode @ nid 36.
[  606.294089][ T9214] syz.3.601: attempt to access beyond end of device
[  606.294089][ T9214] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  606.325332][ T9214] syz.3.601: attempt to access beyond end of device
[  606.325332][ T9214] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16
[  606.339192][ T9214] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  606.350583][   T28] audit: type=1800 audit(1774878739.594:265): pid=9214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.601" name="file2" dev="loop3" ino=89 res=0 errno=0
[  606.372737][ T9214] 9pnet_fd: Insufficient options for proto=fd
[  608.596399][ T9234] ip6gretap0: entered promiscuous mode
[  609.168973][ T9239] netlink: 24 bytes leftover after parsing attributes in process `syz.0.603'.
[  609.880383][ T9230] syz.4.610 (9230): drop_caches: 2
[  609.905100][ T9236] ip6gretap0: left promiscuous mode
[  609.948675][ T9241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.602'.
[  612.523040][ T9268] loop4: detected capacity change from 0 to 512
[  612.618925][ T9268] EXT4-fs: Ignoring removed nobh option
[  612.732967][ T9268] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.608: iget: bad i_size value: 38620345925642
[  612.831406][ T9268] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.608: couldn't read orphan inode 15 (err -117)
[  613.159189][ T9268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  614.150791][ T9290] loop0: detected capacity change from 0 to 16
[  615.537751][ T9275] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  615.578341][ T9290] erofs: (device loop0): mounted with root inode @ nid 36.
[  615.588856][ T9290] syz.0.611: attempt to access beyond end of device
[  615.588856][ T9290] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16
[  615.697781][ T9292] 9pnet_fd: Insufficient options for proto=fd
[  615.741344][ T9290] syz.0.611: attempt to access beyond end of device
[  615.741344][ T9290] loop0: rw=524288, sector=16, nr_sectors = 40 limit=16
[  615.755131][ T9290] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  615.805131][   T28] audit: type=1800 audit(1774878749.004:266): pid=9290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.611" name="file2" dev="loop0" ino=89 res=0 errno=0
[  615.990871][ T9286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.609'.
[  616.232138][ T9286] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  616.664757][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.998009][ T9296] loop0: detected capacity change from 0 to 4096
[  619.313846][ T9298] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  621.809275][ T9316] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  621.909670][ T9316] netlink: 8 bytes leftover after parsing attributes in process `syz.4.615'.
[  622.482756][ T9325] netlink: 16 bytes leftover after parsing attributes in process `syz.0.616'.
[  624.210005][ T9341] ieee802154 phy0 wpan0: encryption failed: -22
[  624.234089][ T9341] binder: 9333:9341 ioctl 4008586f 200000000080 returned -22
[  624.751749][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  624.758242][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  625.690631][ T9349] netlink: 8 bytes leftover after parsing attributes in process `syz.1.619'.
[  626.864755][ T9361] loop3: detected capacity change from 0 to 512
[  626.884592][ T9361] EXT4-fs: Ignoring removed nobh option
[  627.034744][ T9361] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.621: iget: bad i_size value: 38620345925642
[  627.708398][ T9361] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.621: couldn't read orphan inode 15 (err -117)
[  627.739260][ T9361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.436536][ T9365] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  630.649990][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.448836][ T9400] netlink: 20 bytes leftover after parsing attributes in process `syz.0.627'.
[  633.498572][ T9402] kAFS: unable to lookup cell ''
[  633.560421][ T9400] nbd: socks must be embedded in a SOCK_ITEM attr
[  633.788615][ T9405] netlink: 20 bytes leftover after parsing attributes in process `syz.0.627'.
[  633.887773][ T9405] nbd: device at index 64 is going down
[  634.369422][ T9413] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  634.424134][ T9413] netlink: 8 bytes leftover after parsing attributes in process `syz.3.629'.
[  634.448846][ T9414] loop4: detected capacity change from 0 to 64
[  634.977097][ T9418] loop1: detected capacity change from 0 to 512
[  635.031037][ T9418] EXT4-fs: Ignoring removed nobh option
[  635.525245][ T9421] xt_TPROXY: Can be used only with -p tcp or -p udp
[  635.965524][ T9421] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR
[  636.052206][ T9418] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.633: iget: bad i_size value: 38620345925642
[  636.097514][ T9418] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.633: couldn't read orphan inode 15 (err -117)
[  636.111880][ T9418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  636.456238][ T9429] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[  636.463420][ T9429] PKCS7: Only support pkcs7_signedData type
[  638.551879][ T9433] NILFS (nullb0): couldn't find nilfs on the device
[  639.469269][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  639.482252][ T9447] kvm: emulating exchange as write
[  639.815447][ T9453] netlink: 'syz.0.637': attribute type 4 has an invalid length.
[  640.626860][ T5877] lo speed is unknown, defaulting to 1000
[  641.714409][ T9465] Cannot find add_set index 65532 as target
[  642.438580][ T9467] loop4: detected capacity change from 0 to 16
[  643.028502][ T9461] loop3: detected capacity change from 0 to 4096
[  643.048525][ T9467] erofs: (device loop4): mounted with root inode @ nid 36.
[  643.144862][ T9461] ext4: Unknown parameter 'noacl'
[  643.229595][ T9467] syz.4.641: attempt to access beyond end of device
[  643.229595][ T9467] loop4: rw=524288, sector=131758, nr_sectors = 2 limit=16
[  643.244209][ T9467] syz.4.641: attempt to access beyond end of device
[  643.244209][ T9467] loop4: rw=524288, sector=74, nr_sectors = 2 limit=16
[  643.259462][ T9467] syz.4.641: attempt to access beyond end of device
[  643.259462][ T9467] loop4: rw=524288, sector=262336, nr_sectors = 2 limit=16
[  643.273298][ T9467] syz.4.641: attempt to access beyond end of device
[  643.273298][ T9467] loop4: rw=524288, sector=172, nr_sectors = 2 limit=16
[  643.286873][ T9467] syz.4.641: attempt to access beyond end of device
[  643.286873][ T9467] loop4: rw=524288, sector=131274, nr_sectors = 2 limit=16
[  643.300808][ T9467] syz.4.641: attempt to access beyond end of device
[  643.300808][ T9467] loop4: rw=524288, sector=178, nr_sectors = 2 limit=16
[  643.314569][ T9467] syz.4.641: attempt to access beyond end of device
[  643.314569][ T9467] loop4: rw=524288, sector=131284, nr_sectors = 2 limit=16
[  643.328613][ T9467] syz.4.641: attempt to access beyond end of device
[  643.328613][ T9467] loop4: rw=524288, sector=178, nr_sectors = 2 limit=16
[  643.342275][ T9467] syz.4.641: attempt to access beyond end of device
[  643.342275][ T9467] loop4: rw=524288, sector=4830, nr_sectors = 2 limit=16
[  643.356124][ T9467] syz.4.641: attempt to access beyond end of device
[  643.356124][ T9467] loop4: rw=524288, sector=1556797440, nr_sectors = 2 limit=16
[  644.414605][ T9476] loop4: detected capacity change from 0 to 512
[  644.422255][ T9476] EXT4-fs: Ignoring removed nobh option
[  645.412808][ T9476] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.643: iget: bad i_size value: 38620345925642
[  645.603550][ T9478] syz.0.642 (9478): drop_caches: 2
[  645.621349][ T9484] overlayfs: failed to clone upperpath
[  645.700464][ T9476] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.643: couldn't read orphan inode 15 (err -117)
[  645.715666][ T9476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  646.217385][ T9488] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  646.226290][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.644'.
[  646.707068][ T9498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.645'.
[  647.136967][ T9482] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  651.150021][ T6859] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  651.383786][    C1] ------------[ cut here ]------------
[  651.390052][    C1] ODEBUG: free active (active state 0) object: ffff8880249e9890 object type: timer_list hint: rose_t0timer_expiry+0x0/0x350
[  651.403471][    C1] WARNING: CPU: 1 PID: 9513 at lib/debugobjects.c:518 debug_check_no_obj_freed+0x446/0x540
[  651.413568][    C1] Modules linked in:
[  651.417518][    C1] CPU: 1 PID: 9513 Comm: syz.0.647 Not tainted syzkaller #0
[  651.424806][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  651.434944][    C1] RIP: 0010:debug_check_no_obj_freed+0x446/0x540
[  651.441378][    C1] Code: 4c 8b 4d 00 48 c7 c7 60 93 1c 8b 48 c7 c6 c0 8f 1c 8b 48 c7 c2 e0 94 1c 8b 8b 0c 24 4d 89 f8 41 55 e8 8e 91 1f fd 48 83 c4 08 <0f> 0b 4c 8b 6c 24 18 48 b9 00 00 00 00 00 fc ff df ff 05 b3 f0 59
[  651.461197][    C1] RSP: 0000:ffffc900001f0a50 EFLAGS: 00010296
[  651.469415][    C1] RAX: 155dd12c0cd4db00 RBX: ffffffff9757ae98 RCX: ffff88802ef40000
[  651.469477][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  651.469493][    C1] RBP: ffffffff8accac00 R08: ffffc900001f0647 R09: 1ffff9200003e0c8
[  651.493683][    C1] R10: dffffc0000000000 R11: fffff5200003e0c9 R12: ffff8880249e9a00
[  651.493704][    C1] R13: ffffffff897ac5a0 R14: ffff8880249e9000 R15: ffff8880249e9890
[  651.493721][    C1] FS:  00007f46ca5a26c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  651.518806][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  651.518826][    C1] CR2: 0000000000000030 CR3: 000000002e1cb000 CR4: 00000000003506e0
[  651.518849][    C1] Call Trace:
[  651.518871][    C1]  <IRQ>
[  651.518893][    C1]  slab_free_freelist_hook+0xd2/0x1a0
[  651.518924][    C1]  ? rose_timer_expiry+0x4c6/0x5f0
[  651.518945][    C1]  __kmem_cache_free+0xba/0x1e0
[  651.518983][    C1]  rose_timer_expiry+0x4c6/0x5f0
[  651.519011][    C1]  call_timer_fn+0x189/0x540
[  651.519034][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  651.519054][    C1]  ? call_timer_fn+0xd2/0x540
[  651.519073][    C1]  ? __run_timers+0x800/0x800
[  651.519100][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  651.519122][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  651.519143][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  651.519162][    C1]  __run_timers+0x542/0x800
[  651.519193][    C1]  ? detach_timer+0x2b0/0x2b0
[  651.519218][    C1]  ? lock_chain_count+0x20/0x20
[  651.519246][    C1]  run_timer_softirq+0x67/0xf0
[  651.519267][    C1]  handle_softirqs+0x280/0x820
[  651.519291][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  651.519315][    C1]  ? do_softirq+0x1a0/0x1a0
[  651.519338][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  651.519367][    C1]  __irq_exit_rcu+0xd3/0x190
[  651.519396][    C1]  ? irq_exit_rcu+0x20/0x20
[  651.519423][    C1]  irq_exit_rcu+0x9/0x20
[  651.519440][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  651.519465][    C1]  </IRQ>
[  651.519473][    C1]  <TASK>
[  651.519482][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  651.519507][    C1] RIP: 0010:follow_page_pte+0x11d/0x1ac0
[  651.519536][    C1] Code: 89 f2 e8 f6 32 07 00 48 85 c0 0f 84 e5 00 00 00 49 89 c7 4c 89 6c 24 28 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 <74> 08 4c 89 ff e8 79 d2 16 00 4d 8b 2f 4c 89 6c 24 58 44 89 ee 81
[  651.519553][    C1] RSP: 0000:ffffc90005677160 EFLAGS: 00000246
[  651.519573][    C1] RAX: 1ffff11004d9dcb1 RBX: 0000000000000002 RCX: dffffc0000000000
[  651.519587][    C1] RDX: 0000000000000000 RSI: 0000000026cee067 RDI: 0000000026cee067
[  651.519599][    C1] RBP: ffffc90005677250 R08: 0000000000000003 R09: 0000000000000004
[  651.519612][    C1] R10: dffffc0000000000 R11: fffff52000acee0c R12: ffff88807c410980
[  651.519627][    C1] R13: ffff88802eaaa300 R14: 000000110c6b1000 R15: ffff888026cee588
[  651.519665][    C1]  ? find_vma+0x134/0x1b0
[  651.519689][    C1]  ? pmd_lock+0x60/0x60
[  651.519724][    C1]  __get_user_pages+0x55c/0x1380
[  651.519765][    C1]  ? populate_vma_page_range+0x380/0x380
[  651.519792][    C1]  ? get_dump_page+0xb6/0x200
[  651.519816][    C1]  ? down_read_killable+0x1d0/0x340
[  651.519846][    C1]  get_dump_page+0x10c/0x200
[  651.519879][    C1]  ? fault_in_readable+0x150/0x150
[  651.519909][    C1]  ? __asan_memset+0x22/0x40
[  651.519937][    C1]  ? iov_iter_bvec+0xd4/0x1b0
[  651.519970][    C1]  dump_user_range+0x127/0x860
[  651.520003][    C1]  ? dump_skip+0x40/0x40
[  651.520021][    C1]  ? dump_emit+0x78/0xe0
[  651.520054][    C1]  ? dump_emit+0xa6/0xe0
[  651.520071][    C1]  ? elf_core_dump+0x2bae/0x3770
[  651.520101][    C1]  elf_core_dump+0x31d0/0x3770
[  651.520145][    C1]  ? load_elf_binary+0x2860/0x2860
[  651.520175][    C1]  ? dump_vma_snapshot+0xbe8/0x1090
[  651.520197][    C1]  ? verify_lock_unused+0x140/0x140
[  651.520226][    C1]  ? mas_next_slot+0x94f/0x980
[  651.520294][    C1]  ? rcu_read_lock_any_held+0xb4/0x140
[  651.520317][    C1]  ? 0xffffffffff600000
[  651.520348][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  651.520390][    C1]  do_coredump+0x17cc/0x24d0
[  651.520432][    C1]  ? nfs_stat_to_errno+0x1a0/0x1a0
[  651.520485][    C1]  ? _raw_spin_unlock_irq+0x29/0x50
[  651.520512][    C1]  get_signal+0x1133/0x13f0
[  651.520557][    C1]  arch_do_signal_or_restart+0xc2/0x800
[  651.520591][    C1]  ? get_sigframe_size+0x20/0x20
[  651.520622][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  651.520658][    C1]  ? exit_to_user_mode_loop+0x3b/0x110
[  651.520690][    C1]  exit_to_user_mode_loop+0x70/0x110
[  651.520718][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  651.520747][    C1]  irqentry_exit_to_user_mode+0x9/0x30
[  651.520772][    C1]  exc_page_fault+0x8c/0x100
[  651.520798][    C1]  asm_exc_page_fault+0x26/0x30
[  651.520823][    C1] RIP: 0033:0x7f46c979c821
[  651.520846][    C1] Code: 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  651.940688][    C1] RSP: 002b:0000000000000030 EFLAGS: 00010217
[  651.940714][    C1] RAX: 0000000000000000 RBX: 00007f46c9a16090 RCX: 00007f46c979c819
[  651.940731][    C1] RDX: 0000000000000000 RSI: 0000000000000030 RDI: 0000000000000600
[  651.962907][    C1] RBP: 00007f46c9832c91 R08: 0000000000000000 R09: 0000000000000000
[  651.962928][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  651.962942][    C1] R13: 00007f46c9a16128 R14: 00007f46c9a16090 R15: 00007ffd4b8dc578
[  651.963002][    C1]  </TASK>
[  651.990500][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  651.990514][    C1] CPU: 1 PID: 9513 Comm: syz.0.647 Not tainted syzkaller #0
[  651.990534][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  651.990547][    C1] Call Trace:
[  651.990576][    C1]  <IRQ>
[  651.990607][    C1]  dump_stack_lvl+0x18c/0x250
[  651.990645][    C1]  ? show_regs_print_info+0x20/0x20
[  651.990753][    C1]  ? load_image+0x400/0x400
[  651.990867][    C1]  panic+0x2dc/0x730
[  651.990949][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  651.991062][    C1]  __warn+0x2e0/0x470
[  651.991123][    C1]  ? debug_check_no_obj_freed+0x446/0x540
[  651.991173][    C1]  ? debug_check_no_obj_freed+0x446/0x540
[  651.991240][    C1]  report_bug+0x2be/0x4f0
[  651.991294][    C1]  ? debug_check_no_obj_freed+0x446/0x540
[  651.991375][    C1]  ? debug_check_no_obj_freed+0x446/0x540
[  651.991451][    C1]  ? debug_check_no_obj_freed+0x448/0x540
[  651.991525][    C1]  handle_bug+0xcf/0x120
[  651.991578][    C1]  exc_invalid_op+0x1a/0x50
[  651.991634][    C1]  asm_exc_invalid_op+0x1a/0x20
[  651.991704][    C1] RIP: 0010:debug_check_no_obj_freed+0x446/0x540
[  651.991786][    C1] Code: 4c 8b 4d 00 48 c7 c7 60 93 1c 8b 48 c7 c6 c0 8f 1c 8b 48 c7 c2 e0 94 1c 8b 8b 0c 24 4d 89 f8 41 55 e8 8e 91 1f fd 48 83 c4 08 <0f> 0b 4c 8b 6c 24 18 48 b9 00 00 00 00 00 fc ff df ff 05 b3 f0 59
[  651.991830][    C1] RSP: 0000:ffffc900001f0a50 EFLAGS: 00010296
[  651.991882][    C1] RAX: 155dd12c0cd4db00 RBX: ffffffff9757ae98 RCX: ffff88802ef40000
[  651.991924][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  651.991957][    C1] RBP: ffffffff8accac00 R08: ffffc900001f0647 R09: 1ffff9200003e0c8
[  651.991998][    C1] R10: dffffc0000000000 R11: fffff5200003e0c9 R12: ffff8880249e9a00
[  651.992057][    C1] R13: ffffffff897ac5a0 R14: ffff8880249e9000 R15: ffff8880249e9890
[  651.992114][    C1]  ? rose_transmit_link+0x740/0x740
[  651.992289][    C1]  slab_free_freelist_hook+0xd2/0x1a0
[  651.992362][    C1]  ? rose_timer_expiry+0x4c6/0x5f0
[  651.992415][    C1]  __kmem_cache_free+0xba/0x1e0
[  651.992507][    C1]  rose_timer_expiry+0x4c6/0x5f0
[  651.992571][    C1]  call_timer_fn+0x189/0x540
[  651.992626][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  651.992671][    C1]  ? call_timer_fn+0xd2/0x540
[  651.992712][    C1]  ? __run_timers+0x800/0x800
[  651.992760][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  651.992846][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  651.992901][    C1]  ? rose_start_t1timer+0xd0/0xd0
[  651.992955][    C1]  __run_timers+0x542/0x800
[  651.993039][    C1]  ? detach_timer+0x2b0/0x2b0
[  651.993113][    C1]  ? lock_chain_count+0x20/0x20
[  651.993190][    C1]  run_timer_softirq+0x67/0xf0
[  651.993250][    C1]  handle_softirqs+0x280/0x820
[  651.993316][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  651.993404][    C1]  ? do_softirq+0x1a0/0x1a0
[  651.993490][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  651.993579][    C1]  __irq_exit_rcu+0xd3/0x190
[  651.993636][    C1]  ? irq_exit_rcu+0x20/0x20
[  651.993670][    C1]  irq_exit_rcu+0x9/0x20
[  651.993722][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  651.993818][    C1]  </IRQ>
[  651.993839][    C1]  <TASK>
[  651.993860][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  651.993925][    C1] RIP: 0010:follow_page_pte+0x11d/0x1ac0
[  651.993999][    C1] Code: 89 f2 e8 f6 32 07 00 48 85 c0 0f 84 e5 00 00 00 49 89 c7 4c 89 6c 24 28 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 <74> 08 4c 89 ff e8 79 d2 16 00 4d 8b 2f 4c 89 6c 24 58 44 89 ee 81
[  651.994059][    C1] RSP: 0000:ffffc90005677160 EFLAGS: 00000246
[  651.994102][    C1] RAX: 1ffff11004d9dcb1 RBX: 0000000000000002 RCX: dffffc0000000000
[  651.994143][    C1] RDX: 0000000000000000 RSI: 0000000026cee067 RDI: 0000000026cee067
[  651.994176][    C1] RBP: ffffc90005677250 R08: 0000000000000003 R09: 0000000000000004
[  651.994216][    C1] R10: dffffc0000000000 R11: fffff52000acee0c R12: ffff88807c410980
[  651.994251][    C1] R13: ffff88802eaaa300 R14: 000000110c6b1000 R15: ffff888026cee588
[  651.994369][    C1]  ? find_vma+0x134/0x1b0
[  651.994441][    C1]  ? pmd_lock+0x60/0x60
[  651.994535][    C1]  __get_user_pages+0x55c/0x1380
[  651.994666][    C1]  ? populate_vma_page_range+0x380/0x380
[  651.994740][    C1]  ? get_dump_page+0xb6/0x200
[  651.994818][    C1]  ? down_read_killable+0x1d0/0x340
[  651.994910][    C1]  get_dump_page+0x10c/0x200
[  651.994991][    C1]  ? fault_in_readable+0x150/0x150
[  651.995071][    C1]  ? __asan_memset+0x22/0x40
[  651.995146][    C1]  ? iov_iter_bvec+0xd4/0x1b0
[  651.995232][    C1]  dump_user_range+0x127/0x860
[  651.995317][    C1]  ? dump_skip+0x40/0x40
[  651.995377][    C1]  ? dump_emit+0x78/0xe0
[  651.995471][    C1]  ? dump_emit+0xa6/0xe0
[  651.995514][    C1]  ? elf_core_dump+0x2bae/0x3770
[  651.995597][    C1]  elf_core_dump+0x31d0/0x3770
[  651.995717][    C1]  ? load_elf_binary+0x2860/0x2860
[  651.995796][    C1]  ? dump_vma_snapshot+0xbe8/0x1090
[  651.995857][    C1]  ? verify_lock_unused+0x140/0x140
[  651.995929][    C1]  ? mas_next_slot+0x94f/0x980
[  651.996099][    C1]  ? rcu_read_lock_any_held+0xb4/0x140
[  651.996155][    C1]  ? 0xffffffffff600000
[  651.996232][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  651.996352][    C1]  do_coredump+0x17cc/0x24d0
[  651.996467][    C1]  ? nfs_stat_to_errno+0x1a0/0x1a0
[  651.996606][    C1]  ? _raw_spin_unlock_irq+0x29/0x50
[  651.996682][    C1]  get_signal+0x1133/0x13f0
[  651.996799][    C1]  arch_do_signal_or_restart+0xc2/0x800
[  651.996892][    C1]  ? get_sigframe_size+0x20/0x20
[  651.996976][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  651.997086][    C1]  ? exit_to_user_mode_loop+0x3b/0x110
[  651.997172][    C1]  exit_to_user_mode_loop+0x70/0x110
[  651.997241][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  651.997316][    C1]  irqentry_exit_to_user_mode+0x9/0x30
[  651.997397][    C1]  exc_page_fault+0x8c/0x100
[  651.997469][    C1]  asm_exc_page_fault+0x26/0x30
[  651.997525][    C1] RIP: 0033:0x7f46c979c821
[  651.997576][    C1] Code: 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  651.997620][    C1] RSP: 002b:0000000000000030 EFLAGS: 00010217
[  651.997664][    C1] RAX: 0000000000000000 RBX: 00007f46c9a16090 RCX: 00007f46c979c819
[  651.997705][    C1] RDX: 0000000000000000 RSI: 0000000000000030 RDI: 0000000000000600
[  651.997747][    C1] RBP: 00007f46c9832c91 R08: 0000000000000000 R09: 0000000000000000
[  651.997781][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  651.997813][    C1] R13: 00007f46c9a16128 R14: 00007f46c9a16090 R15: 00007ffd4b8dc578
[  651.997851][    C1]  </TASK>
[  651.998447][    C1] Kernel Offset: disabled